diff --git a/smart-contracts/foundry.toml b/smart-contracts/foundry.toml index 338ba20..d8a46b4 100644 --- a/smart-contracts/foundry.toml +++ b/smart-contracts/foundry.toml @@ -14,7 +14,8 @@ ignored_warnings_from = ["lib/openzeppelin-contracts/contracts"] remappings = [ # Bolt-Registry remappings - "@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", + "@openzeppelin-v4.9.0/=lib/openzeppelin-contracts-v4.9.0/", + "@openzeppelin-v5.0.0/=lib/openzeppelin-contracts-v5.0.0/", "@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", "@openzeppelin/foundry-upgrades/=lib/openzeppelin-foundry-upgrades/", "@symbiotic/middleware-sdk/=lib/middleware-sdk/src/", @@ -33,7 +34,9 @@ remappings = [ # EigenLayer remapping contexts "lib/eigenlayer-contracts/:@openzeppelin-upgrades/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "lib/eigenlayer-contracts/:@openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", + # Note: we pin the openzeppelin version used for EL to 4.9.0. When/if EL upgrades to v5, we need to update this. + # "lib/eigenlayer-contracts/:@openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", + "lib/eigenlayer-contracts/:@openzeppelin/=lib/openzeppelin-contracts-v4.9.0", "lib/eigenlayer-contracts/:ds-test/=lib/eigenlayer-contracts/lib/ds-test/src/", "lib/eigenlayer-contracts/:forge-std/=lib/eigenlayer-contracts/lib/forge-std/src/" ] diff --git a/smart-contracts/src/contracts/EigenLayerMiddlewareV1.sol b/smart-contracts/src/contracts/EigenLayerMiddlewareV1.sol index e2196ff..d9e499e 100644 --- a/smart-contracts/src/contracts/EigenLayerMiddlewareV1.sol +++ b/smart-contracts/src/contracts/EigenLayerMiddlewareV1.sol @@ -2,8 +2,8 @@ pragma solidity ^0.8.27; import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol"; -import {UUPSUpgradeable} from "@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol"; -import {Time} from "@openzeppelin/contracts/utils/types/Time.sol"; +import {UUPSUpgradeable} from "@openzeppelin-v5.0.0/contracts/proxy/utils/UUPSUpgradeable.sol"; +import {Time} from "@openzeppelin-v5.0.0/contracts/utils/types/Time.sol"; import {PauseableEnumerableSet} from "@symbiotic/middleware-sdk/libraries/PauseableEnumerableSet.sol"; diff --git a/smart-contracts/stdinput.json b/smart-contracts/stdinput.json deleted file mode 100644 index 6024b2c..0000000 --- a/smart-contracts/stdinput.json +++ /dev/null @@ -1,194 +0,0 @@ -{ - "language": "Solidity", - "sources": { - "src/contracts/EigenLayerMiddlewareV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\nimport {OwnableUpgradeable} from \"@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol\";\nimport {UUPSUpgradeable} from \"@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol\";\nimport {Time} from \"@openzeppelin/contracts/utils/types/Time.sol\";\n\nimport {PauseableEnumerableSet} from \"@symbiotic/middleware-sdk/libraries/PauseableEnumerableSet.sol\";\n\nimport {\n IAllocationManager, IAllocationManagerTypes\n} from \"@eigenlayer/src/contracts/interfaces/IAllocationManager.sol\";\nimport {ISignatureUtils} from \"@eigenlayer/src/contracts/interfaces/ISignatureUtils.sol\";\nimport {IDelegationManager} from \"@eigenlayer/src/contracts/interfaces/IDelegationManager.sol\";\nimport {IStrategyManager} from \"@eigenlayer/src/contracts/interfaces/IStrategyManager.sol\";\nimport {IAVSDirectory} from \"@eigenlayer/src/contracts/interfaces/IAVSDirectory.sol\";\nimport {IAVSRegistrar} from \"@eigenlayer/src/contracts/interfaces/IAVSRegistrar.sol\";\nimport {IStrategy} from \"@eigenlayer/src/contracts/interfaces/IStrategy.sol\";\n\nimport {IRestakingMiddlewareV1} from \"../interfaces/IRestakingMiddlewareV1.sol\";\nimport {IOperatorsRegistryV1} from \"../interfaces/IOperatorsRegistryV1.sol\";\n\n/**\n * @title BoltEigenLayerMiddlewareV1\n * @author Chainbound Developers \n * @notice This contract is responsible for interacting with the EigenLayer restaking protocol contracts. It serves\n * as AVS contract and implements the IAVSRegistrar interface as well.\n */\ncontract EigenLayerMiddlewareV1 is OwnableUpgradeable, UUPSUpgradeable, IAVSRegistrar, IRestakingMiddlewareV1 {\n using PauseableEnumerableSet for PauseableEnumerableSet.AddressSet;\n\n /// @notice Address of the EigenLayer AVS Directory contract.\n IAVSDirectory public AVS_DIRECTORY;\n\n /// @notice Address of the EigenLayer Allocation Manager contract.\n IAllocationManager public ALLOCATION_MANAGER;\n\n /// @notice Address of the EigenLayer Delegation Manager contract.\n IDelegationManager public DELEGATION_MANAGER;\n\n /// @notice Address of the EigenLayer Strategy Manager contract.\n IStrategyManager public STRATEGY_MANAGER;\n\n /// @notice Address of the Bolt Operators Registry contract.\n IOperatorsRegistryV1 public OPERATORS_REGISTRY;\n\n /// @notice The name of the middleware\n bytes32 public NAME_HASH;\n\n /// @notice The list of whitelisted strategies for this AVS\n PauseableEnumerableSet.AddressSet internal _strategyWhitelist;\n\n /// @dev This empty reserved space is put in place to allow future versions to add new\n /// variables without shifting down storage in the inheritance chain.\n /// See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n /// This can be validated with the Openzeppelin Foundry Upgrades toolkit.\n ///\n /// Total storage slots: 50\n uint256[42] private __gap;\n\n // ========= Events ========= //\n\n /// @notice Emitted when a strategy is whitelisted\n event StrategyWhitelisted(address indexed strategy);\n\n /// @notice Emitted when a strategy is removed from the whitelist\n event StrategyRemoved(address indexed strategy);\n\n /// @notice Emitted when a strategy is paused\n event StrategyPaused(address indexed strategy);\n\n /// @notice Emitted when a strategy is unpaused\n event StrategyUnpaused(address indexed strategy);\n\n // ========= Errors ========= //\n\n error NotOperator();\n error UnauthorizedStrategy();\n error NotAllocationManager();\n error InvalidStrategyAddress();\n error StrategyAlreadyWhitelisted();\n\n // ========= Initializer & Proxy functionality ========= //\n\n /// @notice Initialize the contract\n /// @param owner The address of the owner\n /// @param _avsDirectory The address of the EigenLayer AVS Directory contract\n /// @param _eigenlayerAllocationManager The address of the EigenLayer Allocation Manager contract\n /// @param _eigenlayerDelegationManager The address of the EigenLayer Delegation Manager contract\n /// @param _eigenlayerStrategyManager The address of the EigenLayer Strategy Manager contract\n /// @param _operatorsRegistry The address of the Operators Registry contract\n function initialize(\n address owner,\n IOperatorsRegistryV1 _operatorsRegistry,\n IAVSDirectory _avsDirectory,\n IAllocationManager _eigenlayerAllocationManager,\n IDelegationManager _eigenlayerDelegationManager,\n IStrategyManager _eigenlayerStrategyManager\n ) public initializer {\n __Ownable_init(owner);\n\n AVS_DIRECTORY = _avsDirectory;\n ALLOCATION_MANAGER = _eigenlayerAllocationManager;\n DELEGATION_MANAGER = _eigenlayerDelegationManager;\n STRATEGY_MANAGER = _eigenlayerStrategyManager;\n OPERATORS_REGISTRY = _operatorsRegistry;\n NAME_HASH = keccak256(\"EIGENLAYER\");\n }\n\n /// @notice Upgrade the contract\n /// @param newImplementation The address of the new implementation\n function _authorizeUpgrade(\n address newImplementation\n ) internal override onlyOwner {}\n\n // ========= Modifiers ========= //\n\n /// @notice Modifier to check if the caller is the AllocationManager\n modifier onlyAllocationManager() {\n require(msg.sender == address(ALLOCATION_MANAGER), NotAllocationManager());\n _;\n }\n\n // ========= AVS functions ========= //\n\n /// @notice Update the RPC endpoint of the operator\n /// @param rpcEndpoint The new RPC endpoint\n function updateOperatorRpcEndpoint(\n string calldata rpcEndpoint\n ) public {\n OPERATORS_REGISTRY.updateOperatorRpcEndpoint(msg.sender, rpcEndpoint);\n }\n\n /// @notice Get the collaterals and amounts staked by an operator across the whitelisted strategies\n /// @param operator The operator address to get the collaterals and amounts staked for\n /// @return collaterals The collaterals staked by the operator\n /// @dev Assumes that the operator is registered and enabled\n function getOperatorCollaterals(\n address operator\n ) public view returns (address[] memory, uint256[] memory) {\n // Only take strategies that are active at \n IStrategy[] memory activeStrategies = _getActiveStrategiesAt(_now());\n\n address[] memory collateralTokens = new address[](activeStrategies.length);\n uint256[] memory amounts = new uint256[](activeStrategies.length);\n\n // get the shares of the operator across all strategies\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, activeStrategies);\n\n // get the collateral tokens and amounts for the operator across all strategies\n for (uint256 i = 0; i < activeStrategies.length; i++) {\n collateralTokens[i] = address(activeStrategies[i].underlyingToken());\n amounts[i] = activeStrategies[i].sharesToUnderlyingView(shares[i]);\n }\n\n return (collateralTokens, amounts);\n }\n\n /// @notice Get the CURRENT amount staked by an operator for a specific collateral\n /// @param operator The operator address to get the amount staked for\n /// @param collateral The collateral token address\n /// @return The amount staked by the operator for the collateral\n function getOperatorStake(address operator, address collateral) public view returns (uint256) {\n uint256 activeStake = 0;\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (address strategy, uint48 enabledAt, uint48 disabledAt) = _strategyWhitelist.at(i);\n\n if (!_wasEnabledAt(enabledAt, disabledAt, _now())) {\n continue;\n }\n\n if (address(IStrategy(strategy).underlyingToken()) != collateral) {\n continue;\n }\n\n // get the shares of the operator for the strategy\n // NOTE: the EL slashing-magnitudes branch removed the operatorShares(operator, strategy) function:\n // https://github.com/Layr-Labs/eigenlayer-contracts/blob/dev/src/contracts/interfaces/IDelegationManager.sol#L352-L359\n // so we need to use getOperatorShares(operator, [strategy]) instead.\n IStrategy[] memory strategies = new IStrategy[](1);\n strategies[0] = IStrategy(strategy);\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, strategies);\n activeStake += IStrategy(strategy).sharesToUnderlyingView(shares[0]);\n }\n\n return activeStake;\n }\n\n /// @notice Get all whitelisted strategies for this AVS, including inactive ones.\n /// @return The list of whitelisted strategies\n function getWhitelistedStrategies() public view returns (address[] memory) {\n address[] memory strategies = new address[](_strategyWhitelist.length());\n\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (strategies[i],,) = _strategyWhitelist.at(i);\n }\n\n return strategies;\n }\n\n /// @notice Get the active strategies for this AVS\n /// @return The active strategies\n function getActiveWhitelistedStrategies() public view returns (IStrategy[] memory) {\n // Use the beginning of the current epoch to check which strategies were enabled at that time.\n return _getActiveStrategiesAt(_now());\n }\n\n /// @notice Get the number of whitelisted strategies for this AVS.\n /// @return The number of whitelisted strategies.\n function strategyWhitelistLength() public view returns (uint256) {\n return _strategyWhitelist.length();\n }\n\n /// @notice Returns whether the strategy is active in this epoch.\n /// @param strategy The strategy to check.\n /// @return True if the strategy is active in this epoch, false otherwise.\n function isStrategyActive(\n address strategy\n ) public view returns (bool) {\n return _strategyWhitelist.wasActiveAt(_now(), strategy);\n }\n\n // ========= [pre-ELIP-002] IServiceManager functions ========= //\n\n /// @notice Register an operator through the AVS Directory\n /// @param rpcEndpoint The RPC URL of the operator\n /// @param extraData Arbitrary data the operator can provide as part of registration\n /// @param operatorSignature The signature of the operator\n /// @dev This function is used before the ELIP-002 (slashing) EigenLayer upgrade to register operators.\n /// @dev Operators must use this function to register before the upgrade. After the upgrade, this will be removed.\n function registerOperatorToAVS(\n string memory rpcEndpoint,\n string memory extraData,\n ISignatureUtils.SignatureWithSaltAndExpiry calldata operatorSignature\n ) public {\n address operator = msg.sender;\n\n require(DELEGATION_MANAGER.isOperator(operator), NotOperator());\n\n AVS_DIRECTORY.registerOperatorToAVS(operator, operatorSignature);\n OPERATORS_REGISTRY.registerOperator(operator, rpcEndpoint, extraData);\n }\n\n /// @notice Deregister an operator through the AVS Directory\n /// @dev This function is used before the ELIP-002 (slashing) EigenLayer upgrade to deregister operators.\n /// @dev Operators must use this function to deregister before the upgrade. After the upgrade, this will be removed.\n function deregisterOperatorFromAVS() public {\n address operator = msg.sender;\n\n require(DELEGATION_MANAGER.isOperator(operator), NotOperator());\n\n AVS_DIRECTORY.deregisterOperatorFromAVS(operator);\n OPERATORS_REGISTRY.pauseOperator(operator);\n }\n\n /// @notice Update the metadata URI for this AVS\n /// @param contractName The name of the contract to update the metadata URI for\n /// @param metadataURI The new metadata URI\n function updateAVSMetadataURI(string calldata contractName, string calldata metadataURI) public onlyOwner {\n bytes32 contractNameHash = keccak256(abi.encodePacked(contractName));\n\n if (contractNameHash == keccak256(\"ALLOCATION_MANAGER\")) {\n ALLOCATION_MANAGER.updateAVSMetadataURI(address(this), metadataURI);\n } else if (contractNameHash == keccak256(\"AVS_DIRECTORY\")) {\n AVS_DIRECTORY.updateAVSMetadataURI(metadataURI);\n }\n }\n\n /// @notice Get the strategies that an operator has restaked in\n /// @param operator The operator address to get the restaked strategies for\n /// @return The restaked strategy addresses\n function getOperatorRestakedStrategies(\n address operator\n ) public view returns (address[] memory) {\n // Only take strategies that are active at \n IStrategy[] memory activeStrategies = _getActiveStrategiesAt(_now());\n\n address[] memory restakedStrategies = new address[](activeStrategies.length);\n\n // get the shares of the operator across all strategies\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, activeStrategies);\n\n // get the collateral tokens and amounts for the operator across all strategies\n uint256 restakedCount = 0;\n for (uint256 i = 0; i < activeStrategies.length; i++) {\n if (activeStrategies[i].sharesToUnderlyingView(shares[i]) > 0) {\n restakedStrategies[restakedCount] = address(activeStrategies[i]);\n restakedCount++;\n }\n }\n\n address[] memory result = new address[](restakedCount);\n for (uint256 i = 0; i < restakedCount; i++) {\n result[i] = restakedStrategies[i];\n }\n\n return result;\n }\n\n /// @notice Get the strategies that an operator can restake in\n /// @param operator The operator address to get the restakeable strategies for\n /// @return The restakeable strategy addresses\n function getRestakeableStrategies(\n address operator\n ) public view returns (address[] memory) {\n // All operators can use all whitelisted, active strategies.\n IStrategy[] memory strategies = getActiveWhitelistedStrategies();\n\n // cast to address[] to match the return type\n address[] memory result = new address[](strategies.length);\n for (uint256 i = 0; i < strategies.length; i++) {\n result[i] = address(strategies[i]);\n }\n\n return result;\n }\n\n // ========= [post-ELIP-002] IAVSRegistrar functions ========= //\n\n /// @notice Allows the AllocationManager to hook into the middleware to validate operator registration\n /// @param operator The address of the operator\n /// @param operatorSetIds The operator set IDs the operator is registering for\n /// @param data Arbitrary ABI-encoded data the operator must provide as part of registration\n function registerOperator(\n address operator,\n uint32[] calldata operatorSetIds,\n bytes calldata data\n ) external onlyAllocationManager {\n // NOTE: this function is called by AllocationManager.registerForOperatorSets(),\n // called by operators when registering to this AVS. If this call reverts,\n // the registration will be unsuccessful.\n\n // Split the data into rpcEndpoint and extraData from ABI encoding\n (string memory rpcEndpoint, string memory extraData) = abi.decode(data, (string, string));\n\n // We forward the call to the OperatorsRegistry to register the operator in its storage.\n OPERATORS_REGISTRY.registerOperator(operator, rpcEndpoint, extraData);\n }\n\n /// @notice Allows the AllocationManager to hook into the middleware to validate operator deregistration\n /// @param operator The address of the operator\n /// @param operatorSetIds The operator set IDs the operator is deregistering from\n function deregisterOperator(address operator, uint32[] calldata operatorSetIds) external onlyAllocationManager {\n // NOTE: this function is called by AllocationManager.deregisterFromOperatorSets,\n // called by operators when deregistering from this AVS.\n // Failure does nothing here: if this call reverts the deregistration will still go through.\n\n // We forward the call to the OperatorsRegistry to pause the operator from its storage.\n // In order to be fully removed, the operator must call OPERATORS_REGISTRY.deregisterOperator()\n // after waiting for the required delay.\n OPERATORS_REGISTRY.pauseOperator(operator);\n }\n\n // ========= Admin functions ========= //\n\n /// @notice Add a strategy to the whitelist\n /// @param strategy The strategy to add\n function whitelistStrategy(\n address strategy\n ) public onlyOwner {\n require(strategy != address(0), InvalidStrategyAddress());\n require(!_strategyWhitelist.contains(strategy), StrategyAlreadyWhitelisted());\n require(STRATEGY_MANAGER.strategyIsWhitelistedForDeposit(IStrategy(strategy)), UnauthorizedStrategy());\n\n _strategyWhitelist.register(_now(), strategy);\n emit StrategyWhitelisted(strategy);\n }\n\n /// @notice Pause a strategy, preventing its collateral from being active in the AVS\n /// @param strategy The strategy to pause\n function pauseStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n // NOTE: we use _now() - 1 to ensure that the strategy is paused in the current epoch.\n // If we didn't do this, we would have to wait until the next epoch until the strategy was actually paused.\n _strategyWhitelist.pause(_now() - 1, strategy);\n emit StrategyPaused(strategy);\n }\n\n /// @notice Unpause a strategy, allowing its collateral to be active in the AVS\n /// @param strategy The strategy to unpause\n function unpauseStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n _strategyWhitelist.unpause(_now(), OPERATORS_REGISTRY.EPOCH_DURATION(), strategy);\n emit StrategyUnpaused(strategy);\n }\n\n /// @notice Remove a strategy from the whitelist\n /// @param strategy The strategy to remove\n /// @dev Strategies must be paused for an EPOCH_DURATION before they can be removed\n function removeStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n // NOTE: we use _now() - 1 to ensure that the strategy is removed in the current epoch.\n _strategyWhitelist.unregister(_now() - 1, OPERATORS_REGISTRY.EPOCH_DURATION(), strategy);\n emit StrategyRemoved(strategy);\n }\n\n /// @notice Create new operator sets for this AVS\n /// @param params The parameters for creating the operator sets\n function createOperatorSets(\n IAllocationManagerTypes.CreateSetParams[] calldata params\n ) public onlyOwner {\n for (uint256 i = 0; i < params.length; i++) {\n _checkAreAllStrategiesWhitelisted(params[i].strategies);\n }\n\n ALLOCATION_MANAGER.createOperatorSets(address(this), params);\n }\n\n /// @notice Add strategies to an operator set\n /// @param operatorSetId The ID of the operator set to add strategies to\n /// @param strategies The strategies to add\n function addStrategiesToOperatorSet(uint32 operatorSetId, IStrategy[] calldata strategies) public onlyOwner {\n _checkAreAllStrategiesWhitelisted(strategies);\n\n ALLOCATION_MANAGER.addStrategiesToOperatorSet(address(this), operatorSetId, strategies);\n }\n\n /// @notice Remove strategies from an operator set\n /// @param operatorSetId The ID of the operator set to remove strategies from\n /// @param strategies The strategies to remove\n function removeStrategiesFromOperatorSet(uint32 operatorSetId, IStrategy[] calldata strategies) public onlyOwner {\n ALLOCATION_MANAGER.removeStrategiesFromOperatorSet(address(this), operatorSetId, strategies);\n }\n\n /// @notice Update the AllocationManager address\n /// @param newAllocationManager The new AllocationManager address\n function updateAllocationManagerAddress(\n address newAllocationManager\n ) public onlyOwner {\n ALLOCATION_MANAGER = IAllocationManager(newAllocationManager);\n }\n\n /// @notice Update the AVSDirectory address\n /// @param newAVSDirectory The new AVSDirectory address\n function updateAVSDirectoryAddress(\n address newAVSDirectory\n ) public onlyOwner {\n AVS_DIRECTORY = IAVSDirectory(newAVSDirectory);\n }\n\n /// @notice Update the StrategyManager address\n /// @param newStrategyManager The new StrategyManager address\n function updateStrategyManagerAddress(\n address newStrategyManager\n ) public onlyOwner {\n STRATEGY_MANAGER = IStrategyManager(newStrategyManager);\n }\n\n /// @notice Update the DelegationManager address\n /// @param newDelegationManager The new DelegationManager address\n function updateDelegationManagerAddress(\n address newDelegationManager\n ) public onlyOwner {\n DELEGATION_MANAGER = IDelegationManager(newDelegationManager);\n }\n\n /// @notice Update the OperatorsRegistry address\n /// @param newOperatorsRegistry The new OperatorsRegistry address\n function updateOperatorsRegistryAddress(\n address newOperatorsRegistry\n ) public onlyOwner {\n OPERATORS_REGISTRY = IOperatorsRegistryV1(newOperatorsRegistry);\n }\n\n // ========== Internal helpers ========== //\n\n /// @notice Check if ALL the given strategies are whitelisted.\n /// If any of the strategies are not whitelisted, the function will revert.\n /// @param strategies The strategies to check\n function _checkAreAllStrategiesWhitelisted(\n IStrategy[] calldata strategies\n ) internal view {\n for (uint256 i = 0; i < strategies.length; i++) {\n require(_strategyWhitelist.contains(address(strategies[i])), UnauthorizedStrategy());\n }\n }\n\n /// @notice Get all the active strategies at a given timestamp\n /// @param timestamp The timestamp to get the active strategies at\n /// @return The array of active strategies\n function _getActiveStrategiesAt(\n uint48 timestamp\n ) internal view returns (IStrategy[] memory) {\n uint256 activeCount = 0;\n address[] memory activeStrategies = new address[](_strategyWhitelist.length());\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (address strategy, uint48 enabledAt, uint48 disabledAt) = _strategyWhitelist.at(i);\n\n if (_wasEnabledAt(enabledAt, disabledAt, timestamp)) {\n activeStrategies[activeCount] = strategy;\n activeCount++;\n }\n }\n\n // Resize the array to the actual number of active strategies\n IStrategy[] memory result = new IStrategy[](activeCount);\n for (uint256 i = 0; i < activeCount; i++) {\n result[i] = IStrategy(activeStrategies[i]);\n }\n return result;\n }\n\n /// @notice Check if a map entry was active at a given timestamp.\n /// @param enabledAt The enabled time of the map entry.\n /// @param disabledAt The disabled time of the map entry.\n /// @param timestamp The timestamp to check the map entry status at.\n /// @return True if the map entry was active at the given timestamp, false otherwise.\n function _wasEnabledAt(uint48 enabledAt, uint48 disabledAt, uint48 timestamp) internal pure returns (bool) {\n return enabledAt != 0 && enabledAt <= timestamp && (disabledAt == 0 || disabledAt >= timestamp);\n }\n\n /// @notice Returns the timestamp of the current epoch.\n /// @return timestamp The current epoch timestamp.\n function _now() internal view returns (uint48) {\n return OPERATORS_REGISTRY.getCurrentEpochStartTimestamp();\n }\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)\n\npragma solidity ^0.8.20;\n\nimport {ContextUpgradeable} from \"../utils/ContextUpgradeable.sol\";\nimport {Initializable} from \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module which provides a basic access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * The initial owner is set to the address provided by the deployer. This can\n * later be changed with {transferOwnership}.\n *\n * This module is used through inheritance. It will make available the modifier\n * `onlyOwner`, which can be applied to your functions to restrict their use to\n * the owner.\n */\nabstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {\n /// @custom:storage-location erc7201:openzeppelin.storage.Ownable\n struct OwnableStorage {\n address _owner;\n }\n\n // keccak256(abi.encode(uint256(keccak256(\"openzeppelin.storage.Ownable\")) - 1)) & ~bytes32(uint256(0xff))\n bytes32 private constant OwnableStorageLocation = 0x9016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c199300;\n\n function _getOwnableStorage() private pure returns (OwnableStorage storage $) {\n assembly {\n $.slot := OwnableStorageLocation\n }\n }\n\n /**\n * @dev The caller account is not authorized to perform an operation.\n */\n error OwnableUnauthorizedAccount(address account);\n\n /**\n * @dev The owner is not a valid owner account. (eg. `address(0)`)\n */\n error OwnableInvalidOwner(address owner);\n\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Initializes the contract setting the address provided by the deployer as the initial owner.\n */\n function __Ownable_init(address initialOwner) internal onlyInitializing {\n __Ownable_init_unchained(initialOwner);\n }\n\n function __Ownable_init_unchained(address initialOwner) internal onlyInitializing {\n if (initialOwner == address(0)) {\n revert OwnableInvalidOwner(address(0));\n }\n _transferOwnership(initialOwner);\n }\n\n /**\n * @dev Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n _checkOwner();\n _;\n }\n\n /**\n * @dev Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n OwnableStorage storage $ = _getOwnableStorage();\n return $._owner;\n }\n\n /**\n * @dev Throws if the sender is not the owner.\n */\n function _checkOwner() internal view virtual {\n if (owner() != _msgSender()) {\n revert OwnableUnauthorizedAccount(_msgSender());\n }\n }\n\n /**\n * @dev Leaves the contract without owner. It will not be possible to call\n * `onlyOwner` functions. Can only be called by the current owner.\n *\n * NOTE: Renouncing ownership will leave the contract without an owner,\n * thereby disabling any functionality that is only available to the owner.\n */\n function renounceOwnership() public virtual onlyOwner {\n _transferOwnership(address(0));\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual onlyOwner {\n if (newOwner == address(0)) {\n revert OwnableInvalidOwner(address(0));\n }\n _transferOwnership(newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual {\n OwnableStorage storage $ = _getOwnableStorage();\n address oldOwner = $._owner;\n $._owner = newOwner;\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/utils/UUPSUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (proxy/utils/UUPSUpgradeable.sol)\n\npragma solidity ^0.8.22;\n\nimport {IERC1822Proxiable} from \"../../interfaces/draft-IERC1822.sol\";\nimport {ERC1967Utils} from \"../ERC1967/ERC1967Utils.sol\";\n\n/**\n * @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an\n * {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.\n *\n * A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is\n * reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing\n * `UUPSUpgradeable` with a custom implementation of upgrades.\n *\n * The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.\n */\nabstract contract UUPSUpgradeable is IERC1822Proxiable {\n /// @custom:oz-upgrades-unsafe-allow state-variable-immutable\n address private immutable __self = address(this);\n\n /**\n * @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`\n * and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,\n * while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.\n * If the getter returns `\"5.0.0\"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must\n * be the empty byte string if no function should be called, making it impossible to invoke the `receive` function\n * during an upgrade.\n */\n string public constant UPGRADE_INTERFACE_VERSION = \"5.0.0\";\n\n /**\n * @dev The call is from an unauthorized context.\n */\n error UUPSUnauthorizedCallContext();\n\n /**\n * @dev The storage `slot` is unsupported as a UUID.\n */\n error UUPSUnsupportedProxiableUUID(bytes32 slot);\n\n /**\n * @dev Check that the execution is being performed through a delegatecall call and that the execution context is\n * a proxy contract with an implementation (as defined in ERC-1967) pointing to self. This should only be the case\n * for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a\n * function through ERC-1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to\n * fail.\n */\n modifier onlyProxy() {\n _checkProxy();\n _;\n }\n\n /**\n * @dev Check that the execution is not being performed through a delegate call. This allows a function to be\n * callable on the implementing contract but not through proxies.\n */\n modifier notDelegated() {\n _checkNotDelegated();\n _;\n }\n\n /**\n * @dev Implementation of the ERC-1822 {proxiableUUID} function. This returns the storage slot used by the\n * implementation. It is used to validate the implementation's compatibility when performing an upgrade.\n *\n * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks\n * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this\n * function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.\n */\n function proxiableUUID() external view virtual notDelegated returns (bytes32) {\n return ERC1967Utils.IMPLEMENTATION_SLOT;\n }\n\n /**\n * @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call\n * encoded in `data`.\n *\n * Calls {_authorizeUpgrade}.\n *\n * Emits an {Upgraded} event.\n *\n * @custom:oz-upgrades-unsafe-allow-reachable delegatecall\n */\n function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {\n _authorizeUpgrade(newImplementation);\n _upgradeToAndCallUUPS(newImplementation, data);\n }\n\n /**\n * @dev Reverts if the execution is not performed via delegatecall or the execution\n * context is not of a proxy with an ERC-1967 compliant implementation pointing to self.\n * See {_onlyProxy}.\n */\n function _checkProxy() internal view virtual {\n if (\n address(this) == __self || // Must be called through delegatecall\n ERC1967Utils.getImplementation() != __self // Must be called through an active proxy\n ) {\n revert UUPSUnauthorizedCallContext();\n }\n }\n\n /**\n * @dev Reverts if the execution is performed via delegatecall.\n * See {notDelegated}.\n */\n function _checkNotDelegated() internal view virtual {\n if (address(this) != __self) {\n // Must not be called through delegatecall\n revert UUPSUnauthorizedCallContext();\n }\n }\n\n /**\n * @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by\n * {upgradeToAndCall}.\n *\n * Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.\n *\n * ```solidity\n * function _authorizeUpgrade(address) internal onlyOwner {}\n * ```\n */\n function _authorizeUpgrade(address newImplementation) internal virtual;\n\n /**\n * @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.\n *\n * As a security check, {proxiableUUID} is invoked in the new implementation, and the return value\n * is expected to be the implementation slot in ERC-1967.\n *\n * Emits an {IERC1967-Upgraded} event.\n */\n function _upgradeToAndCallUUPS(address newImplementation, bytes memory data) private {\n try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {\n if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {\n revert UUPSUnsupportedProxiableUUID(slot);\n }\n ERC1967Utils.upgradeToAndCall(newImplementation, data);\n } catch {\n // The implementation is not UUPS\n revert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/types/Time.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/types/Time.sol)\n\npragma solidity ^0.8.20;\n\nimport {Math} from \"../math/Math.sol\";\nimport {SafeCast} from \"../math/SafeCast.sol\";\n\n/**\n * @dev This library provides helpers for manipulating time-related objects.\n *\n * It uses the following types:\n * - `uint48` for timepoints\n * - `uint32` for durations\n *\n * While the library doesn't provide specific types for timepoints and duration, it does provide:\n * - a `Delay` type to represent duration that can be programmed to change value automatically at a given point\n * - additional helper functions\n */\nlibrary Time {\n using Time for *;\n\n /**\n * @dev Get the block timestamp as a Timepoint.\n */\n function timestamp() internal view returns (uint48) {\n return SafeCast.toUint48(block.timestamp);\n }\n\n /**\n * @dev Get the block number as a Timepoint.\n */\n function blockNumber() internal view returns (uint48) {\n return SafeCast.toUint48(block.number);\n }\n\n // ==================================================== Delay =====================================================\n /**\n * @dev A `Delay` is a uint32 duration that can be programmed to change value automatically at a given point in the\n * future. The \"effect\" timepoint describes when the transitions happens from the \"old\" value to the \"new\" value.\n * This allows updating the delay applied to some operation while keeping some guarantees.\n *\n * In particular, the {update} function guarantees that if the delay is reduced, the old delay still applies for\n * some time. For example if the delay is currently 7 days to do an upgrade, the admin should not be able to set\n * the delay to 0 and upgrade immediately. If the admin wants to reduce the delay, the old delay (7 days) should\n * still apply for some time.\n *\n *\n * The `Delay` type is 112 bits long, and packs the following:\n *\n * ```\n * | [uint48]: effect date (timepoint)\n * | | [uint32]: value before (duration)\n * ↓ ↓ ↓ [uint32]: value after (duration)\n * 0xAAAAAAAAAAAABBBBBBBBCCCCCCCC\n * ```\n *\n * NOTE: The {get} and {withUpdate} functions operate using timestamps. Block number based delays are not currently\n * supported.\n */\n type Delay is uint112;\n\n /**\n * @dev Wrap a duration into a Delay to add the one-step \"update in the future\" feature\n */\n function toDelay(uint32 duration) internal pure returns (Delay) {\n return Delay.wrap(duration);\n }\n\n /**\n * @dev Get the value at a given timepoint plus the pending value and effect timepoint if there is a scheduled\n * change after this timepoint. If the effect timepoint is 0, then the pending value should not be considered.\n */\n function _getFullAt(\n Delay self,\n uint48 timepoint\n ) private pure returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n (valueBefore, valueAfter, effect) = self.unpack();\n return effect <= timepoint ? (valueAfter, 0, 0) : (valueBefore, valueAfter, effect);\n }\n\n /**\n * @dev Get the current value plus the pending value and effect timepoint if there is a scheduled change. If the\n * effect timepoint is 0, then the pending value should not be considered.\n */\n function getFull(Delay self) internal view returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n return _getFullAt(self, timestamp());\n }\n\n /**\n * @dev Get the current value.\n */\n function get(Delay self) internal view returns (uint32) {\n (uint32 delay, , ) = self.getFull();\n return delay;\n }\n\n /**\n * @dev Update a Delay object so that it takes a new duration after a timepoint that is automatically computed to\n * enforce the old delay at the moment of the update. Returns the updated Delay object and the timestamp when the\n * new delay becomes effective.\n */\n function withUpdate(\n Delay self,\n uint32 newValue,\n uint32 minSetback\n ) internal view returns (Delay updatedDelay, uint48 effect) {\n uint32 value = self.get();\n uint32 setback = uint32(Math.max(minSetback, value > newValue ? value - newValue : 0));\n effect = timestamp() + setback;\n return (pack(value, newValue, effect), effect);\n }\n\n /**\n * @dev Split a delay into its components: valueBefore, valueAfter and effect (transition timepoint).\n */\n function unpack(Delay self) internal pure returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n uint112 raw = Delay.unwrap(self);\n\n valueAfter = uint32(raw);\n valueBefore = uint32(raw >> 32);\n effect = uint48(raw >> 64);\n\n return (valueBefore, valueAfter, effect);\n }\n\n /**\n * @dev pack the components into a Delay object.\n */\n function pack(uint32 valueBefore, uint32 valueAfter, uint48 effect) internal pure returns (Delay) {\n return Delay.wrap((uint112(effect) << 64) | (uint112(valueBefore) << 32) | uint112(valueAfter));\n }\n}\n" - }, - "lib/middleware-sdk/src/libraries/PauseableEnumerableSet.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.25;\n\n/**\n * @title PauseableEnumerableSet\n * @notice Library for managing sets of values that can be paused and unpaused\n * @dev Provides functionality for managing sets of addresses, uint160s, bytes32s and bytes values\n * Each value in a set has an associated status that tracks when it was enabled/disabled\n */\nlibrary PauseableEnumerableSet {\n using PauseableEnumerableSet for Inner160;\n using PauseableEnumerableSet for Uint160Set;\n using PauseableEnumerableSet for InnerBytes32;\n using PauseableEnumerableSet for InnerBytes;\n using PauseableEnumerableSet for Status;\n\n error AlreadyRegistered();\n error NotRegistered();\n error AlreadyEnabled();\n error NotEnabled();\n error Enabled();\n error ImmutablePeriodNotPassed();\n\n /**\n * @dev Stores the enabled and disabled timestamps for a value\n */\n struct Status {\n uint48 enabled;\n uint48 disabled;\n }\n\n /**\n * @dev Stores a uint160 value and its status\n */\n struct Inner160 {\n uint160 value;\n Status status;\n }\n\n /**\n * @dev Stores a bytes32 value and its status\n */\n struct InnerBytes32 {\n bytes32 value;\n Status status;\n }\n\n /**\n * @dev Stores a bytes value and its status\n */\n struct InnerBytes {\n bytes value;\n Status status;\n }\n\n /**\n * @dev Set of uint160 values with their statuses\n */\n struct Uint160Set {\n Inner160[] array;\n mapping(uint160 => uint256) positions;\n }\n\n /**\n * @dev Set of address values, implemented using Uint160Set\n */\n struct AddressSet {\n Uint160Set set;\n }\n\n /**\n * @dev Set of bytes32 values with their statuses\n */\n struct Bytes32Set {\n InnerBytes32[] array;\n mapping(bytes32 => uint256) positions;\n }\n\n /**\n * @dev Set of bytes values with their statuses\n */\n struct BytesSet {\n InnerBytes[] array;\n mapping(bytes => uint256) positions;\n }\n\n /**\n * @notice Sets the initial status of a value\n * @param self The status to modify\n * @param timestamp The timestamp to set as enabled\n */\n function set(Status storage self, uint48 timestamp) internal {\n self.enabled = timestamp;\n self.disabled = 0;\n }\n\n /**\n * @notice Enables a previously disabled value\n * @param self The status to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n */\n function enable(Status storage self, uint48 timestamp, uint48 immutablePeriod) internal {\n if (self.enabled != 0) revert AlreadyEnabled();\n if (self.disabled + immutablePeriod > timestamp) revert ImmutablePeriodNotPassed();\n\n self.enabled = timestamp;\n self.disabled = 0;\n }\n\n /**\n * @notice Disables an enabled value\n * @param self The status to modify\n * @param timestamp The timestamp to set as disabled\n */\n function disable(Status storage self, uint48 timestamp) internal {\n if (self.disabled != 0) revert NotEnabled();\n self.enabled = 0;\n self.disabled = timestamp;\n }\n\n /**\n * @notice Validates if a value can be unregistered\n * @param self The status to check\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n */\n function validateUnregister(Status storage self, uint48 timestamp, uint48 immutablePeriod) internal view {\n if (self.enabled != 0 || self.disabled == 0) revert Enabled();\n if (self.disabled + immutablePeriod > timestamp) revert ImmutablePeriodNotPassed();\n }\n\n /**\n * @notice Checks if a value can be unregistered\n * @param self The status to check\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @return bool Whether the value can be unregistered\n */\n function checkUnregister(\n Status storage self,\n uint48 timestamp,\n uint48 immutablePeriod\n ) internal view returns (bool) {\n return self.enabled == 0 && self.disabled != 0 && self.disabled + immutablePeriod <= timestamp;\n }\n\n /**\n * @notice Checks if a value was active at a given timestamp\n * @param self The status to check\n * @param timestamp The timestamp to check\n * @return bool Whether the value was active\n */\n function wasActiveAt(Status storage self, uint48 timestamp) internal view returns (bool) {\n return self.enabled < timestamp && (self.disabled == 0 || self.disabled >= timestamp);\n }\n\n /**\n * @notice Gets the value and status for an Inner160\n * @param self The Inner160 to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n Inner160 storage self\n ) internal view returns (uint160, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n /**\n * @notice Gets the value and status for an InnerBytes32\n * @param self The InnerBytes32 to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n InnerBytes32 storage self\n ) internal view returns (bytes32, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n /**\n * @notice Gets the value and status for an InnerBytes\n * @param self The InnerBytes to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n InnerBytes storage self\n ) internal view returns (bytes memory, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n // AddressSet functions\n\n /**\n * @notice Gets the number of addresses in the set\n * @param self The AddressSet to query\n * @return uint256 The number of addresses\n */\n function length(\n AddressSet storage self\n ) internal view returns (uint256) {\n return self.set.length();\n }\n\n /**\n * @notice Gets the address and status at a given position\n * @param self The AddressSet to query\n * @param pos The position to query\n * @return The address, enabled timestamp, and disabled timestamp\n */\n function at(AddressSet storage self, uint256 pos) internal view returns (address, uint48, uint48) {\n (uint160 value, uint48 enabled, uint48 disabled) = self.set.at(pos);\n return (address(value), enabled, disabled);\n }\n\n /**\n * @notice Gets all active addresses at a given timestamp\n * @param self The AddressSet to query\n * @param timestamp The timestamp to check\n * @return array Array of active addresses\n */\n function getActive(AddressSet storage self, uint48 timestamp) internal view returns (address[] memory array) {\n uint160[] memory uint160Array = self.set.getActive(timestamp);\n assembly {\n array := uint160Array\n }\n return array;\n }\n\n /**\n * @notice Checks if an address was active at a given timestamp\n * @param self The AddressSet to query\n * @param timestamp The timestamp to check\n * @param addr The address to check\n * @return bool Whether the address was active\n */\n function wasActiveAt(AddressSet storage self, uint48 timestamp, address addr) internal view returns (bool) {\n return self.set.wasActiveAt(timestamp, uint160(addr));\n }\n\n /**\n * @notice Registers a new address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param addr The address to register\n */\n function register(AddressSet storage self, uint48 timestamp, address addr) internal {\n self.set.register(timestamp, uint160(addr));\n }\n\n /**\n * @notice Pauses an address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as disabled\n * @param addr The address to pause\n */\n function pause(AddressSet storage self, uint48 timestamp, address addr) internal {\n self.set.pause(timestamp, uint160(addr));\n }\n\n /**\n * @notice Unpauses an address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param addr The address to unpause\n */\n function unpause(AddressSet storage self, uint48 timestamp, uint48 immutablePeriod, address addr) internal {\n self.set.unpause(timestamp, immutablePeriod, uint160(addr));\n }\n\n /**\n * @notice Checks if an address can be unregistered\n * @param self The AddressSet to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The address to check\n * @return bool Whether the address can be unregistered\n */\n function checkUnregister(\n AddressSet storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n address value\n ) internal view returns (bool) {\n uint256 pos = self.set.positions[uint160(value)];\n if (pos == 0) return false;\n return self.set.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters an address\n * @param self The AddressSet to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param addr The address to unregister\n */\n function unregister(AddressSet storage self, uint48 timestamp, uint48 immutablePeriod, address addr) internal {\n self.set.unregister(timestamp, immutablePeriod, uint160(addr));\n }\n\n /**\n * @notice Checks if an address is registered\n * @param self The AddressSet to query\n * @param addr The address to check\n * @return bool Whether the address is registered\n */\n function contains(AddressSet storage self, address addr) internal view returns (bool) {\n return self.set.contains(uint160(addr));\n }\n\n // Uint160Set functions\n\n /**\n * @notice Gets the number of uint160s in the set\n * @param self The Uint160Set to query\n * @return uint256 The number of uint160s\n */\n function length(\n Uint160Set storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the uint160 and status at a given position\n * @param self The Uint160Set to query\n * @param pos The position to query\n * @return The uint160, enabled timestamp, and disabled timestamp\n */\n function at(Uint160Set storage self, uint256 pos) internal view returns (uint160, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active uint160s at a given timestamp\n * @param self The Uint160Set to query\n * @param timestamp The timestamp to check\n * @return array Array of active uint160s\n */\n function getActive(Uint160Set storage self, uint48 timestamp) internal view returns (uint160[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new uint160[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a uint160 was active at a given timestamp\n * @param self The Uint160Set to query\n * @param timestamp The timestamp to check\n * @param value The uint160 to check\n * @return bool Whether the uint160 was active\n */\n function wasActiveAt(Uint160Set storage self, uint48 timestamp, uint160 value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The uint160 to register\n */\n function register(Uint160Set storage self, uint48 timestamp, uint160 value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n Inner160 storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = self.array.length;\n }\n\n /**\n * @notice Pauses a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The uint160 to pause\n */\n function pause(Uint160Set storage self, uint48 timestamp, uint160 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The uint160 to unpause\n */\n function unpause(Uint160Set storage self, uint48 timestamp, uint48 immutablePeriod, uint160 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The uint160 to unregister\n */\n function unregister(Uint160Set storage self, uint48 timestamp, uint48 immutablePeriod, uint160 value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a uint160 is registered\n * @param self The Uint160Set to query\n * @param value The uint160 to check\n * @return bool Whether the uint160 is registered\n */\n function contains(Uint160Set storage self, uint160 value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n\n // Bytes32Set functions\n\n /**\n * @notice Gets the number of bytes32s in the set\n * @param self The Bytes32Set to query\n * @return uint256 The number of bytes32s\n */\n function length(\n Bytes32Set storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the bytes32 and status at a given position\n * @param self The Bytes32Set to query\n * @param pos The position to query\n * @return The bytes32, enabled timestamp, and disabled timestamp\n */\n function at(Bytes32Set storage self, uint256 pos) internal view returns (bytes32, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active bytes32s at a given timestamp\n * @param self The Bytes32Set to query\n * @param timestamp The timestamp to check\n * @return array Array of active bytes32s\n */\n function getActive(Bytes32Set storage self, uint48 timestamp) internal view returns (bytes32[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new bytes32[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a bytes32 was active at a given timestamp\n * @param self The Bytes32Set to query\n * @param timestamp The timestamp to check\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 was active\n */\n function wasActiveAt(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The bytes32 to register\n */\n function register(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n uint256 pos = self.array.length;\n InnerBytes32 storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = pos + 1;\n }\n\n /**\n * @notice Pauses a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The bytes32 to pause\n */\n function pause(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to unpause\n */\n function unpause(Bytes32Set storage self, uint48 timestamp, uint48 immutablePeriod, bytes32 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Checks if a bytes32 can be unregistered\n * @param self The Bytes32Set to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 can be unregistered\n */\n function checkUnregister(\n Bytes32Set storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n bytes32 value\n ) internal view returns (bool) {\n uint256 pos = self.positions[value];\n if (pos == 0) return false;\n return self.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to unregister\n */\n function unregister(Bytes32Set storage self, uint48 timestamp, uint48 immutablePeriod, bytes32 value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a bytes32 is registered\n * @param self The Bytes32Set to query\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 is registered\n */\n function contains(Bytes32Set storage self, bytes32 value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n\n // BytesSet functions\n\n /**\n * @notice Gets the number of bytes values in the set\n * @param self The BytesSet to query\n * @return uint256 The number of bytes values\n */\n function length(\n BytesSet storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the bytes value and status at a given position\n * @param self The BytesSet to query\n * @param pos The position to query\n * @return The bytes value, enabled timestamp, and disabled timestamp\n */\n function at(BytesSet storage self, uint256 pos) internal view returns (bytes memory, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active bytes values at a given timestamp\n * @param self The BytesSet to query\n * @param timestamp The timestamp to check\n * @return array Array of active bytes values\n */\n function getActive(BytesSet storage self, uint48 timestamp) internal view returns (bytes[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new bytes[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a bytes value was active at a given timestamp\n * @param self The BytesSet to query\n * @param timestamp The timestamp to check\n * @param value The bytes value to check\n * @return bool Whether the bytes value was active\n */\n function wasActiveAt(BytesSet storage self, uint48 timestamp, bytes memory value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The bytes value to register\n */\n function register(BytesSet storage self, uint48 timestamp, bytes memory value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n uint256 pos = self.array.length;\n InnerBytes storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = pos + 1;\n }\n\n /**\n * @notice Pauses a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The bytes value to pause\n */\n function pause(BytesSet storage self, uint48 timestamp, bytes memory value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to unpause\n */\n function unpause(BytesSet storage self, uint48 timestamp, uint48 immutablePeriod, bytes memory value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Checks if a bytes value can be unregistered\n * @param self The BytesSet to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to check\n * @return bool Whether the bytes value can be unregistered\n */\n function checkUnregister(\n BytesSet storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n bytes memory value\n ) internal view returns (bool) {\n uint256 pos = self.positions[value];\n if (pos == 0) return false;\n return self.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to unregister\n */\n function unregister(BytesSet storage self, uint48 timestamp, uint48 immutablePeriod, bytes memory value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a bytes value is registered\n * @param self The BytesSet to query\n * @param value The bytes value to check\n * @return bool Whether the bytes value is registered\n */\n function contains(BytesSet storage self, bytes memory value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAllocationManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport {OperatorSet} from \"../libraries/OperatorSetLib.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./IStrategy.sol\";\nimport \"./IAVSRegistrar.sol\";\n\ninterface IAllocationManagerErrors {\n /// Input Validation\n\n /// @dev Thrown when `wadToSlash` is zero or greater than 1e18\n error InvalidWadToSlash();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n\n /// Caller\n\n /// @dev Thrown when caller is not authorized to call a function.\n error InvalidCaller();\n\n /// Operator Status\n\n /// @dev Thrown when an invalid operator is provided.\n error InvalidOperator();\n /// @dev Thrown when an operator's allocation delay has yet to be set.\n error UninitializedAllocationDelay();\n /// @dev Thrown when attempting to slash an operator when they are not slashable.\n error OperatorNotSlashable();\n /// @dev Thrown when trying to add an operator to a set they are already a member of\n error AlreadyMemberOfSet();\n /// @dev Thrown when trying to slash/remove an operator from a set they are not a member of\n error NotMemberOfSet();\n\n /// Operator Set Status\n\n /// @dev Thrown when an invalid operator set is provided.\n error InvalidOperatorSet();\n /// @dev Thrown when provided `strategies` are not in ascending order.\n error StrategiesMustBeInAscendingOrder();\n /// @dev Thrown when trying to add a strategy to an operator set that already contains it.\n error StrategyAlreadyInOperatorSet();\n /// @dev Thrown when a strategy is referenced that does not belong to an operator set.\n error StrategyNotInOperatorSet();\n\n /// Modifying Allocations\n\n /// @dev Thrown when an operator attempts to set their allocation for an operatorSet to the same value\n error SameMagnitude();\n /// @dev Thrown when an allocation is attempted for a given operator when they have pending allocations or deallocations.\n error ModificationAlreadyPending();\n /// @dev Thrown when an allocation is attempted that exceeds a given operators total allocatable magnitude.\n error InsufficientMagnitude();\n}\n\ninterface IAllocationManagerTypes {\n /**\n * @notice Defines allocation information from a strategy to an operator set, for an operator\n * @param currentMagnitude the current magnitude allocated from the strategy to the operator set\n * @param pendingDiff a pending change in magnitude, if it exists (0 otherwise)\n * @param effectBlock the block at which the pending magnitude diff will take effect\n */\n struct Allocation {\n uint64 currentMagnitude;\n int128 pendingDiff;\n uint32 effectBlock;\n }\n\n /**\n * @notice Struct containing allocation delay metadata for a given operator.\n * @param delay Current allocation delay\n * @param isSet Whether the operator has initially set an allocation delay. Note that this could be false but the\n * block.number >= effectBlock in which we consider their delay to be configured and active.\n * @param pendingDelay The delay that will take effect after `effectBlock`\n * @param effectBlock The block number after which a pending delay will take effect\n */\n struct AllocationDelayInfo {\n uint32 delay;\n bool isSet;\n uint32 pendingDelay;\n uint32 effectBlock;\n }\n\n /**\n * @notice Contains registration details for an operator pertaining to an operator set\n * @param registered Whether the operator is currently registered for the operator set\n * @param slashableUntil If the operator is not registered, they are still slashable until\n * this block is reached.\n */\n struct RegistrationStatus {\n bool registered;\n uint32 slashableUntil;\n }\n\n /**\n * @notice Contains allocation info for a specific strategy\n * @param maxMagnitude the maximum magnitude that can be allocated between all operator sets\n * @param encumberedMagnitude the currently-allocated magnitude for the strategy\n */\n struct StrategyInfo {\n uint64 maxMagnitude;\n uint64 encumberedMagnitude;\n }\n\n /**\n * @notice Struct containing parameters to slashing\n * @param operator the address to slash\n * @param operatorSetId the ID of the operatorSet the operator is being slashed on behalf of\n * @param strategies the set of strategies to slash\n * @param wadsToSlash the parts in 1e18 to slash, this will be proportional to the operator's\n * slashable stake allocation for the operatorSet\n * @param description the description of the slashing provided by the AVS for legibility\n */\n struct SlashingParams {\n address operator;\n uint32 operatorSetId;\n IStrategy[] strategies;\n uint256[] wadsToSlash;\n string description;\n }\n\n /**\n * @notice struct used to modify the allocation of slashable magnitude to an operator set\n * @param operatorSet the operator set to modify the allocation for\n * @param strategies the strategies to modify allocations for\n * @param newMagnitudes the new magnitude to allocate for each strategy to this operator set\n */\n struct AllocateParams {\n OperatorSet operatorSet;\n IStrategy[] strategies;\n uint64[] newMagnitudes;\n }\n\n /**\n * @notice Parameters used to register for an AVS's operator sets\n * @param avs the AVS being registered for\n * @param operatorSetIds the operator sets within the AVS to register for\n * @param data extra data to be passed to the AVS to complete registration\n */\n struct RegisterParams {\n address avs;\n uint32[] operatorSetIds;\n bytes data;\n }\n\n /**\n * @notice Parameters used to deregister from an AVS's operator sets\n * @param operator the operator being deregistered\n * @param avs the avs being deregistered from\n * @param operatorSetIds the operator sets within the AVS being deregistered from\n */\n struct DeregisterParams {\n address operator;\n address avs;\n uint32[] operatorSetIds;\n }\n\n /**\n * @notice Parameters used by an AVS to create new operator sets\n * @param operatorSetId the id of the operator set to create\n * @param strategies the strategies to add as slashable to the operator set\n */\n struct CreateSetParams {\n uint32 operatorSetId;\n IStrategy[] strategies;\n }\n}\n\ninterface IAllocationManagerEvents is IAllocationManagerTypes {\n /// @notice Emitted when operator updates their allocation delay.\n event AllocationDelaySet(address operator, uint32 delay, uint32 effectBlock);\n\n /// @notice Emitted when an operator's magnitude is updated for a given operatorSet and strategy\n event AllocationUpdated(\n address operator, OperatorSet operatorSet, IStrategy strategy, uint64 magnitude, uint32 effectBlock\n );\n\n /// @notice Emitted when operator's encumbered magnitude is updated for a given strategy\n event EncumberedMagnitudeUpdated(address operator, IStrategy strategy, uint64 encumberedMagnitude);\n\n /// @notice Emitted when an operator's max magnitude is updated for a given strategy\n event MaxMagnitudeUpdated(address operator, IStrategy strategy, uint64 maxMagnitude);\n\n /// @notice Emitted when an operator is slashed by an operator set for a strategy\n /// `wadSlashed` is the proportion of the operator's total delegated stake that was slashed\n event OperatorSlashed(\n address operator, OperatorSet operatorSet, IStrategy[] strategies, uint256[] wadSlashed, string description\n );\n\n /// @notice Emitted when an AVS configures the address that will handle registration/deregistration\n event AVSRegistrarSet(address avs, IAVSRegistrar registrar);\n\n /// @notice Emitted when an AVS updates their metadata URI (Uniform Resource Identifier).\n /// @dev The URI is never stored; it is simply emitted through an event for off-chain indexing.\n event AVSMetadataURIUpdated(address indexed avs, string metadataURI);\n\n /// @notice Emitted when an operator set is created by an AVS.\n event OperatorSetCreated(OperatorSet operatorSet);\n\n /// @notice Emitted when an operator is added to an operator set.\n event OperatorAddedToOperatorSet(address indexed operator, OperatorSet operatorSet);\n\n /// @notice Emitted when an operator is removed from an operator set.\n event OperatorRemovedFromOperatorSet(address indexed operator, OperatorSet operatorSet);\n\n /// @notice Emitted when a strategy is added to an operator set.\n event StrategyAddedToOperatorSet(OperatorSet operatorSet, IStrategy strategy);\n\n /// @notice Emitted when a strategy is removed from an operator set.\n event StrategyRemovedFromOperatorSet(OperatorSet operatorSet, IStrategy strategy);\n}\n\ninterface IAllocationManager is IAllocationManagerErrors, IAllocationManagerEvents {\n /**\n * @dev Initializes the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Called by an AVS to slash an operator in a given operator set\n */\n function slashOperator(address avs, SlashingParams calldata params) external;\n\n /**\n * @notice Modifies the proportions of slashable stake allocated to an operator set from a list of strategies\n * Note that deallocations remain slashable for DEALLOCATION_DELAY blocks therefore when they are cleared they may\n * free up less allocatable magnitude than initially deallocated.\n * @param operator the operator to modify allocations for\n * @param params array of magnitude adjustments for one or more operator sets\n * @dev Updates encumberedMagnitude for the updated strategies\n */\n function modifyAllocations(address operator, AllocateParams[] calldata params) external;\n\n /**\n * @notice This function takes a list of strategies and for each strategy, removes from the deallocationQueue\n * all clearable deallocations up to max `numToClear` number of deallocations, updating the encumberedMagnitude\n * of the operator as needed.\n *\n * @param operator address to clear deallocations for\n * @param strategies a list of strategies to clear deallocations for\n * @param numToClear a list of number of pending deallocations to clear for each strategy\n *\n * @dev can be called permissionlessly by anyone\n */\n function clearDeallocationQueue(\n address operator,\n IStrategy[] calldata strategies,\n uint16[] calldata numToClear\n ) external;\n\n /**\n * @notice Allows an operator to register for one or more operator sets for an AVS. If the operator\n * has any stake allocated to these operator sets, it immediately becomes slashable.\n * @dev After registering within the ALM, this method calls the AVS Registrar's `IAVSRegistrar.\n * registerOperator` method to complete registration. This call MUST succeed in order for\n * registration to be successful.\n */\n function registerForOperatorSets(address operator, RegisterParams calldata params) external;\n\n /**\n * @notice Allows an operator or AVS to deregister the operator from one or more of the AVS's operator sets.\n * If the operator has any slashable stake allocated to the AVS, it remains slashable until the\n * DEALLOCATION_DELAY has passed.\n * @dev After deregistering within the ALM, this method calls the AVS Registrar's `IAVSRegistrar.\n * deregisterOperator` method to complete deregistration. Unlike when registering, this call MAY FAIL.\n * Failure is permitted to prevent AVSs from being able to maliciously prevent operators from deregistering.\n */\n function deregisterFromOperatorSets(\n DeregisterParams calldata params\n ) external;\n\n /**\n * @notice Called by the delegation manager OR an operator to set an operator's allocation delay.\n * This is set when the operator first registers, and is the number of blocks between an operator\n * allocating magnitude to an operator set, and the magnitude becoming slashable.\n * @param operator The operator to set the delay on behalf of.\n * @param delay the allocation delay in blocks\n */\n function setAllocationDelay(address operator, uint32 delay) external;\n\n /**\n * @notice Called by an AVS to configure the address that is called when an operator registers\n * or is deregistered from the AVS's operator sets. If not set (or set to 0), defaults\n * to the AVS's address.\n * @param registrar the new registrar address\n */\n function setAVSRegistrar(address avs, IAVSRegistrar registrar) external;\n\n /**\n * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated.\n *\n * @param metadataURI The URI for metadata associated with an AVS.\n *\n * @dev Note that the `metadataURI` is *never stored* and is only emitted in the `AVSMetadataURIUpdated` event.\n */\n function updateAVSMetadataURI(address avs, string calldata metadataURI) external;\n\n /**\n * @notice Allows an AVS to create new operator sets, defining strategies that the operator set uses\n */\n function createOperatorSets(address avs, CreateSetParams[] calldata params) external;\n\n /**\n * @notice Allows an AVS to add strategies to an operator set\n * @dev Strategies MUST NOT already exist in the operator set\n * @param avs the avs to set strategies for\n * @param operatorSetId the operator set to add strategies to\n * @param strategies the strategies to add\n */\n function addStrategiesToOperatorSet(address avs, uint32 operatorSetId, IStrategy[] calldata strategies) external;\n\n /**\n * @notice Allows an AVS to remove strategies from an operator set\n * @dev Strategies MUST already exist in the operator set\n * @param avs the avs to remove strategies for\n * @param operatorSetId the operator set to remove strategies from\n * @param strategies the strategies to remove\n */\n function removeStrategiesFromOperatorSet(\n address avs,\n uint32 operatorSetId,\n IStrategy[] calldata strategies\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n\n /**\n * @notice Returns the number of operator sets for the AVS\n * @param avs the AVS to query\n */\n function getOperatorSetCount(\n address avs\n ) external view returns (uint256);\n\n /**\n * @notice Returns the list of operator sets the operator has current or pending allocations/deallocations in\n * @param operator the operator to query\n * @return the list of operator sets the operator has current or pending allocations/deallocations in\n */\n function getAllocatedSets(\n address operator\n ) external view returns (OperatorSet[] memory);\n\n /**\n * @notice Returns the list of strategies an operator has current or pending allocations/deallocations from\n * given a specific operator set.\n * @param operator the operator to query\n * @param operatorSet the operator set to query\n * @return the list of strategies\n */\n function getAllocatedStrategies(\n address operator,\n OperatorSet memory operatorSet\n ) external view returns (IStrategy[] memory);\n\n /**\n * @notice Returns the current/pending stake allocation an operator has from a strategy to an operator set\n * @param operator the operator to query\n * @param operatorSet the operator set to query\n * @param strategy the strategy to query\n * @return the current/pending stake allocation\n */\n function getAllocation(\n address operator,\n OperatorSet memory operatorSet,\n IStrategy strategy\n ) external view returns (Allocation memory);\n\n /**\n * @notice Returns the current/pending stake allocations for multiple operators from a strategy to an operator set\n * @param operators the operators to query\n * @param operatorSet the operator set to query\n * @param strategy the strategy to query\n * @return each operator's allocation\n */\n function getAllocations(\n address[] memory operators,\n OperatorSet memory operatorSet,\n IStrategy strategy\n ) external view returns (Allocation[] memory);\n\n /**\n * @notice Given a strategy, returns a list of operator sets and corresponding stake allocations.\n * @dev Note that this returns a list of ALL operator sets the operator has allocations in. This means\n * some of the returned allocations may be zero.\n * @param operator the operator to query\n * @param strategy the strategy to query\n * @return the list of all operator sets the operator has allocations for\n * @return the corresponding list of allocations from the specific `strategy`\n */\n function getStrategyAllocations(\n address operator,\n IStrategy strategy\n ) external view returns (OperatorSet[] memory, Allocation[] memory);\n\n /**\n * @notice For a strategy, get the amount of magnitude not currently allocated to any operator set\n * @param operator the operator to query\n * @param strategy the strategy to get allocatable magnitude for\n * @return magnitude available to be allocated to an operator set\n */\n function getAllocatableMagnitude(address operator, IStrategy strategy) external view returns (uint64);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategy\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategy the strategy to get the max magnitude for\n * @return the max magnitude for the strategy\n */\n function getMaxMagnitude(address operator, IStrategy strategy) external view returns (uint64);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategies\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategies the strategies to get the max magnitudes for\n * @return the max magnitudes for each strategy\n */\n function getMaxMagnitudes(\n address operator,\n IStrategy[] calldata strategies\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the maximum magnitudes each operator can allocate for the given strategy\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operators the operators to query\n * @param strategy the strategy to get the max magnitudes for\n * @return the max magnitudes for each operator\n */\n function getMaxMagnitudes(\n address[] calldata operators,\n IStrategy strategy\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategies\n * at a given block number\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategies the strategies to get the max magnitudes for\n * @param blockNumber the blockNumber at which to check the max magnitudes\n * @return the max magnitudes for each strategy\n */\n function getMaxMagnitudesAtBlock(\n address operator,\n IStrategy[] calldata strategies,\n uint32 blockNumber\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the time in blocks between an operator allocating slashable magnitude\n * and the magnitude becoming slashable. If the delay has not been set, `isSet` will be false.\n * @dev The operator must have a configured delay before allocating magnitude\n * @param operator The operator to query\n * @return isSet Whether the operator has configured a delay\n * @return delay The time in blocks between allocating magnitude and magnitude becoming slashable\n */\n function getAllocationDelay(\n address operator\n ) external view returns (bool isSet, uint32 delay);\n\n /**\n * @notice Returns a list of all operator sets the operator is registered for\n * @param operator The operator address to query.\n */\n function getRegisteredSets(\n address operator\n ) external view returns (OperatorSet[] memory operatorSets);\n\n /**\n * @notice Returns whether the operator is registered for the operator set\n * @param operator The operator to query\n * @param operatorSet The operator set to query\n */\n function isMemberOfOperatorSet(address operator, OperatorSet memory operatorSet) external view returns (bool);\n\n /**\n * @notice Returns whether the operator set exists\n */\n function isOperatorSet(\n OperatorSet memory operatorSet\n ) external view returns (bool);\n\n /**\n * @notice Returns all the operators registered to an operator set\n * @param operatorSet The operatorSet to query.\n */\n function getMembers(\n OperatorSet memory operatorSet\n ) external view returns (address[] memory operators);\n\n /**\n * @notice Returns the number of operators registered to an operatorSet.\n * @param operatorSet The operatorSet to get the member count for\n */\n function getMemberCount(\n OperatorSet memory operatorSet\n ) external view returns (uint256);\n\n /**\n * @notice Returns the address that handles registration/deregistration for the AVS\n * If not set, defaults to the input address (`avs`)\n */\n function getAVSRegistrar(\n address avs\n ) external view returns (IAVSRegistrar);\n\n /**\n * @notice Returns an array of strategies in the operatorSet.\n * @param operatorSet The operatorSet to query.\n */\n function getStrategiesInOperatorSet(\n OperatorSet memory operatorSet\n ) external view returns (IStrategy[] memory strategies);\n\n /**\n * @notice Returns the minimum amount of stake that will be slashable as of some future block,\n * according to each operator's allocation from each strategy to the operator set.\n * @dev This method queries actual delegated stakes in the DelegationManager and applies\n * each operator's allocation to the stake to produce the slashable stake each allocation\n * represents.\n * @dev This minimum takes into account `futureBlock`, and will omit any pending magnitude\n * diffs that will not be in effect as of `futureBlock`. NOTE that in order to get the true\n * minimum slashable stake as of some future block, `futureBlock` MUST be greater than block.number\n * @dev NOTE that `futureBlock` should be fewer than `DEALLOCATION_DELAY` blocks in the future,\n * or the values returned from this method may not be accurate due to deallocations.\n * @param operatorSet the operator set to query\n * @param operators the list of operators whose slashable stakes will be returned\n * @param strategies the strategies that each slashable stake corresponds to\n * @param futureBlock the block at which to get allocation information. Should be a future block.\n * @return slashableStake a list of slashable stakes, indexed by [operator][strategy]\n */\n function getMinimumSlashableStake(\n OperatorSet memory operatorSet,\n address[] memory operators,\n IStrategy[] memory strategies,\n uint32 futureBlock\n ) external view returns (uint256[][] memory slashableStake);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\n/**\n * @title The interface for common signature utilities.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface ISignatureUtils {\n error InvalidSignature();\n error SignatureExpired();\n\n // @notice Struct that bundles together a signature and an expiration time for the signature. Used primarily for stack management.\n struct SignatureWithExpiry {\n // the signature itself, formatted as a single bytes object\n bytes signature;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n\n // @notice Struct that bundles together a signature, a salt for uniqueness, and an expiration time for the signature. Used primarily for stack management.\n struct SignatureWithSaltAndExpiry {\n // the signature itself, formatted as a single bytes object\n bytes signature;\n // the salt used to generate the signature\n bytes32 salt;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IDelegationManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./IStrategy.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./ISignatureUtils.sol\";\nimport \"../libraries/SlashingLib.sol\";\n\ninterface IDelegationManagerErrors {\n /// @dev Thrown when caller is neither the StrategyManager or EigenPodManager contract.\n error OnlyStrategyManagerOrEigenPodManager();\n /// @dev Thrown when msg.sender is not the EigenPodManager\n error OnlyEigenPodManager();\n /// @dev Throw when msg.sender is not the AllocationManager\n error OnlyAllocationManager();\n\n /// Delegation Status\n\n /// @dev Thrown when an operator attempts to undelegate.\n error OperatorsCannotUndelegate();\n /// @dev Thrown when an account is actively delegated.\n error ActivelyDelegated();\n /// @dev Thrown when an account is not actively delegated.\n error NotActivelyDelegated();\n /// @dev Thrown when `operator` is not a registered operator.\n error OperatorNotRegistered();\n\n /// Invalid Inputs\n\n /// @dev Thrown when attempting to execute an action that was not queued.\n error WithdrawalNotQueued();\n /// @dev Thrown when caller cannot undelegate on behalf of a staker.\n error CallerCannotUndelegate();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n /// @dev Thrown when input arrays length is zero.\n error InputArrayLengthZero();\n\n /// Slashing\n\n /// @dev Thrown when an operator has been fully slashed(maxMagnitude is 0) for a strategy.\n /// or if the staker has had been natively slashed to the point of their beaconChainScalingFactor equalling 0.\n error FullySlashed();\n\n /// Signatures\n\n /// @dev Thrown when attempting to spend a spent eip-712 salt.\n error SaltSpent();\n\n /// Withdrawal Processing\n\n /// @dev Thrown when attempting to withdraw before delay has elapsed.\n error WithdrawalDelayNotElapsed();\n /// @dev Thrown when withdrawer is not the current caller.\n error WithdrawerNotCaller();\n}\n\ninterface IDelegationManagerTypes {\n // @notice Struct used for storing information about a single operator who has registered with EigenLayer\n struct OperatorDetails {\n /// @notice DEPRECATED -- this field is no longer used, payments are handled in RewardsCoordinator.sol\n address __deprecated_earningsReceiver;\n /**\n * @notice Address to verify signatures when a staker wishes to delegate to the operator, as well as controlling \"forced undelegations\".\n * @dev Signature verification follows these rules:\n * 1) If this address is left as address(0), then any staker will be free to delegate to the operator, i.e. no signature verification will be performed.\n * 2) If this address is an EOA (i.e. it has no code), then we follow standard ECDSA signature verification for delegations to the operator.\n * 3) If this address is a contract (i.e. it has code) then we forward a call to the contract and verify that it returns the correct EIP-1271 \"magic value\".\n */\n address delegationApprover;\n /// @notice DEPRECATED -- this field is no longer used. An analogous field is the `allocationDelay` stored in the AllocationManager\n uint32 __deprecated_stakerOptOutWindowBlocks;\n }\n\n /**\n * @notice Abstract struct used in calculating an EIP712 signature for an operator's delegationApprover to approve that a specific staker delegate to the operator.\n * @dev Used in computing the `DELEGATION_APPROVAL_TYPEHASH` and as a reference in the computation of the approverDigestHash in the `_delegate` function.\n */\n struct DelegationApproval {\n // the staker who is delegating\n address staker;\n // the operator being delegated to\n address operator;\n // the operator's provided salt\n bytes32 salt;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n\n /**\n * @dev A struct representing an existing queued withdrawal. After the withdrawal delay has elapsed, this withdrawal can be completed via `completeQueuedWithdrawal`.\n * A `Withdrawal` is created by the `DelegationManager` when `queueWithdrawals` is called. The `withdrawalRoots` hashes returned by `queueWithdrawals` can be used\n * to fetch the corresponding `Withdrawal` from storage (via `getQueuedWithdrawal`).\n *\n * @param staker The address that queued the withdrawal\n * @param delegatedTo The address that the staker was delegated to at the time the withdrawal was queued. Used to determine if additional slashing occurred before\n * this withdrawal became completeable.\n * @param withdrawer The address that will call the contract to complete the withdrawal. Note that this will always equal `staker`; alternate withdrawers are not\n * supported at this time.\n * @param nonce The staker's `cumulativeWithdrawalsQueued` at time of queuing. Used to ensure withdrawals have unique hashes.\n * @param startBlock The block number when the withdrawal was queued.\n * @param strategies The strategies requested for withdrawal when the withdrawal was queued\n * @param scaledShares The staker's deposit shares requested for withdrawal, scaled by the staker's `depositScalingFactor`. Upon completion, these will be\n * scaled by the appropriate slashing factor as of the withdrawal's completable block. The result is what is actually withdrawable.\n */\n struct Withdrawal {\n address staker;\n address delegatedTo;\n address withdrawer;\n uint256 nonce;\n uint32 startBlock;\n IStrategy[] strategies;\n uint256[] scaledShares;\n }\n\n /**\n * @param strategies The strategies to withdraw from\n * @param depositShares For each strategy, the number of deposit shares to withdraw. Deposit shares can\n * be queried via `getDepositedShares`.\n * NOTE: The number of shares ultimately received when a withdrawal is completed may be lower depositShares\n * if the staker or their delegated operator has experienced slashing.\n * @param __deprecated_withdrawer This field is ignored. The only party that may complete a withdrawal\n * is the staker that originally queued it. Alternate withdrawers are not supported.\n */\n struct QueuedWithdrawalParams {\n IStrategy[] strategies;\n uint256[] depositShares;\n address __deprecated_withdrawer;\n }\n}\n\ninterface IDelegationManagerEvents is IDelegationManagerTypes {\n // @notice Emitted when a new operator registers in EigenLayer and provides their delegation approver.\n event OperatorRegistered(address indexed operator, address delegationApprover);\n\n /// @notice Emitted when an operator updates their delegation approver\n event DelegationApproverUpdated(address indexed operator, address newDelegationApprover);\n\n /**\n * @notice Emitted when @param operator indicates that they are updating their MetadataURI string\n * @dev Note that these strings are *never stored in storage* and are instead purely emitted in events for off-chain indexing\n */\n event OperatorMetadataURIUpdated(address indexed operator, string metadataURI);\n\n /// @notice Emitted whenever an operator's shares are increased for a given strategy. Note that shares is the delta in the operator's shares.\n event OperatorSharesIncreased(address indexed operator, address staker, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted whenever an operator's shares are decreased for a given strategy. Note that shares is the delta in the operator's shares.\n event OperatorSharesDecreased(address indexed operator, address staker, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when @param staker delegates to @param operator.\n event StakerDelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when @param staker undelegates from @param operator.\n event StakerUndelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when @param staker is undelegated via a call not originating from the staker themself\n event StakerForceUndelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when a staker's depositScalingFactor is updated\n event DepositScalingFactorUpdated(address staker, IStrategy strategy, uint256 newDepositScalingFactor);\n\n /**\n * @notice Emitted when a new withdrawal is queued.\n * @param withdrawalRoot Is the hash of the `withdrawal`.\n * @param withdrawal Is the withdrawal itself.\n * @param sharesToWithdraw Is an array of the expected shares that were queued for withdrawal corresponding to the strategies in the `withdrawal`.\n */\n event SlashingWithdrawalQueued(bytes32 withdrawalRoot, Withdrawal withdrawal, uint256[] sharesToWithdraw);\n\n /// @notice Emitted when a queued withdrawal is completed\n event SlashingWithdrawalCompleted(bytes32 withdrawalRoot);\n}\n\n/**\n * @title DelegationManager\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice This is the contract for delegation in EigenLayer. The main functionalities of this contract are\n * - enabling anyone to register as an operator in EigenLayer\n * - allowing operators to specify parameters related to stakers who delegate to them\n * - enabling any staker to delegate its stake to the operator of its choice (a given staker can only delegate to a single operator at a time)\n * - enabling a staker to undelegate its assets from the operator it is delegated to (performed as part of the withdrawal process, initiated through the StrategyManager)\n */\ninterface IDelegationManager is ISignatureUtils, IDelegationManagerErrors, IDelegationManagerEvents {\n /**\n * @dev Initializes the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Registers the caller as an operator in EigenLayer.\n * @param initDelegationApprover is an address that, if set, must provide a signature when stakers delegate\n * to an operator.\n * @param allocationDelay The delay before allocations take effect.\n * @param metadataURI is a URI for the operator's metadata, i.e. a link providing more details on the operator.\n *\n * @dev Once an operator is registered, they cannot 'deregister' as an operator, and they will forever be considered \"delegated to themself\".\n * @dev This function will revert if the caller is already delegated to an operator.\n * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event\n */\n function registerAsOperator(\n address initDelegationApprover,\n uint32 allocationDelay,\n string calldata metadataURI\n ) external;\n\n /**\n * @notice Updates an operator's stored `delegationApprover`.\n * @param operator is the operator to update the delegationApprover for\n * @param newDelegationApprover is the new delegationApprover for the operator\n *\n * @dev The caller must have previously registered as an operator in EigenLayer.\n */\n function modifyOperatorDetails(address operator, address newDelegationApprover) external;\n\n /**\n * @notice Called by an operator to emit an `OperatorMetadataURIUpdated` event indicating the information has updated.\n * @param operator The operator to update metadata for\n * @param metadataURI The URI for metadata associated with an operator\n * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event\n */\n function updateOperatorMetadataURI(address operator, string calldata metadataURI) external;\n\n /**\n * @notice Caller delegates their stake to an operator.\n * @param operator The account (`msg.sender`) is delegating its assets to for use in serving applications built on EigenLayer.\n * @param approverSignatureAndExpiry (optional) Verifies the operator approves of this delegation\n * @param approverSalt (optional) A unique single use value tied to an individual signature.\n * @dev The signature/salt are used ONLY if the operator has configured a delegationApprover.\n * If they have not, these params can be left empty.\n */\n function delegateTo(\n address operator,\n SignatureWithExpiry memory approverSignatureAndExpiry,\n bytes32 approverSalt\n ) external;\n\n /**\n * @notice Undelegates the staker from their operator and queues a withdrawal for all of their shares\n * @param staker The account to be undelegated\n * @return withdrawalRoots The roots of the newly queued withdrawals, if a withdrawal was queued. Returns\n * an empty array if none was queued.\n *\n * @dev Reverts if the `staker` is also an operator, since operators are not allowed to undelegate from themselves.\n * @dev Reverts if the caller is not the staker, nor the operator who the staker is delegated to, nor the operator's specified \"delegationApprover\"\n * @dev Reverts if the `staker` is not delegated to an operator\n */\n function undelegate(\n address staker\n ) external returns (bytes32[] memory withdrawalRoots);\n\n /**\n * @notice Undelegates the staker from their current operator, and redelegates to `newOperator`\n * Queues a withdrawal for all of the staker's withdrawable shares. These shares will only be\n * delegated to `newOperator` AFTER the withdrawal is completed.\n * @dev This method acts like a call to `undelegate`, then `delegateTo`\n * @param newOperator the new operator that will be delegated all assets\n * @dev NOTE: the following 2 params are ONLY checked if `newOperator` has a `delegationApprover`.\n * If not, they can be left empty.\n * @param newOperatorApproverSig A signature from the operator's `delegationApprover`\n * @param approverSalt A unique single use value tied to the approver's signature\n */\n function redelegate(\n address newOperator,\n SignatureWithExpiry memory newOperatorApproverSig,\n bytes32 approverSalt\n ) external returns (bytes32[] memory withdrawalRoots);\n\n /**\n * @notice Allows a staker to queue a withdrawal of their deposit shares. The withdrawal can be\n * completed after the MIN_WITHDRAWAL_DELAY_BLOCKS via either of the completeQueuedWithdrawal methods.\n *\n * While in the queue, these shares are removed from the staker's balance, as well as from their operator's\n * delegated share balance (if applicable). Note that while in the queue, deposit shares are still subject\n * to slashing. If any slashing has occurred, the shares received may be less than the queued deposit shares.\n *\n * @dev To view all the staker's strategies/deposit shares that can be queued for withdrawal, see `getDepositedShares`\n * @dev To view the current coversion between a staker's deposit shares and withdrawable shares, see `getWithdrawableShares`\n */\n function queueWithdrawals(\n QueuedWithdrawalParams[] calldata params\n ) external returns (bytes32[] memory);\n\n /**\n * @notice Used to complete a queued withdrawal\n * @param withdrawal The withdrawal to complete\n * @param tokens Array in which the i-th entry specifies the `token` input to the 'withdraw' function of the i-th Strategy in the `withdrawal.strategies` array.\n * @param tokens For each `withdrawal.strategies`, the underlying token of the strategy\n * NOTE: if `receiveAsTokens` is false, the `tokens` array is unused and can be filled with default values. However, `tokens.length` MUST still be equal to `withdrawal.strategies.length`.\n * NOTE: For the `beaconChainETHStrategy`, the corresponding `tokens` value is ignored (can be 0).\n * @param receiveAsTokens If true, withdrawn shares will be converted to tokens and sent to the caller. If false, the caller receives shares that can be delegated to an operator.\n * NOTE: if the caller receives shares and is currently delegated to an operator, the received shares are\n * automatically delegated to the caller's current operator.\n */\n function completeQueuedWithdrawal(\n Withdrawal calldata withdrawal,\n IERC20[] calldata tokens,\n bool receiveAsTokens\n ) external;\n\n /**\n * @notice Used to complete multiple queued withdrawals\n * @param withdrawals Array of Withdrawals to complete. See `completeQueuedWithdrawal` for the usage of a single Withdrawal.\n * @param tokens Array of tokens for each Withdrawal. See `completeQueuedWithdrawal` for the usage of a single array.\n * @param receiveAsTokens Whether or not to complete each withdrawal as tokens. See `completeQueuedWithdrawal` for the usage of a single boolean.\n * @dev See `completeQueuedWithdrawal` for relevant dev tags\n */\n function completeQueuedWithdrawals(\n Withdrawal[] calldata withdrawals,\n IERC20[][] calldata tokens,\n bool[] calldata receiveAsTokens\n ) external;\n\n /**\n * @notice Called by a share manager when a staker's deposit share balance in a strategy increases.\n * This method delegates any new shares to an operator (if applicable), and updates the staker's\n * deposit scaling factor regardless.\n * @param staker The address whose deposit shares have increased\n * @param strategy The strategy in which shares have been deposited\n * @param prevDepositShares The number of deposit shares the staker had in the strategy prior to the increase\n * @param addedShares The number of deposit shares added by the staker\n *\n * @dev Note that if the either the staker's current operator has been slashed 100% for `strategy`, OR the\n * staker has been slashed 100% on the beacon chain such that the calculated slashing factor is 0, this\n * method WILL REVERT.\n */\n function increaseDelegatedShares(\n address staker,\n IStrategy strategy,\n uint256 prevDepositShares,\n uint256 addedShares\n ) external;\n\n /**\n * @notice If the staker is delegated, decreases its operator's shares in response to\n * a decrease in balance in the beaconChainETHStrategy\n * @param staker the staker whose operator's balance will be decreased\n * @param curDepositShares the current deposit shares held by the staker\n * @param beaconChainSlashingFactorDecrease the amount that the staker's beaconChainSlashingFactor has decreased by\n * @dev Note: `beaconChainSlashingFactorDecrease` are assumed to ALWAYS be < 1 WAD.\n * These invariants are maintained in the EigenPodManager.\n */\n function decreaseDelegatedShares(\n address staker,\n uint256 curDepositShares,\n uint64 beaconChainSlashingFactorDecrease\n ) external;\n\n /**\n * @notice Decreases the operators shares in storage after a slash and increases the burnable shares by calling\n * into either the StrategyManager or EigenPodManager (if the strategy is beaconChainETH).\n * @param operator The operator to decrease shares for\n * @param strategy The strategy to decrease shares for\n * @param prevMaxMagnitude the previous maxMagnitude of the operator\n * @param newMaxMagnitude the new maxMagnitude of the operator\n * @dev Callable only by the AllocationManager\n * @dev Note: Assumes `prevMaxMagnitude <= newMaxMagnitude`. This invariant is maintained in\n * the AllocationManager.\n */\n function slashOperatorShares(\n address operator,\n IStrategy strategy,\n uint64 prevMaxMagnitude,\n uint64 newMaxMagnitude\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n\n /**\n * @notice returns the address of the operator that `staker` is delegated to.\n * @notice Mapping: staker => operator whom the staker is currently delegated to.\n * @dev Note that returning address(0) indicates that the staker is not actively delegated to any operator.\n */\n function delegatedTo(\n address staker\n ) external view returns (address);\n\n /**\n * @notice Mapping: delegationApprover => 32-byte salt => whether or not the salt has already been used by the delegationApprover.\n * @dev Salts are used in the `delegateTo` function. Note that this function only processes the delegationApprover's\n * signature + the provided salt if the operator being delegated to has specified a nonzero address as their `delegationApprover`.\n */\n function delegationApproverSaltIsSpent(address _delegationApprover, bytes32 salt) external view returns (bool);\n\n /// @notice Mapping: staker => cumulative number of queued withdrawals they have ever initiated.\n /// @dev This only increments (doesn't decrement), and is used to help ensure that otherwise identical withdrawals have unique hashes.\n function cumulativeWithdrawalsQueued(\n address staker\n ) external view returns (uint256);\n\n /**\n * @notice Returns 'true' if `staker` *is* actively delegated, and 'false' otherwise.\n */\n function isDelegated(\n address staker\n ) external view returns (bool);\n\n /**\n * @notice Returns true is an operator has previously registered for delegation.\n */\n function isOperator(\n address operator\n ) external view returns (bool);\n\n /**\n * @notice Returns the delegationApprover account for an operator\n */\n function delegationApprover(\n address operator\n ) external view returns (address);\n\n /**\n * @notice Returns the shares that an operator has delegated to them in a set of strategies\n * @param operator the operator to get shares for\n * @param strategies the strategies to get shares for\n */\n function getOperatorShares(\n address operator,\n IStrategy[] memory strategies\n ) external view returns (uint256[] memory);\n\n /**\n * @notice Returns the shares that a set of operators have delegated to them in a set of strategies\n * @param operators the operators to get shares for\n * @param strategies the strategies to get shares for\n */\n function getOperatorsShares(\n address[] memory operators,\n IStrategy[] memory strategies\n ) external view returns (uint256[][] memory);\n\n /**\n * @notice Returns amount of withdrawable shares from an operator for a strategy that is still in the queue\n * and therefore slashable. Note that the *actual* slashable amount could be less than this value as this doesn't account\n * for amounts that have already been slashed. This assumes that none of the shares have been slashed.\n * @param operator the operator to get shares for\n * @param strategy the strategy to get shares for\n * @return the amount of shares that are slashable in the withdrawal queue for an operator and a strategy\n */\n function getSlashableSharesInQueue(address operator, IStrategy strategy) external view returns (uint256);\n\n /**\n * @notice Given a staker and a set of strategies, return the shares they can queue for withdrawal and the\n * corresponding depositShares.\n * This value depends on which operator the staker is delegated to.\n * The shares amount returned is the actual amount of Strategy shares the staker would receive (subject\n * to each strategy's underlying shares to token ratio).\n */\n function getWithdrawableShares(\n address staker,\n IStrategy[] memory strategies\n ) external view returns (uint256[] memory withdrawableShares, uint256[] memory depositShares);\n\n /**\n * @notice Returns the number of shares in storage for a staker and all their strategies\n */\n function getDepositedShares(\n address staker\n ) external view returns (IStrategy[] memory, uint256[] memory);\n\n /**\n * @notice Returns the scaling factor applied to a staker's deposits for a given strategy\n */\n function depositScalingFactor(address staker, IStrategy strategy) external view returns (uint256);\n\n /// @notice Returns the Withdrawal associated with a `withdrawalRoot`, if it exists. NOTE that\n /// withdrawals queued before the slashing release can NOT be queried with this method.\n function getQueuedWithdrawal(\n bytes32 withdrawalRoot\n ) external view returns (Withdrawal memory);\n\n /// @notice Returns a list of pending queued withdrawals for a `staker`, and the `shares` to be withdrawn.\n function getQueuedWithdrawals(\n address staker\n ) external view returns (Withdrawal[] memory withdrawals, uint256[][] memory shares);\n\n /// @notice Returns a list of queued withdrawal roots for the `staker`.\n /// NOTE that this only returns withdrawals queued AFTER the slashing release.\n function getQueuedWithdrawalRoots(\n address staker\n ) external view returns (bytes32[] memory);\n\n /**\n * @notice Converts shares for a set of strategies to deposit shares, likely in order to input into `queueWithdrawals`\n * @param staker the staker to convert shares for\n * @param strategies the strategies to convert shares for\n * @param withdrawableShares the shares to convert\n * @return the deposit shares\n * @dev will be a few wei off due to rounding errors\n */\n function convertToDepositShares(\n address staker,\n IStrategy[] memory strategies,\n uint256[] memory withdrawableShares\n ) external view returns (uint256[] memory);\n\n /// @notice Returns the keccak256 hash of `withdrawal`.\n function calculateWithdrawalRoot(\n Withdrawal memory withdrawal\n ) external pure returns (bytes32);\n\n /**\n * @notice Calculates the digest hash to be signed by the operator's delegationApprove and used in the `delegateTo` function.\n * @param staker The account delegating their stake\n * @param operator The account receiving delegated stake\n * @param _delegationApprover the operator's `delegationApprover` who will be signing the delegationHash (in general)\n * @param approverSalt A unique and single use value associated with the approver signature.\n * @param expiry Time after which the approver's signature becomes invalid\n */\n function calculateDelegationApprovalDigestHash(\n address staker,\n address operator,\n address _delegationApprover,\n bytes32 approverSalt,\n uint256 expiry\n ) external view returns (bytes32);\n\n /// @notice return address of the beaconChainETHStrategy\n function beaconChainETHStrategy() external view returns (IStrategy);\n\n /**\n * @notice Returns the minimum withdrawal delay in blocks to pass for withdrawals queued to be completable.\n * Also applies to legacy withdrawals so any withdrawals not completed prior to the slashing upgrade will be subject\n * to this longer delay.\n * @dev Backwards-compatible interface to return the internal `MIN_WITHDRAWAL_DELAY_BLOCKS` value\n * @dev Previous value in storage was deprecated. See `__deprecated_minWithdrawalDelayBlocks`\n */\n function minWithdrawalDelayBlocks() external view returns (uint32);\n\n /// @notice The EIP-712 typehash for the DelegationApproval struct used by the contract\n function DELEGATION_APPROVAL_TYPEHASH() external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IStrategyManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./IStrategy.sol\";\nimport \"./IShareManager.sol\";\nimport \"./IDelegationManager.sol\";\nimport \"./IEigenPodManager.sol\";\n\ninterface IStrategyManagerErrors {\n /// @dev Thrown when total strategies deployed exceeds max.\n error MaxStrategiesExceeded();\n /// @dev Thrown when call attempted from address that's not delegation manager.\n error OnlyDelegationManager();\n /// @dev Thrown when call attempted from address that's not strategy whitelister.\n error OnlyStrategyWhitelister();\n /// @dev Thrown when provided `shares` amount is too high.\n error SharesAmountTooHigh();\n /// @dev Thrown when provided `shares` amount is zero.\n error SharesAmountZero();\n /// @dev Thrown when provided `staker` address is null.\n error StakerAddressZero();\n /// @dev Thrown when provided `strategy` not found.\n error StrategyNotFound();\n /// @dev Thrown when attempting to deposit to a non-whitelisted strategy.\n error StrategyNotWhitelisted();\n}\n\ninterface IStrategyManagerEvents {\n /**\n * @notice Emitted when a new deposit occurs on behalf of `staker`.\n * @param staker Is the staker who is depositing funds into EigenLayer.\n * @param strategy Is the strategy that `staker` has deposited into.\n * @param token Is the token that `staker` deposited.\n * @param shares Is the number of new shares `staker` has been granted in `strategy`.\n */\n event Deposit(address staker, IERC20 token, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when the `strategyWhitelister` is changed\n event StrategyWhitelisterChanged(address previousAddress, address newAddress);\n\n /// @notice Emitted when a strategy is added to the approved list of strategies for deposit\n event StrategyAddedToDepositWhitelist(IStrategy strategy);\n\n /// @notice Emitted when a strategy is removed from the approved list of strategies for deposit\n event StrategyRemovedFromDepositWhitelist(IStrategy strategy);\n\n /// @notice Emitted when an operator is slashed and shares to be burned are increased\n event BurnableSharesIncreased(IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when shares are burned\n event BurnableSharesDecreased(IStrategy strategy, uint256 shares);\n}\n\n/**\n * @title Interface for the primary entrypoint for funds into EigenLayer.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice See the `StrategyManager` contract itself for implementation details.\n */\ninterface IStrategyManager is IStrategyManagerErrors, IStrategyManagerEvents, IShareManager {\n /**\n * @notice Initializes the strategy manager contract. Sets the `pauserRegistry` (currently **not** modifiable after being set),\n * and transfers contract ownership to the specified `initialOwner`.\n * @param initialOwner Ownership of this contract is transferred to this address.\n * @param initialStrategyWhitelister The initial value of `strategyWhitelister` to set.\n * @param initialPausedStatus The initial value of `_paused` to set.\n */\n function initialize(\n address initialOwner,\n address initialStrategyWhitelister,\n uint256 initialPausedStatus\n ) external;\n\n /**\n * @notice Deposits `amount` of `token` into the specified `strategy` and credits shares to the caller\n * @param strategy the strategy that handles `token`\n * @param token the token from which the `amount` will be transferred\n * @param amount the number of tokens to deposit\n * @return depositShares the number of deposit shares credited to the caller\n * @dev The caller must have previously approved this contract to transfer at least `amount` of `token` on their behalf.\n *\n * WARNING: Be extremely cautious when depositing tokens that do not strictly adhere to ERC20 standards.\n * Tokens that diverge significantly from ERC20 norms can cause unexpected behavior in token balances for\n * that strategy, e.g. ERC-777 tokens allowing cross-contract reentrancy.\n */\n function depositIntoStrategy(\n IStrategy strategy,\n IERC20 token,\n uint256 amount\n ) external returns (uint256 depositShares);\n\n /**\n * @notice Deposits `amount` of `token` into the specified `strategy` and credits shares to the `staker`\n * Note tokens are transferred from `msg.sender`, NOT from `staker`. This method allows the caller, using a\n * signature, to deposit their tokens to another staker's balance.\n * @param strategy the strategy that handles `token`\n * @param token the token from which the `amount` will be transferred\n * @param amount the number of tokens to transfer from the caller to the strategy\n * @param staker the staker that the deposited assets will be credited to\n * @param expiry the timestamp at which the signature expires\n * @param signature a valid ECDSA or EIP-1271 signature from `staker`\n * @return depositShares the number of deposit shares credited to `staker`\n * @dev The caller must have previously approved this contract to transfer at least `amount` of `token` on their behalf.\n *\n * WARNING: Be extremely cautious when depositing tokens that do not strictly adhere to ERC20 standards.\n * Tokens that diverge significantly from ERC20 norms can cause unexpected behavior in token balances for\n * that strategy, e.g. ERC-777 tokens allowing cross-contract reentrancy.\n */\n function depositIntoStrategyWithSignature(\n IStrategy strategy,\n IERC20 token,\n uint256 amount,\n address staker,\n uint256 expiry,\n bytes memory signature\n ) external returns (uint256 depositShares);\n\n /**\n * @notice Burns Strategy shares for the given strategy by calling into the strategy to transfer\n * to the default burn address.\n * @param strategy The strategy to burn shares in.\n */\n function burnShares(\n IStrategy strategy\n ) external;\n\n /**\n * @notice Owner-only function to change the `strategyWhitelister` address.\n * @param newStrategyWhitelister new address for the `strategyWhitelister`.\n */\n function setStrategyWhitelister(\n address newStrategyWhitelister\n ) external;\n\n /**\n * @notice Owner-only function that adds the provided Strategies to the 'whitelist' of strategies that stakers can deposit into\n * @param strategiesToWhitelist Strategies that will be added to the `strategyIsWhitelistedForDeposit` mapping (if they aren't in it already)\n */\n function addStrategiesToDepositWhitelist(\n IStrategy[] calldata strategiesToWhitelist\n ) external;\n\n /**\n * @notice Owner-only function that removes the provided Strategies from the 'whitelist' of strategies that stakers can deposit into\n * @param strategiesToRemoveFromWhitelist Strategies that will be removed to the `strategyIsWhitelistedForDeposit` mapping (if they are in it)\n */\n function removeStrategiesFromDepositWhitelist(\n IStrategy[] calldata strategiesToRemoveFromWhitelist\n ) external;\n\n /// @notice Returns bool for whether or not `strategy` is whitelisted for deposit\n function strategyIsWhitelistedForDeposit(\n IStrategy strategy\n ) external view returns (bool);\n\n /**\n * @notice Get all details on the staker's deposits and corresponding shares\n * @return (staker's strategies, shares in these strategies)\n */\n function getDeposits(\n address staker\n ) external view returns (IStrategy[] memory, uint256[] memory);\n\n function getStakerStrategyList(\n address staker\n ) external view returns (IStrategy[] memory);\n\n /// @notice Simple getter function that returns `stakerStrategyList[staker].length`.\n function stakerStrategyListLength(\n address staker\n ) external view returns (uint256);\n\n /// @notice Returns the current shares of `user` in `strategy`\n function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 shares);\n\n /// @notice Returns the single, central Delegation contract of EigenLayer\n function delegation() external view returns (IDelegationManager);\n\n /// @notice Returns the address of the `strategyWhitelister`\n function strategyWhitelister() external view returns (address);\n\n /**\n * @param staker The address of the staker.\n * @param strategy The strategy to deposit into.\n * @param token The token to deposit.\n * @param amount The amount of `token` to deposit.\n * @param nonce The nonce of the staker.\n * @param expiry The expiry of the signature.\n * @return The EIP-712 signable digest hash.\n */\n function calculateStrategyDepositDigestHash(\n address staker,\n IStrategy strategy,\n IERC20 token,\n uint256 amount,\n uint256 nonce,\n uint256 expiry\n ) external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./ISignatureUtils.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./IStrategy.sol\";\n\ninterface IAVSDirectoryErrors {\n /// Operator Status\n\n /// @dev Thrown when an operator does not exist in the DelegationManager\n error OperatorNotRegisteredToEigenLayer();\n /// @dev Thrown when an operator is already registered to an AVS.\n error OperatorNotRegisteredToAVS();\n /// @dev Thrown when `operator` is already registered to the AVS.\n error OperatorAlreadyRegisteredToAVS();\n /// @dev Thrown when attempting to spend a spent eip-712 salt.\n error SaltSpent();\n}\n\ninterface IAVSDirectoryTypes {\n /// @notice Enum representing the registration status of an operator with an AVS.\n /// @notice Only used by legacy M2 AVSs that have not integrated with operatorSets.\n enum OperatorAVSRegistrationStatus {\n UNREGISTERED, // Operator not registered to AVS\n REGISTERED // Operator registered to AVS\n\n }\n\n /**\n * @notice Struct representing the registration status of an operator with an operator set.\n * Keeps track of last deregistered timestamp for slashability concerns.\n * @param registered whether the operator is registered with the operator set\n * @param lastDeregisteredTimestamp the timestamp at which the operator was last deregistered\n */\n struct OperatorSetRegistrationStatus {\n bool registered;\n uint32 lastDeregisteredTimestamp;\n }\n}\n\ninterface IAVSDirectoryEvents is IAVSDirectoryTypes {\n /**\n * @notice Emitted when an operator's registration status with an AVS id udpated\n * @notice Only used by legacy M2 AVSs that have not integrated with operatorSets.\n */\n event OperatorAVSRegistrationStatusUpdated(\n address indexed operator, address indexed avs, OperatorAVSRegistrationStatus status\n );\n\n /// @notice Emitted when an AVS updates their metadata URI (Uniform Resource Identifier).\n /// @dev The URI is never stored; it is simply emitted through an event for off-chain indexing.\n event AVSMetadataURIUpdated(address indexed avs, string metadataURI);\n}\n\ninterface IAVSDirectory is IAVSDirectoryEvents, IAVSDirectoryErrors, ISignatureUtils {\n /**\n *\n * EXTERNAL FUNCTIONS\n *\n */\n\n /**\n * @dev Initializes the addresses of the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated.\n *\n * @param metadataURI The URI for metadata associated with an AVS.\n *\n * @dev Note that the `metadataURI` is *never stored* and is only emitted in the `AVSMetadataURIUpdated` event.\n */\n function updateAVSMetadataURI(\n string calldata metadataURI\n ) external;\n\n /**\n * @notice Called by an operator to cancel a salt that has been used to register with an AVS.\n *\n * @param salt A unique and single use value associated with the approver signature.\n */\n function cancelSalt(\n bytes32 salt\n ) external;\n\n /**\n * @notice Legacy function called by the AVS's service manager contract\n * to register an operator with the AVS. NOTE: this function will be deprecated in a future release\n * after the slashing release. New AVSs should use `registerForOperatorSets` instead.\n *\n * @param operator The address of the operator to register.\n * @param operatorSignature The signature, salt, and expiry of the operator's signature.\n *\n * @dev msg.sender must be the AVS.\n * @dev Only used by legacy M2 AVSs that have not integrated with operator sets.\n */\n function registerOperatorToAVS(\n address operator,\n ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature\n ) external;\n\n /**\n * @notice Legacy function called by an AVS to deregister an operator from the AVS.\n * NOTE: this function will be deprecated in a future release after the slashing release.\n * New AVSs integrating should use `deregisterOperatorFromOperatorSets` instead.\n *\n * @param operator The address of the operator to deregister.\n *\n * @dev Only used by legacy M2 AVSs that have not integrated with operator sets.\n */\n function deregisterOperatorFromAVS(\n address operator\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n function operatorSaltIsSpent(address operator, bytes32 salt) external view returns (bool);\n\n /**\n * @notice Calculates the digest hash to be signed by an operator to register with an AVS.\n *\n * @param operator The account registering as an operator.\n * @param avs The AVS the operator is registering with.\n * @param salt A unique and single-use value associated with the approver's signature.\n * @param expiry The time after which the approver's signature becomes invalid.\n */\n function calculateOperatorAVSRegistrationDigestHash(\n address operator,\n address avs,\n bytes32 salt,\n uint256 expiry\n ) external view returns (bytes32);\n\n /// @notice The EIP-712 typehash for the Registration struct used by the contract.\n function OPERATOR_AVS_REGISTRATION_TYPEHASH() external view returns (bytes32);\n\n /// @notice The EIP-712 typehash for the OperatorSetRegistration struct used by the contract.\n function OPERATOR_SET_REGISTRATION_TYPEHASH() external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAVSRegistrar.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\ninterface IAVSRegistrar {\n /**\n * @notice Called by the AllocationManager when an operator wants to register\n * for one or more operator sets. This method should revert if registration\n * is unsuccessful.\n * @param operator the registering operator\n * @param operatorSetIds the list of operator set ids being registered for\n * @param data arbitrary data the operator can provide as part of registration\n */\n function registerOperator(address operator, uint32[] calldata operatorSetIds, bytes calldata data) external;\n\n /**\n * @notice Called by the AllocationManager when an operator is deregistered from\n * one or more operator sets. If this method reverts, it is ignored.\n * @param operator the deregistering operator\n * @param operatorSetIds the list of operator set ids being deregistered from\n */\n function deregisterOperator(address operator, uint32[] calldata operatorSetIds) external;\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IStrategy.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\nimport \"../libraries/SlashingLib.sol\";\n\ninterface IStrategyErrors {\n /// @dev Thrown when called by an account that is not strategy manager.\n error OnlyStrategyManager();\n /// @dev Thrown when new shares value is zero.\n error NewSharesZero();\n /// @dev Thrown when total shares exceeds max.\n error TotalSharesExceedsMax();\n /// @dev Thrown when amount shares is greater than total shares.\n error WithdrawalAmountExceedsTotalDeposits();\n /// @dev Thrown when attempting an action with a token that is not accepted.\n error OnlyUnderlyingToken();\n\n /// StrategyBaseWithTVLLimits\n\n /// @dev Thrown when `maxPerDeposit` exceeds max.\n error MaxPerDepositExceedsMax();\n /// @dev Thrown when balance exceeds max total deposits.\n error BalanceExceedsMaxTotalDeposits();\n}\n\ninterface IStrategyEvents {\n /**\n * @notice Used to emit an event for the exchange rate between 1 share and underlying token in a strategy contract\n * @param rate is the exchange rate in wad 18 decimals\n * @dev Tokens that do not have 18 decimals must have offchain services scale the exchange rate by the proper magnitude\n */\n event ExchangeRateEmitted(uint256 rate);\n\n /**\n * Used to emit the underlying token and its decimals on strategy creation\n * @notice token\n * @param token is the ERC20 token of the strategy\n * @param decimals are the decimals of the ERC20 token in the strategy\n */\n event StrategyTokenSet(IERC20 token, uint8 decimals);\n}\n\n/**\n * @title Minimal interface for an `Strategy` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice Custom `Strategy` implementations may expand extensively on this interface.\n */\ninterface IStrategy is IStrategyErrors, IStrategyEvents {\n /**\n * @notice Used to deposit tokens into this Strategy\n * @param token is the ERC20 token being deposited\n * @param amount is the amount of token being deposited\n * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's\n * `depositIntoStrategy` function, and individual share balances are recorded in the strategyManager as well.\n * @return newShares is the number of new shares issued at the current exchange ratio.\n */\n function deposit(IERC20 token, uint256 amount) external returns (uint256);\n\n /**\n * @notice Used to withdraw tokens from this Strategy, to the `recipient`'s address\n * @param recipient is the address to receive the withdrawn funds\n * @param token is the ERC20 token being transferred out\n * @param amountShares is the amount of shares being withdrawn\n * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's\n * other functions, and individual share balances are recorded in the strategyManager as well.\n */\n function withdraw(address recipient, IERC20 token, uint256 amountShares) external;\n\n /**\n * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy.\n * @notice In contrast to `sharesToUnderlyingView`, this function **may** make state modifications\n * @param amountShares is the amount of shares to calculate its conversion into the underlying token\n * @return The amount of underlying tokens corresponding to the input `amountShares`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function sharesToUnderlying(\n uint256 amountShares\n ) external returns (uint256);\n\n /**\n * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy.\n * @notice In contrast to `underlyingToSharesView`, this function **may** make state modifications\n * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares\n * @return The amount of underlying tokens corresponding to the input `amountShares`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function underlyingToShares(\n uint256 amountUnderlying\n ) external returns (uint256);\n\n /**\n * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in\n * this strategy. In contrast to `userUnderlyingView`, this function **may** make state modifications\n */\n function userUnderlying(\n address user\n ) external returns (uint256);\n\n /**\n * @notice convenience function for fetching the current total shares of `user` in this strategy, by\n * querying the `strategyManager` contract\n */\n function shares(\n address user\n ) external view returns (uint256);\n\n /**\n * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy.\n * @notice In contrast to `sharesToUnderlying`, this function guarantees no state modifications\n * @param amountShares is the amount of shares to calculate its conversion into the underlying token\n * @return The amount of shares corresponding to the input `amountUnderlying`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function sharesToUnderlyingView(\n uint256 amountShares\n ) external view returns (uint256);\n\n /**\n * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy.\n * @notice In contrast to `underlyingToShares`, this function guarantees no state modifications\n * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares\n * @return The amount of shares corresponding to the input `amountUnderlying`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function underlyingToSharesView(\n uint256 amountUnderlying\n ) external view returns (uint256);\n\n /**\n * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in\n * this strategy. In contrast to `userUnderlying`, this function guarantees no state modifications\n */\n function userUnderlyingView(\n address user\n ) external view returns (uint256);\n\n /// @notice The underlying token for shares in this Strategy\n function underlyingToken() external view returns (IERC20);\n\n /// @notice The total number of extant shares in this Strategy\n function totalShares() external view returns (uint256);\n\n /// @notice Returns either a brief string explaining the strategy's goal & purpose, or a link to metadata that explains in more detail.\n function explanation() external view returns (string memory);\n}\n" - }, - "src/interfaces/IRestakingMiddlewareV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\n/// @title IBoltRestakingMiddlewareV1\n/// @notice An interface for generalized restaking protocol middlewares in Bolt\ninterface IRestakingMiddlewareV1 {\n function NAME_HASH() external view returns (bytes32);\n\n function getOperatorCollaterals(\n address operator\n ) external view returns (address[] memory, uint256[] memory);\n\n function getOperatorStake(address operator, address collateral) external view returns (uint256);\n}\n" - }, - "src/interfaces/IOperatorsRegistryV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\nimport {IRestakingMiddlewareV1} from \"./IRestakingMiddlewareV1.sol\";\n\n/// @title IOperatorsRegistryV1\n/// @notice An interface for the OperatorsRegistryV1 contract\ninterface IOperatorsRegistryV1 {\n /// @notice Operator struct\n struct Operator {\n address signer;\n string rpcEndpoint;\n address restakingMiddleware;\n string extraData;\n }\n\n /// @notice Emitted when a new operator is registered\n /// @param signer The address of the operator\n /// @param rpcEndpoint The rpc endpoint of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorRegistered(address signer, string rpcEndpoint, address restakingMiddleware, string extraData);\n\n /// @notice Emitted when an operator is deregistered\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorDeregistered(address signer, address restakingMiddleware);\n\n /// @notice Emitted when an operator is paused\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorPaused(address signer, address restakingMiddleware);\n\n /// @notice Emitted when an operator is unpaused\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorUnpaused(address signer, address restakingMiddleware);\n\n /// @notice Returns the start timestamp of the registry contract\n function START_TIMESTAMP() external view returns (uint48);\n\n /// @notice Returns the duration of an epoch in seconds\n function EPOCH_DURATION() external view returns (uint48);\n\n /// @notice Returns the address of the EigenLayer restaking middleware\n function EIGENLAYER_RESTAKING_MIDDLEWARE() external view returns (IRestakingMiddlewareV1);\n\n /// @notice Returns the address of the Symbiotic restaking middleware\n function SYMBIOTIC_RESTAKING_MIDDLEWARE() external view returns (IRestakingMiddlewareV1);\n\n /// @notice Register an operator in the registry\n /// @param signer The address of the operator\n /// @param rpcEndpoint The rpc endpoint of the operator\n /// @param extraData Arbitrary data the operator can provide as part of registration\n function registerOperator(address signer, string memory rpcEndpoint, string memory extraData) external;\n\n /// @notice Deregister an operator from the registry\n /// @param signer The address of the operator\n function deregisterOperator(\n address signer\n ) external;\n\n /// @notice Update the rpc endpoint of an operator\n /// @param signer The address of the operator\n /// @param rpcEndpoint The new rpc endpoint\n /// @dev Only restaking middleware contracts can call this function\n function updateOperatorRpcEndpoint(address signer, string memory rpcEndpoint) external;\n\n /// @notice Pause an operator in the registry\n /// @param signer The address of the operator\n function pauseOperator(\n address signer\n ) external;\n\n /// @notice Unpause an operator in the registry, marking them as \"active\"\n /// @param signer The address of the operator\n function unpauseOperator(\n address signer\n ) external;\n\n /// @notice Returns all the operators saved in the registry, including inactive ones.\n /// @return operators The array of operators\n function getAllOperators() external view returns (Operator[] memory);\n\n /// @notice Returns the active operators in the registry.\n /// @return operators The array of active operators.\n function getActiveOperators() external view returns (Operator[] memory);\n\n /// @notice Returns true if the given address is an operator in the registry.\n /// @param signer The address of the operator.\n /// @return isOperator True if the address is an operator, false otherwise.\n function isOperator(\n address signer\n ) external view returns (bool);\n\n /// @notice Returns true if the given operator is registered AND active.\n /// @param signer The address of the operator\n /// @return isActiveOperator True if the operator is active, false otherwise.\n function isActiveOperator(\n address signer\n ) external view returns (bool);\n\n /// @notice Cleans up any expired operators (i.e. paused + IMMUTABLE_PERIOD has passed).\n function cleanup() external;\n\n /// @notice Returns the timestamp of when the current epoch started\n function getCurrentEpochStartTimestamp() external view returns (uint48);\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/utils/ContextUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)\n\npragma solidity ^0.8.20;\nimport {Initializable} from \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Provides information about the current execution context, including the\n * sender of the transaction and its data. While these are generally available\n * via msg.sender and msg.data, they should not be accessed in such a direct\n * manner, since when dealing with meta-transactions the account sending and\n * paying for execution may not be the actual sender (as far as an application\n * is concerned).\n *\n * This contract is only required for intermediate, library-like contracts.\n */\nabstract contract ContextUpgradeable is Initializable {\n function __Context_init() internal onlyInitializing {\n }\n\n function __Context_init_unchained() internal onlyInitializing {\n }\n function _msgSender() internal view virtual returns (address) {\n return msg.sender;\n }\n\n function _msgData() internal view virtual returns (bytes calldata) {\n return msg.data;\n }\n\n function _contextSuffixLength() internal view virtual returns (uint256) {\n return 0;\n }\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed\n * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an\n * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer\n * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.\n *\n * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be\n * reused. This mechanism prevents re-execution of each \"step\" but allows the creation of new initialization steps in\n * case an upgrade adds a module that needs to be initialized.\n *\n * For example:\n *\n * [.hljs-theme-light.nopadding]\n * ```solidity\n * contract MyToken is ERC20Upgradeable {\n * function initialize() initializer public {\n * __ERC20_init(\"MyToken\", \"MTK\");\n * }\n * }\n *\n * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {\n * function initializeV2() reinitializer(2) public {\n * __ERC20Permit_init(\"MyToken\");\n * }\n * }\n * ```\n *\n * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as\n * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.\n *\n * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure\n * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.\n *\n * [CAUTION]\n * ====\n * Avoid leaving a contract uninitialized.\n *\n * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation\n * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke\n * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * /// @custom:oz-upgrades-unsafe-allow constructor\n * constructor() {\n * _disableInitializers();\n * }\n * ```\n * ====\n */\nabstract contract Initializable {\n /**\n * @dev Storage of the initializable contract.\n *\n * It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions\n * when using with upgradeable contracts.\n *\n * @custom:storage-location erc7201:openzeppelin.storage.Initializable\n */\n struct InitializableStorage {\n /**\n * @dev Indicates that the contract has been initialized.\n */\n uint64 _initialized;\n /**\n * @dev Indicates that the contract is in the process of being initialized.\n */\n bool _initializing;\n }\n\n // keccak256(abi.encode(uint256(keccak256(\"openzeppelin.storage.Initializable\")) - 1)) & ~bytes32(uint256(0xff))\n bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;\n\n /**\n * @dev The contract is already initialized.\n */\n error InvalidInitialization();\n\n /**\n * @dev The contract is not initializing.\n */\n error NotInitializing();\n\n /**\n * @dev Triggered when the contract has been initialized or reinitialized.\n */\n event Initialized(uint64 version);\n\n /**\n * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,\n * `onlyInitializing` functions can be used to initialize parent contracts.\n *\n * Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any\n * number of times. This behavior in the constructor can be useful during testing and is not expected to be used in\n * production.\n *\n * Emits an {Initialized} event.\n */\n modifier initializer() {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n // Cache values to avoid duplicated sloads\n bool isTopLevelCall = !$._initializing;\n uint64 initialized = $._initialized;\n\n // Allowed calls:\n // - initialSetup: the contract is not in the initializing state and no previous version was\n // initialized\n // - construction: the contract is initialized at version 1 (no reininitialization) and the\n // current contract is just being deployed\n bool initialSetup = initialized == 0 && isTopLevelCall;\n bool construction = initialized == 1 && address(this).code.length == 0;\n\n if (!initialSetup && !construction) {\n revert InvalidInitialization();\n }\n $._initialized = 1;\n if (isTopLevelCall) {\n $._initializing = true;\n }\n _;\n if (isTopLevelCall) {\n $._initializing = false;\n emit Initialized(1);\n }\n }\n\n /**\n * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the\n * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be\n * used to initialize parent contracts.\n *\n * A reinitializer may be used after the original initialization step. This is essential to configure modules that\n * are added through upgrades and that require initialization.\n *\n * When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`\n * cannot be nested. If one is invoked in the context of another, execution will revert.\n *\n * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in\n * a contract, executing them in the right order is up to the developer or operator.\n *\n * WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.\n *\n * Emits an {Initialized} event.\n */\n modifier reinitializer(uint64 version) {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n if ($._initializing || $._initialized >= version) {\n revert InvalidInitialization();\n }\n $._initialized = version;\n $._initializing = true;\n _;\n $._initializing = false;\n emit Initialized(version);\n }\n\n /**\n * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the\n * {initializer} and {reinitializer} modifiers, directly or indirectly.\n */\n modifier onlyInitializing() {\n _checkInitializing();\n _;\n }\n\n /**\n * @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.\n */\n function _checkInitializing() internal view virtual {\n if (!_isInitializing()) {\n revert NotInitializing();\n }\n }\n\n /**\n * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.\n * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized\n * to any version. It is recommended to use this to lock implementation contracts that are designed to be called\n * through proxies.\n *\n * Emits an {Initialized} event the first time it is successfully executed.\n */\n function _disableInitializers() internal virtual {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n if ($._initializing) {\n revert InvalidInitialization();\n }\n if ($._initialized != type(uint64).max) {\n $._initialized = type(uint64).max;\n emit Initialized(type(uint64).max);\n }\n }\n\n /**\n * @dev Returns the highest version that has been initialized. See {reinitializer}.\n */\n function _getInitializedVersion() internal view returns (uint64) {\n return _getInitializableStorage()._initialized;\n }\n\n /**\n * @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.\n */\n function _isInitializing() internal view returns (bool) {\n return _getInitializableStorage()._initializing;\n }\n\n /**\n * @dev Returns a pointer to the storage namespace.\n */\n // solhint-disable-next-line var-name-mixedcase\n function _getInitializableStorage() private pure returns (InitializableStorage storage $) {\n assembly {\n $.slot := INITIALIZABLE_STORAGE\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/interfaces/draft-IERC1822.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC1822.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev ERC-1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified\n * proxy whose upgrades are fully controlled by the current implementation.\n */\ninterface IERC1822Proxiable {\n /**\n * @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation\n * address.\n *\n * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks\n * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this\n * function revert if invoked through a proxy.\n */\n function proxiableUUID() external view returns (bytes32);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Utils.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (proxy/ERC1967/ERC1967Utils.sol)\n\npragma solidity ^0.8.22;\n\nimport {IBeacon} from \"../beacon/IBeacon.sol\";\nimport {IERC1967} from \"../../interfaces/IERC1967.sol\";\nimport {Address} from \"../../utils/Address.sol\";\nimport {StorageSlot} from \"../../utils/StorageSlot.sol\";\n\n/**\n * @dev This library provides getters and event emitting update functions for\n * https://eips.ethereum.org/EIPS/eip-1967[ERC-1967] slots.\n */\nlibrary ERC1967Utils {\n /**\n * @dev Storage slot with the address of the current implementation.\n * This is the keccak-256 hash of \"eip1967.proxy.implementation\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;\n\n /**\n * @dev The `implementation` of the proxy is invalid.\n */\n error ERC1967InvalidImplementation(address implementation);\n\n /**\n * @dev The `admin` of the proxy is invalid.\n */\n error ERC1967InvalidAdmin(address admin);\n\n /**\n * @dev The `beacon` of the proxy is invalid.\n */\n error ERC1967InvalidBeacon(address beacon);\n\n /**\n * @dev An upgrade function sees `msg.value > 0` that may be lost.\n */\n error ERC1967NonPayable();\n\n /**\n * @dev Returns the current implementation address.\n */\n function getImplementation() internal view returns (address) {\n return StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value;\n }\n\n /**\n * @dev Stores a new address in the ERC-1967 implementation slot.\n */\n function _setImplementation(address newImplementation) private {\n if (newImplementation.code.length == 0) {\n revert ERC1967InvalidImplementation(newImplementation);\n }\n StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value = newImplementation;\n }\n\n /**\n * @dev Performs implementation upgrade with additional setup call if data is nonempty.\n * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected\n * to avoid stuck value in the contract.\n *\n * Emits an {IERC1967-Upgraded} event.\n */\n function upgradeToAndCall(address newImplementation, bytes memory data) internal {\n _setImplementation(newImplementation);\n emit IERC1967.Upgraded(newImplementation);\n\n if (data.length > 0) {\n Address.functionDelegateCall(newImplementation, data);\n } else {\n _checkNonPayable();\n }\n }\n\n /**\n * @dev Storage slot with the admin of the contract.\n * This is the keccak-256 hash of \"eip1967.proxy.admin\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;\n\n /**\n * @dev Returns the current admin.\n *\n * TIP: To get this value clients can read directly from the storage slot shown below (specified by ERC-1967) using\n * the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.\n * `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`\n */\n function getAdmin() internal view returns (address) {\n return StorageSlot.getAddressSlot(ADMIN_SLOT).value;\n }\n\n /**\n * @dev Stores a new address in the ERC-1967 admin slot.\n */\n function _setAdmin(address newAdmin) private {\n if (newAdmin == address(0)) {\n revert ERC1967InvalidAdmin(address(0));\n }\n StorageSlot.getAddressSlot(ADMIN_SLOT).value = newAdmin;\n }\n\n /**\n * @dev Changes the admin of the proxy.\n *\n * Emits an {IERC1967-AdminChanged} event.\n */\n function changeAdmin(address newAdmin) internal {\n emit IERC1967.AdminChanged(getAdmin(), newAdmin);\n _setAdmin(newAdmin);\n }\n\n /**\n * @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.\n * This is the keccak-256 hash of \"eip1967.proxy.beacon\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;\n\n /**\n * @dev Returns the current beacon.\n */\n function getBeacon() internal view returns (address) {\n return StorageSlot.getAddressSlot(BEACON_SLOT).value;\n }\n\n /**\n * @dev Stores a new beacon in the ERC-1967 beacon slot.\n */\n function _setBeacon(address newBeacon) private {\n if (newBeacon.code.length == 0) {\n revert ERC1967InvalidBeacon(newBeacon);\n }\n\n StorageSlot.getAddressSlot(BEACON_SLOT).value = newBeacon;\n\n address beaconImplementation = IBeacon(newBeacon).implementation();\n if (beaconImplementation.code.length == 0) {\n revert ERC1967InvalidImplementation(beaconImplementation);\n }\n }\n\n /**\n * @dev Change the beacon and trigger a setup call if data is nonempty.\n * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected\n * to avoid stuck value in the contract.\n *\n * Emits an {IERC1967-BeaconUpgraded} event.\n *\n * CAUTION: Invoking this function has no effect on an instance of {BeaconProxy} since v5, since\n * it uses an immutable beacon without looking at the value of the ERC-1967 beacon slot for\n * efficiency.\n */\n function upgradeBeaconToAndCall(address newBeacon, bytes memory data) internal {\n _setBeacon(newBeacon);\n emit IERC1967.BeaconUpgraded(newBeacon);\n\n if (data.length > 0) {\n Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);\n } else {\n _checkNonPayable();\n }\n }\n\n /**\n * @dev Reverts if `msg.value` is not zero. It can be used to avoid `msg.value` stuck in the contract\n * if an upgrade doesn't perform an initialization call.\n */\n function _checkNonPayable() private {\n if (msg.value > 0) {\n revert ERC1967NonPayable();\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/math/Math.sol": { - "content": "// SPDX-License-Identifier: MIT\r\n// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)\r\n\r\npragma solidity ^0.8.0;\r\n\r\n/**\r\n * @dev Standard math utilities missing in the Solidity language.\r\n */\r\nlibrary Math {\r\n enum Rounding {\r\n Down, // Toward negative infinity\r\n Up, // Toward infinity\r\n Zero // Toward zero\r\n }\r\n\r\n /**\r\n * @dev Returns the largest of two numbers.\r\n */\r\n function max(uint256 a, uint256 b) internal pure returns (uint256) {\r\n return a \u003e b ? a : b;\r\n }\r\n\r\n /**\r\n * @dev Returns the smallest of two numbers.\r\n */\r\n function min(uint256 a, uint256 b) internal pure returns (uint256) {\r\n return a \u003c b ? a : b;\r\n }\r\n\r\n /**\r\n * @dev Returns the average of two numbers. The result is rounded towards\r\n * zero.\r\n */\r\n function average(uint256 a, uint256 b) internal pure returns (uint256) {\r\n // (a + b) / 2 can overflow.\r\n return (a \u0026 b) + (a ^ b) / 2;\r\n }\r\n\r\n /**\r\n * @dev Returns the ceiling of the division of two numbers.\r\n *\r\n * This differs from standard division with `/` in that it rounds up instead\r\n * of rounding down.\r\n */\r\n function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {\r\n // (a + b - 1) / b can overflow on addition, so we distribute.\r\n return a == 0 ? 0 : (a - 1) / b + 1;\r\n }\r\n\r\n /**\r\n * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0\r\n * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)\r\n * with further edits by Uniswap Labs also under MIT license.\r\n */\r\n function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {\r\n unchecked {\r\n // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use\r\n // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256\r\n // variables such that product = prod1 * 2^256 + prod0.\r\n uint256 prod0; // Least significant 256 bits of the product\r\n uint256 prod1; // Most significant 256 bits of the product\r\n assembly {\r\n let mm := mulmod(x, y, not(0))\r\n prod0 := mul(x, y)\r\n prod1 := sub(sub(mm, prod0), lt(mm, prod0))\r\n }\r\n\r\n // Handle non-overflow cases, 256 by 256 division.\r\n if (prod1 == 0) {\r\n // Solidity will revert if denominator == 0, unlike the div opcode on its own.\r\n // The surrounding unchecked block does not change this fact.\r\n // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.\r\n return prod0 / denominator;\r\n }\r\n\r\n // Make sure the result is less than 2^256. Also prevents denominator == 0.\r\n require(denominator \u003e prod1, \"Math: mulDiv overflow\");\r\n\r\n ///////////////////////////////////////////////\r\n // 512 by 256 division.\r\n ///////////////////////////////////////////////\r\n\r\n // Make division exact by subtracting the remainder from [prod1 prod0].\r\n uint256 remainder;\r\n assembly {\r\n // Compute remainder using mulmod.\r\n remainder := mulmod(x, y, denominator)\r\n\r\n // Subtract 256 bit number from 512 bit number.\r\n prod1 := sub(prod1, gt(remainder, prod0))\r\n prod0 := sub(prod0, remainder)\r\n }\r\n\r\n // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always \u003e= 1.\r\n // See https://cs.stackexchange.com/q/138556/92363.\r\n\r\n // Does not overflow because the denominator cannot be zero at this stage in the function.\r\n uint256 twos = denominator \u0026 (~denominator + 1);\r\n assembly {\r\n // Divide denominator by twos.\r\n denominator := div(denominator, twos)\r\n\r\n // Divide [prod1 prod0] by twos.\r\n prod0 := div(prod0, twos)\r\n\r\n // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.\r\n twos := add(div(sub(0, twos), twos), 1)\r\n }\r\n\r\n // Shift in bits from prod1 into prod0.\r\n prod0 |= prod1 * twos;\r\n\r\n // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such\r\n // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for\r\n // four bits. That is, denominator * inv = 1 mod 2^4.\r\n uint256 inverse = (3 * denominator) ^ 2;\r\n\r\n // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel\u0027s lifting lemma, this also works\r\n // in modular arithmetic, doubling the correct bits in each step.\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^8\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^16\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^32\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^64\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^128\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^256\r\n\r\n // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.\r\n // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is\r\n // less than 2^256, this is the final result. We don\u0027t need to compute the high bits of the result and prod1\r\n // is no longer required.\r\n result = prod0 * inverse;\r\n return result;\r\n }\r\n }\r\n\r\n /**\r\n * @notice Calculates x * y / denominator with full precision, following the selected rounding direction.\r\n */\r\n function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {\r\n uint256 result = mulDiv(x, y, denominator);\r\n if (rounding == Rounding.Up \u0026\u0026 mulmod(x, y, denominator) \u003e 0) {\r\n result += 1;\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.\r\n *\r\n * Inspired by Henry S. Warren, Jr.\u0027s \"Hacker\u0027s Delight\" (Chapter 11).\r\n */\r\n function sqrt(uint256 a) internal pure returns (uint256) {\r\n if (a == 0) {\r\n return 0;\r\n }\r\n\r\n // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.\r\n //\r\n // We know that the \"msb\" (most significant bit) of our target number `a` is a power of 2 such that we have\r\n // `msb(a) \u003c= a \u003c 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.\r\n //\r\n // This can be rewritten `2**log2(a) \u003c= a \u003c 2**(log2(a) + 1)`\r\n // → `sqrt(2**k) \u003c= sqrt(a) \u003c sqrt(2**(k+1))`\r\n // → `2**(k/2) \u003c= sqrt(a) \u003c 2**((k+1)/2) \u003c= 2**(k/2 + 1)`\r\n //\r\n // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.\r\n uint256 result = 1 \u003c\u003c (log2(a) \u003e\u003e 1);\r\n\r\n // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,\r\n // since it is the square root of a uint256. Newton\u0027s method converges quadratically (precision doubles at\r\n // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision\r\n // into the expected uint128 result.\r\n unchecked {\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n return min(result, a / result);\r\n }\r\n }\r\n\r\n /**\r\n * @notice Calculates sqrt(a), following the selected rounding direction.\r\n */\r\n function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = sqrt(a);\r\n return result + (rounding == Rounding.Up \u0026\u0026 result * result \u003c a ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 2, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log2(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e\u003e 128 \u003e 0) {\r\n value \u003e\u003e= 128;\r\n result += 128;\r\n }\r\n if (value \u003e\u003e 64 \u003e 0) {\r\n value \u003e\u003e= 64;\r\n result += 64;\r\n }\r\n if (value \u003e\u003e 32 \u003e 0) {\r\n value \u003e\u003e= 32;\r\n result += 32;\r\n }\r\n if (value \u003e\u003e 16 \u003e 0) {\r\n value \u003e\u003e= 16;\r\n result += 16;\r\n }\r\n if (value \u003e\u003e 8 \u003e 0) {\r\n value \u003e\u003e= 8;\r\n result += 8;\r\n }\r\n if (value \u003e\u003e 4 \u003e 0) {\r\n value \u003e\u003e= 4;\r\n result += 4;\r\n }\r\n if (value \u003e\u003e 2 \u003e 0) {\r\n value \u003e\u003e= 2;\r\n result += 2;\r\n }\r\n if (value \u003e\u003e 1 \u003e 0) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 2, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log2(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 1 \u003c\u003c result \u003c value ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 10, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log10(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e= 10 ** 64) {\r\n value /= 10 ** 64;\r\n result += 64;\r\n }\r\n if (value \u003e= 10 ** 32) {\r\n value /= 10 ** 32;\r\n result += 32;\r\n }\r\n if (value \u003e= 10 ** 16) {\r\n value /= 10 ** 16;\r\n result += 16;\r\n }\r\n if (value \u003e= 10 ** 8) {\r\n value /= 10 ** 8;\r\n result += 8;\r\n }\r\n if (value \u003e= 10 ** 4) {\r\n value /= 10 ** 4;\r\n result += 4;\r\n }\r\n if (value \u003e= 10 ** 2) {\r\n value /= 10 ** 2;\r\n result += 2;\r\n }\r\n if (value \u003e= 10 ** 1) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 10, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log10(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 10 ** result \u003c value ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 256, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n *\r\n * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.\r\n */\r\n function log256(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e\u003e 128 \u003e 0) {\r\n value \u003e\u003e= 128;\r\n result += 16;\r\n }\r\n if (value \u003e\u003e 64 \u003e 0) {\r\n value \u003e\u003e= 64;\r\n result += 8;\r\n }\r\n if (value \u003e\u003e 32 \u003e 0) {\r\n value \u003e\u003e= 32;\r\n result += 4;\r\n }\r\n if (value \u003e\u003e 16 \u003e 0) {\r\n value \u003e\u003e= 16;\r\n result += 2;\r\n }\r\n if (value \u003e\u003e 8 \u003e 0) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 256, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log256(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 1 \u003c\u003c (result \u003c\u003c 3) \u003c value ? 1 : 0);\r\n }\r\n }\r\n}\r\n" - }, - "lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/contracts/utils/math/Math.sol": { - "content": "// SPDX-License-Identifier: MIT\r\n// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)\r\n\r\npragma solidity ^0.8.0;\r\n\r\n/**\r\n * @dev Standard math utilities missing in the Solidity language.\r\n */\r\nlibrary Math {\r\n enum Rounding {\r\n Down, // Toward negative infinity\r\n Up, // Toward infinity\r\n Zero // Toward zero\r\n }\r\n\r\n /**\r\n * @dev Returns the largest of two numbers.\r\n */\r\n function max(uint256 a, uint256 b) internal pure returns (uint256) {\r\n return a \u003e b ? a : b;\r\n }\r\n\r\n /**\r\n * @dev Returns the smallest of two numbers.\r\n */\r\n function min(uint256 a, uint256 b) internal pure returns (uint256) {\r\n return a \u003c b ? a : b;\r\n }\r\n\r\n /**\r\n * @dev Returns the average of two numbers. The result is rounded towards\r\n * zero.\r\n */\r\n function average(uint256 a, uint256 b) internal pure returns (uint256) {\r\n // (a + b) / 2 can overflow.\r\n return (a \u0026 b) + (a ^ b) / 2;\r\n }\r\n\r\n /**\r\n * @dev Returns the ceiling of the division of two numbers.\r\n *\r\n * This differs from standard division with `/` in that it rounds up instead\r\n * of rounding down.\r\n */\r\n function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {\r\n // (a + b - 1) / b can overflow on addition, so we distribute.\r\n return a == 0 ? 0 : (a - 1) / b + 1;\r\n }\r\n\r\n /**\r\n * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0\r\n * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)\r\n * with further edits by Uniswap Labs also under MIT license.\r\n */\r\n function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {\r\n unchecked {\r\n // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use\r\n // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256\r\n // variables such that product = prod1 * 2^256 + prod0.\r\n uint256 prod0; // Least significant 256 bits of the product\r\n uint256 prod1; // Most significant 256 bits of the product\r\n assembly {\r\n let mm := mulmod(x, y, not(0))\r\n prod0 := mul(x, y)\r\n prod1 := sub(sub(mm, prod0), lt(mm, prod0))\r\n }\r\n\r\n // Handle non-overflow cases, 256 by 256 division.\r\n if (prod1 == 0) {\r\n // Solidity will revert if denominator == 0, unlike the div opcode on its own.\r\n // The surrounding unchecked block does not change this fact.\r\n // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.\r\n return prod0 / denominator;\r\n }\r\n\r\n // Make sure the result is less than 2^256. Also prevents denominator == 0.\r\n require(denominator \u003e prod1, \"Math: mulDiv overflow\");\r\n\r\n ///////////////////////////////////////////////\r\n // 512 by 256 division.\r\n ///////////////////////////////////////////////\r\n\r\n // Make division exact by subtracting the remainder from [prod1 prod0].\r\n uint256 remainder;\r\n assembly {\r\n // Compute remainder using mulmod.\r\n remainder := mulmod(x, y, denominator)\r\n\r\n // Subtract 256 bit number from 512 bit number.\r\n prod1 := sub(prod1, gt(remainder, prod0))\r\n prod0 := sub(prod0, remainder)\r\n }\r\n\r\n // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always \u003e= 1.\r\n // See https://cs.stackexchange.com/q/138556/92363.\r\n\r\n // Does not overflow because the denominator cannot be zero at this stage in the function.\r\n uint256 twos = denominator \u0026 (~denominator + 1);\r\n assembly {\r\n // Divide denominator by twos.\r\n denominator := div(denominator, twos)\r\n\r\n // Divide [prod1 prod0] by twos.\r\n prod0 := div(prod0, twos)\r\n\r\n // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.\r\n twos := add(div(sub(0, twos), twos), 1)\r\n }\r\n\r\n // Shift in bits from prod1 into prod0.\r\n prod0 |= prod1 * twos;\r\n\r\n // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such\r\n // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for\r\n // four bits. That is, denominator * inv = 1 mod 2^4.\r\n uint256 inverse = (3 * denominator) ^ 2;\r\n\r\n // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel\u0027s lifting lemma, this also works\r\n // in modular arithmetic, doubling the correct bits in each step.\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^8\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^16\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^32\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^64\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^128\r\n inverse *= 2 - denominator * inverse; // inverse mod 2^256\r\n\r\n // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.\r\n // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is\r\n // less than 2^256, this is the final result. We don\u0027t need to compute the high bits of the result and prod1\r\n // is no longer required.\r\n result = prod0 * inverse;\r\n return result;\r\n }\r\n }\r\n\r\n /**\r\n * @notice Calculates x * y / denominator with full precision, following the selected rounding direction.\r\n */\r\n function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {\r\n uint256 result = mulDiv(x, y, denominator);\r\n if (rounding == Rounding.Up \u0026\u0026 mulmod(x, y, denominator) \u003e 0) {\r\n result += 1;\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.\r\n *\r\n * Inspired by Henry S. Warren, Jr.\u0027s \"Hacker\u0027s Delight\" (Chapter 11).\r\n */\r\n function sqrt(uint256 a) internal pure returns (uint256) {\r\n if (a == 0) {\r\n return 0;\r\n }\r\n\r\n // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.\r\n //\r\n // We know that the \"msb\" (most significant bit) of our target number `a` is a power of 2 such that we have\r\n // `msb(a) \u003c= a \u003c 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.\r\n //\r\n // This can be rewritten `2**log2(a) \u003c= a \u003c 2**(log2(a) + 1)`\r\n // → `sqrt(2**k) \u003c= sqrt(a) \u003c sqrt(2**(k+1))`\r\n // → `2**(k/2) \u003c= sqrt(a) \u003c 2**((k+1)/2) \u003c= 2**(k/2 + 1)`\r\n //\r\n // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.\r\n uint256 result = 1 \u003c\u003c (log2(a) \u003e\u003e 1);\r\n\r\n // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,\r\n // since it is the square root of a uint256. Newton\u0027s method converges quadratically (precision doubles at\r\n // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision\r\n // into the expected uint128 result.\r\n unchecked {\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n result = (result + a / result) \u003e\u003e 1;\r\n return min(result, a / result);\r\n }\r\n }\r\n\r\n /**\r\n * @notice Calculates sqrt(a), following the selected rounding direction.\r\n */\r\n function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = sqrt(a);\r\n return result + (rounding == Rounding.Up \u0026\u0026 result * result \u003c a ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 2, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log2(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e\u003e 128 \u003e 0) {\r\n value \u003e\u003e= 128;\r\n result += 128;\r\n }\r\n if (value \u003e\u003e 64 \u003e 0) {\r\n value \u003e\u003e= 64;\r\n result += 64;\r\n }\r\n if (value \u003e\u003e 32 \u003e 0) {\r\n value \u003e\u003e= 32;\r\n result += 32;\r\n }\r\n if (value \u003e\u003e 16 \u003e 0) {\r\n value \u003e\u003e= 16;\r\n result += 16;\r\n }\r\n if (value \u003e\u003e 8 \u003e 0) {\r\n value \u003e\u003e= 8;\r\n result += 8;\r\n }\r\n if (value \u003e\u003e 4 \u003e 0) {\r\n value \u003e\u003e= 4;\r\n result += 4;\r\n }\r\n if (value \u003e\u003e 2 \u003e 0) {\r\n value \u003e\u003e= 2;\r\n result += 2;\r\n }\r\n if (value \u003e\u003e 1 \u003e 0) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 2, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log2(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 1 \u003c\u003c result \u003c value ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 10, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log10(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e= 10 ** 64) {\r\n value /= 10 ** 64;\r\n result += 64;\r\n }\r\n if (value \u003e= 10 ** 32) {\r\n value /= 10 ** 32;\r\n result += 32;\r\n }\r\n if (value \u003e= 10 ** 16) {\r\n value /= 10 ** 16;\r\n result += 16;\r\n }\r\n if (value \u003e= 10 ** 8) {\r\n value /= 10 ** 8;\r\n result += 8;\r\n }\r\n if (value \u003e= 10 ** 4) {\r\n value /= 10 ** 4;\r\n result += 4;\r\n }\r\n if (value \u003e= 10 ** 2) {\r\n value /= 10 ** 2;\r\n result += 2;\r\n }\r\n if (value \u003e= 10 ** 1) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 10, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log10(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 10 ** result \u003c value ? 1 : 0);\r\n }\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 256, rounded down, of a positive value.\r\n * Returns 0 if given 0.\r\n *\r\n * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.\r\n */\r\n function log256(uint256 value) internal pure returns (uint256) {\r\n uint256 result = 0;\r\n unchecked {\r\n if (value \u003e\u003e 128 \u003e 0) {\r\n value \u003e\u003e= 128;\r\n result += 16;\r\n }\r\n if (value \u003e\u003e 64 \u003e 0) {\r\n value \u003e\u003e= 64;\r\n result += 8;\r\n }\r\n if (value \u003e\u003e 32 \u003e 0) {\r\n value \u003e\u003e= 32;\r\n result += 4;\r\n }\r\n if (value \u003e\u003e 16 \u003e 0) {\r\n value \u003e\u003e= 16;\r\n result += 2;\r\n }\r\n if (value \u003e\u003e 8 \u003e 0) {\r\n result += 1;\r\n }\r\n }\r\n return result;\r\n }\r\n\r\n /**\r\n * @dev Return the log in base 256, following the selected rounding direction, of a positive value.\r\n * Returns 0 if given 0.\r\n */\r\n function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {\r\n unchecked {\r\n uint256 result = log256(value);\r\n return result + (rounding == Rounding.Up \u0026\u0026 1 \u003c\u003c (result \u003c\u003c 3) \u003c value ? 1 : 0);\r\n }\r\n }\r\n}\r\n" - }, - "lib/openzeppelin-contracts/contracts/utils/math/SafeCast.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)\n// This file was procedurally generated from scripts/generate/templates/SafeCast.js.\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow\n * checks.\n *\n * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can\n * easily result in undesired exploitation or bugs, since developers usually\n * assume that overflows raise errors. `SafeCast` restores this intuition by\n * reverting the transaction when such an operation overflows.\n *\n * Using this library instead of the unchecked operations eliminates an entire\n * class of bugs, so it's recommended to use it always.\n */\nlibrary SafeCast {\n /**\n * @dev Value doesn't fit in an uint of `bits` size.\n */\n error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);\n\n /**\n * @dev An int value doesn't fit in an uint of `bits` size.\n */\n error SafeCastOverflowedIntToUint(int256 value);\n\n /**\n * @dev Value doesn't fit in an int of `bits` size.\n */\n error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);\n\n /**\n * @dev An uint value doesn't fit in an int of `bits` size.\n */\n error SafeCastOverflowedUintToInt(uint256 value);\n\n /**\n * @dev Returns the downcasted uint248 from uint256, reverting on\n * overflow (when the input is greater than largest uint248).\n *\n * Counterpart to Solidity's `uint248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n */\n function toUint248(uint256 value) internal pure returns (uint248) {\n if (value > type(uint248).max) {\n revert SafeCastOverflowedUintDowncast(248, value);\n }\n return uint248(value);\n }\n\n /**\n * @dev Returns the downcasted uint240 from uint256, reverting on\n * overflow (when the input is greater than largest uint240).\n *\n * Counterpart to Solidity's `uint240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n */\n function toUint240(uint256 value) internal pure returns (uint240) {\n if (value > type(uint240).max) {\n revert SafeCastOverflowedUintDowncast(240, value);\n }\n return uint240(value);\n }\n\n /**\n * @dev Returns the downcasted uint232 from uint256, reverting on\n * overflow (when the input is greater than largest uint232).\n *\n * Counterpart to Solidity's `uint232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n */\n function toUint232(uint256 value) internal pure returns (uint232) {\n if (value > type(uint232).max) {\n revert SafeCastOverflowedUintDowncast(232, value);\n }\n return uint232(value);\n }\n\n /**\n * @dev Returns the downcasted uint224 from uint256, reverting on\n * overflow (when the input is greater than largest uint224).\n *\n * Counterpart to Solidity's `uint224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n */\n function toUint224(uint256 value) internal pure returns (uint224) {\n if (value > type(uint224).max) {\n revert SafeCastOverflowedUintDowncast(224, value);\n }\n return uint224(value);\n }\n\n /**\n * @dev Returns the downcasted uint216 from uint256, reverting on\n * overflow (when the input is greater than largest uint216).\n *\n * Counterpart to Solidity's `uint216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n */\n function toUint216(uint256 value) internal pure returns (uint216) {\n if (value > type(uint216).max) {\n revert SafeCastOverflowedUintDowncast(216, value);\n }\n return uint216(value);\n }\n\n /**\n * @dev Returns the downcasted uint208 from uint256, reverting on\n * overflow (when the input is greater than largest uint208).\n *\n * Counterpart to Solidity's `uint208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n */\n function toUint208(uint256 value) internal pure returns (uint208) {\n if (value > type(uint208).max) {\n revert SafeCastOverflowedUintDowncast(208, value);\n }\n return uint208(value);\n }\n\n /**\n * @dev Returns the downcasted uint200 from uint256, reverting on\n * overflow (when the input is greater than largest uint200).\n *\n * Counterpart to Solidity's `uint200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n */\n function toUint200(uint256 value) internal pure returns (uint200) {\n if (value > type(uint200).max) {\n revert SafeCastOverflowedUintDowncast(200, value);\n }\n return uint200(value);\n }\n\n /**\n * @dev Returns the downcasted uint192 from uint256, reverting on\n * overflow (when the input is greater than largest uint192).\n *\n * Counterpart to Solidity's `uint192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n */\n function toUint192(uint256 value) internal pure returns (uint192) {\n if (value > type(uint192).max) {\n revert SafeCastOverflowedUintDowncast(192, value);\n }\n return uint192(value);\n }\n\n /**\n * @dev Returns the downcasted uint184 from uint256, reverting on\n * overflow (when the input is greater than largest uint184).\n *\n * Counterpart to Solidity's `uint184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n */\n function toUint184(uint256 value) internal pure returns (uint184) {\n if (value > type(uint184).max) {\n revert SafeCastOverflowedUintDowncast(184, value);\n }\n return uint184(value);\n }\n\n /**\n * @dev Returns the downcasted uint176 from uint256, reverting on\n * overflow (when the input is greater than largest uint176).\n *\n * Counterpart to Solidity's `uint176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n */\n function toUint176(uint256 value) internal pure returns (uint176) {\n if (value > type(uint176).max) {\n revert SafeCastOverflowedUintDowncast(176, value);\n }\n return uint176(value);\n }\n\n /**\n * @dev Returns the downcasted uint168 from uint256, reverting on\n * overflow (when the input is greater than largest uint168).\n *\n * Counterpart to Solidity's `uint168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n */\n function toUint168(uint256 value) internal pure returns (uint168) {\n if (value > type(uint168).max) {\n revert SafeCastOverflowedUintDowncast(168, value);\n }\n return uint168(value);\n }\n\n /**\n * @dev Returns the downcasted uint160 from uint256, reverting on\n * overflow (when the input is greater than largest uint160).\n *\n * Counterpart to Solidity's `uint160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n */\n function toUint160(uint256 value) internal pure returns (uint160) {\n if (value > type(uint160).max) {\n revert SafeCastOverflowedUintDowncast(160, value);\n }\n return uint160(value);\n }\n\n /**\n * @dev Returns the downcasted uint152 from uint256, reverting on\n * overflow (when the input is greater than largest uint152).\n *\n * Counterpart to Solidity's `uint152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n */\n function toUint152(uint256 value) internal pure returns (uint152) {\n if (value > type(uint152).max) {\n revert SafeCastOverflowedUintDowncast(152, value);\n }\n return uint152(value);\n }\n\n /**\n * @dev Returns the downcasted uint144 from uint256, reverting on\n * overflow (when the input is greater than largest uint144).\n *\n * Counterpart to Solidity's `uint144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n */\n function toUint144(uint256 value) internal pure returns (uint144) {\n if (value > type(uint144).max) {\n revert SafeCastOverflowedUintDowncast(144, value);\n }\n return uint144(value);\n }\n\n /**\n * @dev Returns the downcasted uint136 from uint256, reverting on\n * overflow (when the input is greater than largest uint136).\n *\n * Counterpart to Solidity's `uint136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n */\n function toUint136(uint256 value) internal pure returns (uint136) {\n if (value > type(uint136).max) {\n revert SafeCastOverflowedUintDowncast(136, value);\n }\n return uint136(value);\n }\n\n /**\n * @dev Returns the downcasted uint128 from uint256, reverting on\n * overflow (when the input is greater than largest uint128).\n *\n * Counterpart to Solidity's `uint128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n */\n function toUint128(uint256 value) internal pure returns (uint128) {\n if (value > type(uint128).max) {\n revert SafeCastOverflowedUintDowncast(128, value);\n }\n return uint128(value);\n }\n\n /**\n * @dev Returns the downcasted uint120 from uint256, reverting on\n * overflow (when the input is greater than largest uint120).\n *\n * Counterpart to Solidity's `uint120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n */\n function toUint120(uint256 value) internal pure returns (uint120) {\n if (value > type(uint120).max) {\n revert SafeCastOverflowedUintDowncast(120, value);\n }\n return uint120(value);\n }\n\n /**\n * @dev Returns the downcasted uint112 from uint256, reverting on\n * overflow (when the input is greater than largest uint112).\n *\n * Counterpart to Solidity's `uint112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n */\n function toUint112(uint256 value) internal pure returns (uint112) {\n if (value > type(uint112).max) {\n revert SafeCastOverflowedUintDowncast(112, value);\n }\n return uint112(value);\n }\n\n /**\n * @dev Returns the downcasted uint104 from uint256, reverting on\n * overflow (when the input is greater than largest uint104).\n *\n * Counterpart to Solidity's `uint104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n */\n function toUint104(uint256 value) internal pure returns (uint104) {\n if (value > type(uint104).max) {\n revert SafeCastOverflowedUintDowncast(104, value);\n }\n return uint104(value);\n }\n\n /**\n * @dev Returns the downcasted uint96 from uint256, reverting on\n * overflow (when the input is greater than largest uint96).\n *\n * Counterpart to Solidity's `uint96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n */\n function toUint96(uint256 value) internal pure returns (uint96) {\n if (value > type(uint96).max) {\n revert SafeCastOverflowedUintDowncast(96, value);\n }\n return uint96(value);\n }\n\n /**\n * @dev Returns the downcasted uint88 from uint256, reverting on\n * overflow (when the input is greater than largest uint88).\n *\n * Counterpart to Solidity's `uint88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n */\n function toUint88(uint256 value) internal pure returns (uint88) {\n if (value > type(uint88).max) {\n revert SafeCastOverflowedUintDowncast(88, value);\n }\n return uint88(value);\n }\n\n /**\n * @dev Returns the downcasted uint80 from uint256, reverting on\n * overflow (when the input is greater than largest uint80).\n *\n * Counterpart to Solidity's `uint80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n */\n function toUint80(uint256 value) internal pure returns (uint80) {\n if (value > type(uint80).max) {\n revert SafeCastOverflowedUintDowncast(80, value);\n }\n return uint80(value);\n }\n\n /**\n * @dev Returns the downcasted uint72 from uint256, reverting on\n * overflow (when the input is greater than largest uint72).\n *\n * Counterpart to Solidity's `uint72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n */\n function toUint72(uint256 value) internal pure returns (uint72) {\n if (value > type(uint72).max) {\n revert SafeCastOverflowedUintDowncast(72, value);\n }\n return uint72(value);\n }\n\n /**\n * @dev Returns the downcasted uint64 from uint256, reverting on\n * overflow (when the input is greater than largest uint64).\n *\n * Counterpart to Solidity's `uint64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n */\n function toUint64(uint256 value) internal pure returns (uint64) {\n if (value > type(uint64).max) {\n revert SafeCastOverflowedUintDowncast(64, value);\n }\n return uint64(value);\n }\n\n /**\n * @dev Returns the downcasted uint56 from uint256, reverting on\n * overflow (when the input is greater than largest uint56).\n *\n * Counterpart to Solidity's `uint56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n */\n function toUint56(uint256 value) internal pure returns (uint56) {\n if (value > type(uint56).max) {\n revert SafeCastOverflowedUintDowncast(56, value);\n }\n return uint56(value);\n }\n\n /**\n * @dev Returns the downcasted uint48 from uint256, reverting on\n * overflow (when the input is greater than largest uint48).\n *\n * Counterpart to Solidity's `uint48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n */\n function toUint48(uint256 value) internal pure returns (uint48) {\n if (value > type(uint48).max) {\n revert SafeCastOverflowedUintDowncast(48, value);\n }\n return uint48(value);\n }\n\n /**\n * @dev Returns the downcasted uint40 from uint256, reverting on\n * overflow (when the input is greater than largest uint40).\n *\n * Counterpart to Solidity's `uint40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n */\n function toUint40(uint256 value) internal pure returns (uint40) {\n if (value > type(uint40).max) {\n revert SafeCastOverflowedUintDowncast(40, value);\n }\n return uint40(value);\n }\n\n /**\n * @dev Returns the downcasted uint32 from uint256, reverting on\n * overflow (when the input is greater than largest uint32).\n *\n * Counterpart to Solidity's `uint32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n */\n function toUint32(uint256 value) internal pure returns (uint32) {\n if (value > type(uint32).max) {\n revert SafeCastOverflowedUintDowncast(32, value);\n }\n return uint32(value);\n }\n\n /**\n * @dev Returns the downcasted uint24 from uint256, reverting on\n * overflow (when the input is greater than largest uint24).\n *\n * Counterpart to Solidity's `uint24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n */\n function toUint24(uint256 value) internal pure returns (uint24) {\n if (value > type(uint24).max) {\n revert SafeCastOverflowedUintDowncast(24, value);\n }\n return uint24(value);\n }\n\n /**\n * @dev Returns the downcasted uint16 from uint256, reverting on\n * overflow (when the input is greater than largest uint16).\n *\n * Counterpart to Solidity's `uint16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n */\n function toUint16(uint256 value) internal pure returns (uint16) {\n if (value > type(uint16).max) {\n revert SafeCastOverflowedUintDowncast(16, value);\n }\n return uint16(value);\n }\n\n /**\n * @dev Returns the downcasted uint8 from uint256, reverting on\n * overflow (when the input is greater than largest uint8).\n *\n * Counterpart to Solidity's `uint8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n */\n function toUint8(uint256 value) internal pure returns (uint8) {\n if (value > type(uint8).max) {\n revert SafeCastOverflowedUintDowncast(8, value);\n }\n return uint8(value);\n }\n\n /**\n * @dev Converts a signed int256 into an unsigned uint256.\n *\n * Requirements:\n *\n * - input must be greater than or equal to 0.\n */\n function toUint256(int256 value) internal pure returns (uint256) {\n if (value < 0) {\n revert SafeCastOverflowedIntToUint(value);\n }\n return uint256(value);\n }\n\n /**\n * @dev Returns the downcasted int248 from int256, reverting on\n * overflow (when the input is less than smallest int248 or\n * greater than largest int248).\n *\n * Counterpart to Solidity's `int248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n */\n function toInt248(int256 value) internal pure returns (int248 downcasted) {\n downcasted = int248(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(248, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int240 from int256, reverting on\n * overflow (when the input is less than smallest int240 or\n * greater than largest int240).\n *\n * Counterpart to Solidity's `int240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n */\n function toInt240(int256 value) internal pure returns (int240 downcasted) {\n downcasted = int240(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(240, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int232 from int256, reverting on\n * overflow (when the input is less than smallest int232 or\n * greater than largest int232).\n *\n * Counterpart to Solidity's `int232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n */\n function toInt232(int256 value) internal pure returns (int232 downcasted) {\n downcasted = int232(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(232, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int224 from int256, reverting on\n * overflow (when the input is less than smallest int224 or\n * greater than largest int224).\n *\n * Counterpart to Solidity's `int224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n */\n function toInt224(int256 value) internal pure returns (int224 downcasted) {\n downcasted = int224(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(224, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int216 from int256, reverting on\n * overflow (when the input is less than smallest int216 or\n * greater than largest int216).\n *\n * Counterpart to Solidity's `int216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n */\n function toInt216(int256 value) internal pure returns (int216 downcasted) {\n downcasted = int216(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(216, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int208 from int256, reverting on\n * overflow (when the input is less than smallest int208 or\n * greater than largest int208).\n *\n * Counterpart to Solidity's `int208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n */\n function toInt208(int256 value) internal pure returns (int208 downcasted) {\n downcasted = int208(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(208, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int200 from int256, reverting on\n * overflow (when the input is less than smallest int200 or\n * greater than largest int200).\n *\n * Counterpart to Solidity's `int200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n */\n function toInt200(int256 value) internal pure returns (int200 downcasted) {\n downcasted = int200(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(200, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int192 from int256, reverting on\n * overflow (when the input is less than smallest int192 or\n * greater than largest int192).\n *\n * Counterpart to Solidity's `int192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n */\n function toInt192(int256 value) internal pure returns (int192 downcasted) {\n downcasted = int192(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(192, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int184 from int256, reverting on\n * overflow (when the input is less than smallest int184 or\n * greater than largest int184).\n *\n * Counterpart to Solidity's `int184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n */\n function toInt184(int256 value) internal pure returns (int184 downcasted) {\n downcasted = int184(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(184, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int176 from int256, reverting on\n * overflow (when the input is less than smallest int176 or\n * greater than largest int176).\n *\n * Counterpart to Solidity's `int176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n */\n function toInt176(int256 value) internal pure returns (int176 downcasted) {\n downcasted = int176(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(176, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int168 from int256, reverting on\n * overflow (when the input is less than smallest int168 or\n * greater than largest int168).\n *\n * Counterpart to Solidity's `int168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n */\n function toInt168(int256 value) internal pure returns (int168 downcasted) {\n downcasted = int168(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(168, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int160 from int256, reverting on\n * overflow (when the input is less than smallest int160 or\n * greater than largest int160).\n *\n * Counterpart to Solidity's `int160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n */\n function toInt160(int256 value) internal pure returns (int160 downcasted) {\n downcasted = int160(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(160, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int152 from int256, reverting on\n * overflow (when the input is less than smallest int152 or\n * greater than largest int152).\n *\n * Counterpart to Solidity's `int152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n */\n function toInt152(int256 value) internal pure returns (int152 downcasted) {\n downcasted = int152(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(152, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int144 from int256, reverting on\n * overflow (when the input is less than smallest int144 or\n * greater than largest int144).\n *\n * Counterpart to Solidity's `int144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n */\n function toInt144(int256 value) internal pure returns (int144 downcasted) {\n downcasted = int144(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(144, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int136 from int256, reverting on\n * overflow (when the input is less than smallest int136 or\n * greater than largest int136).\n *\n * Counterpart to Solidity's `int136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n */\n function toInt136(int256 value) internal pure returns (int136 downcasted) {\n downcasted = int136(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(136, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int128 from int256, reverting on\n * overflow (when the input is less than smallest int128 or\n * greater than largest int128).\n *\n * Counterpart to Solidity's `int128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n */\n function toInt128(int256 value) internal pure returns (int128 downcasted) {\n downcasted = int128(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(128, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int120 from int256, reverting on\n * overflow (when the input is less than smallest int120 or\n * greater than largest int120).\n *\n * Counterpart to Solidity's `int120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n */\n function toInt120(int256 value) internal pure returns (int120 downcasted) {\n downcasted = int120(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(120, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int112 from int256, reverting on\n * overflow (when the input is less than smallest int112 or\n * greater than largest int112).\n *\n * Counterpart to Solidity's `int112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n */\n function toInt112(int256 value) internal pure returns (int112 downcasted) {\n downcasted = int112(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(112, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int104 from int256, reverting on\n * overflow (when the input is less than smallest int104 or\n * greater than largest int104).\n *\n * Counterpart to Solidity's `int104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n */\n function toInt104(int256 value) internal pure returns (int104 downcasted) {\n downcasted = int104(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(104, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int96 from int256, reverting on\n * overflow (when the input is less than smallest int96 or\n * greater than largest int96).\n *\n * Counterpart to Solidity's `int96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n */\n function toInt96(int256 value) internal pure returns (int96 downcasted) {\n downcasted = int96(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(96, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int88 from int256, reverting on\n * overflow (when the input is less than smallest int88 or\n * greater than largest int88).\n *\n * Counterpart to Solidity's `int88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n */\n function toInt88(int256 value) internal pure returns (int88 downcasted) {\n downcasted = int88(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(88, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int80 from int256, reverting on\n * overflow (when the input is less than smallest int80 or\n * greater than largest int80).\n *\n * Counterpart to Solidity's `int80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n */\n function toInt80(int256 value) internal pure returns (int80 downcasted) {\n downcasted = int80(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(80, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int72 from int256, reverting on\n * overflow (when the input is less than smallest int72 or\n * greater than largest int72).\n *\n * Counterpart to Solidity's `int72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n */\n function toInt72(int256 value) internal pure returns (int72 downcasted) {\n downcasted = int72(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(72, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int64 from int256, reverting on\n * overflow (when the input is less than smallest int64 or\n * greater than largest int64).\n *\n * Counterpart to Solidity's `int64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n */\n function toInt64(int256 value) internal pure returns (int64 downcasted) {\n downcasted = int64(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(64, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int56 from int256, reverting on\n * overflow (when the input is less than smallest int56 or\n * greater than largest int56).\n *\n * Counterpart to Solidity's `int56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n */\n function toInt56(int256 value) internal pure returns (int56 downcasted) {\n downcasted = int56(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(56, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int48 from int256, reverting on\n * overflow (when the input is less than smallest int48 or\n * greater than largest int48).\n *\n * Counterpart to Solidity's `int48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n */\n function toInt48(int256 value) internal pure returns (int48 downcasted) {\n downcasted = int48(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(48, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int40 from int256, reverting on\n * overflow (when the input is less than smallest int40 or\n * greater than largest int40).\n *\n * Counterpart to Solidity's `int40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n */\n function toInt40(int256 value) internal pure returns (int40 downcasted) {\n downcasted = int40(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(40, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int32 from int256, reverting on\n * overflow (when the input is less than smallest int32 or\n * greater than largest int32).\n *\n * Counterpart to Solidity's `int32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n */\n function toInt32(int256 value) internal pure returns (int32 downcasted) {\n downcasted = int32(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(32, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int24 from int256, reverting on\n * overflow (when the input is less than smallest int24 or\n * greater than largest int24).\n *\n * Counterpart to Solidity's `int24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n */\n function toInt24(int256 value) internal pure returns (int24 downcasted) {\n downcasted = int24(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(24, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int16 from int256, reverting on\n * overflow (when the input is less than smallest int16 or\n * greater than largest int16).\n *\n * Counterpart to Solidity's `int16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n */\n function toInt16(int256 value) internal pure returns (int16 downcasted) {\n downcasted = int16(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(16, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int8 from int256, reverting on\n * overflow (when the input is less than smallest int8 or\n * greater than largest int8).\n *\n * Counterpart to Solidity's `int8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n */\n function toInt8(int256 value) internal pure returns (int8 downcasted) {\n downcasted = int8(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(8, value);\n }\n }\n\n /**\n * @dev Converts an unsigned uint256 into a signed int256.\n *\n * Requirements:\n *\n * - input must be less than or equal to maxInt256.\n */\n function toInt256(uint256 value) internal pure returns (int256) {\n // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive\n if (value > uint256(type(int256).max)) {\n revert SafeCastOverflowedUintToInt(value);\n }\n return int256(value);\n }\n\n /**\n * @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.\n */\n function toUint(bool b) internal pure returns (uint256 u) {\n assembly (\"memory-safe\") {\n u := iszero(iszero(b))\n }\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/OperatorSetLib.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\n/**\n * @notice An operator set identified by the AVS address and an identifier\n * @param avs The address of the AVS this operator set belongs to\n * @param id The unique identifier for the operator set\n */\nstruct OperatorSet {\n address avs;\n uint32 id;\n}\n\nlibrary OperatorSetLib {\n function key(\n OperatorSet memory os\n ) internal pure returns (bytes32) {\n return bytes32(abi.encodePacked(os.avs, uint96(os.id)));\n }\n\n function decode(\n bytes32 _key\n ) internal pure returns (OperatorSet memory) {\n /// forgefmt: disable-next-item\n return OperatorSet({\n avs: address(uint160(uint256(_key) >> 96)),\n id: uint32(uint256(_key) & type(uint96).max)\n });\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IPauserRegistry.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\n/**\n * @title Interface for the `PauserRegistry` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface IPauserRegistry {\n error OnlyUnpauser();\n error InputAddressZero();\n\n event PauserStatusChanged(address pauser, bool canPause);\n\n event UnpauserChanged(address previousUnpauser, address newUnpauser);\n\n /// @notice Mapping of addresses to whether they hold the pauser role.\n function isPauser(\n address pauser\n ) external view returns (bool);\n\n /// @notice Unique address that holds the unpauser role. Capable of changing *both* the pauser and unpauser addresses.\n function unpauser() external view returns (address);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/SlashingLib.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\nimport \"@openzeppelin/contracts/utils/math/Math.sol\";\nimport \"@openzeppelin-upgrades/contracts/utils/math/SafeCastUpgradeable.sol\";\n\n/// @dev All scaling factors have `1e18` as an initial/default value. This value is represented\n/// by the constant `WAD`, which is used to preserve precision with uint256 math.\n///\n/// When applying scaling factors, they are typically multiplied/divided by `WAD`, allowing this\n/// constant to act as a \"1\" in mathematical formulae.\nuint64 constant WAD = 1e18;\n\n/*\n * There are 2 types of shares:\n * 1. deposit shares\n * - These can be converted to an amount of tokens given a strategy\n * - by calling `sharesToUnderlying` on the strategy address (they're already tokens \n * in the case of EigenPods)\n * - These live in the storage of the EigenPodManager and individual StrategyManager strategies \n * 2. withdrawable shares\n * - For a staker, this is the amount of shares that they can withdraw\n * - For an operator, the shares delegated to them are equal to the sum of their stakers'\n * withdrawable shares\n *\n * Along with a slashing factor, the DepositScalingFactor is used to convert between the two share types.\n */\nstruct DepositScalingFactor {\n uint256 _scalingFactor;\n}\n\nusing SlashingLib for DepositScalingFactor global;\n\nlibrary SlashingLib {\n using Math for uint256;\n using SlashingLib for uint256;\n using SafeCastUpgradeable for uint256;\n\n // WAD MATH\n\n function mulWad(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(y, WAD);\n }\n\n function divWad(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(WAD, y);\n }\n\n /**\n * @notice Used explicitly for calculating slashed magnitude, we want to ensure even in the\n * situation where an operator is slashed several times and precision has been lost over time,\n * an incoming slashing request isn't rounded down to 0 and an operator is able to avoid slashing penalties.\n */\n function mulWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(y, WAD, Math.Rounding.Up);\n }\n\n /**\n * @notice Used as part of calculating wadSlashed in the EPM to ensure that we don't overslash\n */\n function divWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(WAD, y, Math.Rounding.Up);\n }\n\n // GETTERS\n\n function scalingFactor(\n DepositScalingFactor memory dsf\n ) internal pure returns (uint256) {\n return dsf._scalingFactor == 0 ? WAD : dsf._scalingFactor;\n }\n\n function scaleForQueueWithdrawal(\n DepositScalingFactor memory dsf,\n uint256 depositSharesToWithdraw\n ) internal pure returns (uint256) {\n return depositSharesToWithdraw.mulWad(dsf.scalingFactor());\n }\n\n function scaleForCompleteWithdrawal(uint256 scaledShares, uint256 slashingFactor) internal pure returns (uint256) {\n return scaledShares.mulWad(slashingFactor);\n }\n\n /**\n * @notice Scales shares according to the difference in an operator's magnitude before and\n * after being slashed. This is used to calculate the number of slashable shares in the\n * withdrawal queue.\n * NOTE: max magnitude is guaranteed to only ever decrease.\n */\n function scaleForBurning(\n uint256 scaledShares,\n uint64 prevMaxMagnitude,\n uint64 newMaxMagnitude\n ) internal pure returns (uint256) {\n return scaledShares.mulWad(prevMaxMagnitude - newMaxMagnitude);\n }\n\n function update(\n DepositScalingFactor storage dsf,\n uint256 prevDepositShares,\n uint256 addedShares,\n uint256 slashingFactor\n ) internal {\n // If this is the staker's first deposit, set the scaling factor to\n // the inverse of slashingFactor\n if (prevDepositShares == 0) {\n dsf._scalingFactor = uint256(WAD).divWad(slashingFactor);\n return;\n }\n\n /**\n * Base Equations:\n * (1) newShares = currentShares + addedShares\n * (2) newDepositShares = prevDepositShares + addedShares\n * (3) newShares = newDepositShares * newDepositScalingFactor * slashingFactor\n *\n * Plugging (1) into (3):\n * (4) newDepositShares * newDepositScalingFactor * slashingFactor = currentShares + addedShares\n *\n * Solving for newDepositScalingFactor\n * (5) newDepositScalingFactor = (currentShares + addedShares) / (newDepositShares * slashingFactor)\n *\n * Plugging in (2) into (5):\n * (7) newDepositScalingFactor = (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor)\n * Note that magnitudes must be divided by WAD for precision. Thus,\n *\n * (8) newDepositScalingFactor = WAD * (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor / WAD)\n * (9) newDepositScalingFactor = (currentShares + addedShares) * WAD / (prevDepositShares + addedShares) * WAD / slashingFactor\n */\n\n // Step 1: Calculate Numerator\n uint256 currentShares = dsf.calcWithdrawable(prevDepositShares, slashingFactor);\n\n // Step 2: Compute currentShares + addedShares\n uint256 newShares = currentShares + addedShares;\n\n // Step 3: Calculate newDepositScalingFactor\n /// forgefmt: disable-next-item\n uint256 newDepositScalingFactor = newShares\n .divWad(prevDepositShares + addedShares)\n .divWad(slashingFactor);\n\n dsf._scalingFactor = newDepositScalingFactor;\n }\n\n // CONVERSION\n\n function calcWithdrawable(\n DepositScalingFactor memory dsf,\n uint256 depositShares,\n uint256 slashingFactor\n ) internal pure returns (uint256) {\n /// forgefmt: disable-next-item\n return depositShares\n .mulWad(dsf.scalingFactor())\n .mulWad(slashingFactor);\n }\n\n function calcDepositShares(\n DepositScalingFactor memory dsf,\n uint256 withdrawableShares,\n uint256 slashingFactor\n ) internal pure returns (uint256) {\n /// forgefmt: disable-next-item\n return withdrawableShares\n .divWad(dsf.scalingFactor())\n .divWad(slashingFactor);\n }\n\n function calcSlashedAmount(\n uint256 operatorShares,\n uint256 prevMaxMagnitude,\n uint256 newMaxMagnitude\n ) internal pure returns (uint256) {\n // round up mulDiv so we don't overslash\n return operatorShares - operatorShares.mulDiv(newMaxMagnitude, prevMaxMagnitude, Math.Rounding.Up);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IShareManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\nimport \"../libraries/SlashingLib.sol\";\nimport \"./IStrategy.sol\";\n\n/**\n * @title Interface for a `IShareManager` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice This contract is used by the DelegationManager as a unified interface to interact with the EigenPodManager and StrategyManager\n */\ninterface IShareManager {\n /// @notice Used by the DelegationManager to remove a Staker's shares from a particular strategy when entering the withdrawal queue\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n function removeDepositShares(address staker, IStrategy strategy, uint256 depositSharesToRemove) external;\n\n /// @notice Used by the DelegationManager to award a Staker some shares that have passed through the withdrawal queue\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev token is not validated; it is only emitted as an event\n /// @return existingDepositShares the shares the staker had before any were added\n /// @return addedShares the new shares added to the staker's balance\n function addShares(\n address staker,\n IStrategy strategy,\n IERC20 token,\n uint256 shares\n ) external returns (uint256, uint256);\n\n /// @notice Used by the DelegationManager to convert deposit shares to tokens and send them to a staker\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev token is not validated when talking to the EigenPodManager\n function withdrawSharesAsTokens(address staker, IStrategy strategy, IERC20 token, uint256 shares) external;\n\n /// @notice Returns the current shares of `user` in `strategy`\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev returns 0 if the user has negative shares\n function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 depositShares);\n\n /**\n * @notice Increase the amount of burnable shares for a given Strategy. This is called by the DelegationManager\n * when an operator is slashed in EigenLayer.\n * @param strategy The strategy to burn shares in.\n * @param addedSharesToBurn The amount of added shares to burn.\n * @dev This function is only called by the DelegationManager when an operator is slashed.\n */\n function increaseBurnableShares(IStrategy strategy, uint256 addedSharesToBurn) external;\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IEigenPodManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/proxy/beacon/IBeacon.sol\";\nimport \"./IETHPOSDeposit.sol\";\nimport \"./IStrategyManager.sol\";\nimport \"./IEigenPod.sol\";\nimport \"./IShareManager.sol\";\nimport \"./IPausable.sol\";\nimport \"./IStrategy.sol\";\n\ninterface IEigenPodManagerErrors {\n /// @dev Thrown when caller is not a EigenPod.\n error OnlyEigenPod();\n /// @dev Thrown when caller is not DelegationManager.\n error OnlyDelegationManager();\n /// @dev Thrown when caller already has an EigenPod.\n error EigenPodAlreadyExists();\n /// @dev Thrown when shares is not a multiple of gwei.\n error SharesNotMultipleOfGwei();\n /// @dev Thrown when shares would result in a negative integer.\n error SharesNegative();\n /// @dev Thrown when the strategy is not the beaconChainETH strategy.\n error InvalidStrategy();\n /// @dev Thrown when the pods shares are negative and a beacon chain balance update is attempted.\n /// The podOwner should complete legacy withdrawal first.\n error LegacyWithdrawalsNotCompleted();\n}\n\ninterface IEigenPodManagerEvents {\n /// @notice Emitted to notify the deployment of an EigenPod\n event PodDeployed(address indexed eigenPod, address indexed podOwner);\n\n /// @notice Emitted to notify a deposit of beacon chain ETH recorded in the strategy manager\n event BeaconChainETHDeposited(address indexed podOwner, uint256 amount);\n\n /// @notice Emitted when the balance of an EigenPod is updated\n event PodSharesUpdated(address indexed podOwner, int256 sharesDelta);\n\n /// @notice Emitted every time the total shares of a pod are updated\n event NewTotalShares(address indexed podOwner, int256 newTotalShares);\n\n /// @notice Emitted when a withdrawal of beacon chain ETH is completed\n event BeaconChainETHWithdrawalCompleted(\n address indexed podOwner,\n uint256 shares,\n uint96 nonce,\n address delegatedAddress,\n address withdrawer,\n bytes32 withdrawalRoot\n );\n\n /// @notice Emitted when a staker's beaconChainSlashingFactor is updated\n event BeaconChainSlashingFactorDecreased(\n address staker, uint64 prevBeaconChainSlashingFactor, uint64 newBeaconChainSlashingFactor\n );\n\n /// @notice Emitted when an operator is slashed and shares to be burned are increased\n event BurnableETHSharesIncreased(uint256 shares);\n}\n\ninterface IEigenPodManagerTypes {\n /**\n * @notice The amount of beacon chain slashing experienced by a pod owner as a proportion of WAD\n * @param isSet whether the slashingFactor has ever been updated. Used to distinguish between\n * a value of \"0\" and an uninitialized value.\n * @param slashingFactor the proportion of the pod owner's balance that has been decreased due to\n * slashing or other beacon chain balance decreases.\n * @dev NOTE: if !isSet, `slashingFactor` should be treated as WAD. `slashingFactor` is monotonically\n * decreasing and can hit 0 if fully slashed.\n */\n struct BeaconChainSlashingFactor {\n bool isSet;\n uint64 slashingFactor;\n }\n}\n\n/**\n * @title Interface for factory that creates and manages solo staking pods that have their withdrawal credentials pointed to EigenLayer.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface IEigenPodManager is\n IEigenPodManagerErrors,\n IEigenPodManagerEvents,\n IEigenPodManagerTypes,\n IShareManager,\n IPausable\n{\n /**\n * @notice Creates an EigenPod for the sender.\n * @dev Function will revert if the `msg.sender` already has an EigenPod.\n * @dev Returns EigenPod address\n */\n function createPod() external returns (address);\n\n /**\n * @notice Stakes for a new beacon chain validator on the sender's EigenPod.\n * Also creates an EigenPod for the sender if they don't have one already.\n * @param pubkey The 48 bytes public key of the beacon chain validator.\n * @param signature The validator's signature of the deposit data.\n * @param depositDataRoot The root/hash of the deposit data for the validator's deposit.\n */\n function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable;\n\n /**\n * @notice Adds any positive share delta to the pod owner's deposit shares, and delegates them to the pod\n * owner's operator (if applicable). A negative share delta does NOT impact the pod owner's deposit shares,\n * but will reduce their beacon chain slashing factor and delegated shares accordingly.\n * @param podOwner is the pod owner whose balance is being updated.\n * @param prevRestakedBalanceWei is the total amount restaked through the pod before the balance update, including\n * any amount currently in the withdrawal queue.\n * @param balanceDeltaWei is the amount the balance changed\n * @dev Callable only by the podOwner's EigenPod contract.\n * @dev Reverts if `sharesDelta` is not a whole Gwei amount\n */\n function recordBeaconChainETHBalanceUpdate(\n address podOwner,\n uint256 prevRestakedBalanceWei,\n int256 balanceDeltaWei\n ) external;\n\n /// @notice Returns the address of the `podOwner`'s EigenPod if it has been deployed.\n function ownerToPod(\n address podOwner\n ) external view returns (IEigenPod);\n\n /// @notice Returns the address of the `podOwner`'s EigenPod (whether it is deployed yet or not).\n function getPod(\n address podOwner\n ) external view returns (IEigenPod);\n\n /// @notice The ETH2 Deposit Contract\n function ethPOS() external view returns (IETHPOSDeposit);\n\n /// @notice Beacon proxy to which the EigenPods point\n function eigenPodBeacon() external view returns (IBeacon);\n\n /// @notice Returns 'true' if the `podOwner` has created an EigenPod, and 'false' otherwise.\n function hasPod(\n address podOwner\n ) external view returns (bool);\n\n /// @notice Returns the number of EigenPods that have been created\n function numPods() external view returns (uint256);\n\n /**\n * @notice Mapping from Pod owner owner to the number of shares they have in the virtual beacon chain ETH strategy.\n * @dev The share amount can become negative. This is necessary to accommodate the fact that a pod owner's virtual beacon chain ETH shares can\n * decrease between the pod owner queuing and completing a withdrawal.\n * When the pod owner's shares would otherwise increase, this \"deficit\" is decreased first _instead_.\n * Likewise, when a withdrawal is completed, this \"deficit\" is decreased and the withdrawal amount is decreased; We can think of this\n * as the withdrawal \"paying off the deficit\".\n */\n function podOwnerDepositShares(\n address podOwner\n ) external view returns (int256);\n\n /// @notice returns canonical, virtual beaconChainETH strategy\n function beaconChainETHStrategy() external view returns (IStrategy);\n\n /**\n * @notice Returns the historical sum of proportional balance decreases a pod owner has experienced when\n * updating their pod's balance.\n */\n function beaconChainSlashingFactor(\n address staker\n ) external view returns (uint64);\n\n /// @notice Returns the accumulated amount of beacon chain ETH Strategy shares\n function burnableETHShares() external view returns (uint256);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Interface of the ERC-20 standard as defined in the ERC.\n */\ninterface IERC20 {\n /**\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\n * another (`to`).\n *\n * Note that `value` may be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /**\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\n * a call to {approve}. `value` is the new allowance.\n */\n event Approval(address indexed owner, address indexed spender, uint256 value);\n\n /**\n * @dev Returns the value of tokens in existence.\n */\n function totalSupply() external view returns (uint256);\n\n /**\n * @dev Returns the value of tokens owned by `account`.\n */\n function balanceOf(address account) external view returns (uint256);\n\n /**\n * @dev Moves a `value` amount of tokens from the caller's account to `to`.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transfer(address to, uint256 value) external returns (bool);\n\n /**\n * @dev Returns the remaining number of tokens that `spender` will be\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\n * zero by default.\n *\n * This value changes when {approve} or {transferFrom} are called.\n */\n function allowance(address owner, address spender) external view returns (uint256);\n\n /**\n * @dev Sets a `value` amount of tokens as the allowance of `spender` over the\n * caller's tokens.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\n * that someone may use both the old and the new allowance by unfortunate\n * transaction ordering. One possible solution to mitigate this race\n * condition is to first reduce the spender's allowance to 0 and set the\n * desired value afterwards:\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\n *\n * Emits an {Approval} event.\n */\n function approve(address spender, uint256 value) external returns (bool);\n\n /**\n * @dev Moves a `value` amount of tokens from `from` to `to` using the\n * allowance mechanism. `value` is then deducted from the caller's\n * allowance.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transferFrom(address from, address to, uint256 value) external returns (bool);\n}\n" - }, - "lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/contracts/token/ERC20/IERC20.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Interface of the ERC-20 standard as defined in the ERC.\n */\ninterface IERC20 {\n /**\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\n * another (`to`).\n *\n * Note that `value` may be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /**\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\n * a call to {approve}. `value` is the new allowance.\n */\n event Approval(address indexed owner, address indexed spender, uint256 value);\n\n /**\n * @dev Returns the value of tokens in existence.\n */\n function totalSupply() external view returns (uint256);\n\n /**\n * @dev Returns the value of tokens owned by `account`.\n */\n function balanceOf(address account) external view returns (uint256);\n\n /**\n * @dev Moves a `value` amount of tokens from the caller's account to `to`.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transfer(address to, uint256 value) external returns (bool);\n\n /**\n * @dev Returns the remaining number of tokens that `spender` will be\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\n * zero by default.\n *\n * This value changes when {approve} or {transferFrom} are called.\n */\n function allowance(address owner, address spender) external view returns (uint256);\n\n /**\n * @dev Sets a `value` amount of tokens as the allowance of `spender` over the\n * caller's tokens.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\n * that someone may use both the old and the new allowance by unfortunate\n * transaction ordering. One possible solution to mitigate this race\n * condition is to first reduce the spender's allowance to 0 and set the\n * desired value afterwards:\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\n *\n * Emits an {Approval} event.\n */\n function approve(address spender, uint256 value) external returns (bool);\n\n /**\n * @dev Moves a `value` amount of tokens from `from` to `to` using the\n * allowance mechanism. `value` is then deducted from the caller's\n * allowance.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transferFrom(address from, address to, uint256 value) external returns (bool);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/beacon/IBeacon.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev This is the interface that {BeaconProxy} expects of its beacon.\n */\ninterface IBeacon {\n /**\n * @dev Must return an address that can be used as a delegate call target.\n *\n * {UpgradeableBeacon} will check that this address is a contract.\n */\n function implementation() external view returns (address);\n}\n" - }, - "lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/contracts/proxy/beacon/IBeacon.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev This is the interface that {BeaconProxy} expects of its beacon.\n */\ninterface IBeacon {\n /**\n * @dev Must return an address that can be used as a delegate call target.\n *\n * {UpgradeableBeacon} will check that this address is a contract.\n */\n function implementation() external view returns (address);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/interfaces/IERC1967.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1967.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.\n */\ninterface IERC1967 {\n /**\n * @dev Emitted when the implementation is upgraded.\n */\n event Upgraded(address indexed implementation);\n\n /**\n * @dev Emitted when the admin account has changed.\n */\n event AdminChanged(address previousAdmin, address newAdmin);\n\n /**\n * @dev Emitted when the beacon is changed.\n */\n event BeaconUpgraded(address indexed beacon);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Address.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (utils/Address.sol)\n\npragma solidity ^0.8.20;\n\nimport {Errors} from \"./Errors.sol\";\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary Address {\n /**\n * @dev There's no code at `target` (it is not a contract).\n */\n error AddressEmptyCode(address target);\n\n /**\n * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n * `recipient`, forwarding all available gas and reverting on errors.\n *\n * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n * of certain opcodes, possibly making contracts go over the 2300 gas limit\n * imposed by `transfer`, making them unable to receive funds via\n * `transfer`. {sendValue} removes this limitation.\n *\n * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n *\n * IMPORTANT: because control is transferred to `recipient`, care must be\n * taken to not create reentrancy vulnerabilities. Consider using\n * {ReentrancyGuard} or the\n * https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n if (address(this).balance < amount) {\n revert Errors.InsufficientBalance(address(this).balance, amount);\n }\n\n (bool success, bytes memory returndata) = recipient.call{value: amount}(\"\");\n if (!success) {\n _revert(returndata);\n }\n }\n\n /**\n * @dev Performs a Solidity function call using a low level `call`. A\n * plain `call` is an unsafe replacement for a function call: use this\n * function instead.\n *\n * If `target` reverts with a revert reason or custom error, it is bubbled\n * up by this function (like regular Solidity function calls). However, if\n * the call reverted with no returned reason, this function reverts with a\n * {Errors.FailedCall} error.\n *\n * Returns the raw returned data. To convert to the expected return value,\n * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n *\n * Requirements:\n *\n * - `target` must be a contract.\n * - calling `target` with `data` must not revert.\n */\n function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n return functionCallWithValue(target, data, 0);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but also transferring `value` wei to `target`.\n *\n * Requirements:\n *\n * - the calling contract must have an ETH balance of at least `value`.\n * - the called Solidity function must be `payable`.\n */\n function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {\n if (address(this).balance < value) {\n revert Errors.InsufficientBalance(address(this).balance, value);\n }\n (bool success, bytes memory returndata) = target.call{value: value}(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a static call.\n */\n function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n (bool success, bytes memory returndata) = target.staticcall(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a delegate call.\n */\n function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {\n (bool success, bytes memory returndata) = target.delegatecall(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target\n * was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case\n * of an unsuccessful call.\n */\n function verifyCallResultFromTarget(\n address target,\n bool success,\n bytes memory returndata\n ) internal view returns (bytes memory) {\n if (!success) {\n _revert(returndata);\n } else {\n // only check if target is a contract if the call was successful and the return data is empty\n // otherwise we already know that it was a contract\n if (returndata.length == 0 && target.code.length == 0) {\n revert AddressEmptyCode(target);\n }\n return returndata;\n }\n }\n\n /**\n * @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the\n * revert reason or with a default {Errors.FailedCall} error.\n */\n function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {\n if (!success) {\n _revert(returndata);\n } else {\n return returndata;\n }\n }\n\n /**\n * @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.\n */\n function _revert(bytes memory returndata) private pure {\n // Look for revert reason and bubble it up if present\n if (returndata.length > 0) {\n // The easiest way to bubble the revert reason is using memory via assembly\n assembly (\"memory-safe\") {\n let returndata_size := mload(returndata)\n revert(add(32, returndata), returndata_size)\n }\n } else {\n revert Errors.FailedCall();\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/StorageSlot.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol)\n// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Library for reading and writing primitive types to specific storage slots.\n *\n * Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.\n * This library helps with reading and writing to such slots without the need for inline assembly.\n *\n * The functions in this library return Slot structs that contain a `value` member that can be used to read or write.\n *\n * Example usage to set ERC-1967 implementation slot:\n * ```solidity\n * contract ERC1967 {\n * // Define the slot. Alternatively, use the SlotDerivation library to derive the slot.\n * bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;\n *\n * function _getImplementation() internal view returns (address) {\n * return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;\n * }\n *\n * function _setImplementation(address newImplementation) internal {\n * require(newImplementation.code.length > 0);\n * StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;\n * }\n * }\n * ```\n *\n * TIP: Consider using this library along with {SlotDerivation}.\n */\nlibrary StorageSlot {\n struct AddressSlot {\n address value;\n }\n\n struct BooleanSlot {\n bool value;\n }\n\n struct Bytes32Slot {\n bytes32 value;\n }\n\n struct Uint256Slot {\n uint256 value;\n }\n\n struct Int256Slot {\n int256 value;\n }\n\n struct StringSlot {\n string value;\n }\n\n struct BytesSlot {\n bytes value;\n }\n\n /**\n * @dev Returns an `AddressSlot` with member `value` located at `slot`.\n */\n function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `BooleanSlot` with member `value` located at `slot`.\n */\n function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Bytes32Slot` with member `value` located at `slot`.\n */\n function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Uint256Slot` with member `value` located at `slot`.\n */\n function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Int256Slot` with member `value` located at `slot`.\n */\n function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `StringSlot` with member `value` located at `slot`.\n */\n function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns an `StringSlot` representation of the string storage pointer `store`.\n */\n function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := store.slot\n }\n }\n\n /**\n * @dev Returns a `BytesSlot` with member `value` located at `slot`.\n */\n function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.\n */\n function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := store.slot\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Panic.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Helper library for emitting standardized panic codes.\n *\n * ```solidity\n * contract Example {\n * using Panic for uint256;\n *\n * // Use any of the declared internal constants\n * function foo() { Panic.GENERIC.panic(); }\n *\n * // Alternatively\n * function foo() { Panic.panic(Panic.GENERIC); }\n * }\n * ```\n *\n * Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].\n *\n * _Available since v5.1._\n */\n// slither-disable-next-line unused-state\nlibrary Panic {\n /// @dev generic / unspecified error\n uint256 internal constant GENERIC = 0x00;\n /// @dev used by the assert() builtin\n uint256 internal constant ASSERT = 0x01;\n /// @dev arithmetic underflow or overflow\n uint256 internal constant UNDER_OVERFLOW = 0x11;\n /// @dev division or modulo by zero\n uint256 internal constant DIVISION_BY_ZERO = 0x12;\n /// @dev enum conversion error\n uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;\n /// @dev invalid encoding in storage\n uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;\n /// @dev empty array pop\n uint256 internal constant EMPTY_ARRAY_POP = 0x31;\n /// @dev array out of bounds access\n uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;\n /// @dev resource error (too large allocation or too large array)\n uint256 internal constant RESOURCE_ERROR = 0x41;\n /// @dev calling invalid internal function\n uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;\n\n /// @dev Reverts with a panic code. Recommended to use with\n /// the internal constants with predefined codes.\n function panic(uint256 code) internal pure {\n assembly (\"memory-safe\") {\n mstore(0x00, 0x4e487b71)\n mstore(0x20, code)\n revert(0x1c, 0x24)\n }\n }\n}\n" - }, - "lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/contracts/utils/math/SafeCastUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SafeCast.sol)\n// This file was procedurally generated from scripts/generate/templates/SafeCast.js.\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow\n * checks.\n *\n * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can\n * easily result in undesired exploitation or bugs, since developers usually\n * assume that overflows raise errors. `SafeCast` restores this intuition by\n * reverting the transaction when such an operation overflows.\n *\n * Using this library instead of the unchecked operations eliminates an entire\n * class of bugs, so it's recommended to use it always.\n *\n * Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing\n * all math on `uint256` and `int256` and then downcasting.\n */\nlibrary SafeCastUpgradeable {\n /**\n * @dev Returns the downcasted uint248 from uint256, reverting on\n * overflow (when the input is greater than largest uint248).\n *\n * Counterpart to Solidity's `uint248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n *\n * _Available since v4.7._\n */\n function toUint248(uint256 value) internal pure returns (uint248) {\n require(value <= type(uint248).max, \"SafeCast: value doesn't fit in 248 bits\");\n return uint248(value);\n }\n\n /**\n * @dev Returns the downcasted uint240 from uint256, reverting on\n * overflow (when the input is greater than largest uint240).\n *\n * Counterpart to Solidity's `uint240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n *\n * _Available since v4.7._\n */\n function toUint240(uint256 value) internal pure returns (uint240) {\n require(value <= type(uint240).max, \"SafeCast: value doesn't fit in 240 bits\");\n return uint240(value);\n }\n\n /**\n * @dev Returns the downcasted uint232 from uint256, reverting on\n * overflow (when the input is greater than largest uint232).\n *\n * Counterpart to Solidity's `uint232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n *\n * _Available since v4.7._\n */\n function toUint232(uint256 value) internal pure returns (uint232) {\n require(value <= type(uint232).max, \"SafeCast: value doesn't fit in 232 bits\");\n return uint232(value);\n }\n\n /**\n * @dev Returns the downcasted uint224 from uint256, reverting on\n * overflow (when the input is greater than largest uint224).\n *\n * Counterpart to Solidity's `uint224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n *\n * _Available since v4.2._\n */\n function toUint224(uint256 value) internal pure returns (uint224) {\n require(value <= type(uint224).max, \"SafeCast: value doesn't fit in 224 bits\");\n return uint224(value);\n }\n\n /**\n * @dev Returns the downcasted uint216 from uint256, reverting on\n * overflow (when the input is greater than largest uint216).\n *\n * Counterpart to Solidity's `uint216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n *\n * _Available since v4.7._\n */\n function toUint216(uint256 value) internal pure returns (uint216) {\n require(value <= type(uint216).max, \"SafeCast: value doesn't fit in 216 bits\");\n return uint216(value);\n }\n\n /**\n * @dev Returns the downcasted uint208 from uint256, reverting on\n * overflow (when the input is greater than largest uint208).\n *\n * Counterpart to Solidity's `uint208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n *\n * _Available since v4.7._\n */\n function toUint208(uint256 value) internal pure returns (uint208) {\n require(value <= type(uint208).max, \"SafeCast: value doesn't fit in 208 bits\");\n return uint208(value);\n }\n\n /**\n * @dev Returns the downcasted uint200 from uint256, reverting on\n * overflow (when the input is greater than largest uint200).\n *\n * Counterpart to Solidity's `uint200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n *\n * _Available since v4.7._\n */\n function toUint200(uint256 value) internal pure returns (uint200) {\n require(value <= type(uint200).max, \"SafeCast: value doesn't fit in 200 bits\");\n return uint200(value);\n }\n\n /**\n * @dev Returns the downcasted uint192 from uint256, reverting on\n * overflow (when the input is greater than largest uint192).\n *\n * Counterpart to Solidity's `uint192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n *\n * _Available since v4.7._\n */\n function toUint192(uint256 value) internal pure returns (uint192) {\n require(value <= type(uint192).max, \"SafeCast: value doesn't fit in 192 bits\");\n return uint192(value);\n }\n\n /**\n * @dev Returns the downcasted uint184 from uint256, reverting on\n * overflow (when the input is greater than largest uint184).\n *\n * Counterpart to Solidity's `uint184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n *\n * _Available since v4.7._\n */\n function toUint184(uint256 value) internal pure returns (uint184) {\n require(value <= type(uint184).max, \"SafeCast: value doesn't fit in 184 bits\");\n return uint184(value);\n }\n\n /**\n * @dev Returns the downcasted uint176 from uint256, reverting on\n * overflow (when the input is greater than largest uint176).\n *\n * Counterpart to Solidity's `uint176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n *\n * _Available since v4.7._\n */\n function toUint176(uint256 value) internal pure returns (uint176) {\n require(value <= type(uint176).max, \"SafeCast: value doesn't fit in 176 bits\");\n return uint176(value);\n }\n\n /**\n * @dev Returns the downcasted uint168 from uint256, reverting on\n * overflow (when the input is greater than largest uint168).\n *\n * Counterpart to Solidity's `uint168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n *\n * _Available since v4.7._\n */\n function toUint168(uint256 value) internal pure returns (uint168) {\n require(value <= type(uint168).max, \"SafeCast: value doesn't fit in 168 bits\");\n return uint168(value);\n }\n\n /**\n * @dev Returns the downcasted uint160 from uint256, reverting on\n * overflow (when the input is greater than largest uint160).\n *\n * Counterpart to Solidity's `uint160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n *\n * _Available since v4.7._\n */\n function toUint160(uint256 value) internal pure returns (uint160) {\n require(value <= type(uint160).max, \"SafeCast: value doesn't fit in 160 bits\");\n return uint160(value);\n }\n\n /**\n * @dev Returns the downcasted uint152 from uint256, reverting on\n * overflow (when the input is greater than largest uint152).\n *\n * Counterpart to Solidity's `uint152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n *\n * _Available since v4.7._\n */\n function toUint152(uint256 value) internal pure returns (uint152) {\n require(value <= type(uint152).max, \"SafeCast: value doesn't fit in 152 bits\");\n return uint152(value);\n }\n\n /**\n * @dev Returns the downcasted uint144 from uint256, reverting on\n * overflow (when the input is greater than largest uint144).\n *\n * Counterpart to Solidity's `uint144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n *\n * _Available since v4.7._\n */\n function toUint144(uint256 value) internal pure returns (uint144) {\n require(value <= type(uint144).max, \"SafeCast: value doesn't fit in 144 bits\");\n return uint144(value);\n }\n\n /**\n * @dev Returns the downcasted uint136 from uint256, reverting on\n * overflow (when the input is greater than largest uint136).\n *\n * Counterpart to Solidity's `uint136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n *\n * _Available since v4.7._\n */\n function toUint136(uint256 value) internal pure returns (uint136) {\n require(value <= type(uint136).max, \"SafeCast: value doesn't fit in 136 bits\");\n return uint136(value);\n }\n\n /**\n * @dev Returns the downcasted uint128 from uint256, reverting on\n * overflow (when the input is greater than largest uint128).\n *\n * Counterpart to Solidity's `uint128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n *\n * _Available since v2.5._\n */\n function toUint128(uint256 value) internal pure returns (uint128) {\n require(value <= type(uint128).max, \"SafeCast: value doesn't fit in 128 bits\");\n return uint128(value);\n }\n\n /**\n * @dev Returns the downcasted uint120 from uint256, reverting on\n * overflow (when the input is greater than largest uint120).\n *\n * Counterpart to Solidity's `uint120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n *\n * _Available since v4.7._\n */\n function toUint120(uint256 value) internal pure returns (uint120) {\n require(value <= type(uint120).max, \"SafeCast: value doesn't fit in 120 bits\");\n return uint120(value);\n }\n\n /**\n * @dev Returns the downcasted uint112 from uint256, reverting on\n * overflow (when the input is greater than largest uint112).\n *\n * Counterpart to Solidity's `uint112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n *\n * _Available since v4.7._\n */\n function toUint112(uint256 value) internal pure returns (uint112) {\n require(value <= type(uint112).max, \"SafeCast: value doesn't fit in 112 bits\");\n return uint112(value);\n }\n\n /**\n * @dev Returns the downcasted uint104 from uint256, reverting on\n * overflow (when the input is greater than largest uint104).\n *\n * Counterpart to Solidity's `uint104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n *\n * _Available since v4.7._\n */\n function toUint104(uint256 value) internal pure returns (uint104) {\n require(value <= type(uint104).max, \"SafeCast: value doesn't fit in 104 bits\");\n return uint104(value);\n }\n\n /**\n * @dev Returns the downcasted uint96 from uint256, reverting on\n * overflow (when the input is greater than largest uint96).\n *\n * Counterpart to Solidity's `uint96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n *\n * _Available since v4.2._\n */\n function toUint96(uint256 value) internal pure returns (uint96) {\n require(value <= type(uint96).max, \"SafeCast: value doesn't fit in 96 bits\");\n return uint96(value);\n }\n\n /**\n * @dev Returns the downcasted uint88 from uint256, reverting on\n * overflow (when the input is greater than largest uint88).\n *\n * Counterpart to Solidity's `uint88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n *\n * _Available since v4.7._\n */\n function toUint88(uint256 value) internal pure returns (uint88) {\n require(value <= type(uint88).max, \"SafeCast: value doesn't fit in 88 bits\");\n return uint88(value);\n }\n\n /**\n * @dev Returns the downcasted uint80 from uint256, reverting on\n * overflow (when the input is greater than largest uint80).\n *\n * Counterpart to Solidity's `uint80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n *\n * _Available since v4.7._\n */\n function toUint80(uint256 value) internal pure returns (uint80) {\n require(value <= type(uint80).max, \"SafeCast: value doesn't fit in 80 bits\");\n return uint80(value);\n }\n\n /**\n * @dev Returns the downcasted uint72 from uint256, reverting on\n * overflow (when the input is greater than largest uint72).\n *\n * Counterpart to Solidity's `uint72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n *\n * _Available since v4.7._\n */\n function toUint72(uint256 value) internal pure returns (uint72) {\n require(value <= type(uint72).max, \"SafeCast: value doesn't fit in 72 bits\");\n return uint72(value);\n }\n\n /**\n * @dev Returns the downcasted uint64 from uint256, reverting on\n * overflow (when the input is greater than largest uint64).\n *\n * Counterpart to Solidity's `uint64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n *\n * _Available since v2.5._\n */\n function toUint64(uint256 value) internal pure returns (uint64) {\n require(value <= type(uint64).max, \"SafeCast: value doesn't fit in 64 bits\");\n return uint64(value);\n }\n\n /**\n * @dev Returns the downcasted uint56 from uint256, reverting on\n * overflow (when the input is greater than largest uint56).\n *\n * Counterpart to Solidity's `uint56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n *\n * _Available since v4.7._\n */\n function toUint56(uint256 value) internal pure returns (uint56) {\n require(value <= type(uint56).max, \"SafeCast: value doesn't fit in 56 bits\");\n return uint56(value);\n }\n\n /**\n * @dev Returns the downcasted uint48 from uint256, reverting on\n * overflow (when the input is greater than largest uint48).\n *\n * Counterpart to Solidity's `uint48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n *\n * _Available since v4.7._\n */\n function toUint48(uint256 value) internal pure returns (uint48) {\n require(value <= type(uint48).max, \"SafeCast: value doesn't fit in 48 bits\");\n return uint48(value);\n }\n\n /**\n * @dev Returns the downcasted uint40 from uint256, reverting on\n * overflow (when the input is greater than largest uint40).\n *\n * Counterpart to Solidity's `uint40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n *\n * _Available since v4.7._\n */\n function toUint40(uint256 value) internal pure returns (uint40) {\n require(value <= type(uint40).max, \"SafeCast: value doesn't fit in 40 bits\");\n return uint40(value);\n }\n\n /**\n * @dev Returns the downcasted uint32 from uint256, reverting on\n * overflow (when the input is greater than largest uint32).\n *\n * Counterpart to Solidity's `uint32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n *\n * _Available since v2.5._\n */\n function toUint32(uint256 value) internal pure returns (uint32) {\n require(value <= type(uint32).max, \"SafeCast: value doesn't fit in 32 bits\");\n return uint32(value);\n }\n\n /**\n * @dev Returns the downcasted uint24 from uint256, reverting on\n * overflow (when the input is greater than largest uint24).\n *\n * Counterpart to Solidity's `uint24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n *\n * _Available since v4.7._\n */\n function toUint24(uint256 value) internal pure returns (uint24) {\n require(value <= type(uint24).max, \"SafeCast: value doesn't fit in 24 bits\");\n return uint24(value);\n }\n\n /**\n * @dev Returns the downcasted uint16 from uint256, reverting on\n * overflow (when the input is greater than largest uint16).\n *\n * Counterpart to Solidity's `uint16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n *\n * _Available since v2.5._\n */\n function toUint16(uint256 value) internal pure returns (uint16) {\n require(value <= type(uint16).max, \"SafeCast: value doesn't fit in 16 bits\");\n return uint16(value);\n }\n\n /**\n * @dev Returns the downcasted uint8 from uint256, reverting on\n * overflow (when the input is greater than largest uint8).\n *\n * Counterpart to Solidity's `uint8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n *\n * _Available since v2.5._\n */\n function toUint8(uint256 value) internal pure returns (uint8) {\n require(value <= type(uint8).max, \"SafeCast: value doesn't fit in 8 bits\");\n return uint8(value);\n }\n\n /**\n * @dev Converts a signed int256 into an unsigned uint256.\n *\n * Requirements:\n *\n * - input must be greater than or equal to 0.\n *\n * _Available since v3.0._\n */\n function toUint256(int256 value) internal pure returns (uint256) {\n require(value >= 0, \"SafeCast: value must be positive\");\n return uint256(value);\n }\n\n /**\n * @dev Returns the downcasted int248 from int256, reverting on\n * overflow (when the input is less than smallest int248 or\n * greater than largest int248).\n *\n * Counterpart to Solidity's `int248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n *\n * _Available since v4.7._\n */\n function toInt248(int256 value) internal pure returns (int248 downcasted) {\n downcasted = int248(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 248 bits\");\n }\n\n /**\n * @dev Returns the downcasted int240 from int256, reverting on\n * overflow (when the input is less than smallest int240 or\n * greater than largest int240).\n *\n * Counterpart to Solidity's `int240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n *\n * _Available since v4.7._\n */\n function toInt240(int256 value) internal pure returns (int240 downcasted) {\n downcasted = int240(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 240 bits\");\n }\n\n /**\n * @dev Returns the downcasted int232 from int256, reverting on\n * overflow (when the input is less than smallest int232 or\n * greater than largest int232).\n *\n * Counterpart to Solidity's `int232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n *\n * _Available since v4.7._\n */\n function toInt232(int256 value) internal pure returns (int232 downcasted) {\n downcasted = int232(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 232 bits\");\n }\n\n /**\n * @dev Returns the downcasted int224 from int256, reverting on\n * overflow (when the input is less than smallest int224 or\n * greater than largest int224).\n *\n * Counterpart to Solidity's `int224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n *\n * _Available since v4.7._\n */\n function toInt224(int256 value) internal pure returns (int224 downcasted) {\n downcasted = int224(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 224 bits\");\n }\n\n /**\n * @dev Returns the downcasted int216 from int256, reverting on\n * overflow (when the input is less than smallest int216 or\n * greater than largest int216).\n *\n * Counterpart to Solidity's `int216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n *\n * _Available since v4.7._\n */\n function toInt216(int256 value) internal pure returns (int216 downcasted) {\n downcasted = int216(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 216 bits\");\n }\n\n /**\n * @dev Returns the downcasted int208 from int256, reverting on\n * overflow (when the input is less than smallest int208 or\n * greater than largest int208).\n *\n * Counterpart to Solidity's `int208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n *\n * _Available since v4.7._\n */\n function toInt208(int256 value) internal pure returns (int208 downcasted) {\n downcasted = int208(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 208 bits\");\n }\n\n /**\n * @dev Returns the downcasted int200 from int256, reverting on\n * overflow (when the input is less than smallest int200 or\n * greater than largest int200).\n *\n * Counterpart to Solidity's `int200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n *\n * _Available since v4.7._\n */\n function toInt200(int256 value) internal pure returns (int200 downcasted) {\n downcasted = int200(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 200 bits\");\n }\n\n /**\n * @dev Returns the downcasted int192 from int256, reverting on\n * overflow (when the input is less than smallest int192 or\n * greater than largest int192).\n *\n * Counterpart to Solidity's `int192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n *\n * _Available since v4.7._\n */\n function toInt192(int256 value) internal pure returns (int192 downcasted) {\n downcasted = int192(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 192 bits\");\n }\n\n /**\n * @dev Returns the downcasted int184 from int256, reverting on\n * overflow (when the input is less than smallest int184 or\n * greater than largest int184).\n *\n * Counterpart to Solidity's `int184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n *\n * _Available since v4.7._\n */\n function toInt184(int256 value) internal pure returns (int184 downcasted) {\n downcasted = int184(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 184 bits\");\n }\n\n /**\n * @dev Returns the downcasted int176 from int256, reverting on\n * overflow (when the input is less than smallest int176 or\n * greater than largest int176).\n *\n * Counterpart to Solidity's `int176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n *\n * _Available since v4.7._\n */\n function toInt176(int256 value) internal pure returns (int176 downcasted) {\n downcasted = int176(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 176 bits\");\n }\n\n /**\n * @dev Returns the downcasted int168 from int256, reverting on\n * overflow (when the input is less than smallest int168 or\n * greater than largest int168).\n *\n * Counterpart to Solidity's `int168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n *\n * _Available since v4.7._\n */\n function toInt168(int256 value) internal pure returns (int168 downcasted) {\n downcasted = int168(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 168 bits\");\n }\n\n /**\n * @dev Returns the downcasted int160 from int256, reverting on\n * overflow (when the input is less than smallest int160 or\n * greater than largest int160).\n *\n * Counterpart to Solidity's `int160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n *\n * _Available since v4.7._\n */\n function toInt160(int256 value) internal pure returns (int160 downcasted) {\n downcasted = int160(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 160 bits\");\n }\n\n /**\n * @dev Returns the downcasted int152 from int256, reverting on\n * overflow (when the input is less than smallest int152 or\n * greater than largest int152).\n *\n * Counterpart to Solidity's `int152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n *\n * _Available since v4.7._\n */\n function toInt152(int256 value) internal pure returns (int152 downcasted) {\n downcasted = int152(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 152 bits\");\n }\n\n /**\n * @dev Returns the downcasted int144 from int256, reverting on\n * overflow (when the input is less than smallest int144 or\n * greater than largest int144).\n *\n * Counterpart to Solidity's `int144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n *\n * _Available since v4.7._\n */\n function toInt144(int256 value) internal pure returns (int144 downcasted) {\n downcasted = int144(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 144 bits\");\n }\n\n /**\n * @dev Returns the downcasted int136 from int256, reverting on\n * overflow (when the input is less than smallest int136 or\n * greater than largest int136).\n *\n * Counterpart to Solidity's `int136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n *\n * _Available since v4.7._\n */\n function toInt136(int256 value) internal pure returns (int136 downcasted) {\n downcasted = int136(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 136 bits\");\n }\n\n /**\n * @dev Returns the downcasted int128 from int256, reverting on\n * overflow (when the input is less than smallest int128 or\n * greater than largest int128).\n *\n * Counterpart to Solidity's `int128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n *\n * _Available since v3.1._\n */\n function toInt128(int256 value) internal pure returns (int128 downcasted) {\n downcasted = int128(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 128 bits\");\n }\n\n /**\n * @dev Returns the downcasted int120 from int256, reverting on\n * overflow (when the input is less than smallest int120 or\n * greater than largest int120).\n *\n * Counterpart to Solidity's `int120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n *\n * _Available since v4.7._\n */\n function toInt120(int256 value) internal pure returns (int120 downcasted) {\n downcasted = int120(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 120 bits\");\n }\n\n /**\n * @dev Returns the downcasted int112 from int256, reverting on\n * overflow (when the input is less than smallest int112 or\n * greater than largest int112).\n *\n * Counterpart to Solidity's `int112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n *\n * _Available since v4.7._\n */\n function toInt112(int256 value) internal pure returns (int112 downcasted) {\n downcasted = int112(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 112 bits\");\n }\n\n /**\n * @dev Returns the downcasted int104 from int256, reverting on\n * overflow (when the input is less than smallest int104 or\n * greater than largest int104).\n *\n * Counterpart to Solidity's `int104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n *\n * _Available since v4.7._\n */\n function toInt104(int256 value) internal pure returns (int104 downcasted) {\n downcasted = int104(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 104 bits\");\n }\n\n /**\n * @dev Returns the downcasted int96 from int256, reverting on\n * overflow (when the input is less than smallest int96 or\n * greater than largest int96).\n *\n * Counterpart to Solidity's `int96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n *\n * _Available since v4.7._\n */\n function toInt96(int256 value) internal pure returns (int96 downcasted) {\n downcasted = int96(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 96 bits\");\n }\n\n /**\n * @dev Returns the downcasted int88 from int256, reverting on\n * overflow (when the input is less than smallest int88 or\n * greater than largest int88).\n *\n * Counterpart to Solidity's `int88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n *\n * _Available since v4.7._\n */\n function toInt88(int256 value) internal pure returns (int88 downcasted) {\n downcasted = int88(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 88 bits\");\n }\n\n /**\n * @dev Returns the downcasted int80 from int256, reverting on\n * overflow (when the input is less than smallest int80 or\n * greater than largest int80).\n *\n * Counterpart to Solidity's `int80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n *\n * _Available since v4.7._\n */\n function toInt80(int256 value) internal pure returns (int80 downcasted) {\n downcasted = int80(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 80 bits\");\n }\n\n /**\n * @dev Returns the downcasted int72 from int256, reverting on\n * overflow (when the input is less than smallest int72 or\n * greater than largest int72).\n *\n * Counterpart to Solidity's `int72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n *\n * _Available since v4.7._\n */\n function toInt72(int256 value) internal pure returns (int72 downcasted) {\n downcasted = int72(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 72 bits\");\n }\n\n /**\n * @dev Returns the downcasted int64 from int256, reverting on\n * overflow (when the input is less than smallest int64 or\n * greater than largest int64).\n *\n * Counterpart to Solidity's `int64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n *\n * _Available since v3.1._\n */\n function toInt64(int256 value) internal pure returns (int64 downcasted) {\n downcasted = int64(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 64 bits\");\n }\n\n /**\n * @dev Returns the downcasted int56 from int256, reverting on\n * overflow (when the input is less than smallest int56 or\n * greater than largest int56).\n *\n * Counterpart to Solidity's `int56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n *\n * _Available since v4.7._\n */\n function toInt56(int256 value) internal pure returns (int56 downcasted) {\n downcasted = int56(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 56 bits\");\n }\n\n /**\n * @dev Returns the downcasted int48 from int256, reverting on\n * overflow (when the input is less than smallest int48 or\n * greater than largest int48).\n *\n * Counterpart to Solidity's `int48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n *\n * _Available since v4.7._\n */\n function toInt48(int256 value) internal pure returns (int48 downcasted) {\n downcasted = int48(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 48 bits\");\n }\n\n /**\n * @dev Returns the downcasted int40 from int256, reverting on\n * overflow (when the input is less than smallest int40 or\n * greater than largest int40).\n *\n * Counterpart to Solidity's `int40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n *\n * _Available since v4.7._\n */\n function toInt40(int256 value) internal pure returns (int40 downcasted) {\n downcasted = int40(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 40 bits\");\n }\n\n /**\n * @dev Returns the downcasted int32 from int256, reverting on\n * overflow (when the input is less than smallest int32 or\n * greater than largest int32).\n *\n * Counterpart to Solidity's `int32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n *\n * _Available since v3.1._\n */\n function toInt32(int256 value) internal pure returns (int32 downcasted) {\n downcasted = int32(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 32 bits\");\n }\n\n /**\n * @dev Returns the downcasted int24 from int256, reverting on\n * overflow (when the input is less than smallest int24 or\n * greater than largest int24).\n *\n * Counterpart to Solidity's `int24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n *\n * _Available since v4.7._\n */\n function toInt24(int256 value) internal pure returns (int24 downcasted) {\n downcasted = int24(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 24 bits\");\n }\n\n /**\n * @dev Returns the downcasted int16 from int256, reverting on\n * overflow (when the input is less than smallest int16 or\n * greater than largest int16).\n *\n * Counterpart to Solidity's `int16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n *\n * _Available since v3.1._\n */\n function toInt16(int256 value) internal pure returns (int16 downcasted) {\n downcasted = int16(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 16 bits\");\n }\n\n /**\n * @dev Returns the downcasted int8 from int256, reverting on\n * overflow (when the input is less than smallest int8 or\n * greater than largest int8).\n *\n * Counterpart to Solidity's `int8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n *\n * _Available since v3.1._\n */\n function toInt8(int256 value) internal pure returns (int8 downcasted) {\n downcasted = int8(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 8 bits\");\n }\n\n /**\n * @dev Converts an unsigned uint256 into a signed int256.\n *\n * Requirements:\n *\n * - input must be less than or equal to maxInt256.\n *\n * _Available since v3.0._\n */\n function toInt256(uint256 value) internal pure returns (int256) {\n // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive\n require(value <= uint256(type(int256).max), \"SafeCast: value doesn't fit in an int256\");\n return int256(value);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IETHPOSDeposit.sol": { - "content": "// ┏━━━┓━┏┓━┏┓━━┏━━━┓━━┏━━━┓━━━━┏━━━┓━━━━━━━━━━━━━━━━━━━┏┓━━━━━┏━━━┓━━━━━━━━━┏┓━━━━━━━━━━━━━━┏┓━\n// ┃┏━━┛┏┛┗┓┃┃━━┃┏━┓┃━━┃┏━┓┃━━━━┗┓┏┓┃━━━━━━━━━━━━━━━━━━┏┛┗┓━━━━┃┏━┓┃━━━━━━━━┏┛┗┓━━━━━━━━━━━━┏┛┗┓\n// ┃┗━━┓┗┓┏┛┃┗━┓┗┛┏┛┃━━┃┃━┃┃━━━━━┃┃┃┃┏━━┓┏━━┓┏━━┓┏━━┓┏┓┗┓┏┛━━━━┃┃━┗┛┏━━┓┏━┓━┗┓┏┛┏━┓┏━━┓━┏━━┓┗┓┏┛\n// ┃┏━━┛━┃┃━┃┏┓┃┏━┛┏┛━━┃┃━┃┃━━━━━┃┃┃┃┃┏┓┃┃┏┓┃┃┏┓┃┃━━┫┣┫━┃┃━━━━━┃┃━┏┓┃┏┓┃┃┏┓┓━┃┃━┃┏┛┗━┓┃━┃┏━┛━┃┃━\n// ┃┗━━┓━┃┗┓┃┃┃┃┃┃┗━┓┏┓┃┗━┛┃━━━━┏┛┗┛┃┃┃━┫┃┗┛┃┃┗┛┃┣━━┃┃┃━┃┗┓━━━━┃┗━┛┃┃┗┛┃┃┃┃┃━┃┗┓┃┃━┃┗┛┗┓┃┗━┓━┃┗┓\n// ┗━━━┛━┗━┛┗┛┗┛┗━━━┛┗┛┗━━━┛━━━━┗━━━┛┗━━┛┃┏━┛┗━━┛┗━━┛┗┛━┗━┛━━━━┗━━━┛┗━━┛┗┛┗┛━┗━┛┗┛━┗━━━┛┗━━┛━┗━┛\n// ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┃┃━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n// ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┗┛━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n// SPDX-License-Identifier: CC0-1.0\n\npragma solidity >=0.5.0;\n\n// This interface is designed to be compatible with the Vyper version.\n/// @notice This is the Ethereum 2.0 deposit contract interface.\n/// For more information see the Phase 0 specification under https://github.com/ethereum/eth2.0-specs\ninterface IETHPOSDeposit {\n /// @notice A processed deposit event.\n event DepositEvent(bytes pubkey, bytes withdrawal_credentials, bytes amount, bytes signature, bytes index);\n\n /// @notice Submit a Phase 0 DepositData object.\n /// @param pubkey A BLS12-381 public key.\n /// @param withdrawal_credentials Commitment to a public key for withdrawals.\n /// @param signature A BLS12-381 signature.\n /// @param deposit_data_root The SHA-256 hash of the SSZ-encoded DepositData object.\n /// Used as a protection against malformed input.\n function deposit(\n bytes calldata pubkey,\n bytes calldata withdrawal_credentials,\n bytes calldata signature,\n bytes32 deposit_data_root\n ) external payable;\n\n /// @notice Query the current deposit root hash.\n /// @return The deposit root hash.\n function get_deposit_root() external view returns (bytes32);\n\n /// @notice Query the current deposit count.\n /// @return The deposit count encoded as a little endian 64-bit number.\n function get_deposit_count() external view returns (bytes memory);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IEigenPod.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\n\nimport \"../libraries/BeaconChainProofs.sol\";\nimport \"./IEigenPodManager.sol\";\n\ninterface IEigenPodErrors {\n /// @dev Thrown when msg.sender is not the EPM.\n error OnlyEigenPodManager();\n /// @dev Thrown when msg.sender is not the pod owner.\n error OnlyEigenPodOwner();\n /// @dev Thrown when msg.sender is not owner or the proof submitter.\n error OnlyEigenPodOwnerOrProofSubmitter();\n /// @dev Thrown when attempting an action that is currently paused.\n error CurrentlyPaused();\n\n /// Invalid Inputs\n\n /// @dev Thrown when an address of zero is provided.\n error InputAddressZero();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n /// @dev Thrown when `validatorPubKey` length is not equal to 48-bytes.\n error InvalidPubKeyLength();\n /// @dev Thrown when provided timestamp is out of range.\n error TimestampOutOfRange();\n\n /// Checkpoints\n\n /// @dev Thrown when no active checkpoints are found.\n error NoActiveCheckpoint();\n /// @dev Thrown if an uncompleted checkpoint exists.\n error CheckpointAlreadyActive();\n /// @dev Thrown if there's not a balance available to checkpoint.\n error NoBalanceToCheckpoint();\n /// @dev Thrown when attempting to create a checkpoint twice within a given block.\n error CannotCheckpointTwiceInSingleBlock();\n\n /// Withdrawing\n\n /// @dev Thrown when amount exceeds `restakedExecutionLayerGwei`.\n error InsufficientWithdrawableBalance();\n\n /// Validator Status\n\n /// @dev Thrown when a validator's withdrawal credentials have already been verified.\n error CredentialsAlreadyVerified();\n /// @dev Thrown if the provided proof is not valid for this EigenPod.\n error WithdrawalCredentialsNotForEigenPod();\n /// @dev Thrown when a validator is not in the ACTIVE status in the pod.\n error ValidatorNotActiveInPod();\n /// @dev Thrown when validator is not active yet on the beacon chain.\n error ValidatorInactiveOnBeaconChain();\n /// @dev Thrown if a validator is exiting the beacon chain.\n error ValidatorIsExitingBeaconChain();\n /// @dev Thrown when a validator has not been slashed on the beacon chain.\n error ValidatorNotSlashedOnBeaconChain();\n\n /// Misc\n\n /// @dev Thrown when an invalid block root is returned by the EIP-4788 oracle.\n error InvalidEIP4788Response();\n /// @dev Thrown when attempting to send an invalid amount to the beacon deposit contract.\n error MsgValueNot32ETH();\n /// @dev Thrown when provided `beaconTimestamp` is too far in the past.\n error BeaconTimestampTooFarInPast();\n}\n\ninterface IEigenPodTypes {\n enum VALIDATOR_STATUS {\n INACTIVE, // doesnt exist\n ACTIVE, // staked on ethpos and withdrawal credentials are pointed to the EigenPod\n WITHDRAWN // withdrawn from the Beacon Chain\n\n }\n\n struct ValidatorInfo {\n // index of the validator in the beacon chain\n uint64 validatorIndex;\n // amount of beacon chain ETH restaked on EigenLayer in gwei\n uint64 restakedBalanceGwei;\n //timestamp of the validator's most recent balance update\n uint64 lastCheckpointedAt;\n // status of the validator\n VALIDATOR_STATUS status;\n }\n\n struct Checkpoint {\n bytes32 beaconBlockRoot;\n uint24 proofsRemaining;\n uint64 podBalanceGwei;\n int64 balanceDeltasGwei;\n uint64 prevBeaconBalanceGwei;\n }\n}\n\ninterface IEigenPodEvents is IEigenPodTypes {\n /// @notice Emitted when an ETH validator stakes via this eigenPod\n event EigenPodStaked(bytes pubkey);\n\n /// @notice Emitted when a pod owner updates the proof submitter address\n event ProofSubmitterUpdated(address prevProofSubmitter, address newProofSubmitter);\n\n /// @notice Emitted when an ETH validator's withdrawal credentials are successfully verified to be pointed to this eigenPod\n event ValidatorRestaked(uint40 validatorIndex);\n\n /// @notice Emitted when an ETH validator's balance is proven to be updated. Here newValidatorBalanceGwei\n // is the validator's balance that is credited on EigenLayer.\n event ValidatorBalanceUpdated(uint40 validatorIndex, uint64 balanceTimestamp, uint64 newValidatorBalanceGwei);\n\n /// @notice Emitted when restaked beacon chain ETH is withdrawn from the eigenPod.\n event RestakedBeaconChainETHWithdrawn(address indexed recipient, uint256 amount);\n\n /// @notice Emitted when ETH is received via the `receive` fallback\n event NonBeaconChainETHReceived(uint256 amountReceived);\n\n /// @notice Emitted when a checkpoint is created\n event CheckpointCreated(\n uint64 indexed checkpointTimestamp, bytes32 indexed beaconBlockRoot, uint256 validatorCount\n );\n\n /// @notice Emitted when a checkpoint is finalized\n event CheckpointFinalized(uint64 indexed checkpointTimestamp, int256 totalShareDeltaWei);\n\n /// @notice Emitted when a validator is proven for a given checkpoint\n event ValidatorCheckpointed(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex);\n\n /// @notice Emitted when a validaor is proven to have 0 balance at a given checkpoint\n event ValidatorWithdrawn(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex);\n}\n\n/**\n * @title The implementation contract used for restaking beacon chain ETH on EigenLayer\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @dev Note that all beacon chain balances are stored as gwei within the beacon chain datastructures. We choose\n * to account balances in terms of gwei in the EigenPod contract and convert to wei when making calls to other contracts\n */\ninterface IEigenPod is IEigenPodErrors, IEigenPodEvents {\n /// @notice Used to initialize the pointers to contracts crucial to the pod's functionality, in beacon proxy construction from EigenPodManager\n function initialize(\n address owner\n ) external;\n\n /// @notice Called by EigenPodManager when the owner wants to create another ETH validator.\n function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable;\n\n /**\n * @notice Transfers `amountWei` in ether from this contract to the specified `recipient` address\n * @notice Called by EigenPodManager to withdrawBeaconChainETH that has been added to the EigenPod's balance due to a withdrawal from the beacon chain.\n * @dev The podOwner must have already proved sufficient withdrawals, so that this pod's `restakedExecutionLayerGwei` exceeds the\n * `amountWei` input (when converted to GWEI).\n * @dev Reverts if `amountWei` is not a whole Gwei amount\n */\n function withdrawRestakedBeaconChainETH(address recipient, uint256 amount) external;\n\n /**\n * @dev Create a checkpoint used to prove this pod's active validator set. Checkpoints are completed\n * by submitting one checkpoint proof per ACTIVE validator. During the checkpoint process, the total\n * change in ACTIVE validator balance is tracked, and any validators with 0 balance are marked `WITHDRAWN`.\n * @dev Once finalized, the pod owner is awarded shares corresponding to:\n * - the total change in their ACTIVE validator balances\n * - any ETH in the pod not already awarded shares\n * @dev A checkpoint cannot be created if the pod already has an outstanding checkpoint. If\n * this is the case, the pod owner MUST complete the existing checkpoint before starting a new one.\n * @param revertIfNoBalance Forces a revert if the pod ETH balance is 0. This allows the pod owner\n * to prevent accidentally starting a checkpoint that will not increase their shares\n */\n function startCheckpoint(\n bool revertIfNoBalance\n ) external;\n\n /**\n * @dev Progress the current checkpoint towards completion by submitting one or more validator\n * checkpoint proofs. Anyone can call this method to submit proofs towards the current checkpoint.\n * For each validator proven, the current checkpoint's `proofsRemaining` decreases.\n * @dev If the checkpoint's `proofsRemaining` reaches 0, the checkpoint is finalized.\n * (see `_updateCheckpoint` for more details)\n * @dev This method can only be called when there is a currently-active checkpoint.\n * @param balanceContainerProof proves the beacon's current balance container root against a checkpoint's `beaconBlockRoot`\n * @param proofs Proofs for one or more validator current balances against the `balanceContainerRoot`\n */\n function verifyCheckpointProofs(\n BeaconChainProofs.BalanceContainerProof calldata balanceContainerProof,\n BeaconChainProofs.BalanceProof[] calldata proofs\n ) external;\n\n /**\n * @dev Verify one or more validators have their withdrawal credentials pointed at this EigenPod, and award\n * shares based on their effective balance. Proven validators are marked `ACTIVE` within the EigenPod, and\n * future checkpoint proofs will need to include them.\n * @dev Withdrawal credential proofs MUST NOT be older than `currentCheckpointTimestamp`.\n * @dev Validators proven via this method MUST NOT have an exit epoch set already.\n * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds\n * to the parent beacon block root against which the proof is verified.\n * @param stateRootProof proves a beacon state root against a beacon block root\n * @param validatorIndices a list of validator indices being proven\n * @param validatorFieldsProofs proofs of each validator's `validatorFields` against the beacon state root\n * @param validatorFields the fields of the beacon chain \"Validator\" container. See consensus specs for\n * details: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator\n */\n function verifyWithdrawalCredentials(\n uint64 beaconTimestamp,\n BeaconChainProofs.StateRootProof calldata stateRootProof,\n uint40[] calldata validatorIndices,\n bytes[] calldata validatorFieldsProofs,\n bytes32[][] calldata validatorFields\n ) external;\n\n /**\n * @dev Prove that one of this pod's active validators was slashed on the beacon chain. A successful\n * staleness proof allows the caller to start a checkpoint.\n *\n * @dev Note that in order to start a checkpoint, any existing checkpoint must already be completed!\n * (See `_startCheckpoint` for details)\n *\n * @dev Note that this method allows anyone to start a checkpoint as soon as a slashing occurs on the beacon\n * chain. This is intended to make it easier to external watchers to keep a pod's balance up to date.\n *\n * @dev Note too that beacon chain slashings are not instant. There is a delay between the initial slashing event\n * and the validator's final exit back to the execution layer. During this time, the validator's balance may or\n * may not drop further due to a correlation penalty. This method allows proof of a slashed validator\n * to initiate a checkpoint for as long as the validator remains on the beacon chain. Once the validator\n * has exited and been checkpointed at 0 balance, they are no longer \"checkpoint-able\" and cannot be proven\n * \"stale\" via this method.\n * See https://eth2book.info/capella/part3/transition/epoch/#slashings for more info.\n *\n * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds\n * to the parent beacon block root against which the proof is verified.\n * @param stateRootProof proves a beacon state root against a beacon block root\n * @param proof the fields of the beacon chain \"Validator\" container, along with a merkle proof against\n * the beacon state root. See the consensus specs for more details:\n * https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator\n *\n * @dev Staleness conditions:\n * - Validator's last checkpoint is older than `beaconTimestamp`\n * - Validator MUST be in `ACTIVE` status in the pod\n * - Validator MUST be slashed on the beacon chain\n */\n function verifyStaleBalance(\n uint64 beaconTimestamp,\n BeaconChainProofs.StateRootProof calldata stateRootProof,\n BeaconChainProofs.ValidatorProof calldata proof\n ) external;\n\n /// @notice called by owner of a pod to remove any ERC20s deposited in the pod\n function recoverTokens(IERC20[] memory tokenList, uint256[] memory amountsToWithdraw, address recipient) external;\n\n /// @notice Allows the owner of a pod to update the proof submitter, a permissioned\n /// address that can call `startCheckpoint` and `verifyWithdrawalCredentials`.\n /// @dev Note that EITHER the podOwner OR proofSubmitter can access these methods,\n /// so it's fine to set your proofSubmitter to 0 if you want the podOwner to be the\n /// only address that can call these methods.\n /// @param newProofSubmitter The new proof submitter address. If set to 0, only the\n /// pod owner will be able to call `startCheckpoint` and `verifyWithdrawalCredentials`\n function setProofSubmitter(\n address newProofSubmitter\n ) external;\n\n /**\n *\n * VIEW METHODS\n *\n */\n\n /// @notice An address with permissions to call `startCheckpoint` and `verifyWithdrawalCredentials`, set\n /// by the podOwner. This role exists to allow a podOwner to designate a hot wallet that can call\n /// these methods, allowing the podOwner to remain a cold wallet that is only used to manage funds.\n /// @dev If this address is NOT set, only the podOwner can call `startCheckpoint` and `verifyWithdrawalCredentials`\n function proofSubmitter() external view returns (address);\n\n /// @notice the amount of execution layer ETH in this contract that is staked in EigenLayer (i.e. withdrawn from beaconchain but not EigenLayer),\n function withdrawableRestakedExecutionLayerGwei() external view returns (uint64);\n\n /// @notice The single EigenPodManager for EigenLayer\n function eigenPodManager() external view returns (IEigenPodManager);\n\n /// @notice The owner of this EigenPod\n function podOwner() external view returns (address);\n\n /// @notice Returns the validatorInfo struct for the provided pubkeyHash\n function validatorPubkeyHashToInfo(\n bytes32 validatorPubkeyHash\n ) external view returns (ValidatorInfo memory);\n\n /// @notice Returns the validatorInfo struct for the provided pubkey\n function validatorPubkeyToInfo(\n bytes calldata validatorPubkey\n ) external view returns (ValidatorInfo memory);\n\n /// @notice This returns the status of a given validator\n function validatorStatus(\n bytes32 pubkeyHash\n ) external view returns (VALIDATOR_STATUS);\n\n /// @notice This returns the status of a given validator pubkey\n function validatorStatus(\n bytes calldata validatorPubkey\n ) external view returns (VALIDATOR_STATUS);\n\n /// @notice Number of validators with proven withdrawal credentials, who do not have proven full withdrawals\n function activeValidatorCount() external view returns (uint256);\n\n /// @notice The timestamp of the last checkpoint finalized\n function lastCheckpointTimestamp() external view returns (uint64);\n\n /// @notice The timestamp of the currently-active checkpoint. Will be 0 if there is not active checkpoint\n function currentCheckpointTimestamp() external view returns (uint64);\n\n /// @notice Returns the currently-active checkpoint\n function currentCheckpoint() external view returns (Checkpoint memory);\n\n /// @notice For each checkpoint, the total balance attributed to exited validators, in gwei\n ///\n /// NOTE that the values added to this mapping are NOT guaranteed to capture the entirety of a validator's\n /// exit - rather, they capture the total change in a validator's balance when a checkpoint shows their\n /// balance change from nonzero to zero. While a change from nonzero to zero DOES guarantee that a validator\n /// has been fully exited, it is possible that the magnitude of this change does not capture what is\n /// typically thought of as a \"full exit.\"\n ///\n /// For example:\n /// 1. Consider a validator was last checkpointed at 32 ETH before exiting. Once the exit has been processed,\n /// it is expected that the validator's exited balance is calculated to be `32 ETH`.\n /// 2. However, before `startCheckpoint` is called, a deposit is made to the validator for 1 ETH. The beacon\n /// chain will automatically withdraw this ETH, but not until the withdrawal sweep passes over the validator\n /// again. Until this occurs, the validator's current balance (used for checkpointing) is 1 ETH.\n /// 3. If `startCheckpoint` is called at this point, the balance delta calculated for this validator will be\n /// `-31 ETH`, and because the validator has a nonzero balance, it is not marked WITHDRAWN.\n /// 4. After the exit is processed by the beacon chain, a subsequent `startCheckpoint` and checkpoint proof\n /// will calculate a balance delta of `-1 ETH` and attribute a 1 ETH exit to the validator.\n ///\n /// If this edge case impacts your usecase, it should be possible to mitigate this by monitoring for deposits\n /// to your exited validators, and waiting to call `startCheckpoint` until those deposits have been automatically\n /// exited.\n ///\n /// Additional edge cases this mapping does not cover:\n /// - If a validator is slashed, their balance exited will reflect their original balance rather than the slashed amount\n /// - The final partial withdrawal for an exited validator will be likely be included in this mapping.\n /// i.e. if a validator was last checkpointed at 32.1 ETH before exiting, the next checkpoint will calculate their\n /// \"exited\" amount to be 32.1 ETH rather than 32 ETH.\n function checkpointBalanceExitedGwei(\n uint64\n ) external view returns (uint64);\n\n /// @notice Query the 4788 oracle to get the parent block root of the slot with the given `timestamp`\n /// @param timestamp of the block for which the parent block root will be returned. MUST correspond\n /// to an existing slot within the last 24 hours. If the slot at `timestamp` was skipped, this method\n /// will revert.\n function getParentBlockRoot(\n uint64 timestamp\n ) external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IPausable.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"../interfaces/IPauserRegistry.sol\";\n\n/**\n * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions.\n * These functions should be permissioned as \"onlyPauser\" which defers to a `PauserRegistry` for determining access control.\n * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality.\n * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code.\n * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka \"paused\"), and if you unpause,\n * you can only flip (any number of) switches to off/0 (aka \"paused\").\n * If you want a pauseXYZ function that just flips a single bit / \"pausing flag\", it will:\n * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256)\n * 2) update the paused state to this new value\n * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3`\n * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused\n */\ninterface IPausable {\n /// @dev Thrown when caller is not pauser.\n error OnlyPauser();\n /// @dev Thrown when caller is not unpauser.\n error OnlyUnpauser();\n /// @dev Thrown when currently paused.\n error CurrentlyPaused();\n /// @dev Thrown when invalid `newPausedStatus` is provided.\n error InvalidNewPausedStatus();\n /// @dev Thrown when a null address input is provided.\n error InputAddressZero();\n\n /// @notice Emitted when the pause is triggered by `account`, and changed to `newPausedStatus`.\n event Paused(address indexed account, uint256 newPausedStatus);\n\n /// @notice Emitted when the pause is lifted by `account`, and changed to `newPausedStatus`.\n event Unpaused(address indexed account, uint256 newPausedStatus);\n\n /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing).\n function pauserRegistry() external view returns (IPauserRegistry);\n\n /**\n * @notice This function is used to pause an EigenLayer contract's functionality.\n * It is permissioned to the `pauser` address, which is expected to be a low threshold multisig.\n * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once.\n * @dev This function can only pause functionality, and thus cannot 'unflip' any bit in `_paused` from 1 to 0.\n */\n function pause(\n uint256 newPausedStatus\n ) external;\n\n /**\n * @notice Alias for `pause(type(uint256).max)`.\n */\n function pauseAll() external;\n\n /**\n * @notice This function is used to unpause an EigenLayer contract's functionality.\n * It is permissioned to the `unpauser` address, which is expected to be a high threshold multisig or governance contract.\n * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once.\n * @dev This function can only unpause functionality, and thus cannot 'flip' any bit in `_paused` from 0 to 1.\n */\n function unpause(\n uint256 newPausedStatus\n ) external;\n\n /// @notice Returns the current paused status as a uint256.\n function paused() external view returns (uint256);\n\n /// @notice Returns 'true' if the `indexed`th bit of `_paused` is 1, and 'false' otherwise\n function paused(\n uint8 index\n ) external view returns (bool);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Errors.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Collection of common custom errors used in multiple contracts\n *\n * IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.\n * It is recommended to avoid relying on the error API for critical functionality.\n *\n * _Available since v5.1._\n */\nlibrary Errors {\n /**\n * @dev The ETH balance of the account is not enough to perform the operation.\n */\n error InsufficientBalance(uint256 balance, uint256 needed);\n\n /**\n * @dev A call to an address target failed. The target may have reverted.\n */\n error FailedCall();\n\n /**\n * @dev The deployment failed.\n */\n error FailedDeployment();\n\n /**\n * @dev A necessary precompile is missing.\n */\n error MissingPrecompile(address);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/BeaconChainProofs.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\n\npragma solidity ^0.8.0;\n\nimport \"./Merkle.sol\";\nimport \"../libraries/Endian.sol\";\n\n//Utility library for parsing and PHASE0 beacon chain block headers\n//SSZ Spec: https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md#merkleization\n//BeaconBlockHeader Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader\n//BeaconState Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconstate\nlibrary BeaconChainProofs {\n /// @dev Thrown when a proof is invalid.\n error InvalidProof();\n /// @dev Thrown when a proof with an invalid length is provided.\n error InvalidProofLength();\n /// @dev Thrown when a validator fields length is invalid.\n error InvalidValidatorFieldsLength();\n\n /// @notice Heights of various merkle trees in the beacon chain\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// validatorContainerRoot, balanceContainerRoot\n /// | | HEIGHT: BALANCE_TREE_HEIGHT\n /// | individual balances\n /// | HEIGHT: VALIDATOR_TREE_HEIGHT\n /// individual validators\n uint256 internal constant BEACON_BLOCK_HEADER_TREE_HEIGHT = 3;\n uint256 internal constant BEACON_STATE_TREE_HEIGHT = 5;\n uint256 internal constant BALANCE_TREE_HEIGHT = 38;\n uint256 internal constant VALIDATOR_TREE_HEIGHT = 40;\n\n /// @notice Index of the beaconStateRoot in the `BeaconBlockHeader` container\n ///\n /// BeaconBlockHeader = [..., state_root, ...]\n /// 0... 3\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader)\n uint256 internal constant STATE_ROOT_INDEX = 3;\n\n /// @notice Indices for fields in the `BeaconState` container\n ///\n /// BeaconState = [..., validators, balances, ...]\n /// 0... 11 12\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/capella/beacon-chain.md#beaconstate)\n uint256 internal constant VALIDATOR_CONTAINER_INDEX = 11;\n uint256 internal constant BALANCE_CONTAINER_INDEX = 12;\n\n /// @notice Number of fields in the `Validator` container\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator)\n uint256 internal constant VALIDATOR_FIELDS_LENGTH = 8;\n\n /// @notice Indices for fields in the `Validator` container\n uint256 internal constant VALIDATOR_PUBKEY_INDEX = 0;\n uint256 internal constant VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX = 1;\n uint256 internal constant VALIDATOR_BALANCE_INDEX = 2;\n uint256 internal constant VALIDATOR_SLASHED_INDEX = 3;\n uint256 internal constant VALIDATOR_ACTIVATION_EPOCH_INDEX = 5;\n uint256 internal constant VALIDATOR_EXIT_EPOCH_INDEX = 6;\n\n /// @notice Slot/Epoch timings\n uint64 internal constant SECONDS_PER_SLOT = 12;\n uint64 internal constant SLOTS_PER_EPOCH = 32;\n uint64 internal constant SECONDS_PER_EPOCH = SLOTS_PER_EPOCH * SECONDS_PER_SLOT;\n\n /// @notice `FAR_FUTURE_EPOCH` is used as the default value for certain `Validator`\n /// fields when a `Validator` is first created on the beacon chain\n uint64 internal constant FAR_FUTURE_EPOCH = type(uint64).max;\n bytes8 internal constant UINT64_MASK = 0xffffffffffffffff;\n\n /// @notice Contains a beacon state root and a merkle proof verifying its inclusion under a beacon block root\n struct StateRootProof {\n bytes32 beaconStateRoot;\n bytes proof;\n }\n\n /// @notice Contains a validator's fields and a merkle proof of their inclusion under a beacon state root\n struct ValidatorProof {\n bytes32[] validatorFields;\n bytes proof;\n }\n\n /// @notice Contains a beacon balance container root and a proof of this root under a beacon block root\n struct BalanceContainerProof {\n bytes32 balanceContainerRoot;\n bytes proof;\n }\n\n /// @notice Contains a validator balance root and a proof of its inclusion under a balance container root\n struct BalanceProof {\n bytes32 pubkeyHash;\n bytes32 balanceRoot;\n bytes proof;\n }\n\n /**\n *\n * VALIDATOR FIELDS -> BEACON STATE ROOT -> BEACON BLOCK ROOT\n *\n */\n\n /// @notice Verify a merkle proof of the beacon state root against a beacon block root\n /// @param beaconBlockRoot merkle root of the beacon block\n /// @param proof the beacon state root and merkle proof of its inclusion under `beaconBlockRoot`\n function verifyStateRoot(bytes32 beaconBlockRoot, StateRootProof calldata proof) internal view {\n require(proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT), InvalidProofLength());\n\n /// This merkle proof verifies the `beaconStateRoot` under the `beaconBlockRoot`\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: beaconBlockRoot,\n leaf: proof.beaconStateRoot,\n index: STATE_ROOT_INDEX\n }),\n InvalidProof()\n );\n }\n\n /// @notice Verify a merkle proof of a validator container against a `beaconStateRoot`\n /// @dev This proof starts at a validator's container root, proves through the validator container root,\n /// and continues proving to the root of the `BeaconState`\n /// @dev See https://eth2book.info/capella/part3/containers/dependencies/#validator for info on `Validator` containers\n /// @dev See https://eth2book.info/capella/part3/containers/state/#beaconstate for info on `BeaconState` containers\n /// @param beaconStateRoot merkle root of the `BeaconState` container\n /// @param validatorFields an individual validator's fields. These are merklized to form a `validatorRoot`,\n /// which is used as the leaf to prove against `beaconStateRoot`\n /// @param validatorFieldsProof a merkle proof of inclusion of `validatorFields` under `beaconStateRoot`\n /// @param validatorIndex the validator's unique index\n function verifyValidatorFields(\n bytes32 beaconStateRoot,\n bytes32[] calldata validatorFields,\n bytes calldata validatorFieldsProof,\n uint40 validatorIndex\n ) internal view {\n require(validatorFields.length == VALIDATOR_FIELDS_LENGTH, InvalidValidatorFieldsLength());\n\n /// Note: the reason we use `VALIDATOR_TREE_HEIGHT + 1` here is because the merklization process for\n /// this container includes hashing the root of the validator tree with the length of the validator list\n require(\n validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + BEACON_STATE_TREE_HEIGHT),\n InvalidProofLength()\n );\n\n // Merkleize `validatorFields` to get the leaf to prove\n bytes32 validatorRoot = Merkle.merkleizeSha256(validatorFields);\n\n /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees:\n /// - beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// -- validatorContainerRoot\n /// | HEIGHT: VALIDATOR_TREE_HEIGHT + 1\n /// ---- validatorRoot\n uint256 index = (VALIDATOR_CONTAINER_INDEX << (VALIDATOR_TREE_HEIGHT + 1)) | uint256(validatorIndex);\n\n require(\n Merkle.verifyInclusionSha256({\n proof: validatorFieldsProof,\n root: beaconStateRoot,\n leaf: validatorRoot,\n index: index\n }),\n InvalidProof()\n );\n }\n\n /**\n *\n * VALIDATOR BALANCE -> BALANCE CONTAINER ROOT -> BEACON BLOCK ROOT\n *\n */\n\n /// @notice Verify a merkle proof of the beacon state's balances container against the beacon block root\n /// @dev This proof starts at the balance container root, proves through the beacon state root, and\n /// continues proving through the beacon block root. As a result, this proof will contain elements\n /// of a `StateRootProof` under the same block root, with the addition of proving the balances field\n /// within the beacon state.\n /// @dev This is used to make checkpoint proofs more efficient, as a checkpoint will verify multiple balances\n /// against the same balance container root.\n /// @param beaconBlockRoot merkle root of the beacon block\n /// @param proof a beacon balance container root and merkle proof of its inclusion under `beaconBlockRoot`\n function verifyBalanceContainer(bytes32 beaconBlockRoot, BalanceContainerProof calldata proof) internal view {\n require(\n proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT + BEACON_STATE_TREE_HEIGHT),\n InvalidProofLength()\n );\n\n /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees:\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// ---- balancesContainerRoot\n uint256 index = (STATE_ROOT_INDEX << (BEACON_STATE_TREE_HEIGHT)) | BALANCE_CONTAINER_INDEX;\n\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: beaconBlockRoot,\n leaf: proof.balanceContainerRoot,\n index: index\n }),\n InvalidProof()\n );\n }\n\n /// @notice Verify a merkle proof of a validator's balance against the beacon state's `balanceContainerRoot`\n /// @param balanceContainerRoot the merkle root of all validators' current balances\n /// @param validatorIndex the index of the validator whose balance we are proving\n /// @param proof the validator's associated balance root and a merkle proof of inclusion under `balanceContainerRoot`\n /// @return validatorBalanceGwei the validator's current balance (in gwei)\n function verifyValidatorBalance(\n bytes32 balanceContainerRoot,\n uint40 validatorIndex,\n BalanceProof calldata proof\n ) internal view returns (uint64 validatorBalanceGwei) {\n /// Note: the reason we use `BALANCE_TREE_HEIGHT + 1` here is because the merklization process for\n /// this container includes hashing the root of the balances tree with the length of the balances list\n require(proof.proof.length == 32 * (BALANCE_TREE_HEIGHT + 1), InvalidProofLength());\n\n /// When merkleized, beacon chain balances are combined into groups of 4 called a `balanceRoot`. The merkle\n /// proof here verifies that this validator's `balanceRoot` is included in the `balanceContainerRoot`\n /// - balanceContainerRoot\n /// | HEIGHT: BALANCE_TREE_HEIGHT\n /// -- balanceRoot\n uint256 balanceIndex = uint256(validatorIndex / 4);\n\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: balanceContainerRoot,\n leaf: proof.balanceRoot,\n index: balanceIndex\n }),\n InvalidProof()\n );\n\n /// Extract the individual validator's balance from the `balanceRoot`\n return getBalanceAtIndex(proof.balanceRoot, validatorIndex);\n }\n\n /**\n * @notice Parses a balanceRoot to get the uint64 balance of a validator.\n * @dev During merkleization of the beacon state balance tree, four uint64 values are treated as a single\n * leaf in the merkle tree. We use validatorIndex % 4 to determine which of the four uint64 values to\n * extract from the balanceRoot.\n * @param balanceRoot is the combination of 4 validator balances being proven for\n * @param validatorIndex is the index of the validator being proven for\n * @return The validator's balance, in Gwei\n */\n function getBalanceAtIndex(bytes32 balanceRoot, uint40 validatorIndex) internal pure returns (uint64) {\n uint256 bitShiftAmount = (validatorIndex % 4) * 64;\n return Endian.fromLittleEndianUint64(bytes32((uint256(balanceRoot) << bitShiftAmount)));\n }\n\n /// @notice Indices for fields in the `Validator` container:\n /// 0: pubkey\n /// 1: withdrawal credentials\n /// 2: effective balance\n /// 3: slashed?\n /// 4: activation eligibility epoch\n /// 5: activation epoch\n /// 6: exit epoch\n /// 7: withdrawable epoch\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator)\n\n /// @dev Retrieves a validator's pubkey hash\n function getPubkeyHash(\n bytes32[] memory validatorFields\n ) internal pure returns (bytes32) {\n return validatorFields[VALIDATOR_PUBKEY_INDEX];\n }\n\n /// @dev Retrieves a validator's withdrawal credentials\n function getWithdrawalCredentials(\n bytes32[] memory validatorFields\n ) internal pure returns (bytes32) {\n return validatorFields[VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX];\n }\n\n /// @dev Retrieves a validator's effective balance (in gwei)\n function getEffectiveBalanceGwei(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_BALANCE_INDEX]);\n }\n\n /// @dev Retrieves a validator's activation epoch\n function getActivationEpoch(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_ACTIVATION_EPOCH_INDEX]);\n }\n\n /// @dev Retrieves true IFF a validator is marked slashed\n function isValidatorSlashed(\n bytes32[] memory validatorFields\n ) internal pure returns (bool) {\n return validatorFields[VALIDATOR_SLASHED_INDEX] != 0;\n }\n\n /// @dev Retrieves a validator's exit epoch\n function getExitEpoch(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_EXIT_EPOCH_INDEX]);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/Merkle.sol": { - "content": "// SPDX-License-Identifier: MIT\n// Adapted from OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev These functions deal with verification of Merkle Tree proofs.\n *\n * The tree and the proofs can be generated using our\n * https://github.com/OpenZeppelin/merkle-tree[JavaScript library].\n * You will find a quickstart guide in the readme.\n *\n * WARNING: You should avoid using leaf values that are 64 bytes long prior to\n * hashing, or use a hash function other than keccak256 for hashing leaves.\n * This is because the concatenation of a sorted pair of internal nodes in\n * the merkle tree could be reinterpreted as a leaf value.\n * OpenZeppelin's JavaScript library generates merkle trees that are safe\n * against this attack out of the box.\n */\nlibrary Merkle {\n error InvalidProofLength();\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * Note this is for a Merkle tree using the keccak/sha3 hash function\n */\n function verifyInclusionKeccak(\n bytes memory proof,\n bytes32 root,\n bytes32 leaf,\n uint256 index\n ) internal pure returns (bool) {\n return processInclusionProofKeccak(proof, leaf, index) == root;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n * @dev If the proof length is 0 then the leaf hash is returned.\n *\n * _Available since v4.4._\n *\n * Note this is for a Merkle tree using the keccak/sha3 hash function\n */\n function processInclusionProofKeccak(\n bytes memory proof,\n bytes32 leaf,\n uint256 index\n ) internal pure returns (bytes32) {\n require(proof.length % 32 == 0, InvalidProofLength());\n bytes32 computedHash = leaf;\n for (uint256 i = 32; i <= proof.length; i += 32) {\n if (index % 2 == 0) {\n // if ith bit of index is 0, then computedHash is a left sibling\n assembly {\n mstore(0x00, computedHash)\n mstore(0x20, mload(add(proof, i)))\n computedHash := keccak256(0x00, 0x40)\n index := div(index, 2)\n }\n } else {\n // if ith bit of index is 1, then computedHash is a right sibling\n assembly {\n mstore(0x00, mload(add(proof, i)))\n mstore(0x20, computedHash)\n computedHash := keccak256(0x00, 0x40)\n index := div(index, 2)\n }\n }\n }\n return computedHash;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * Note this is for a Merkle tree using the sha256 hash function\n */\n function verifyInclusionSha256(\n bytes memory proof,\n bytes32 root,\n bytes32 leaf,\n uint256 index\n ) internal view returns (bool) {\n return processInclusionProofSha256(proof, leaf, index) == root;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * _Available since v4.4._\n *\n * Note this is for a Merkle tree using the sha256 hash function\n */\n function processInclusionProofSha256(\n bytes memory proof,\n bytes32 leaf,\n uint256 index\n ) internal view returns (bytes32) {\n require(proof.length != 0 && proof.length % 32 == 0, InvalidProofLength());\n bytes32[1] memory computedHash = [leaf];\n for (uint256 i = 32; i <= proof.length; i += 32) {\n if (index % 2 == 0) {\n // if ith bit of index is 0, then computedHash is a left sibling\n assembly {\n mstore(0x00, mload(computedHash))\n mstore(0x20, mload(add(proof, i)))\n if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) }\n index := div(index, 2)\n }\n } else {\n // if ith bit of index is 1, then computedHash is a right sibling\n assembly {\n mstore(0x00, mload(add(proof, i)))\n mstore(0x20, mload(computedHash))\n if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) }\n index := div(index, 2)\n }\n }\n }\n return computedHash[0];\n }\n\n /**\n * @notice this function returns the merkle root of a tree created from a set of leaves using sha256 as its hash function\n * @param leaves the leaves of the merkle tree\n * @return The computed Merkle root of the tree.\n * @dev A pre-condition to this function is that leaves.length is a power of two. If not, the function will merkleize the inputs incorrectly.\n */\n function merkleizeSha256(\n bytes32[] memory leaves\n ) internal pure returns (bytes32) {\n //there are half as many nodes in the layer above the leaves\n uint256 numNodesInLayer = leaves.length / 2;\n //create a layer to store the internal nodes\n bytes32[] memory layer = new bytes32[](numNodesInLayer);\n //fill the layer with the pairwise hashes of the leaves\n for (uint256 i = 0; i < numNodesInLayer; i++) {\n layer[i] = sha256(abi.encodePacked(leaves[2 * i], leaves[2 * i + 1]));\n }\n //the next layer above has half as many nodes\n numNodesInLayer /= 2;\n //while we haven't computed the root\n while (numNodesInLayer != 0) {\n //overwrite the first numNodesInLayer nodes in layer with the pairwise hashes of their children\n for (uint256 i = 0; i < numNodesInLayer; i++) {\n layer[i] = sha256(abi.encodePacked(layer[2 * i], layer[2 * i + 1]));\n }\n //the next layer above has half as many nodes\n numNodesInLayer /= 2;\n }\n //the first node in the layer is the root\n return layer[0];\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/Endian.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.0;\n\nlibrary Endian {\n /**\n * @notice Converts a little endian-formatted uint64 to a big endian-formatted uint64\n * @param lenum little endian-formatted uint64 input, provided as 'bytes32' type\n * @return n The big endian-formatted uint64\n * @dev Note that the input is formatted as a 'bytes32' type (i.e. 256 bits), but it is immediately truncated to a uint64 (i.e. 64 bits)\n * through a right-shift/shr operation.\n */\n function fromLittleEndianUint64(\n bytes32 lenum\n ) internal pure returns (uint64 n) {\n // the number needs to be stored in little-endian encoding (ie in bytes 0-8)\n n = uint64(uint256(lenum >> 192));\n // forgefmt: disable-next-item\n return (n >> 56) | \n ((0x00FF000000000000 & n) >> 40) | \n ((0x0000FF0000000000 & n) >> 24) | \n ((0x000000FF00000000 & n) >> 8) | \n ((0x00000000FF000000 & n) << 8) | \n ((0x0000000000FF0000 & n) << 24) | \n ((0x000000000000FF00 & n) << 40) | \n ((0x00000000000000FF & n) << 56);\n }\n}\n" - } - }, - "settings": { - "remappings": [ - "@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", - "@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", - "@openzeppelin/foundry-upgrades/=lib/openzeppelin-foundry-upgrades/", - "@symbiotic/middleware-sdk/=lib/middleware-sdk/src/", - "@symbiotic/core/=lib/core/src/", - "@eigenlayer/=lib/eigenlayer-contracts/", - "@openzeppelin/contracts-eigenlayer/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/contracts/", - "lib/openzeppelin-contracts/:@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", - "lib/openzeppelin-contracts-upgradeable/:@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", - "lib/middleware-sdk/:@symbiotic/=lib/core/src/", - "lib/eigenlayer-contracts/:@openzeppelin-upgrades/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "lib/eigenlayer-contracts/:@openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", - "lib/eigenlayer-contracts/:ds-test/=lib/eigenlayer-contracts/lib/ds-test/src/", - "lib/eigenlayer-contracts/:forge-std/=lib/eigenlayer-contracts/lib/forge-std/src/", - "@crypto-lib/=lib/middleware-sdk/lib/crypto-lib/src/", - "@openzeppelin-upgrades/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "@solidity/=lib/middleware-sdk/lib/crypto-lib/src/", - "@symbiotic-test/=lib/middleware-sdk/lib/core/test/", - "core/=lib/core/", - "crypto-lib/=lib/middleware-sdk/lib/crypto-lib/", - "ds-test/=lib/eigenlayer-contracts/lib/ds-test/src/", - "eigenlayer-contracts/=lib/eigenlayer-contracts/", - "erc4626-tests/=lib/openzeppelin-contracts-upgradeable/lib/erc4626-tests/", - "forge-std/=lib/forge-std/src/", - "halmos-cheatcodes/=lib/openzeppelin-contracts-upgradeable/lib/halmos-cheatcodes/src/", - "middleware-sdk/=lib/middleware-sdk/src/", - "openzeppelin-contracts-upgradeable-v4.9.0/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "openzeppelin-contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/", - "openzeppelin-contracts-v4.9.0/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", - "openzeppelin-contracts/=lib/openzeppelin-contracts/", - "openzeppelin-foundry-upgrades/=lib/openzeppelin-foundry-upgrades/src/", - "openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/contracts/", - "solidity-stringutils/=lib/openzeppelin-foundry-upgrades/lib/solidity-stringutils/", - "zeus-templates/=lib/eigenlayer-contracts/lib/zeus-templates/src/" - ], - "optimizer": {}, - "metadata": { - "useLiteralContent": false, - "bytecodeHash": "ipfs", - "appendCBOR": true - }, - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode.object", - "evm.bytecode.sourceMap", - "evm.bytecode.linkReferences", - "evm.deployedBytecode.object", - "evm.deployedBytecode.sourceMap", - "evm.deployedBytecode.linkReferences", - "evm.deployedBytecode.immutableReferences", - "evm.methodIdentifiers", - "metadata" - ] - } - }, - "evmVersion": "cancun", - "viaIR": true, - "libraries": {} - } -} diff --git a/smart-contracts/stdinput_raw.json b/smart-contracts/stdinput_raw.json deleted file mode 100644 index a9de037..0000000 --- a/smart-contracts/stdinput_raw.json +++ /dev/null @@ -1,185 +0,0 @@ -{ - "language": "Solidity", - "sources": { - "src/contracts/EigenLayerMiddlewareV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\nimport {OwnableUpgradeable} from \"@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol\";\nimport {UUPSUpgradeable} from \"@openzeppelin/contracts/proxy/utils/UUPSUpgradeable.sol\";\nimport {Time} from \"@openzeppelin/contracts/utils/types/Time.sol\";\n\nimport {PauseableEnumerableSet} from \"@symbiotic/middleware-sdk/libraries/PauseableEnumerableSet.sol\";\n\nimport {\n IAllocationManager, IAllocationManagerTypes\n} from \"@eigenlayer/src/contracts/interfaces/IAllocationManager.sol\";\nimport {ISignatureUtils} from \"@eigenlayer/src/contracts/interfaces/ISignatureUtils.sol\";\nimport {IDelegationManager} from \"@eigenlayer/src/contracts/interfaces/IDelegationManager.sol\";\nimport {IStrategyManager} from \"@eigenlayer/src/contracts/interfaces/IStrategyManager.sol\";\nimport {IAVSDirectory} from \"@eigenlayer/src/contracts/interfaces/IAVSDirectory.sol\";\nimport {IAVSRegistrar} from \"@eigenlayer/src/contracts/interfaces/IAVSRegistrar.sol\";\nimport {IStrategy} from \"@eigenlayer/src/contracts/interfaces/IStrategy.sol\";\n\nimport {IRestakingMiddlewareV1} from \"../interfaces/IRestakingMiddlewareV1.sol\";\nimport {IOperatorsRegistryV1} from \"../interfaces/IOperatorsRegistryV1.sol\";\n\n/**\n * @title BoltEigenLayerMiddlewareV1\n * @author Chainbound Developers \n * @notice This contract is responsible for interacting with the EigenLayer restaking protocol contracts. It serves\n * as AVS contract and implements the IAVSRegistrar interface as well.\n */\ncontract EigenLayerMiddlewareV1 is OwnableUpgradeable, UUPSUpgradeable, IAVSRegistrar, IRestakingMiddlewareV1 {\n using PauseableEnumerableSet for PauseableEnumerableSet.AddressSet;\n\n /// @notice Address of the EigenLayer AVS Directory contract.\n IAVSDirectory public AVS_DIRECTORY;\n\n /// @notice Address of the EigenLayer Allocation Manager contract.\n IAllocationManager public ALLOCATION_MANAGER;\n\n /// @notice Address of the EigenLayer Delegation Manager contract.\n IDelegationManager public DELEGATION_MANAGER;\n\n /// @notice Address of the EigenLayer Strategy Manager contract.\n IStrategyManager public STRATEGY_MANAGER;\n\n /// @notice Address of the Bolt Operators Registry contract.\n IOperatorsRegistryV1 public OPERATORS_REGISTRY;\n\n /// @notice The name of the middleware\n bytes32 public NAME_HASH;\n\n /// @notice The list of whitelisted strategies for this AVS\n PauseableEnumerableSet.AddressSet internal _strategyWhitelist;\n\n /// @dev This empty reserved space is put in place to allow future versions to add new\n /// variables without shifting down storage in the inheritance chain.\n /// See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps\n /// This can be validated with the Openzeppelin Foundry Upgrades toolkit.\n ///\n /// Total storage slots: 50\n uint256[42] private __gap;\n\n // ========= Events ========= //\n\n /// @notice Emitted when a strategy is whitelisted\n event StrategyWhitelisted(address indexed strategy);\n\n /// @notice Emitted when a strategy is removed from the whitelist\n event StrategyRemoved(address indexed strategy);\n\n /// @notice Emitted when a strategy is paused\n event StrategyPaused(address indexed strategy);\n\n /// @notice Emitted when a strategy is unpaused\n event StrategyUnpaused(address indexed strategy);\n\n // ========= Errors ========= //\n\n error NotOperator();\n error UnauthorizedStrategy();\n error NotAllocationManager();\n error InvalidStrategyAddress();\n error StrategyAlreadyWhitelisted();\n\n // ========= Initializer & Proxy functionality ========= //\n\n /// @notice Initialize the contract\n /// @param owner The address of the owner\n /// @param _avsDirectory The address of the EigenLayer AVS Directory contract\n /// @param _eigenlayerAllocationManager The address of the EigenLayer Allocation Manager contract\n /// @param _eigenlayerDelegationManager The address of the EigenLayer Delegation Manager contract\n /// @param _eigenlayerStrategyManager The address of the EigenLayer Strategy Manager contract\n /// @param _operatorsRegistry The address of the Operators Registry contract\n function initialize(\n address owner,\n IOperatorsRegistryV1 _operatorsRegistry,\n IAVSDirectory _avsDirectory,\n IAllocationManager _eigenlayerAllocationManager,\n IDelegationManager _eigenlayerDelegationManager,\n IStrategyManager _eigenlayerStrategyManager\n ) public initializer {\n __Ownable_init(owner);\n\n AVS_DIRECTORY = _avsDirectory;\n ALLOCATION_MANAGER = _eigenlayerAllocationManager;\n DELEGATION_MANAGER = _eigenlayerDelegationManager;\n STRATEGY_MANAGER = _eigenlayerStrategyManager;\n OPERATORS_REGISTRY = _operatorsRegistry;\n NAME_HASH = keccak256(\"EIGENLAYER\");\n }\n\n /// @notice Upgrade the contract\n /// @param newImplementation The address of the new implementation\n function _authorizeUpgrade(\n address newImplementation\n ) internal override onlyOwner {}\n\n // ========= Modifiers ========= //\n\n /// @notice Modifier to check if the caller is the AllocationManager\n modifier onlyAllocationManager() {\n require(msg.sender == address(ALLOCATION_MANAGER), NotAllocationManager());\n _;\n }\n\n // ========= AVS functions ========= //\n\n /// @notice Update the RPC endpoint of the operator\n /// @param rpcEndpoint The new RPC endpoint\n function updateOperatorRpcEndpoint(\n string calldata rpcEndpoint\n ) public {\n OPERATORS_REGISTRY.updateOperatorRpcEndpoint(msg.sender, rpcEndpoint);\n }\n\n /// @notice Get the collaterals and amounts staked by an operator across the whitelisted strategies\n /// @param operator The operator address to get the collaterals and amounts staked for\n /// @return collaterals The collaterals staked by the operator\n /// @dev Assumes that the operator is registered and enabled\n function getOperatorCollaterals(\n address operator\n ) public view returns (address[] memory, uint256[] memory) {\n // Only take strategies that are active at \n IStrategy[] memory activeStrategies = _getActiveStrategiesAt(_now());\n\n address[] memory collateralTokens = new address[](activeStrategies.length);\n uint256[] memory amounts = new uint256[](activeStrategies.length);\n\n // get the shares of the operator across all strategies\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, activeStrategies);\n\n // get the collateral tokens and amounts for the operator across all strategies\n for (uint256 i = 0; i < activeStrategies.length; i++) {\n collateralTokens[i] = address(activeStrategies[i].underlyingToken());\n amounts[i] = activeStrategies[i].sharesToUnderlyingView(shares[i]);\n }\n\n return (collateralTokens, amounts);\n }\n\n /// @notice Get the CURRENT amount staked by an operator for a specific collateral\n /// @param operator The operator address to get the amount staked for\n /// @param collateral The collateral token address\n /// @return The amount staked by the operator for the collateral\n function getOperatorStake(address operator, address collateral) public view returns (uint256) {\n uint256 activeStake = 0;\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (address strategy, uint48 enabledAt, uint48 disabledAt) = _strategyWhitelist.at(i);\n\n if (!_wasEnabledAt(enabledAt, disabledAt, _now())) {\n continue;\n }\n\n if (address(IStrategy(strategy).underlyingToken()) != collateral) {\n continue;\n }\n\n // get the shares of the operator for the strategy\n // NOTE: the EL slashing-magnitudes branch removed the operatorShares(operator, strategy) function:\n // https://github.com/Layr-Labs/eigenlayer-contracts/blob/dev/src/contracts/interfaces/IDelegationManager.sol#L352-L359\n // so we need to use getOperatorShares(operator, [strategy]) instead.\n IStrategy[] memory strategies = new IStrategy[](1);\n strategies[0] = IStrategy(strategy);\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, strategies);\n activeStake += IStrategy(strategy).sharesToUnderlyingView(shares[0]);\n }\n\n return activeStake;\n }\n\n /// @notice Get all whitelisted strategies for this AVS, including inactive ones.\n /// @return The list of whitelisted strategies\n function getWhitelistedStrategies() public view returns (address[] memory) {\n address[] memory strategies = new address[](_strategyWhitelist.length());\n\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (strategies[i],,) = _strategyWhitelist.at(i);\n }\n\n return strategies;\n }\n\n /// @notice Get the active strategies for this AVS\n /// @return The active strategies\n function getActiveWhitelistedStrategies() public view returns (IStrategy[] memory) {\n // Use the beginning of the current epoch to check which strategies were enabled at that time.\n return _getActiveStrategiesAt(_now());\n }\n\n /// @notice Get the number of whitelisted strategies for this AVS.\n /// @return The number of whitelisted strategies.\n function strategyWhitelistLength() public view returns (uint256) {\n return _strategyWhitelist.length();\n }\n\n /// @notice Returns whether the strategy is active in this epoch.\n /// @param strategy The strategy to check.\n /// @return True if the strategy is active in this epoch, false otherwise.\n function isStrategyActive(\n address strategy\n ) public view returns (bool) {\n return _strategyWhitelist.wasActiveAt(_now(), strategy);\n }\n\n // ========= [pre-ELIP-002] IServiceManager functions ========= //\n\n /// @notice Register an operator through the AVS Directory\n /// @param rpcEndpoint The RPC URL of the operator\n /// @param extraData Arbitrary data the operator can provide as part of registration\n /// @param operatorSignature The signature of the operator\n /// @dev This function is used before the ELIP-002 (slashing) EigenLayer upgrade to register operators.\n /// @dev Operators must use this function to register before the upgrade. After the upgrade, this will be removed.\n function registerOperatorToAVS(\n string memory rpcEndpoint,\n string memory extraData,\n ISignatureUtils.SignatureWithSaltAndExpiry calldata operatorSignature\n ) public {\n address operator = msg.sender;\n\n require(DELEGATION_MANAGER.isOperator(operator), NotOperator());\n\n AVS_DIRECTORY.registerOperatorToAVS(operator, operatorSignature);\n OPERATORS_REGISTRY.registerOperator(operator, rpcEndpoint, extraData);\n }\n\n /// @notice Deregister an operator through the AVS Directory\n /// @dev This function is used before the ELIP-002 (slashing) EigenLayer upgrade to deregister operators.\n /// @dev Operators must use this function to deregister before the upgrade. After the upgrade, this will be removed.\n function deregisterOperatorFromAVS() public {\n address operator = msg.sender;\n\n require(DELEGATION_MANAGER.isOperator(operator), NotOperator());\n\n AVS_DIRECTORY.deregisterOperatorFromAVS(operator);\n OPERATORS_REGISTRY.pauseOperator(operator);\n }\n\n /// @notice Update the metadata URI for this AVS\n /// @param contractName The name of the contract to update the metadata URI for\n /// @param metadataURI The new metadata URI\n function updateAVSMetadataURI(string calldata contractName, string calldata metadataURI) public onlyOwner {\n bytes32 contractNameHash = keccak256(abi.encodePacked(contractName));\n\n if (contractNameHash == keccak256(\"ALLOCATION_MANAGER\")) {\n ALLOCATION_MANAGER.updateAVSMetadataURI(address(this), metadataURI);\n } else if (contractNameHash == keccak256(\"AVS_DIRECTORY\")) {\n AVS_DIRECTORY.updateAVSMetadataURI(metadataURI);\n }\n }\n\n /// @notice Get the strategies that an operator has restaked in\n /// @param operator The operator address to get the restaked strategies for\n /// @return The restaked strategy addresses\n function getOperatorRestakedStrategies(\n address operator\n ) public view returns (address[] memory) {\n // Only take strategies that are active at \n IStrategy[] memory activeStrategies = _getActiveStrategiesAt(_now());\n\n address[] memory restakedStrategies = new address[](activeStrategies.length);\n\n // get the shares of the operator across all strategies\n uint256[] memory shares = DELEGATION_MANAGER.getOperatorShares(operator, activeStrategies);\n\n // get the collateral tokens and amounts for the operator across all strategies\n uint256 restakedCount = 0;\n for (uint256 i = 0; i < activeStrategies.length; i++) {\n if (activeStrategies[i].sharesToUnderlyingView(shares[i]) > 0) {\n restakedStrategies[restakedCount] = address(activeStrategies[i]);\n restakedCount++;\n }\n }\n\n address[] memory result = new address[](restakedCount);\n for (uint256 i = 0; i < restakedCount; i++) {\n result[i] = restakedStrategies[i];\n }\n\n return result;\n }\n\n /// @notice Get the strategies that an operator can restake in\n /// @param operator The operator address to get the restakeable strategies for\n /// @return The restakeable strategy addresses\n function getRestakeableStrategies(\n address operator\n ) public view returns (address[] memory) {\n // All operators can use all whitelisted, active strategies.\n IStrategy[] memory strategies = getActiveWhitelistedStrategies();\n\n // cast to address[] to match the return type\n address[] memory result = new address[](strategies.length);\n for (uint256 i = 0; i < strategies.length; i++) {\n result[i] = address(strategies[i]);\n }\n\n return result;\n }\n\n // ========= [post-ELIP-002] IAVSRegistrar functions ========= //\n\n /// @notice Allows the AllocationManager to hook into the middleware to validate operator registration\n /// @param operator The address of the operator\n /// @param operatorSetIds The operator set IDs the operator is registering for\n /// @param data Arbitrary ABI-encoded data the operator must provide as part of registration\n function registerOperator(\n address operator,\n uint32[] calldata operatorSetIds,\n bytes calldata data\n ) external onlyAllocationManager {\n // NOTE: this function is called by AllocationManager.registerForOperatorSets(),\n // called by operators when registering to this AVS. If this call reverts,\n // the registration will be unsuccessful.\n\n // Split the data into rpcEndpoint and extraData from ABI encoding\n (string memory rpcEndpoint, string memory extraData) = abi.decode(data, (string, string));\n\n // We forward the call to the OperatorsRegistry to register the operator in its storage.\n OPERATORS_REGISTRY.registerOperator(operator, rpcEndpoint, extraData);\n }\n\n /// @notice Allows the AllocationManager to hook into the middleware to validate operator deregistration\n /// @param operator The address of the operator\n /// @param operatorSetIds The operator set IDs the operator is deregistering from\n function deregisterOperator(address operator, uint32[] calldata operatorSetIds) external onlyAllocationManager {\n // NOTE: this function is called by AllocationManager.deregisterFromOperatorSets,\n // called by operators when deregistering from this AVS.\n // Failure does nothing here: if this call reverts the deregistration will still go through.\n\n // We forward the call to the OperatorsRegistry to pause the operator from its storage.\n // In order to be fully removed, the operator must call OPERATORS_REGISTRY.deregisterOperator()\n // after waiting for the required delay.\n OPERATORS_REGISTRY.pauseOperator(operator);\n }\n\n // ========= Admin functions ========= //\n\n /// @notice Add a strategy to the whitelist\n /// @param strategy The strategy to add\n function whitelistStrategy(\n address strategy\n ) public onlyOwner {\n require(strategy != address(0), InvalidStrategyAddress());\n require(!_strategyWhitelist.contains(strategy), StrategyAlreadyWhitelisted());\n require(STRATEGY_MANAGER.strategyIsWhitelistedForDeposit(IStrategy(strategy)), UnauthorizedStrategy());\n\n _strategyWhitelist.register(_now(), strategy);\n emit StrategyWhitelisted(strategy);\n }\n\n /// @notice Pause a strategy, preventing its collateral from being active in the AVS\n /// @param strategy The strategy to pause\n function pauseStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n // NOTE: we use _now() - 1 to ensure that the strategy is paused in the current epoch.\n // If we didn't do this, we would have to wait until the next epoch until the strategy was actually paused.\n _strategyWhitelist.pause(_now() - 1, strategy);\n emit StrategyPaused(strategy);\n }\n\n /// @notice Unpause a strategy, allowing its collateral to be active in the AVS\n /// @param strategy The strategy to unpause\n function unpauseStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n _strategyWhitelist.unpause(_now(), OPERATORS_REGISTRY.EPOCH_DURATION(), strategy);\n emit StrategyUnpaused(strategy);\n }\n\n /// @notice Remove a strategy from the whitelist\n /// @param strategy The strategy to remove\n /// @dev Strategies must be paused for an EPOCH_DURATION before they can be removed\n function removeStrategy(\n address strategy\n ) public onlyOwner {\n require(_strategyWhitelist.contains(strategy), UnauthorizedStrategy());\n\n // NOTE: we use _now() - 1 to ensure that the strategy is removed in the current epoch.\n _strategyWhitelist.unregister(_now() - 1, OPERATORS_REGISTRY.EPOCH_DURATION(), strategy);\n emit StrategyRemoved(strategy);\n }\n\n /// @notice Create new operator sets for this AVS\n /// @param params The parameters for creating the operator sets\n function createOperatorSets(\n IAllocationManagerTypes.CreateSetParams[] calldata params\n ) public onlyOwner {\n for (uint256 i = 0; i < params.length; i++) {\n _checkAreAllStrategiesWhitelisted(params[i].strategies);\n }\n\n ALLOCATION_MANAGER.createOperatorSets(address(this), params);\n }\n\n /// @notice Add strategies to an operator set\n /// @param operatorSetId The ID of the operator set to add strategies to\n /// @param strategies The strategies to add\n function addStrategiesToOperatorSet(uint32 operatorSetId, IStrategy[] calldata strategies) public onlyOwner {\n _checkAreAllStrategiesWhitelisted(strategies);\n\n ALLOCATION_MANAGER.addStrategiesToOperatorSet(address(this), operatorSetId, strategies);\n }\n\n /// @notice Remove strategies from an operator set\n /// @param operatorSetId The ID of the operator set to remove strategies from\n /// @param strategies The strategies to remove\n function removeStrategiesFromOperatorSet(uint32 operatorSetId, IStrategy[] calldata strategies) public onlyOwner {\n ALLOCATION_MANAGER.removeStrategiesFromOperatorSet(address(this), operatorSetId, strategies);\n }\n\n /// @notice Update the AllocationManager address\n /// @param newAllocationManager The new AllocationManager address\n function updateAllocationManagerAddress(\n address newAllocationManager\n ) public onlyOwner {\n ALLOCATION_MANAGER = IAllocationManager(newAllocationManager);\n }\n\n /// @notice Update the AVSDirectory address\n /// @param newAVSDirectory The new AVSDirectory address\n function updateAVSDirectoryAddress(\n address newAVSDirectory\n ) public onlyOwner {\n AVS_DIRECTORY = IAVSDirectory(newAVSDirectory);\n }\n\n /// @notice Update the StrategyManager address\n /// @param newStrategyManager The new StrategyManager address\n function updateStrategyManagerAddress(\n address newStrategyManager\n ) public onlyOwner {\n STRATEGY_MANAGER = IStrategyManager(newStrategyManager);\n }\n\n /// @notice Update the DelegationManager address\n /// @param newDelegationManager The new DelegationManager address\n function updateDelegationManagerAddress(\n address newDelegationManager\n ) public onlyOwner {\n DELEGATION_MANAGER = IDelegationManager(newDelegationManager);\n }\n\n /// @notice Update the OperatorsRegistry address\n /// @param newOperatorsRegistry The new OperatorsRegistry address\n function updateOperatorsRegistryAddress(\n address newOperatorsRegistry\n ) public onlyOwner {\n OPERATORS_REGISTRY = IOperatorsRegistryV1(newOperatorsRegistry);\n }\n\n // ========== Internal helpers ========== //\n\n /// @notice Check if ALL the given strategies are whitelisted.\n /// If any of the strategies are not whitelisted, the function will revert.\n /// @param strategies The strategies to check\n function _checkAreAllStrategiesWhitelisted(\n IStrategy[] calldata strategies\n ) internal view {\n for (uint256 i = 0; i < strategies.length; i++) {\n require(_strategyWhitelist.contains(address(strategies[i])), UnauthorizedStrategy());\n }\n }\n\n /// @notice Get all the active strategies at a given timestamp\n /// @param timestamp The timestamp to get the active strategies at\n /// @return The array of active strategies\n function _getActiveStrategiesAt(\n uint48 timestamp\n ) internal view returns (IStrategy[] memory) {\n uint256 activeCount = 0;\n address[] memory activeStrategies = new address[](_strategyWhitelist.length());\n for (uint256 i = 0; i < _strategyWhitelist.length(); i++) {\n (address strategy, uint48 enabledAt, uint48 disabledAt) = _strategyWhitelist.at(i);\n\n if (_wasEnabledAt(enabledAt, disabledAt, timestamp)) {\n activeStrategies[activeCount] = strategy;\n activeCount++;\n }\n }\n\n // Resize the array to the actual number of active strategies\n IStrategy[] memory result = new IStrategy[](activeCount);\n for (uint256 i = 0; i < activeCount; i++) {\n result[i] = IStrategy(activeStrategies[i]);\n }\n return result;\n }\n\n /// @notice Check if a map entry was active at a given timestamp.\n /// @param enabledAt The enabled time of the map entry.\n /// @param disabledAt The disabled time of the map entry.\n /// @param timestamp The timestamp to check the map entry status at.\n /// @return True if the map entry was active at the given timestamp, false otherwise.\n function _wasEnabledAt(uint48 enabledAt, uint48 disabledAt, uint48 timestamp) internal pure returns (bool) {\n return enabledAt != 0 && enabledAt <= timestamp && (disabledAt == 0 || disabledAt >= timestamp);\n }\n\n /// @notice Returns the timestamp of the current epoch.\n /// @return timestamp The current epoch timestamp.\n function _now() internal view returns (uint48) {\n return OPERATORS_REGISTRY.getCurrentEpochStartTimestamp();\n }\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)\n\npragma solidity ^0.8.20;\n\nimport {ContextUpgradeable} from \"../utils/ContextUpgradeable.sol\";\nimport {Initializable} from \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Contract module which provides a basic access control mechanism, where\n * there is an account (an owner) that can be granted exclusive access to\n * specific functions.\n *\n * The initial owner is set to the address provided by the deployer. This can\n * later be changed with {transferOwnership}.\n *\n * This module is used through inheritance. It will make available the modifier\n * `onlyOwner`, which can be applied to your functions to restrict their use to\n * the owner.\n */\nabstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {\n /// @custom:storage-location erc7201:openzeppelin.storage.Ownable\n struct OwnableStorage {\n address _owner;\n }\n\n // keccak256(abi.encode(uint256(keccak256(\"openzeppelin.storage.Ownable\")) - 1)) & ~bytes32(uint256(0xff))\n bytes32 private constant OwnableStorageLocation = 0x9016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c199300;\n\n function _getOwnableStorage() private pure returns (OwnableStorage storage $) {\n assembly {\n $.slot := OwnableStorageLocation\n }\n }\n\n /**\n * @dev The caller account is not authorized to perform an operation.\n */\n error OwnableUnauthorizedAccount(address account);\n\n /**\n * @dev The owner is not a valid owner account. (eg. `address(0)`)\n */\n error OwnableInvalidOwner(address owner);\n\n event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);\n\n /**\n * @dev Initializes the contract setting the address provided by the deployer as the initial owner.\n */\n function __Ownable_init(address initialOwner) internal onlyInitializing {\n __Ownable_init_unchained(initialOwner);\n }\n\n function __Ownable_init_unchained(address initialOwner) internal onlyInitializing {\n if (initialOwner == address(0)) {\n revert OwnableInvalidOwner(address(0));\n }\n _transferOwnership(initialOwner);\n }\n\n /**\n * @dev Throws if called by any account other than the owner.\n */\n modifier onlyOwner() {\n _checkOwner();\n _;\n }\n\n /**\n * @dev Returns the address of the current owner.\n */\n function owner() public view virtual returns (address) {\n OwnableStorage storage $ = _getOwnableStorage();\n return $._owner;\n }\n\n /**\n * @dev Throws if the sender is not the owner.\n */\n function _checkOwner() internal view virtual {\n if (owner() != _msgSender()) {\n revert OwnableUnauthorizedAccount(_msgSender());\n }\n }\n\n /**\n * @dev Leaves the contract without owner. It will not be possible to call\n * `onlyOwner` functions. Can only be called by the current owner.\n *\n * NOTE: Renouncing ownership will leave the contract without an owner,\n * thereby disabling any functionality that is only available to the owner.\n */\n function renounceOwnership() public virtual onlyOwner {\n _transferOwnership(address(0));\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Can only be called by the current owner.\n */\n function transferOwnership(address newOwner) public virtual onlyOwner {\n if (newOwner == address(0)) {\n revert OwnableInvalidOwner(address(0));\n }\n _transferOwnership(newOwner);\n }\n\n /**\n * @dev Transfers ownership of the contract to a new account (`newOwner`).\n * Internal function without access restriction.\n */\n function _transferOwnership(address newOwner) internal virtual {\n OwnableStorage storage $ = _getOwnableStorage();\n address oldOwner = $._owner;\n $._owner = newOwner;\n emit OwnershipTransferred(oldOwner, newOwner);\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/utils/UUPSUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (proxy/utils/UUPSUpgradeable.sol)\n\npragma solidity ^0.8.22;\n\nimport {IERC1822Proxiable} from \"../../interfaces/draft-IERC1822.sol\";\nimport {ERC1967Utils} from \"../ERC1967/ERC1967Utils.sol\";\n\n/**\n * @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an\n * {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.\n *\n * A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is\n * reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing\n * `UUPSUpgradeable` with a custom implementation of upgrades.\n *\n * The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.\n */\nabstract contract UUPSUpgradeable is IERC1822Proxiable {\n /// @custom:oz-upgrades-unsafe-allow state-variable-immutable\n address private immutable __self = address(this);\n\n /**\n * @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`\n * and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,\n * while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.\n * If the getter returns `\"5.0.0\"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must\n * be the empty byte string if no function should be called, making it impossible to invoke the `receive` function\n * during an upgrade.\n */\n string public constant UPGRADE_INTERFACE_VERSION = \"5.0.0\";\n\n /**\n * @dev The call is from an unauthorized context.\n */\n error UUPSUnauthorizedCallContext();\n\n /**\n * @dev The storage `slot` is unsupported as a UUID.\n */\n error UUPSUnsupportedProxiableUUID(bytes32 slot);\n\n /**\n * @dev Check that the execution is being performed through a delegatecall call and that the execution context is\n * a proxy contract with an implementation (as defined in ERC-1967) pointing to self. This should only be the case\n * for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a\n * function through ERC-1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to\n * fail.\n */\n modifier onlyProxy() {\n _checkProxy();\n _;\n }\n\n /**\n * @dev Check that the execution is not being performed through a delegate call. This allows a function to be\n * callable on the implementing contract but not through proxies.\n */\n modifier notDelegated() {\n _checkNotDelegated();\n _;\n }\n\n /**\n * @dev Implementation of the ERC-1822 {proxiableUUID} function. This returns the storage slot used by the\n * implementation. It is used to validate the implementation's compatibility when performing an upgrade.\n *\n * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks\n * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this\n * function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.\n */\n function proxiableUUID() external view virtual notDelegated returns (bytes32) {\n return ERC1967Utils.IMPLEMENTATION_SLOT;\n }\n\n /**\n * @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call\n * encoded in `data`.\n *\n * Calls {_authorizeUpgrade}.\n *\n * Emits an {Upgraded} event.\n *\n * @custom:oz-upgrades-unsafe-allow-reachable delegatecall\n */\n function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {\n _authorizeUpgrade(newImplementation);\n _upgradeToAndCallUUPS(newImplementation, data);\n }\n\n /**\n * @dev Reverts if the execution is not performed via delegatecall or the execution\n * context is not of a proxy with an ERC-1967 compliant implementation pointing to self.\n * See {_onlyProxy}.\n */\n function _checkProxy() internal view virtual {\n if (\n address(this) == __self || // Must be called through delegatecall\n ERC1967Utils.getImplementation() != __self // Must be called through an active proxy\n ) {\n revert UUPSUnauthorizedCallContext();\n }\n }\n\n /**\n * @dev Reverts if the execution is performed via delegatecall.\n * See {notDelegated}.\n */\n function _checkNotDelegated() internal view virtual {\n if (address(this) != __self) {\n // Must not be called through delegatecall\n revert UUPSUnauthorizedCallContext();\n }\n }\n\n /**\n * @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by\n * {upgradeToAndCall}.\n *\n * Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.\n *\n * ```solidity\n * function _authorizeUpgrade(address) internal onlyOwner {}\n * ```\n */\n function _authorizeUpgrade(address newImplementation) internal virtual;\n\n /**\n * @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.\n *\n * As a security check, {proxiableUUID} is invoked in the new implementation, and the return value\n * is expected to be the implementation slot in ERC-1967.\n *\n * Emits an {IERC1967-Upgraded} event.\n */\n function _upgradeToAndCallUUPS(address newImplementation, bytes memory data) private {\n try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {\n if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {\n revert UUPSUnsupportedProxiableUUID(slot);\n }\n ERC1967Utils.upgradeToAndCall(newImplementation, data);\n } catch {\n // The implementation is not UUPS\n revert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/types/Time.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/types/Time.sol)\n\npragma solidity ^0.8.20;\n\nimport {Math} from \"../math/Math.sol\";\nimport {SafeCast} from \"../math/SafeCast.sol\";\n\n/**\n * @dev This library provides helpers for manipulating time-related objects.\n *\n * It uses the following types:\n * - `uint48` for timepoints\n * - `uint32` for durations\n *\n * While the library doesn't provide specific types for timepoints and duration, it does provide:\n * - a `Delay` type to represent duration that can be programmed to change value automatically at a given point\n * - additional helper functions\n */\nlibrary Time {\n using Time for *;\n\n /**\n * @dev Get the block timestamp as a Timepoint.\n */\n function timestamp() internal view returns (uint48) {\n return SafeCast.toUint48(block.timestamp);\n }\n\n /**\n * @dev Get the block number as a Timepoint.\n */\n function blockNumber() internal view returns (uint48) {\n return SafeCast.toUint48(block.number);\n }\n\n // ==================================================== Delay =====================================================\n /**\n * @dev A `Delay` is a uint32 duration that can be programmed to change value automatically at a given point in the\n * future. The \"effect\" timepoint describes when the transitions happens from the \"old\" value to the \"new\" value.\n * This allows updating the delay applied to some operation while keeping some guarantees.\n *\n * In particular, the {update} function guarantees that if the delay is reduced, the old delay still applies for\n * some time. For example if the delay is currently 7 days to do an upgrade, the admin should not be able to set\n * the delay to 0 and upgrade immediately. If the admin wants to reduce the delay, the old delay (7 days) should\n * still apply for some time.\n *\n *\n * The `Delay` type is 112 bits long, and packs the following:\n *\n * ```\n * | [uint48]: effect date (timepoint)\n * | | [uint32]: value before (duration)\n * ↓ ↓ ↓ [uint32]: value after (duration)\n * 0xAAAAAAAAAAAABBBBBBBBCCCCCCCC\n * ```\n *\n * NOTE: The {get} and {withUpdate} functions operate using timestamps. Block number based delays are not currently\n * supported.\n */\n type Delay is uint112;\n\n /**\n * @dev Wrap a duration into a Delay to add the one-step \"update in the future\" feature\n */\n function toDelay(uint32 duration) internal pure returns (Delay) {\n return Delay.wrap(duration);\n }\n\n /**\n * @dev Get the value at a given timepoint plus the pending value and effect timepoint if there is a scheduled\n * change after this timepoint. If the effect timepoint is 0, then the pending value should not be considered.\n */\n function _getFullAt(\n Delay self,\n uint48 timepoint\n ) private pure returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n (valueBefore, valueAfter, effect) = self.unpack();\n return effect <= timepoint ? (valueAfter, 0, 0) : (valueBefore, valueAfter, effect);\n }\n\n /**\n * @dev Get the current value plus the pending value and effect timepoint if there is a scheduled change. If the\n * effect timepoint is 0, then the pending value should not be considered.\n */\n function getFull(Delay self) internal view returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n return _getFullAt(self, timestamp());\n }\n\n /**\n * @dev Get the current value.\n */\n function get(Delay self) internal view returns (uint32) {\n (uint32 delay, , ) = self.getFull();\n return delay;\n }\n\n /**\n * @dev Update a Delay object so that it takes a new duration after a timepoint that is automatically computed to\n * enforce the old delay at the moment of the update. Returns the updated Delay object and the timestamp when the\n * new delay becomes effective.\n */\n function withUpdate(\n Delay self,\n uint32 newValue,\n uint32 minSetback\n ) internal view returns (Delay updatedDelay, uint48 effect) {\n uint32 value = self.get();\n uint32 setback = uint32(Math.max(minSetback, value > newValue ? value - newValue : 0));\n effect = timestamp() + setback;\n return (pack(value, newValue, effect), effect);\n }\n\n /**\n * @dev Split a delay into its components: valueBefore, valueAfter and effect (transition timepoint).\n */\n function unpack(Delay self) internal pure returns (uint32 valueBefore, uint32 valueAfter, uint48 effect) {\n uint112 raw = Delay.unwrap(self);\n\n valueAfter = uint32(raw);\n valueBefore = uint32(raw >> 32);\n effect = uint48(raw >> 64);\n\n return (valueBefore, valueAfter, effect);\n }\n\n /**\n * @dev pack the components into a Delay object.\n */\n function pack(uint32 valueBefore, uint32 valueAfter, uint48 effect) internal pure returns (Delay) {\n return Delay.wrap((uint112(effect) << 64) | (uint112(valueBefore) << 32) | uint112(valueAfter));\n }\n}\n" - }, - "lib/middleware-sdk/src/libraries/PauseableEnumerableSet.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.25;\n\n/**\n * @title PauseableEnumerableSet\n * @notice Library for managing sets of values that can be paused and unpaused\n * @dev Provides functionality for managing sets of addresses, uint160s, bytes32s and bytes values\n * Each value in a set has an associated status that tracks when it was enabled/disabled\n */\nlibrary PauseableEnumerableSet {\n using PauseableEnumerableSet for Inner160;\n using PauseableEnumerableSet for Uint160Set;\n using PauseableEnumerableSet for InnerBytes32;\n using PauseableEnumerableSet for InnerBytes;\n using PauseableEnumerableSet for Status;\n\n error AlreadyRegistered();\n error NotRegistered();\n error AlreadyEnabled();\n error NotEnabled();\n error Enabled();\n error ImmutablePeriodNotPassed();\n\n /**\n * @dev Stores the enabled and disabled timestamps for a value\n */\n struct Status {\n uint48 enabled;\n uint48 disabled;\n }\n\n /**\n * @dev Stores a uint160 value and its status\n */\n struct Inner160 {\n uint160 value;\n Status status;\n }\n\n /**\n * @dev Stores a bytes32 value and its status\n */\n struct InnerBytes32 {\n bytes32 value;\n Status status;\n }\n\n /**\n * @dev Stores a bytes value and its status\n */\n struct InnerBytes {\n bytes value;\n Status status;\n }\n\n /**\n * @dev Set of uint160 values with their statuses\n */\n struct Uint160Set {\n Inner160[] array;\n mapping(uint160 => uint256) positions;\n }\n\n /**\n * @dev Set of address values, implemented using Uint160Set\n */\n struct AddressSet {\n Uint160Set set;\n }\n\n /**\n * @dev Set of bytes32 values with their statuses\n */\n struct Bytes32Set {\n InnerBytes32[] array;\n mapping(bytes32 => uint256) positions;\n }\n\n /**\n * @dev Set of bytes values with their statuses\n */\n struct BytesSet {\n InnerBytes[] array;\n mapping(bytes => uint256) positions;\n }\n\n /**\n * @notice Sets the initial status of a value\n * @param self The status to modify\n * @param timestamp The timestamp to set as enabled\n */\n function set(Status storage self, uint48 timestamp) internal {\n self.enabled = timestamp;\n self.disabled = 0;\n }\n\n /**\n * @notice Enables a previously disabled value\n * @param self The status to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n */\n function enable(Status storage self, uint48 timestamp, uint48 immutablePeriod) internal {\n if (self.enabled != 0) revert AlreadyEnabled();\n if (self.disabled + immutablePeriod > timestamp) revert ImmutablePeriodNotPassed();\n\n self.enabled = timestamp;\n self.disabled = 0;\n }\n\n /**\n * @notice Disables an enabled value\n * @param self The status to modify\n * @param timestamp The timestamp to set as disabled\n */\n function disable(Status storage self, uint48 timestamp) internal {\n if (self.disabled != 0) revert NotEnabled();\n self.enabled = 0;\n self.disabled = timestamp;\n }\n\n /**\n * @notice Validates if a value can be unregistered\n * @param self The status to check\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n */\n function validateUnregister(Status storage self, uint48 timestamp, uint48 immutablePeriod) internal view {\n if (self.enabled != 0 || self.disabled == 0) revert Enabled();\n if (self.disabled + immutablePeriod > timestamp) revert ImmutablePeriodNotPassed();\n }\n\n /**\n * @notice Checks if a value can be unregistered\n * @param self The status to check\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @return bool Whether the value can be unregistered\n */\n function checkUnregister(\n Status storage self,\n uint48 timestamp,\n uint48 immutablePeriod\n ) internal view returns (bool) {\n return self.enabled == 0 && self.disabled != 0 && self.disabled + immutablePeriod <= timestamp;\n }\n\n /**\n * @notice Checks if a value was active at a given timestamp\n * @param self The status to check\n * @param timestamp The timestamp to check\n * @return bool Whether the value was active\n */\n function wasActiveAt(Status storage self, uint48 timestamp) internal view returns (bool) {\n return self.enabled < timestamp && (self.disabled == 0 || self.disabled >= timestamp);\n }\n\n /**\n * @notice Gets the value and status for an Inner160\n * @param self The Inner160 to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n Inner160 storage self\n ) internal view returns (uint160, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n /**\n * @notice Gets the value and status for an InnerBytes32\n * @param self The InnerBytes32 to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n InnerBytes32 storage self\n ) internal view returns (bytes32, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n /**\n * @notice Gets the value and status for an InnerBytes\n * @param self The InnerBytes to get data from\n * @return The value, enabled timestamp, and disabled timestamp\n */\n function get(\n InnerBytes storage self\n ) internal view returns (bytes memory, uint48, uint48) {\n return (self.value, self.status.enabled, self.status.disabled);\n }\n\n // AddressSet functions\n\n /**\n * @notice Gets the number of addresses in the set\n * @param self The AddressSet to query\n * @return uint256 The number of addresses\n */\n function length(\n AddressSet storage self\n ) internal view returns (uint256) {\n return self.set.length();\n }\n\n /**\n * @notice Gets the address and status at a given position\n * @param self The AddressSet to query\n * @param pos The position to query\n * @return The address, enabled timestamp, and disabled timestamp\n */\n function at(AddressSet storage self, uint256 pos) internal view returns (address, uint48, uint48) {\n (uint160 value, uint48 enabled, uint48 disabled) = self.set.at(pos);\n return (address(value), enabled, disabled);\n }\n\n /**\n * @notice Gets all active addresses at a given timestamp\n * @param self The AddressSet to query\n * @param timestamp The timestamp to check\n * @return array Array of active addresses\n */\n function getActive(AddressSet storage self, uint48 timestamp) internal view returns (address[] memory array) {\n uint160[] memory uint160Array = self.set.getActive(timestamp);\n assembly {\n array := uint160Array\n }\n return array;\n }\n\n /**\n * @notice Checks if an address was active at a given timestamp\n * @param self The AddressSet to query\n * @param timestamp The timestamp to check\n * @param addr The address to check\n * @return bool Whether the address was active\n */\n function wasActiveAt(AddressSet storage self, uint48 timestamp, address addr) internal view returns (bool) {\n return self.set.wasActiveAt(timestamp, uint160(addr));\n }\n\n /**\n * @notice Registers a new address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param addr The address to register\n */\n function register(AddressSet storage self, uint48 timestamp, address addr) internal {\n self.set.register(timestamp, uint160(addr));\n }\n\n /**\n * @notice Pauses an address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as disabled\n * @param addr The address to pause\n */\n function pause(AddressSet storage self, uint48 timestamp, address addr) internal {\n self.set.pause(timestamp, uint160(addr));\n }\n\n /**\n * @notice Unpauses an address\n * @param self The AddressSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param addr The address to unpause\n */\n function unpause(AddressSet storage self, uint48 timestamp, uint48 immutablePeriod, address addr) internal {\n self.set.unpause(timestamp, immutablePeriod, uint160(addr));\n }\n\n /**\n * @notice Checks if an address can be unregistered\n * @param self The AddressSet to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The address to check\n * @return bool Whether the address can be unregistered\n */\n function checkUnregister(\n AddressSet storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n address value\n ) internal view returns (bool) {\n uint256 pos = self.set.positions[uint160(value)];\n if (pos == 0) return false;\n return self.set.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters an address\n * @param self The AddressSet to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param addr The address to unregister\n */\n function unregister(AddressSet storage self, uint48 timestamp, uint48 immutablePeriod, address addr) internal {\n self.set.unregister(timestamp, immutablePeriod, uint160(addr));\n }\n\n /**\n * @notice Checks if an address is registered\n * @param self The AddressSet to query\n * @param addr The address to check\n * @return bool Whether the address is registered\n */\n function contains(AddressSet storage self, address addr) internal view returns (bool) {\n return self.set.contains(uint160(addr));\n }\n\n // Uint160Set functions\n\n /**\n * @notice Gets the number of uint160s in the set\n * @param self The Uint160Set to query\n * @return uint256 The number of uint160s\n */\n function length(\n Uint160Set storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the uint160 and status at a given position\n * @param self The Uint160Set to query\n * @param pos The position to query\n * @return The uint160, enabled timestamp, and disabled timestamp\n */\n function at(Uint160Set storage self, uint256 pos) internal view returns (uint160, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active uint160s at a given timestamp\n * @param self The Uint160Set to query\n * @param timestamp The timestamp to check\n * @return array Array of active uint160s\n */\n function getActive(Uint160Set storage self, uint48 timestamp) internal view returns (uint160[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new uint160[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a uint160 was active at a given timestamp\n * @param self The Uint160Set to query\n * @param timestamp The timestamp to check\n * @param value The uint160 to check\n * @return bool Whether the uint160 was active\n */\n function wasActiveAt(Uint160Set storage self, uint48 timestamp, uint160 value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The uint160 to register\n */\n function register(Uint160Set storage self, uint48 timestamp, uint160 value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n Inner160 storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = self.array.length;\n }\n\n /**\n * @notice Pauses a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The uint160 to pause\n */\n function pause(Uint160Set storage self, uint48 timestamp, uint160 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The uint160 to unpause\n */\n function unpause(Uint160Set storage self, uint48 timestamp, uint48 immutablePeriod, uint160 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a uint160\n * @param self The Uint160Set to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The uint160 to unregister\n */\n function unregister(Uint160Set storage self, uint48 timestamp, uint48 immutablePeriod, uint160 value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a uint160 is registered\n * @param self The Uint160Set to query\n * @param value The uint160 to check\n * @return bool Whether the uint160 is registered\n */\n function contains(Uint160Set storage self, uint160 value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n\n // Bytes32Set functions\n\n /**\n * @notice Gets the number of bytes32s in the set\n * @param self The Bytes32Set to query\n * @return uint256 The number of bytes32s\n */\n function length(\n Bytes32Set storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the bytes32 and status at a given position\n * @param self The Bytes32Set to query\n * @param pos The position to query\n * @return The bytes32, enabled timestamp, and disabled timestamp\n */\n function at(Bytes32Set storage self, uint256 pos) internal view returns (bytes32, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active bytes32s at a given timestamp\n * @param self The Bytes32Set to query\n * @param timestamp The timestamp to check\n * @return array Array of active bytes32s\n */\n function getActive(Bytes32Set storage self, uint48 timestamp) internal view returns (bytes32[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new bytes32[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a bytes32 was active at a given timestamp\n * @param self The Bytes32Set to query\n * @param timestamp The timestamp to check\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 was active\n */\n function wasActiveAt(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The bytes32 to register\n */\n function register(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n uint256 pos = self.array.length;\n InnerBytes32 storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = pos + 1;\n }\n\n /**\n * @notice Pauses a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The bytes32 to pause\n */\n function pause(Bytes32Set storage self, uint48 timestamp, bytes32 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to unpause\n */\n function unpause(Bytes32Set storage self, uint48 timestamp, uint48 immutablePeriod, bytes32 value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Checks if a bytes32 can be unregistered\n * @param self The Bytes32Set to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 can be unregistered\n */\n function checkUnregister(\n Bytes32Set storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n bytes32 value\n ) internal view returns (bool) {\n uint256 pos = self.positions[value];\n if (pos == 0) return false;\n return self.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a bytes32\n * @param self The Bytes32Set to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes32 to unregister\n */\n function unregister(Bytes32Set storage self, uint48 timestamp, uint48 immutablePeriod, bytes32 value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a bytes32 is registered\n * @param self The Bytes32Set to query\n * @param value The bytes32 to check\n * @return bool Whether the bytes32 is registered\n */\n function contains(Bytes32Set storage self, bytes32 value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n\n // BytesSet functions\n\n /**\n * @notice Gets the number of bytes values in the set\n * @param self The BytesSet to query\n * @return uint256 The number of bytes values\n */\n function length(\n BytesSet storage self\n ) internal view returns (uint256) {\n return self.array.length;\n }\n\n /**\n * @notice Gets the bytes value and status at a given position\n * @param self The BytesSet to query\n * @param pos The position to query\n * @return The bytes value, enabled timestamp, and disabled timestamp\n */\n function at(BytesSet storage self, uint256 pos) internal view returns (bytes memory, uint48, uint48) {\n return self.array[pos].get();\n }\n\n /**\n * @notice Gets all active bytes values at a given timestamp\n * @param self The BytesSet to query\n * @param timestamp The timestamp to check\n * @return array Array of active bytes values\n */\n function getActive(BytesSet storage self, uint48 timestamp) internal view returns (bytes[] memory array) {\n uint256 arrayLen = self.array.length;\n array = new bytes[](arrayLen);\n uint256 len;\n for (uint256 i; i < arrayLen; ++i) {\n if (self.array[i].status.wasActiveAt(timestamp)) {\n array[len++] = self.array[i].value;\n }\n }\n\n assembly {\n mstore(array, len)\n }\n return array;\n }\n\n /**\n * @notice Checks if a bytes value was active at a given timestamp\n * @param self The BytesSet to query\n * @param timestamp The timestamp to check\n * @param value The bytes value to check\n * @return bool Whether the bytes value was active\n */\n function wasActiveAt(BytesSet storage self, uint48 timestamp, bytes memory value) internal view returns (bool) {\n uint256 pos = self.positions[value];\n return pos != 0 && self.array[pos - 1].status.wasActiveAt(timestamp);\n }\n\n /**\n * @notice Registers a new bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param value The bytes value to register\n */\n function register(BytesSet storage self, uint48 timestamp, bytes memory value) internal {\n if (self.positions[value] != 0) revert AlreadyRegistered();\n\n uint256 pos = self.array.length;\n InnerBytes storage element = self.array.push();\n element.value = value;\n element.status.set(timestamp);\n self.positions[value] = pos + 1;\n }\n\n /**\n * @notice Pauses a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as disabled\n * @param value The bytes value to pause\n */\n function pause(BytesSet storage self, uint48 timestamp, bytes memory value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.disable(timestamp);\n }\n\n /**\n * @notice Unpauses a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The timestamp to set as enabled\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to unpause\n */\n function unpause(BytesSet storage self, uint48 timestamp, uint48 immutablePeriod, bytes memory value) internal {\n if (self.positions[value] == 0) revert NotRegistered();\n self.array[self.positions[value] - 1].status.enable(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Checks if a bytes value can be unregistered\n * @param self The BytesSet to query\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to check\n * @return bool Whether the bytes value can be unregistered\n */\n function checkUnregister(\n BytesSet storage self,\n uint48 timestamp,\n uint48 immutablePeriod,\n bytes memory value\n ) internal view returns (bool) {\n uint256 pos = self.positions[value];\n if (pos == 0) return false;\n return self.array[pos - 1].status.checkUnregister(timestamp, immutablePeriod);\n }\n\n /**\n * @notice Unregisters a bytes value\n * @param self The BytesSet to modify\n * @param timestamp The current timestamp\n * @param immutablePeriod The required waiting period after disabling\n * @param value The bytes value to unregister\n */\n function unregister(BytesSet storage self, uint48 timestamp, uint48 immutablePeriod, bytes memory value) internal {\n uint256 pos = self.positions[value];\n if (pos == 0) revert NotRegistered();\n pos--;\n\n self.array[pos].status.validateUnregister(timestamp, immutablePeriod);\n\n if (self.array.length <= pos + 1) {\n delete self.positions[value];\n self.array.pop();\n return;\n }\n\n self.array[pos] = self.array[self.array.length - 1];\n self.array.pop();\n\n delete self.positions[value];\n self.positions[self.array[pos].value] = pos + 1;\n }\n\n /**\n * @notice Checks if a bytes value is registered\n * @param self The BytesSet to query\n * @param value The bytes value to check\n * @return bool Whether the bytes value is registered\n */\n function contains(BytesSet storage self, bytes memory value) internal view returns (bool) {\n return self.positions[value] != 0;\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAllocationManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport {OperatorSet} from \"../libraries/OperatorSetLib.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./IStrategy.sol\";\nimport \"./IAVSRegistrar.sol\";\n\ninterface IAllocationManagerErrors {\n /// Input Validation\n\n /// @dev Thrown when `wadToSlash` is zero or greater than 1e18\n error InvalidWadToSlash();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n\n /// Caller\n\n /// @dev Thrown when caller is not authorized to call a function.\n error InvalidCaller();\n\n /// Operator Status\n\n /// @dev Thrown when an invalid operator is provided.\n error InvalidOperator();\n /// @dev Thrown when an operator's allocation delay has yet to be set.\n error UninitializedAllocationDelay();\n /// @dev Thrown when attempting to slash an operator when they are not slashable.\n error OperatorNotSlashable();\n /// @dev Thrown when trying to add an operator to a set they are already a member of\n error AlreadyMemberOfSet();\n /// @dev Thrown when trying to slash/remove an operator from a set they are not a member of\n error NotMemberOfSet();\n\n /// Operator Set Status\n\n /// @dev Thrown when an invalid operator set is provided.\n error InvalidOperatorSet();\n /// @dev Thrown when provided `strategies` are not in ascending order.\n error StrategiesMustBeInAscendingOrder();\n /// @dev Thrown when trying to add a strategy to an operator set that already contains it.\n error StrategyAlreadyInOperatorSet();\n /// @dev Thrown when a strategy is referenced that does not belong to an operator set.\n error StrategyNotInOperatorSet();\n\n /// Modifying Allocations\n\n /// @dev Thrown when an operator attempts to set their allocation for an operatorSet to the same value\n error SameMagnitude();\n /// @dev Thrown when an allocation is attempted for a given operator when they have pending allocations or deallocations.\n error ModificationAlreadyPending();\n /// @dev Thrown when an allocation is attempted that exceeds a given operators total allocatable magnitude.\n error InsufficientMagnitude();\n}\n\ninterface IAllocationManagerTypes {\n /**\n * @notice Defines allocation information from a strategy to an operator set, for an operator\n * @param currentMagnitude the current magnitude allocated from the strategy to the operator set\n * @param pendingDiff a pending change in magnitude, if it exists (0 otherwise)\n * @param effectBlock the block at which the pending magnitude diff will take effect\n */\n struct Allocation {\n uint64 currentMagnitude;\n int128 pendingDiff;\n uint32 effectBlock;\n }\n\n /**\n * @notice Struct containing allocation delay metadata for a given operator.\n * @param delay Current allocation delay\n * @param isSet Whether the operator has initially set an allocation delay. Note that this could be false but the\n * block.number >= effectBlock in which we consider their delay to be configured and active.\n * @param pendingDelay The delay that will take effect after `effectBlock`\n * @param effectBlock The block number after which a pending delay will take effect\n */\n struct AllocationDelayInfo {\n uint32 delay;\n bool isSet;\n uint32 pendingDelay;\n uint32 effectBlock;\n }\n\n /**\n * @notice Contains registration details for an operator pertaining to an operator set\n * @param registered Whether the operator is currently registered for the operator set\n * @param slashableUntil If the operator is not registered, they are still slashable until\n * this block is reached.\n */\n struct RegistrationStatus {\n bool registered;\n uint32 slashableUntil;\n }\n\n /**\n * @notice Contains allocation info for a specific strategy\n * @param maxMagnitude the maximum magnitude that can be allocated between all operator sets\n * @param encumberedMagnitude the currently-allocated magnitude for the strategy\n */\n struct StrategyInfo {\n uint64 maxMagnitude;\n uint64 encumberedMagnitude;\n }\n\n /**\n * @notice Struct containing parameters to slashing\n * @param operator the address to slash\n * @param operatorSetId the ID of the operatorSet the operator is being slashed on behalf of\n * @param strategies the set of strategies to slash\n * @param wadsToSlash the parts in 1e18 to slash, this will be proportional to the operator's\n * slashable stake allocation for the operatorSet\n * @param description the description of the slashing provided by the AVS for legibility\n */\n struct SlashingParams {\n address operator;\n uint32 operatorSetId;\n IStrategy[] strategies;\n uint256[] wadsToSlash;\n string description;\n }\n\n /**\n * @notice struct used to modify the allocation of slashable magnitude to an operator set\n * @param operatorSet the operator set to modify the allocation for\n * @param strategies the strategies to modify allocations for\n * @param newMagnitudes the new magnitude to allocate for each strategy to this operator set\n */\n struct AllocateParams {\n OperatorSet operatorSet;\n IStrategy[] strategies;\n uint64[] newMagnitudes;\n }\n\n /**\n * @notice Parameters used to register for an AVS's operator sets\n * @param avs the AVS being registered for\n * @param operatorSetIds the operator sets within the AVS to register for\n * @param data extra data to be passed to the AVS to complete registration\n */\n struct RegisterParams {\n address avs;\n uint32[] operatorSetIds;\n bytes data;\n }\n\n /**\n * @notice Parameters used to deregister from an AVS's operator sets\n * @param operator the operator being deregistered\n * @param avs the avs being deregistered from\n * @param operatorSetIds the operator sets within the AVS being deregistered from\n */\n struct DeregisterParams {\n address operator;\n address avs;\n uint32[] operatorSetIds;\n }\n\n /**\n * @notice Parameters used by an AVS to create new operator sets\n * @param operatorSetId the id of the operator set to create\n * @param strategies the strategies to add as slashable to the operator set\n */\n struct CreateSetParams {\n uint32 operatorSetId;\n IStrategy[] strategies;\n }\n}\n\ninterface IAllocationManagerEvents is IAllocationManagerTypes {\n /// @notice Emitted when operator updates their allocation delay.\n event AllocationDelaySet(address operator, uint32 delay, uint32 effectBlock);\n\n /// @notice Emitted when an operator's magnitude is updated for a given operatorSet and strategy\n event AllocationUpdated(\n address operator, OperatorSet operatorSet, IStrategy strategy, uint64 magnitude, uint32 effectBlock\n );\n\n /// @notice Emitted when operator's encumbered magnitude is updated for a given strategy\n event EncumberedMagnitudeUpdated(address operator, IStrategy strategy, uint64 encumberedMagnitude);\n\n /// @notice Emitted when an operator's max magnitude is updated for a given strategy\n event MaxMagnitudeUpdated(address operator, IStrategy strategy, uint64 maxMagnitude);\n\n /// @notice Emitted when an operator is slashed by an operator set for a strategy\n /// `wadSlashed` is the proportion of the operator's total delegated stake that was slashed\n event OperatorSlashed(\n address operator, OperatorSet operatorSet, IStrategy[] strategies, uint256[] wadSlashed, string description\n );\n\n /// @notice Emitted when an AVS configures the address that will handle registration/deregistration\n event AVSRegistrarSet(address avs, IAVSRegistrar registrar);\n\n /// @notice Emitted when an AVS updates their metadata URI (Uniform Resource Identifier).\n /// @dev The URI is never stored; it is simply emitted through an event for off-chain indexing.\n event AVSMetadataURIUpdated(address indexed avs, string metadataURI);\n\n /// @notice Emitted when an operator set is created by an AVS.\n event OperatorSetCreated(OperatorSet operatorSet);\n\n /// @notice Emitted when an operator is added to an operator set.\n event OperatorAddedToOperatorSet(address indexed operator, OperatorSet operatorSet);\n\n /// @notice Emitted when an operator is removed from an operator set.\n event OperatorRemovedFromOperatorSet(address indexed operator, OperatorSet operatorSet);\n\n /// @notice Emitted when a strategy is added to an operator set.\n event StrategyAddedToOperatorSet(OperatorSet operatorSet, IStrategy strategy);\n\n /// @notice Emitted when a strategy is removed from an operator set.\n event StrategyRemovedFromOperatorSet(OperatorSet operatorSet, IStrategy strategy);\n}\n\ninterface IAllocationManager is IAllocationManagerErrors, IAllocationManagerEvents {\n /**\n * @dev Initializes the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Called by an AVS to slash an operator in a given operator set\n */\n function slashOperator(address avs, SlashingParams calldata params) external;\n\n /**\n * @notice Modifies the proportions of slashable stake allocated to an operator set from a list of strategies\n * Note that deallocations remain slashable for DEALLOCATION_DELAY blocks therefore when they are cleared they may\n * free up less allocatable magnitude than initially deallocated.\n * @param operator the operator to modify allocations for\n * @param params array of magnitude adjustments for one or more operator sets\n * @dev Updates encumberedMagnitude for the updated strategies\n */\n function modifyAllocations(address operator, AllocateParams[] calldata params) external;\n\n /**\n * @notice This function takes a list of strategies and for each strategy, removes from the deallocationQueue\n * all clearable deallocations up to max `numToClear` number of deallocations, updating the encumberedMagnitude\n * of the operator as needed.\n *\n * @param operator address to clear deallocations for\n * @param strategies a list of strategies to clear deallocations for\n * @param numToClear a list of number of pending deallocations to clear for each strategy\n *\n * @dev can be called permissionlessly by anyone\n */\n function clearDeallocationQueue(\n address operator,\n IStrategy[] calldata strategies,\n uint16[] calldata numToClear\n ) external;\n\n /**\n * @notice Allows an operator to register for one or more operator sets for an AVS. If the operator\n * has any stake allocated to these operator sets, it immediately becomes slashable.\n * @dev After registering within the ALM, this method calls the AVS Registrar's `IAVSRegistrar.\n * registerOperator` method to complete registration. This call MUST succeed in order for\n * registration to be successful.\n */\n function registerForOperatorSets(address operator, RegisterParams calldata params) external;\n\n /**\n * @notice Allows an operator or AVS to deregister the operator from one or more of the AVS's operator sets.\n * If the operator has any slashable stake allocated to the AVS, it remains slashable until the\n * DEALLOCATION_DELAY has passed.\n * @dev After deregistering within the ALM, this method calls the AVS Registrar's `IAVSRegistrar.\n * deregisterOperator` method to complete deregistration. Unlike when registering, this call MAY FAIL.\n * Failure is permitted to prevent AVSs from being able to maliciously prevent operators from deregistering.\n */\n function deregisterFromOperatorSets(\n DeregisterParams calldata params\n ) external;\n\n /**\n * @notice Called by the delegation manager OR an operator to set an operator's allocation delay.\n * This is set when the operator first registers, and is the number of blocks between an operator\n * allocating magnitude to an operator set, and the magnitude becoming slashable.\n * @param operator The operator to set the delay on behalf of.\n * @param delay the allocation delay in blocks\n */\n function setAllocationDelay(address operator, uint32 delay) external;\n\n /**\n * @notice Called by an AVS to configure the address that is called when an operator registers\n * or is deregistered from the AVS's operator sets. If not set (or set to 0), defaults\n * to the AVS's address.\n * @param registrar the new registrar address\n */\n function setAVSRegistrar(address avs, IAVSRegistrar registrar) external;\n\n /**\n * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated.\n *\n * @param metadataURI The URI for metadata associated with an AVS.\n *\n * @dev Note that the `metadataURI` is *never stored* and is only emitted in the `AVSMetadataURIUpdated` event.\n */\n function updateAVSMetadataURI(address avs, string calldata metadataURI) external;\n\n /**\n * @notice Allows an AVS to create new operator sets, defining strategies that the operator set uses\n */\n function createOperatorSets(address avs, CreateSetParams[] calldata params) external;\n\n /**\n * @notice Allows an AVS to add strategies to an operator set\n * @dev Strategies MUST NOT already exist in the operator set\n * @param avs the avs to set strategies for\n * @param operatorSetId the operator set to add strategies to\n * @param strategies the strategies to add\n */\n function addStrategiesToOperatorSet(address avs, uint32 operatorSetId, IStrategy[] calldata strategies) external;\n\n /**\n * @notice Allows an AVS to remove strategies from an operator set\n * @dev Strategies MUST already exist in the operator set\n * @param avs the avs to remove strategies for\n * @param operatorSetId the operator set to remove strategies from\n * @param strategies the strategies to remove\n */\n function removeStrategiesFromOperatorSet(\n address avs,\n uint32 operatorSetId,\n IStrategy[] calldata strategies\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n\n /**\n * @notice Returns the number of operator sets for the AVS\n * @param avs the AVS to query\n */\n function getOperatorSetCount(\n address avs\n ) external view returns (uint256);\n\n /**\n * @notice Returns the list of operator sets the operator has current or pending allocations/deallocations in\n * @param operator the operator to query\n * @return the list of operator sets the operator has current or pending allocations/deallocations in\n */\n function getAllocatedSets(\n address operator\n ) external view returns (OperatorSet[] memory);\n\n /**\n * @notice Returns the list of strategies an operator has current or pending allocations/deallocations from\n * given a specific operator set.\n * @param operator the operator to query\n * @param operatorSet the operator set to query\n * @return the list of strategies\n */\n function getAllocatedStrategies(\n address operator,\n OperatorSet memory operatorSet\n ) external view returns (IStrategy[] memory);\n\n /**\n * @notice Returns the current/pending stake allocation an operator has from a strategy to an operator set\n * @param operator the operator to query\n * @param operatorSet the operator set to query\n * @param strategy the strategy to query\n * @return the current/pending stake allocation\n */\n function getAllocation(\n address operator,\n OperatorSet memory operatorSet,\n IStrategy strategy\n ) external view returns (Allocation memory);\n\n /**\n * @notice Returns the current/pending stake allocations for multiple operators from a strategy to an operator set\n * @param operators the operators to query\n * @param operatorSet the operator set to query\n * @param strategy the strategy to query\n * @return each operator's allocation\n */\n function getAllocations(\n address[] memory operators,\n OperatorSet memory operatorSet,\n IStrategy strategy\n ) external view returns (Allocation[] memory);\n\n /**\n * @notice Given a strategy, returns a list of operator sets and corresponding stake allocations.\n * @dev Note that this returns a list of ALL operator sets the operator has allocations in. This means\n * some of the returned allocations may be zero.\n * @param operator the operator to query\n * @param strategy the strategy to query\n * @return the list of all operator sets the operator has allocations for\n * @return the corresponding list of allocations from the specific `strategy`\n */\n function getStrategyAllocations(\n address operator,\n IStrategy strategy\n ) external view returns (OperatorSet[] memory, Allocation[] memory);\n\n /**\n * @notice For a strategy, get the amount of magnitude not currently allocated to any operator set\n * @param operator the operator to query\n * @param strategy the strategy to get allocatable magnitude for\n * @return magnitude available to be allocated to an operator set\n */\n function getAllocatableMagnitude(address operator, IStrategy strategy) external view returns (uint64);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategy\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategy the strategy to get the max magnitude for\n * @return the max magnitude for the strategy\n */\n function getMaxMagnitude(address operator, IStrategy strategy) external view returns (uint64);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategies\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategies the strategies to get the max magnitudes for\n * @return the max magnitudes for each strategy\n */\n function getMaxMagnitudes(\n address operator,\n IStrategy[] calldata strategies\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the maximum magnitudes each operator can allocate for the given strategy\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operators the operators to query\n * @param strategy the strategy to get the max magnitudes for\n * @return the max magnitudes for each operator\n */\n function getMaxMagnitudes(\n address[] calldata operators,\n IStrategy strategy\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the maximum magnitude an operator can allocate for the given strategies\n * at a given block number\n * @dev The max magnitude of an operator starts at WAD (1e18), and is decreased anytime\n * the operator is slashed. This value acts as a cap on the max magnitude of the operator.\n * @param operator the operator to query\n * @param strategies the strategies to get the max magnitudes for\n * @param blockNumber the blockNumber at which to check the max magnitudes\n * @return the max magnitudes for each strategy\n */\n function getMaxMagnitudesAtBlock(\n address operator,\n IStrategy[] calldata strategies,\n uint32 blockNumber\n ) external view returns (uint64[] memory);\n\n /**\n * @notice Returns the time in blocks between an operator allocating slashable magnitude\n * and the magnitude becoming slashable. If the delay has not been set, `isSet` will be false.\n * @dev The operator must have a configured delay before allocating magnitude\n * @param operator The operator to query\n * @return isSet Whether the operator has configured a delay\n * @return delay The time in blocks between allocating magnitude and magnitude becoming slashable\n */\n function getAllocationDelay(\n address operator\n ) external view returns (bool isSet, uint32 delay);\n\n /**\n * @notice Returns a list of all operator sets the operator is registered for\n * @param operator The operator address to query.\n */\n function getRegisteredSets(\n address operator\n ) external view returns (OperatorSet[] memory operatorSets);\n\n /**\n * @notice Returns whether the operator is registered for the operator set\n * @param operator The operator to query\n * @param operatorSet The operator set to query\n */\n function isMemberOfOperatorSet(address operator, OperatorSet memory operatorSet) external view returns (bool);\n\n /**\n * @notice Returns whether the operator set exists\n */\n function isOperatorSet(\n OperatorSet memory operatorSet\n ) external view returns (bool);\n\n /**\n * @notice Returns all the operators registered to an operator set\n * @param operatorSet The operatorSet to query.\n */\n function getMembers(\n OperatorSet memory operatorSet\n ) external view returns (address[] memory operators);\n\n /**\n * @notice Returns the number of operators registered to an operatorSet.\n * @param operatorSet The operatorSet to get the member count for\n */\n function getMemberCount(\n OperatorSet memory operatorSet\n ) external view returns (uint256);\n\n /**\n * @notice Returns the address that handles registration/deregistration for the AVS\n * If not set, defaults to the input address (`avs`)\n */\n function getAVSRegistrar(\n address avs\n ) external view returns (IAVSRegistrar);\n\n /**\n * @notice Returns an array of strategies in the operatorSet.\n * @param operatorSet The operatorSet to query.\n */\n function getStrategiesInOperatorSet(\n OperatorSet memory operatorSet\n ) external view returns (IStrategy[] memory strategies);\n\n /**\n * @notice Returns the minimum amount of stake that will be slashable as of some future block,\n * according to each operator's allocation from each strategy to the operator set.\n * @dev This method queries actual delegated stakes in the DelegationManager and applies\n * each operator's allocation to the stake to produce the slashable stake each allocation\n * represents.\n * @dev This minimum takes into account `futureBlock`, and will omit any pending magnitude\n * diffs that will not be in effect as of `futureBlock`. NOTE that in order to get the true\n * minimum slashable stake as of some future block, `futureBlock` MUST be greater than block.number\n * @dev NOTE that `futureBlock` should be fewer than `DEALLOCATION_DELAY` blocks in the future,\n * or the values returned from this method may not be accurate due to deallocations.\n * @param operatorSet the operator set to query\n * @param operators the list of operators whose slashable stakes will be returned\n * @param strategies the strategies that each slashable stake corresponds to\n * @param futureBlock the block at which to get allocation information. Should be a future block.\n * @return slashableStake a list of slashable stakes, indexed by [operator][strategy]\n */\n function getMinimumSlashableStake(\n OperatorSet memory operatorSet,\n address[] memory operators,\n IStrategy[] memory strategies,\n uint32 futureBlock\n ) external view returns (uint256[][] memory slashableStake);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/ISignatureUtils.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\n/**\n * @title The interface for common signature utilities.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface ISignatureUtils {\n error InvalidSignature();\n error SignatureExpired();\n\n // @notice Struct that bundles together a signature and an expiration time for the signature. Used primarily for stack management.\n struct SignatureWithExpiry {\n // the signature itself, formatted as a single bytes object\n bytes signature;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n\n // @notice Struct that bundles together a signature, a salt for uniqueness, and an expiration time for the signature. Used primarily for stack management.\n struct SignatureWithSaltAndExpiry {\n // the signature itself, formatted as a single bytes object\n bytes signature;\n // the salt used to generate the signature\n bytes32 salt;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IDelegationManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./IStrategy.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./ISignatureUtils.sol\";\nimport \"../libraries/SlashingLib.sol\";\n\ninterface IDelegationManagerErrors {\n /// @dev Thrown when caller is neither the StrategyManager or EigenPodManager contract.\n error OnlyStrategyManagerOrEigenPodManager();\n /// @dev Thrown when msg.sender is not the EigenPodManager\n error OnlyEigenPodManager();\n /// @dev Throw when msg.sender is not the AllocationManager\n error OnlyAllocationManager();\n\n /// Delegation Status\n\n /// @dev Thrown when an operator attempts to undelegate.\n error OperatorsCannotUndelegate();\n /// @dev Thrown when an account is actively delegated.\n error ActivelyDelegated();\n /// @dev Thrown when an account is not actively delegated.\n error NotActivelyDelegated();\n /// @dev Thrown when `operator` is not a registered operator.\n error OperatorNotRegistered();\n\n /// Invalid Inputs\n\n /// @dev Thrown when attempting to execute an action that was not queued.\n error WithdrawalNotQueued();\n /// @dev Thrown when caller cannot undelegate on behalf of a staker.\n error CallerCannotUndelegate();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n /// @dev Thrown when input arrays length is zero.\n error InputArrayLengthZero();\n\n /// Slashing\n\n /// @dev Thrown when an operator has been fully slashed(maxMagnitude is 0) for a strategy.\n /// or if the staker has had been natively slashed to the point of their beaconChainScalingFactor equalling 0.\n error FullySlashed();\n\n /// Signatures\n\n /// @dev Thrown when attempting to spend a spent eip-712 salt.\n error SaltSpent();\n\n /// Withdrawal Processing\n\n /// @dev Thrown when attempting to withdraw before delay has elapsed.\n error WithdrawalDelayNotElapsed();\n /// @dev Thrown when withdrawer is not the current caller.\n error WithdrawerNotCaller();\n}\n\ninterface IDelegationManagerTypes {\n // @notice Struct used for storing information about a single operator who has registered with EigenLayer\n struct OperatorDetails {\n /// @notice DEPRECATED -- this field is no longer used, payments are handled in RewardsCoordinator.sol\n address __deprecated_earningsReceiver;\n /**\n * @notice Address to verify signatures when a staker wishes to delegate to the operator, as well as controlling \"forced undelegations\".\n * @dev Signature verification follows these rules:\n * 1) If this address is left as address(0), then any staker will be free to delegate to the operator, i.e. no signature verification will be performed.\n * 2) If this address is an EOA (i.e. it has no code), then we follow standard ECDSA signature verification for delegations to the operator.\n * 3) If this address is a contract (i.e. it has code) then we forward a call to the contract and verify that it returns the correct EIP-1271 \"magic value\".\n */\n address delegationApprover;\n /// @notice DEPRECATED -- this field is no longer used. An analogous field is the `allocationDelay` stored in the AllocationManager\n uint32 __deprecated_stakerOptOutWindowBlocks;\n }\n\n /**\n * @notice Abstract struct used in calculating an EIP712 signature for an operator's delegationApprover to approve that a specific staker delegate to the operator.\n * @dev Used in computing the `DELEGATION_APPROVAL_TYPEHASH` and as a reference in the computation of the approverDigestHash in the `_delegate` function.\n */\n struct DelegationApproval {\n // the staker who is delegating\n address staker;\n // the operator being delegated to\n address operator;\n // the operator's provided salt\n bytes32 salt;\n // the expiration timestamp (UTC) of the signature\n uint256 expiry;\n }\n\n /**\n * @dev A struct representing an existing queued withdrawal. After the withdrawal delay has elapsed, this withdrawal can be completed via `completeQueuedWithdrawal`.\n * A `Withdrawal` is created by the `DelegationManager` when `queueWithdrawals` is called. The `withdrawalRoots` hashes returned by `queueWithdrawals` can be used\n * to fetch the corresponding `Withdrawal` from storage (via `getQueuedWithdrawal`).\n *\n * @param staker The address that queued the withdrawal\n * @param delegatedTo The address that the staker was delegated to at the time the withdrawal was queued. Used to determine if additional slashing occurred before\n * this withdrawal became completeable.\n * @param withdrawer The address that will call the contract to complete the withdrawal. Note that this will always equal `staker`; alternate withdrawers are not\n * supported at this time.\n * @param nonce The staker's `cumulativeWithdrawalsQueued` at time of queuing. Used to ensure withdrawals have unique hashes.\n * @param startBlock The block number when the withdrawal was queued.\n * @param strategies The strategies requested for withdrawal when the withdrawal was queued\n * @param scaledShares The staker's deposit shares requested for withdrawal, scaled by the staker's `depositScalingFactor`. Upon completion, these will be\n * scaled by the appropriate slashing factor as of the withdrawal's completable block. The result is what is actually withdrawable.\n */\n struct Withdrawal {\n address staker;\n address delegatedTo;\n address withdrawer;\n uint256 nonce;\n uint32 startBlock;\n IStrategy[] strategies;\n uint256[] scaledShares;\n }\n\n /**\n * @param strategies The strategies to withdraw from\n * @param depositShares For each strategy, the number of deposit shares to withdraw. Deposit shares can\n * be queried via `getDepositedShares`.\n * NOTE: The number of shares ultimately received when a withdrawal is completed may be lower depositShares\n * if the staker or their delegated operator has experienced slashing.\n * @param __deprecated_withdrawer This field is ignored. The only party that may complete a withdrawal\n * is the staker that originally queued it. Alternate withdrawers are not supported.\n */\n struct QueuedWithdrawalParams {\n IStrategy[] strategies;\n uint256[] depositShares;\n address __deprecated_withdrawer;\n }\n}\n\ninterface IDelegationManagerEvents is IDelegationManagerTypes {\n // @notice Emitted when a new operator registers in EigenLayer and provides their delegation approver.\n event OperatorRegistered(address indexed operator, address delegationApprover);\n\n /// @notice Emitted when an operator updates their delegation approver\n event DelegationApproverUpdated(address indexed operator, address newDelegationApprover);\n\n /**\n * @notice Emitted when @param operator indicates that they are updating their MetadataURI string\n * @dev Note that these strings are *never stored in storage* and are instead purely emitted in events for off-chain indexing\n */\n event OperatorMetadataURIUpdated(address indexed operator, string metadataURI);\n\n /// @notice Emitted whenever an operator's shares are increased for a given strategy. Note that shares is the delta in the operator's shares.\n event OperatorSharesIncreased(address indexed operator, address staker, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted whenever an operator's shares are decreased for a given strategy. Note that shares is the delta in the operator's shares.\n event OperatorSharesDecreased(address indexed operator, address staker, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when @param staker delegates to @param operator.\n event StakerDelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when @param staker undelegates from @param operator.\n event StakerUndelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when @param staker is undelegated via a call not originating from the staker themself\n event StakerForceUndelegated(address indexed staker, address indexed operator);\n\n /// @notice Emitted when a staker's depositScalingFactor is updated\n event DepositScalingFactorUpdated(address staker, IStrategy strategy, uint256 newDepositScalingFactor);\n\n /**\n * @notice Emitted when a new withdrawal is queued.\n * @param withdrawalRoot Is the hash of the `withdrawal`.\n * @param withdrawal Is the withdrawal itself.\n * @param sharesToWithdraw Is an array of the expected shares that were queued for withdrawal corresponding to the strategies in the `withdrawal`.\n */\n event SlashingWithdrawalQueued(bytes32 withdrawalRoot, Withdrawal withdrawal, uint256[] sharesToWithdraw);\n\n /// @notice Emitted when a queued withdrawal is completed\n event SlashingWithdrawalCompleted(bytes32 withdrawalRoot);\n}\n\n/**\n * @title DelegationManager\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice This is the contract for delegation in EigenLayer. The main functionalities of this contract are\n * - enabling anyone to register as an operator in EigenLayer\n * - allowing operators to specify parameters related to stakers who delegate to them\n * - enabling any staker to delegate its stake to the operator of its choice (a given staker can only delegate to a single operator at a time)\n * - enabling a staker to undelegate its assets from the operator it is delegated to (performed as part of the withdrawal process, initiated through the StrategyManager)\n */\ninterface IDelegationManager is ISignatureUtils, IDelegationManagerErrors, IDelegationManagerEvents {\n /**\n * @dev Initializes the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Registers the caller as an operator in EigenLayer.\n * @param initDelegationApprover is an address that, if set, must provide a signature when stakers delegate\n * to an operator.\n * @param allocationDelay The delay before allocations take effect.\n * @param metadataURI is a URI for the operator's metadata, i.e. a link providing more details on the operator.\n *\n * @dev Once an operator is registered, they cannot 'deregister' as an operator, and they will forever be considered \"delegated to themself\".\n * @dev This function will revert if the caller is already delegated to an operator.\n * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event\n */\n function registerAsOperator(\n address initDelegationApprover,\n uint32 allocationDelay,\n string calldata metadataURI\n ) external;\n\n /**\n * @notice Updates an operator's stored `delegationApprover`.\n * @param operator is the operator to update the delegationApprover for\n * @param newDelegationApprover is the new delegationApprover for the operator\n *\n * @dev The caller must have previously registered as an operator in EigenLayer.\n */\n function modifyOperatorDetails(address operator, address newDelegationApprover) external;\n\n /**\n * @notice Called by an operator to emit an `OperatorMetadataURIUpdated` event indicating the information has updated.\n * @param operator The operator to update metadata for\n * @param metadataURI The URI for metadata associated with an operator\n * @dev Note that the `metadataURI` is *never stored * and is only emitted in the `OperatorMetadataURIUpdated` event\n */\n function updateOperatorMetadataURI(address operator, string calldata metadataURI) external;\n\n /**\n * @notice Caller delegates their stake to an operator.\n * @param operator The account (`msg.sender`) is delegating its assets to for use in serving applications built on EigenLayer.\n * @param approverSignatureAndExpiry (optional) Verifies the operator approves of this delegation\n * @param approverSalt (optional) A unique single use value tied to an individual signature.\n * @dev The signature/salt are used ONLY if the operator has configured a delegationApprover.\n * If they have not, these params can be left empty.\n */\n function delegateTo(\n address operator,\n SignatureWithExpiry memory approverSignatureAndExpiry,\n bytes32 approverSalt\n ) external;\n\n /**\n * @notice Undelegates the staker from their operator and queues a withdrawal for all of their shares\n * @param staker The account to be undelegated\n * @return withdrawalRoots The roots of the newly queued withdrawals, if a withdrawal was queued. Returns\n * an empty array if none was queued.\n *\n * @dev Reverts if the `staker` is also an operator, since operators are not allowed to undelegate from themselves.\n * @dev Reverts if the caller is not the staker, nor the operator who the staker is delegated to, nor the operator's specified \"delegationApprover\"\n * @dev Reverts if the `staker` is not delegated to an operator\n */\n function undelegate(\n address staker\n ) external returns (bytes32[] memory withdrawalRoots);\n\n /**\n * @notice Undelegates the staker from their current operator, and redelegates to `newOperator`\n * Queues a withdrawal for all of the staker's withdrawable shares. These shares will only be\n * delegated to `newOperator` AFTER the withdrawal is completed.\n * @dev This method acts like a call to `undelegate`, then `delegateTo`\n * @param newOperator the new operator that will be delegated all assets\n * @dev NOTE: the following 2 params are ONLY checked if `newOperator` has a `delegationApprover`.\n * If not, they can be left empty.\n * @param newOperatorApproverSig A signature from the operator's `delegationApprover`\n * @param approverSalt A unique single use value tied to the approver's signature\n */\n function redelegate(\n address newOperator,\n SignatureWithExpiry memory newOperatorApproverSig,\n bytes32 approverSalt\n ) external returns (bytes32[] memory withdrawalRoots);\n\n /**\n * @notice Allows a staker to queue a withdrawal of their deposit shares. The withdrawal can be\n * completed after the MIN_WITHDRAWAL_DELAY_BLOCKS via either of the completeQueuedWithdrawal methods.\n *\n * While in the queue, these shares are removed from the staker's balance, as well as from their operator's\n * delegated share balance (if applicable). Note that while in the queue, deposit shares are still subject\n * to slashing. If any slashing has occurred, the shares received may be less than the queued deposit shares.\n *\n * @dev To view all the staker's strategies/deposit shares that can be queued for withdrawal, see `getDepositedShares`\n * @dev To view the current coversion between a staker's deposit shares and withdrawable shares, see `getWithdrawableShares`\n */\n function queueWithdrawals(\n QueuedWithdrawalParams[] calldata params\n ) external returns (bytes32[] memory);\n\n /**\n * @notice Used to complete a queued withdrawal\n * @param withdrawal The withdrawal to complete\n * @param tokens Array in which the i-th entry specifies the `token` input to the 'withdraw' function of the i-th Strategy in the `withdrawal.strategies` array.\n * @param tokens For each `withdrawal.strategies`, the underlying token of the strategy\n * NOTE: if `receiveAsTokens` is false, the `tokens` array is unused and can be filled with default values. However, `tokens.length` MUST still be equal to `withdrawal.strategies.length`.\n * NOTE: For the `beaconChainETHStrategy`, the corresponding `tokens` value is ignored (can be 0).\n * @param receiveAsTokens If true, withdrawn shares will be converted to tokens and sent to the caller. If false, the caller receives shares that can be delegated to an operator.\n * NOTE: if the caller receives shares and is currently delegated to an operator, the received shares are\n * automatically delegated to the caller's current operator.\n */\n function completeQueuedWithdrawal(\n Withdrawal calldata withdrawal,\n IERC20[] calldata tokens,\n bool receiveAsTokens\n ) external;\n\n /**\n * @notice Used to complete multiple queued withdrawals\n * @param withdrawals Array of Withdrawals to complete. See `completeQueuedWithdrawal` for the usage of a single Withdrawal.\n * @param tokens Array of tokens for each Withdrawal. See `completeQueuedWithdrawal` for the usage of a single array.\n * @param receiveAsTokens Whether or not to complete each withdrawal as tokens. See `completeQueuedWithdrawal` for the usage of a single boolean.\n * @dev See `completeQueuedWithdrawal` for relevant dev tags\n */\n function completeQueuedWithdrawals(\n Withdrawal[] calldata withdrawals,\n IERC20[][] calldata tokens,\n bool[] calldata receiveAsTokens\n ) external;\n\n /**\n * @notice Called by a share manager when a staker's deposit share balance in a strategy increases.\n * This method delegates any new shares to an operator (if applicable), and updates the staker's\n * deposit scaling factor regardless.\n * @param staker The address whose deposit shares have increased\n * @param strategy The strategy in which shares have been deposited\n * @param prevDepositShares The number of deposit shares the staker had in the strategy prior to the increase\n * @param addedShares The number of deposit shares added by the staker\n *\n * @dev Note that if the either the staker's current operator has been slashed 100% for `strategy`, OR the\n * staker has been slashed 100% on the beacon chain such that the calculated slashing factor is 0, this\n * method WILL REVERT.\n */\n function increaseDelegatedShares(\n address staker,\n IStrategy strategy,\n uint256 prevDepositShares,\n uint256 addedShares\n ) external;\n\n /**\n * @notice If the staker is delegated, decreases its operator's shares in response to\n * a decrease in balance in the beaconChainETHStrategy\n * @param staker the staker whose operator's balance will be decreased\n * @param curDepositShares the current deposit shares held by the staker\n * @param beaconChainSlashingFactorDecrease the amount that the staker's beaconChainSlashingFactor has decreased by\n * @dev Note: `beaconChainSlashingFactorDecrease` are assumed to ALWAYS be < 1 WAD.\n * These invariants are maintained in the EigenPodManager.\n */\n function decreaseDelegatedShares(\n address staker,\n uint256 curDepositShares,\n uint64 beaconChainSlashingFactorDecrease\n ) external;\n\n /**\n * @notice Decreases the operators shares in storage after a slash and increases the burnable shares by calling\n * into either the StrategyManager or EigenPodManager (if the strategy is beaconChainETH).\n * @param operator The operator to decrease shares for\n * @param strategy The strategy to decrease shares for\n * @param prevMaxMagnitude the previous maxMagnitude of the operator\n * @param newMaxMagnitude the new maxMagnitude of the operator\n * @dev Callable only by the AllocationManager\n * @dev Note: Assumes `prevMaxMagnitude <= newMaxMagnitude`. This invariant is maintained in\n * the AllocationManager.\n */\n function slashOperatorShares(\n address operator,\n IStrategy strategy,\n uint64 prevMaxMagnitude,\n uint64 newMaxMagnitude\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n\n /**\n * @notice returns the address of the operator that `staker` is delegated to.\n * @notice Mapping: staker => operator whom the staker is currently delegated to.\n * @dev Note that returning address(0) indicates that the staker is not actively delegated to any operator.\n */\n function delegatedTo(\n address staker\n ) external view returns (address);\n\n /**\n * @notice Mapping: delegationApprover => 32-byte salt => whether or not the salt has already been used by the delegationApprover.\n * @dev Salts are used in the `delegateTo` function. Note that this function only processes the delegationApprover's\n * signature + the provided salt if the operator being delegated to has specified a nonzero address as their `delegationApprover`.\n */\n function delegationApproverSaltIsSpent(address _delegationApprover, bytes32 salt) external view returns (bool);\n\n /// @notice Mapping: staker => cumulative number of queued withdrawals they have ever initiated.\n /// @dev This only increments (doesn't decrement), and is used to help ensure that otherwise identical withdrawals have unique hashes.\n function cumulativeWithdrawalsQueued(\n address staker\n ) external view returns (uint256);\n\n /**\n * @notice Returns 'true' if `staker` *is* actively delegated, and 'false' otherwise.\n */\n function isDelegated(\n address staker\n ) external view returns (bool);\n\n /**\n * @notice Returns true is an operator has previously registered for delegation.\n */\n function isOperator(\n address operator\n ) external view returns (bool);\n\n /**\n * @notice Returns the delegationApprover account for an operator\n */\n function delegationApprover(\n address operator\n ) external view returns (address);\n\n /**\n * @notice Returns the shares that an operator has delegated to them in a set of strategies\n * @param operator the operator to get shares for\n * @param strategies the strategies to get shares for\n */\n function getOperatorShares(\n address operator,\n IStrategy[] memory strategies\n ) external view returns (uint256[] memory);\n\n /**\n * @notice Returns the shares that a set of operators have delegated to them in a set of strategies\n * @param operators the operators to get shares for\n * @param strategies the strategies to get shares for\n */\n function getOperatorsShares(\n address[] memory operators,\n IStrategy[] memory strategies\n ) external view returns (uint256[][] memory);\n\n /**\n * @notice Returns amount of withdrawable shares from an operator for a strategy that is still in the queue\n * and therefore slashable. Note that the *actual* slashable amount could be less than this value as this doesn't account\n * for amounts that have already been slashed. This assumes that none of the shares have been slashed.\n * @param operator the operator to get shares for\n * @param strategy the strategy to get shares for\n * @return the amount of shares that are slashable in the withdrawal queue for an operator and a strategy\n */\n function getSlashableSharesInQueue(address operator, IStrategy strategy) external view returns (uint256);\n\n /**\n * @notice Given a staker and a set of strategies, return the shares they can queue for withdrawal and the\n * corresponding depositShares.\n * This value depends on which operator the staker is delegated to.\n * The shares amount returned is the actual amount of Strategy shares the staker would receive (subject\n * to each strategy's underlying shares to token ratio).\n */\n function getWithdrawableShares(\n address staker,\n IStrategy[] memory strategies\n ) external view returns (uint256[] memory withdrawableShares, uint256[] memory depositShares);\n\n /**\n * @notice Returns the number of shares in storage for a staker and all their strategies\n */\n function getDepositedShares(\n address staker\n ) external view returns (IStrategy[] memory, uint256[] memory);\n\n /**\n * @notice Returns the scaling factor applied to a staker's deposits for a given strategy\n */\n function depositScalingFactor(address staker, IStrategy strategy) external view returns (uint256);\n\n /// @notice Returns the Withdrawal associated with a `withdrawalRoot`, if it exists. NOTE that\n /// withdrawals queued before the slashing release can NOT be queried with this method.\n function getQueuedWithdrawal(\n bytes32 withdrawalRoot\n ) external view returns (Withdrawal memory);\n\n /// @notice Returns a list of pending queued withdrawals for a `staker`, and the `shares` to be withdrawn.\n function getQueuedWithdrawals(\n address staker\n ) external view returns (Withdrawal[] memory withdrawals, uint256[][] memory shares);\n\n /// @notice Returns a list of queued withdrawal roots for the `staker`.\n /// NOTE that this only returns withdrawals queued AFTER the slashing release.\n function getQueuedWithdrawalRoots(\n address staker\n ) external view returns (bytes32[] memory);\n\n /**\n * @notice Converts shares for a set of strategies to deposit shares, likely in order to input into `queueWithdrawals`\n * @param staker the staker to convert shares for\n * @param strategies the strategies to convert shares for\n * @param withdrawableShares the shares to convert\n * @return the deposit shares\n * @dev will be a few wei off due to rounding errors\n */\n function convertToDepositShares(\n address staker,\n IStrategy[] memory strategies,\n uint256[] memory withdrawableShares\n ) external view returns (uint256[] memory);\n\n /// @notice Returns the keccak256 hash of `withdrawal`.\n function calculateWithdrawalRoot(\n Withdrawal memory withdrawal\n ) external pure returns (bytes32);\n\n /**\n * @notice Calculates the digest hash to be signed by the operator's delegationApprove and used in the `delegateTo` function.\n * @param staker The account delegating their stake\n * @param operator The account receiving delegated stake\n * @param _delegationApprover the operator's `delegationApprover` who will be signing the delegationHash (in general)\n * @param approverSalt A unique and single use value associated with the approver signature.\n * @param expiry Time after which the approver's signature becomes invalid\n */\n function calculateDelegationApprovalDigestHash(\n address staker,\n address operator,\n address _delegationApprover,\n bytes32 approverSalt,\n uint256 expiry\n ) external view returns (bytes32);\n\n /// @notice return address of the beaconChainETHStrategy\n function beaconChainETHStrategy() external view returns (IStrategy);\n\n /**\n * @notice Returns the minimum withdrawal delay in blocks to pass for withdrawals queued to be completable.\n * Also applies to legacy withdrawals so any withdrawals not completed prior to the slashing upgrade will be subject\n * to this longer delay.\n * @dev Backwards-compatible interface to return the internal `MIN_WITHDRAWAL_DELAY_BLOCKS` value\n * @dev Previous value in storage was deprecated. See `__deprecated_minWithdrawalDelayBlocks`\n */\n function minWithdrawalDelayBlocks() external view returns (uint32);\n\n /// @notice The EIP-712 typehash for the DelegationApproval struct used by the contract\n function DELEGATION_APPROVAL_TYPEHASH() external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IStrategyManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./IStrategy.sol\";\nimport \"./IShareManager.sol\";\nimport \"./IDelegationManager.sol\";\nimport \"./IEigenPodManager.sol\";\n\ninterface IStrategyManagerErrors {\n /// @dev Thrown when total strategies deployed exceeds max.\n error MaxStrategiesExceeded();\n /// @dev Thrown when call attempted from address that's not delegation manager.\n error OnlyDelegationManager();\n /// @dev Thrown when call attempted from address that's not strategy whitelister.\n error OnlyStrategyWhitelister();\n /// @dev Thrown when provided `shares` amount is too high.\n error SharesAmountTooHigh();\n /// @dev Thrown when provided `shares` amount is zero.\n error SharesAmountZero();\n /// @dev Thrown when provided `staker` address is null.\n error StakerAddressZero();\n /// @dev Thrown when provided `strategy` not found.\n error StrategyNotFound();\n /// @dev Thrown when attempting to deposit to a non-whitelisted strategy.\n error StrategyNotWhitelisted();\n}\n\ninterface IStrategyManagerEvents {\n /**\n * @notice Emitted when a new deposit occurs on behalf of `staker`.\n * @param staker Is the staker who is depositing funds into EigenLayer.\n * @param strategy Is the strategy that `staker` has deposited into.\n * @param token Is the token that `staker` deposited.\n * @param shares Is the number of new shares `staker` has been granted in `strategy`.\n */\n event Deposit(address staker, IERC20 token, IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when the `strategyWhitelister` is changed\n event StrategyWhitelisterChanged(address previousAddress, address newAddress);\n\n /// @notice Emitted when a strategy is added to the approved list of strategies for deposit\n event StrategyAddedToDepositWhitelist(IStrategy strategy);\n\n /// @notice Emitted when a strategy is removed from the approved list of strategies for deposit\n event StrategyRemovedFromDepositWhitelist(IStrategy strategy);\n\n /// @notice Emitted when an operator is slashed and shares to be burned are increased\n event BurnableSharesIncreased(IStrategy strategy, uint256 shares);\n\n /// @notice Emitted when shares are burned\n event BurnableSharesDecreased(IStrategy strategy, uint256 shares);\n}\n\n/**\n * @title Interface for the primary entrypoint for funds into EigenLayer.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice See the `StrategyManager` contract itself for implementation details.\n */\ninterface IStrategyManager is IStrategyManagerErrors, IStrategyManagerEvents, IShareManager {\n /**\n * @notice Initializes the strategy manager contract. Sets the `pauserRegistry` (currently **not** modifiable after being set),\n * and transfers contract ownership to the specified `initialOwner`.\n * @param initialOwner Ownership of this contract is transferred to this address.\n * @param initialStrategyWhitelister The initial value of `strategyWhitelister` to set.\n * @param initialPausedStatus The initial value of `_paused` to set.\n */\n function initialize(\n address initialOwner,\n address initialStrategyWhitelister,\n uint256 initialPausedStatus\n ) external;\n\n /**\n * @notice Deposits `amount` of `token` into the specified `strategy` and credits shares to the caller\n * @param strategy the strategy that handles `token`\n * @param token the token from which the `amount` will be transferred\n * @param amount the number of tokens to deposit\n * @return depositShares the number of deposit shares credited to the caller\n * @dev The caller must have previously approved this contract to transfer at least `amount` of `token` on their behalf.\n *\n * WARNING: Be extremely cautious when depositing tokens that do not strictly adhere to ERC20 standards.\n * Tokens that diverge significantly from ERC20 norms can cause unexpected behavior in token balances for\n * that strategy, e.g. ERC-777 tokens allowing cross-contract reentrancy.\n */\n function depositIntoStrategy(\n IStrategy strategy,\n IERC20 token,\n uint256 amount\n ) external returns (uint256 depositShares);\n\n /**\n * @notice Deposits `amount` of `token` into the specified `strategy` and credits shares to the `staker`\n * Note tokens are transferred from `msg.sender`, NOT from `staker`. This method allows the caller, using a\n * signature, to deposit their tokens to another staker's balance.\n * @param strategy the strategy that handles `token`\n * @param token the token from which the `amount` will be transferred\n * @param amount the number of tokens to transfer from the caller to the strategy\n * @param staker the staker that the deposited assets will be credited to\n * @param expiry the timestamp at which the signature expires\n * @param signature a valid ECDSA or EIP-1271 signature from `staker`\n * @return depositShares the number of deposit shares credited to `staker`\n * @dev The caller must have previously approved this contract to transfer at least `amount` of `token` on their behalf.\n *\n * WARNING: Be extremely cautious when depositing tokens that do not strictly adhere to ERC20 standards.\n * Tokens that diverge significantly from ERC20 norms can cause unexpected behavior in token balances for\n * that strategy, e.g. ERC-777 tokens allowing cross-contract reentrancy.\n */\n function depositIntoStrategyWithSignature(\n IStrategy strategy,\n IERC20 token,\n uint256 amount,\n address staker,\n uint256 expiry,\n bytes memory signature\n ) external returns (uint256 depositShares);\n\n /**\n * @notice Burns Strategy shares for the given strategy by calling into the strategy to transfer\n * to the default burn address.\n * @param strategy The strategy to burn shares in.\n */\n function burnShares(\n IStrategy strategy\n ) external;\n\n /**\n * @notice Owner-only function to change the `strategyWhitelister` address.\n * @param newStrategyWhitelister new address for the `strategyWhitelister`.\n */\n function setStrategyWhitelister(\n address newStrategyWhitelister\n ) external;\n\n /**\n * @notice Owner-only function that adds the provided Strategies to the 'whitelist' of strategies that stakers can deposit into\n * @param strategiesToWhitelist Strategies that will be added to the `strategyIsWhitelistedForDeposit` mapping (if they aren't in it already)\n */\n function addStrategiesToDepositWhitelist(\n IStrategy[] calldata strategiesToWhitelist\n ) external;\n\n /**\n * @notice Owner-only function that removes the provided Strategies from the 'whitelist' of strategies that stakers can deposit into\n * @param strategiesToRemoveFromWhitelist Strategies that will be removed to the `strategyIsWhitelistedForDeposit` mapping (if they are in it)\n */\n function removeStrategiesFromDepositWhitelist(\n IStrategy[] calldata strategiesToRemoveFromWhitelist\n ) external;\n\n /// @notice Returns bool for whether or not `strategy` is whitelisted for deposit\n function strategyIsWhitelistedForDeposit(\n IStrategy strategy\n ) external view returns (bool);\n\n /**\n * @notice Get all details on the staker's deposits and corresponding shares\n * @return (staker's strategies, shares in these strategies)\n */\n function getDeposits(\n address staker\n ) external view returns (IStrategy[] memory, uint256[] memory);\n\n function getStakerStrategyList(\n address staker\n ) external view returns (IStrategy[] memory);\n\n /// @notice Simple getter function that returns `stakerStrategyList[staker].length`.\n function stakerStrategyListLength(\n address staker\n ) external view returns (uint256);\n\n /// @notice Returns the current shares of `user` in `strategy`\n function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 shares);\n\n /// @notice Returns the single, central Delegation contract of EigenLayer\n function delegation() external view returns (IDelegationManager);\n\n /// @notice Returns the address of the `strategyWhitelister`\n function strategyWhitelister() external view returns (address);\n\n /**\n * @param staker The address of the staker.\n * @param strategy The strategy to deposit into.\n * @param token The token to deposit.\n * @param amount The amount of `token` to deposit.\n * @param nonce The nonce of the staker.\n * @param expiry The expiry of the signature.\n * @return The EIP-712 signable digest hash.\n */\n function calculateStrategyDepositDigestHash(\n address staker,\n IStrategy strategy,\n IERC20 token,\n uint256 amount,\n uint256 nonce,\n uint256 expiry\n ) external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAVSDirectory.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"./ISignatureUtils.sol\";\nimport \"./IPauserRegistry.sol\";\nimport \"./IStrategy.sol\";\n\ninterface IAVSDirectoryErrors {\n /// Operator Status\n\n /// @dev Thrown when an operator does not exist in the DelegationManager\n error OperatorNotRegisteredToEigenLayer();\n /// @dev Thrown when an operator is already registered to an AVS.\n error OperatorNotRegisteredToAVS();\n /// @dev Thrown when `operator` is already registered to the AVS.\n error OperatorAlreadyRegisteredToAVS();\n /// @dev Thrown when attempting to spend a spent eip-712 salt.\n error SaltSpent();\n}\n\ninterface IAVSDirectoryTypes {\n /// @notice Enum representing the registration status of an operator with an AVS.\n /// @notice Only used by legacy M2 AVSs that have not integrated with operatorSets.\n enum OperatorAVSRegistrationStatus {\n UNREGISTERED, // Operator not registered to AVS\n REGISTERED // Operator registered to AVS\n\n }\n\n /**\n * @notice Struct representing the registration status of an operator with an operator set.\n * Keeps track of last deregistered timestamp for slashability concerns.\n * @param registered whether the operator is registered with the operator set\n * @param lastDeregisteredTimestamp the timestamp at which the operator was last deregistered\n */\n struct OperatorSetRegistrationStatus {\n bool registered;\n uint32 lastDeregisteredTimestamp;\n }\n}\n\ninterface IAVSDirectoryEvents is IAVSDirectoryTypes {\n /**\n * @notice Emitted when an operator's registration status with an AVS id udpated\n * @notice Only used by legacy M2 AVSs that have not integrated with operatorSets.\n */\n event OperatorAVSRegistrationStatusUpdated(\n address indexed operator, address indexed avs, OperatorAVSRegistrationStatus status\n );\n\n /// @notice Emitted when an AVS updates their metadata URI (Uniform Resource Identifier).\n /// @dev The URI is never stored; it is simply emitted through an event for off-chain indexing.\n event AVSMetadataURIUpdated(address indexed avs, string metadataURI);\n}\n\ninterface IAVSDirectory is IAVSDirectoryEvents, IAVSDirectoryErrors, ISignatureUtils {\n /**\n *\n * EXTERNAL FUNCTIONS\n *\n */\n\n /**\n * @dev Initializes the addresses of the initial owner and paused status.\n */\n function initialize(address initialOwner, uint256 initialPausedStatus) external;\n\n /**\n * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated.\n *\n * @param metadataURI The URI for metadata associated with an AVS.\n *\n * @dev Note that the `metadataURI` is *never stored* and is only emitted in the `AVSMetadataURIUpdated` event.\n */\n function updateAVSMetadataURI(\n string calldata metadataURI\n ) external;\n\n /**\n * @notice Called by an operator to cancel a salt that has been used to register with an AVS.\n *\n * @param salt A unique and single use value associated with the approver signature.\n */\n function cancelSalt(\n bytes32 salt\n ) external;\n\n /**\n * @notice Legacy function called by the AVS's service manager contract\n * to register an operator with the AVS. NOTE: this function will be deprecated in a future release\n * after the slashing release. New AVSs should use `registerForOperatorSets` instead.\n *\n * @param operator The address of the operator to register.\n * @param operatorSignature The signature, salt, and expiry of the operator's signature.\n *\n * @dev msg.sender must be the AVS.\n * @dev Only used by legacy M2 AVSs that have not integrated with operator sets.\n */\n function registerOperatorToAVS(\n address operator,\n ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature\n ) external;\n\n /**\n * @notice Legacy function called by an AVS to deregister an operator from the AVS.\n * NOTE: this function will be deprecated in a future release after the slashing release.\n * New AVSs integrating should use `deregisterOperatorFromOperatorSets` instead.\n *\n * @param operator The address of the operator to deregister.\n *\n * @dev Only used by legacy M2 AVSs that have not integrated with operator sets.\n */\n function deregisterOperatorFromAVS(\n address operator\n ) external;\n\n /**\n *\n * VIEW FUNCTIONS\n *\n */\n function operatorSaltIsSpent(address operator, bytes32 salt) external view returns (bool);\n\n /**\n * @notice Calculates the digest hash to be signed by an operator to register with an AVS.\n *\n * @param operator The account registering as an operator.\n * @param avs The AVS the operator is registering with.\n * @param salt A unique and single-use value associated with the approver's signature.\n * @param expiry The time after which the approver's signature becomes invalid.\n */\n function calculateOperatorAVSRegistrationDigestHash(\n address operator,\n address avs,\n bytes32 salt,\n uint256 expiry\n ) external view returns (bytes32);\n\n /// @notice The EIP-712 typehash for the Registration struct used by the contract.\n function OPERATOR_AVS_REGISTRATION_TYPEHASH() external view returns (bytes32);\n\n /// @notice The EIP-712 typehash for the OperatorSetRegistration struct used by the contract.\n function OPERATOR_SET_REGISTRATION_TYPEHASH() external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IAVSRegistrar.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\ninterface IAVSRegistrar {\n /**\n * @notice Called by the AllocationManager when an operator wants to register\n * for one or more operator sets. This method should revert if registration\n * is unsuccessful.\n * @param operator the registering operator\n * @param operatorSetIds the list of operator set ids being registered for\n * @param data arbitrary data the operator can provide as part of registration\n */\n function registerOperator(address operator, uint32[] calldata operatorSetIds, bytes calldata data) external;\n\n /**\n * @notice Called by the AllocationManager when an operator is deregistered from\n * one or more operator sets. If this method reverts, it is ignored.\n * @param operator the deregistering operator\n * @param operatorSetIds the list of operator set ids being deregistered from\n */\n function deregisterOperator(address operator, uint32[] calldata operatorSetIds) external;\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IStrategy.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\nimport \"../libraries/SlashingLib.sol\";\n\ninterface IStrategyErrors {\n /// @dev Thrown when called by an account that is not strategy manager.\n error OnlyStrategyManager();\n /// @dev Thrown when new shares value is zero.\n error NewSharesZero();\n /// @dev Thrown when total shares exceeds max.\n error TotalSharesExceedsMax();\n /// @dev Thrown when amount shares is greater than total shares.\n error WithdrawalAmountExceedsTotalDeposits();\n /// @dev Thrown when attempting an action with a token that is not accepted.\n error OnlyUnderlyingToken();\n\n /// StrategyBaseWithTVLLimits\n\n /// @dev Thrown when `maxPerDeposit` exceeds max.\n error MaxPerDepositExceedsMax();\n /// @dev Thrown when balance exceeds max total deposits.\n error BalanceExceedsMaxTotalDeposits();\n}\n\ninterface IStrategyEvents {\n /**\n * @notice Used to emit an event for the exchange rate between 1 share and underlying token in a strategy contract\n * @param rate is the exchange rate in wad 18 decimals\n * @dev Tokens that do not have 18 decimals must have offchain services scale the exchange rate by the proper magnitude\n */\n event ExchangeRateEmitted(uint256 rate);\n\n /**\n * Used to emit the underlying token and its decimals on strategy creation\n * @notice token\n * @param token is the ERC20 token of the strategy\n * @param decimals are the decimals of the ERC20 token in the strategy\n */\n event StrategyTokenSet(IERC20 token, uint8 decimals);\n}\n\n/**\n * @title Minimal interface for an `Strategy` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice Custom `Strategy` implementations may expand extensively on this interface.\n */\ninterface IStrategy is IStrategyErrors, IStrategyEvents {\n /**\n * @notice Used to deposit tokens into this Strategy\n * @param token is the ERC20 token being deposited\n * @param amount is the amount of token being deposited\n * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's\n * `depositIntoStrategy` function, and individual share balances are recorded in the strategyManager as well.\n * @return newShares is the number of new shares issued at the current exchange ratio.\n */\n function deposit(IERC20 token, uint256 amount) external returns (uint256);\n\n /**\n * @notice Used to withdraw tokens from this Strategy, to the `recipient`'s address\n * @param recipient is the address to receive the withdrawn funds\n * @param token is the ERC20 token being transferred out\n * @param amountShares is the amount of shares being withdrawn\n * @dev This function is only callable by the strategyManager contract. It is invoked inside of the strategyManager's\n * other functions, and individual share balances are recorded in the strategyManager as well.\n */\n function withdraw(address recipient, IERC20 token, uint256 amountShares) external;\n\n /**\n * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy.\n * @notice In contrast to `sharesToUnderlyingView`, this function **may** make state modifications\n * @param amountShares is the amount of shares to calculate its conversion into the underlying token\n * @return The amount of underlying tokens corresponding to the input `amountShares`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function sharesToUnderlying(\n uint256 amountShares\n ) external returns (uint256);\n\n /**\n * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy.\n * @notice In contrast to `underlyingToSharesView`, this function **may** make state modifications\n * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares\n * @return The amount of underlying tokens corresponding to the input `amountShares`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function underlyingToShares(\n uint256 amountUnderlying\n ) external returns (uint256);\n\n /**\n * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in\n * this strategy. In contrast to `userUnderlyingView`, this function **may** make state modifications\n */\n function userUnderlying(\n address user\n ) external returns (uint256);\n\n /**\n * @notice convenience function for fetching the current total shares of `user` in this strategy, by\n * querying the `strategyManager` contract\n */\n function shares(\n address user\n ) external view returns (uint256);\n\n /**\n * @notice Used to convert a number of shares to the equivalent amount of underlying tokens for this strategy.\n * @notice In contrast to `sharesToUnderlying`, this function guarantees no state modifications\n * @param amountShares is the amount of shares to calculate its conversion into the underlying token\n * @return The amount of shares corresponding to the input `amountUnderlying`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function sharesToUnderlyingView(\n uint256 amountShares\n ) external view returns (uint256);\n\n /**\n * @notice Used to convert an amount of underlying tokens to the equivalent amount of shares in this strategy.\n * @notice In contrast to `underlyingToShares`, this function guarantees no state modifications\n * @param amountUnderlying is the amount of `underlyingToken` to calculate its conversion into strategy shares\n * @return The amount of shares corresponding to the input `amountUnderlying`\n * @dev Implementation for these functions in particular may vary significantly for different strategies\n */\n function underlyingToSharesView(\n uint256 amountUnderlying\n ) external view returns (uint256);\n\n /**\n * @notice convenience function for fetching the current underlying value of all of the `user`'s shares in\n * this strategy. In contrast to `userUnderlying`, this function guarantees no state modifications\n */\n function userUnderlyingView(\n address user\n ) external view returns (uint256);\n\n /// @notice The underlying token for shares in this Strategy\n function underlyingToken() external view returns (IERC20);\n\n /// @notice The total number of extant shares in this Strategy\n function totalShares() external view returns (uint256);\n\n /// @notice Returns either a brief string explaining the strategy's goal & purpose, or a link to metadata that explains in more detail.\n function explanation() external view returns (string memory);\n}\n" - }, - "src/interfaces/IRestakingMiddlewareV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\n/// @title IBoltRestakingMiddlewareV1\n/// @notice An interface for generalized restaking protocol middlewares in Bolt\ninterface IRestakingMiddlewareV1 {\n function NAME_HASH() external view returns (bytes32);\n\n function getOperatorCollaterals(\n address operator\n ) external view returns (address[] memory, uint256[] memory);\n\n function getOperatorStake(address operator, address collateral) external view returns (uint256);\n}\n" - }, - "src/interfaces/IOperatorsRegistryV1.sol": { - "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.27;\n\nimport {IRestakingMiddlewareV1} from \"./IRestakingMiddlewareV1.sol\";\n\n/// @title IOperatorsRegistryV1\n/// @notice An interface for the OperatorsRegistryV1 contract\ninterface IOperatorsRegistryV1 {\n /// @notice Operator struct\n struct Operator {\n address signer;\n string rpcEndpoint;\n address restakingMiddleware;\n string extraData;\n }\n\n /// @notice Emitted when a new operator is registered\n /// @param signer The address of the operator\n /// @param rpcEndpoint The rpc endpoint of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorRegistered(address signer, string rpcEndpoint, address restakingMiddleware, string extraData);\n\n /// @notice Emitted when an operator is deregistered\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorDeregistered(address signer, address restakingMiddleware);\n\n /// @notice Emitted when an operator is paused\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorPaused(address signer, address restakingMiddleware);\n\n /// @notice Emitted when an operator is unpaused\n /// @param signer The address of the operator\n /// @param restakingMiddleware The address of the restaking middleware\n event OperatorUnpaused(address signer, address restakingMiddleware);\n\n /// @notice Returns the start timestamp of the registry contract\n function START_TIMESTAMP() external view returns (uint48);\n\n /// @notice Returns the duration of an epoch in seconds\n function EPOCH_DURATION() external view returns (uint48);\n\n /// @notice Returns the address of the EigenLayer restaking middleware\n function EIGENLAYER_RESTAKING_MIDDLEWARE() external view returns (IRestakingMiddlewareV1);\n\n /// @notice Returns the address of the Symbiotic restaking middleware\n function SYMBIOTIC_RESTAKING_MIDDLEWARE() external view returns (IRestakingMiddlewareV1);\n\n /// @notice Register an operator in the registry\n /// @param signer The address of the operator\n /// @param rpcEndpoint The rpc endpoint of the operator\n /// @param extraData Arbitrary data the operator can provide as part of registration\n function registerOperator(address signer, string memory rpcEndpoint, string memory extraData) external;\n\n /// @notice Deregister an operator from the registry\n /// @param signer The address of the operator\n function deregisterOperator(\n address signer\n ) external;\n\n /// @notice Update the rpc endpoint of an operator\n /// @param signer The address of the operator\n /// @param rpcEndpoint The new rpc endpoint\n /// @dev Only restaking middleware contracts can call this function\n function updateOperatorRpcEndpoint(address signer, string memory rpcEndpoint) external;\n\n /// @notice Pause an operator in the registry\n /// @param signer The address of the operator\n function pauseOperator(\n address signer\n ) external;\n\n /// @notice Unpause an operator in the registry, marking them as \"active\"\n /// @param signer The address of the operator\n function unpauseOperator(\n address signer\n ) external;\n\n /// @notice Returns all the operators saved in the registry, including inactive ones.\n /// @return operators The array of operators\n function getAllOperators() external view returns (Operator[] memory);\n\n /// @notice Returns the active operators in the registry.\n /// @return operators The array of active operators.\n function getActiveOperators() external view returns (Operator[] memory);\n\n /// @notice Returns true if the given address is an operator in the registry.\n /// @param signer The address of the operator.\n /// @return isOperator True if the address is an operator, false otherwise.\n function isOperator(\n address signer\n ) external view returns (bool);\n\n /// @notice Returns true if the given operator is registered AND active.\n /// @param signer The address of the operator\n /// @return isActiveOperator True if the operator is active, false otherwise.\n function isActiveOperator(\n address signer\n ) external view returns (bool);\n\n /// @notice Cleans up any expired operators (i.e. paused + IMMUTABLE_PERIOD has passed).\n function cleanup() external;\n\n /// @notice Returns the timestamp of when the current epoch started\n function getCurrentEpochStartTimestamp() external view returns (uint48);\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/utils/ContextUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)\n\npragma solidity ^0.8.20;\nimport {Initializable} from \"../proxy/utils/Initializable.sol\";\n\n/**\n * @dev Provides information about the current execution context, including the\n * sender of the transaction and its data. While these are generally available\n * via msg.sender and msg.data, they should not be accessed in such a direct\n * manner, since when dealing with meta-transactions the account sending and\n * paying for execution may not be the actual sender (as far as an application\n * is concerned).\n *\n * This contract is only required for intermediate, library-like contracts.\n */\nabstract contract ContextUpgradeable is Initializable {\n function __Context_init() internal onlyInitializing {\n }\n\n function __Context_init_unchained() internal onlyInitializing {\n }\n function _msgSender() internal view virtual returns (address) {\n return msg.sender;\n }\n\n function _msgData() internal view virtual returns (bytes calldata) {\n return msg.data;\n }\n\n function _contextSuffixLength() internal view virtual returns (uint256) {\n return 0;\n }\n}\n" - }, - "lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (proxy/utils/Initializable.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed\n * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an\n * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer\n * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.\n *\n * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be\n * reused. This mechanism prevents re-execution of each \"step\" but allows the creation of new initialization steps in\n * case an upgrade adds a module that needs to be initialized.\n *\n * For example:\n *\n * [.hljs-theme-light.nopadding]\n * ```solidity\n * contract MyToken is ERC20Upgradeable {\n * function initialize() initializer public {\n * __ERC20_init(\"MyToken\", \"MTK\");\n * }\n * }\n *\n * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {\n * function initializeV2() reinitializer(2) public {\n * __ERC20Permit_init(\"MyToken\");\n * }\n * }\n * ```\n *\n * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as\n * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.\n *\n * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure\n * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.\n *\n * [CAUTION]\n * ====\n * Avoid leaving a contract uninitialized.\n *\n * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation\n * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke\n * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:\n *\n * [.hljs-theme-light.nopadding]\n * ```\n * /// @custom:oz-upgrades-unsafe-allow constructor\n * constructor() {\n * _disableInitializers();\n * }\n * ```\n * ====\n */\nabstract contract Initializable {\n /**\n * @dev Storage of the initializable contract.\n *\n * It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions\n * when using with upgradeable contracts.\n *\n * @custom:storage-location erc7201:openzeppelin.storage.Initializable\n */\n struct InitializableStorage {\n /**\n * @dev Indicates that the contract has been initialized.\n */\n uint64 _initialized;\n /**\n * @dev Indicates that the contract is in the process of being initialized.\n */\n bool _initializing;\n }\n\n // keccak256(abi.encode(uint256(keccak256(\"openzeppelin.storage.Initializable\")) - 1)) & ~bytes32(uint256(0xff))\n bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;\n\n /**\n * @dev The contract is already initialized.\n */\n error InvalidInitialization();\n\n /**\n * @dev The contract is not initializing.\n */\n error NotInitializing();\n\n /**\n * @dev Triggered when the contract has been initialized or reinitialized.\n */\n event Initialized(uint64 version);\n\n /**\n * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,\n * `onlyInitializing` functions can be used to initialize parent contracts.\n *\n * Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any\n * number of times. This behavior in the constructor can be useful during testing and is not expected to be used in\n * production.\n *\n * Emits an {Initialized} event.\n */\n modifier initializer() {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n // Cache values to avoid duplicated sloads\n bool isTopLevelCall = !$._initializing;\n uint64 initialized = $._initialized;\n\n // Allowed calls:\n // - initialSetup: the contract is not in the initializing state and no previous version was\n // initialized\n // - construction: the contract is initialized at version 1 (no reininitialization) and the\n // current contract is just being deployed\n bool initialSetup = initialized == 0 && isTopLevelCall;\n bool construction = initialized == 1 && address(this).code.length == 0;\n\n if (!initialSetup && !construction) {\n revert InvalidInitialization();\n }\n $._initialized = 1;\n if (isTopLevelCall) {\n $._initializing = true;\n }\n _;\n if (isTopLevelCall) {\n $._initializing = false;\n emit Initialized(1);\n }\n }\n\n /**\n * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the\n * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be\n * used to initialize parent contracts.\n *\n * A reinitializer may be used after the original initialization step. This is essential to configure modules that\n * are added through upgrades and that require initialization.\n *\n * When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`\n * cannot be nested. If one is invoked in the context of another, execution will revert.\n *\n * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in\n * a contract, executing them in the right order is up to the developer or operator.\n *\n * WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.\n *\n * Emits an {Initialized} event.\n */\n modifier reinitializer(uint64 version) {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n if ($._initializing || $._initialized >= version) {\n revert InvalidInitialization();\n }\n $._initialized = version;\n $._initializing = true;\n _;\n $._initializing = false;\n emit Initialized(version);\n }\n\n /**\n * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the\n * {initializer} and {reinitializer} modifiers, directly or indirectly.\n */\n modifier onlyInitializing() {\n _checkInitializing();\n _;\n }\n\n /**\n * @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.\n */\n function _checkInitializing() internal view virtual {\n if (!_isInitializing()) {\n revert NotInitializing();\n }\n }\n\n /**\n * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.\n * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized\n * to any version. It is recommended to use this to lock implementation contracts that are designed to be called\n * through proxies.\n *\n * Emits an {Initialized} event the first time it is successfully executed.\n */\n function _disableInitializers() internal virtual {\n // solhint-disable-next-line var-name-mixedcase\n InitializableStorage storage $ = _getInitializableStorage();\n\n if ($._initializing) {\n revert InvalidInitialization();\n }\n if ($._initialized != type(uint64).max) {\n $._initialized = type(uint64).max;\n emit Initialized(type(uint64).max);\n }\n }\n\n /**\n * @dev Returns the highest version that has been initialized. See {reinitializer}.\n */\n function _getInitializedVersion() internal view returns (uint64) {\n return _getInitializableStorage()._initialized;\n }\n\n /**\n * @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.\n */\n function _isInitializing() internal view returns (bool) {\n return _getInitializableStorage()._initializing;\n }\n\n /**\n * @dev Returns a pointer to the storage namespace.\n */\n // solhint-disable-next-line var-name-mixedcase\n function _getInitializableStorage() private pure returns (InitializableStorage storage $) {\n assembly {\n $.slot := INITIALIZABLE_STORAGE\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/interfaces/draft-IERC1822.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC1822.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev ERC-1822: Universal Upgradeable Proxy Standard (UUPS) documents a method for upgradeability through a simplified\n * proxy whose upgrades are fully controlled by the current implementation.\n */\ninterface IERC1822Proxiable {\n /**\n * @dev Returns the storage slot that the proxiable contract assumes is being used to store the implementation\n * address.\n *\n * IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks\n * bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this\n * function revert if invoked through a proxy.\n */\n function proxiableUUID() external view returns (bytes32);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Utils.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (proxy/ERC1967/ERC1967Utils.sol)\n\npragma solidity ^0.8.22;\n\nimport {IBeacon} from \"../beacon/IBeacon.sol\";\nimport {IERC1967} from \"../../interfaces/IERC1967.sol\";\nimport {Address} from \"../../utils/Address.sol\";\nimport {StorageSlot} from \"../../utils/StorageSlot.sol\";\n\n/**\n * @dev This library provides getters and event emitting update functions for\n * https://eips.ethereum.org/EIPS/eip-1967[ERC-1967] slots.\n */\nlibrary ERC1967Utils {\n /**\n * @dev Storage slot with the address of the current implementation.\n * This is the keccak-256 hash of \"eip1967.proxy.implementation\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;\n\n /**\n * @dev The `implementation` of the proxy is invalid.\n */\n error ERC1967InvalidImplementation(address implementation);\n\n /**\n * @dev The `admin` of the proxy is invalid.\n */\n error ERC1967InvalidAdmin(address admin);\n\n /**\n * @dev The `beacon` of the proxy is invalid.\n */\n error ERC1967InvalidBeacon(address beacon);\n\n /**\n * @dev An upgrade function sees `msg.value > 0` that may be lost.\n */\n error ERC1967NonPayable();\n\n /**\n * @dev Returns the current implementation address.\n */\n function getImplementation() internal view returns (address) {\n return StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value;\n }\n\n /**\n * @dev Stores a new address in the ERC-1967 implementation slot.\n */\n function _setImplementation(address newImplementation) private {\n if (newImplementation.code.length == 0) {\n revert ERC1967InvalidImplementation(newImplementation);\n }\n StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value = newImplementation;\n }\n\n /**\n * @dev Performs implementation upgrade with additional setup call if data is nonempty.\n * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected\n * to avoid stuck value in the contract.\n *\n * Emits an {IERC1967-Upgraded} event.\n */\n function upgradeToAndCall(address newImplementation, bytes memory data) internal {\n _setImplementation(newImplementation);\n emit IERC1967.Upgraded(newImplementation);\n\n if (data.length > 0) {\n Address.functionDelegateCall(newImplementation, data);\n } else {\n _checkNonPayable();\n }\n }\n\n /**\n * @dev Storage slot with the admin of the contract.\n * This is the keccak-256 hash of \"eip1967.proxy.admin\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;\n\n /**\n * @dev Returns the current admin.\n *\n * TIP: To get this value clients can read directly from the storage slot shown below (specified by ERC-1967) using\n * the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.\n * `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`\n */\n function getAdmin() internal view returns (address) {\n return StorageSlot.getAddressSlot(ADMIN_SLOT).value;\n }\n\n /**\n * @dev Stores a new address in the ERC-1967 admin slot.\n */\n function _setAdmin(address newAdmin) private {\n if (newAdmin == address(0)) {\n revert ERC1967InvalidAdmin(address(0));\n }\n StorageSlot.getAddressSlot(ADMIN_SLOT).value = newAdmin;\n }\n\n /**\n * @dev Changes the admin of the proxy.\n *\n * Emits an {IERC1967-AdminChanged} event.\n */\n function changeAdmin(address newAdmin) internal {\n emit IERC1967.AdminChanged(getAdmin(), newAdmin);\n _setAdmin(newAdmin);\n }\n\n /**\n * @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.\n * This is the keccak-256 hash of \"eip1967.proxy.beacon\" subtracted by 1.\n */\n // solhint-disable-next-line private-vars-leading-underscore\n bytes32 internal constant BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;\n\n /**\n * @dev Returns the current beacon.\n */\n function getBeacon() internal view returns (address) {\n return StorageSlot.getAddressSlot(BEACON_SLOT).value;\n }\n\n /**\n * @dev Stores a new beacon in the ERC-1967 beacon slot.\n */\n function _setBeacon(address newBeacon) private {\n if (newBeacon.code.length == 0) {\n revert ERC1967InvalidBeacon(newBeacon);\n }\n\n StorageSlot.getAddressSlot(BEACON_SLOT).value = newBeacon;\n\n address beaconImplementation = IBeacon(newBeacon).implementation();\n if (beaconImplementation.code.length == 0) {\n revert ERC1967InvalidImplementation(beaconImplementation);\n }\n }\n\n /**\n * @dev Change the beacon and trigger a setup call if data is nonempty.\n * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected\n * to avoid stuck value in the contract.\n *\n * Emits an {IERC1967-BeaconUpgraded} event.\n *\n * CAUTION: Invoking this function has no effect on an instance of {BeaconProxy} since v5, since\n * it uses an immutable beacon without looking at the value of the ERC-1967 beacon slot for\n * efficiency.\n */\n function upgradeBeaconToAndCall(address newBeacon, bytes memory data) internal {\n _setBeacon(newBeacon);\n emit IERC1967.BeaconUpgraded(newBeacon);\n\n if (data.length > 0) {\n Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);\n } else {\n _checkNonPayable();\n }\n }\n\n /**\n * @dev Reverts if `msg.value` is not zero. It can be used to avoid `msg.value` stuck in the contract\n * if an upgrade doesn't perform an initialization call.\n */\n function _checkNonPayable() private {\n if (msg.value > 0) {\n revert ERC1967NonPayable();\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/math/Math.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/Math.sol)\n\npragma solidity ^0.8.20;\n\nimport {Panic} from \"../Panic.sol\";\nimport {SafeCast} from \"./SafeCast.sol\";\n\n/**\n * @dev Standard math utilities missing in the Solidity language.\n */\nlibrary Math {\n enum Rounding {\n Floor, // Toward negative infinity\n Ceil, // Toward positive infinity\n Trunc, // Toward zero\n Expand // Away from zero\n }\n\n /**\n * @dev Returns the addition of two unsigned integers, with an success flag (no overflow).\n */\n function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {\n unchecked {\n uint256 c = a + b;\n if (c < a) return (false, 0);\n return (true, c);\n }\n }\n\n /**\n * @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).\n */\n function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {\n unchecked {\n if (b > a) return (false, 0);\n return (true, a - b);\n }\n }\n\n /**\n * @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).\n */\n function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {\n unchecked {\n // Gas optimization: this is cheaper than requiring 'a' not being zero, but the\n // benefit is lost if 'b' is also tested.\n // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522\n if (a == 0) return (true, 0);\n uint256 c = a * b;\n if (c / a != b) return (false, 0);\n return (true, c);\n }\n }\n\n /**\n * @dev Returns the division of two unsigned integers, with a success flag (no division by zero).\n */\n function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {\n unchecked {\n if (b == 0) return (false, 0);\n return (true, a / b);\n }\n }\n\n /**\n * @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).\n */\n function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {\n unchecked {\n if (b == 0) return (false, 0);\n return (true, a % b);\n }\n }\n\n /**\n * @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.\n *\n * IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.\n * However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute\n * one branch when needed, making this function more expensive.\n */\n function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {\n unchecked {\n // branchless ternary works because:\n // b ^ (a ^ b) == a\n // b ^ 0 == b\n return b ^ ((a ^ b) * SafeCast.toUint(condition));\n }\n }\n\n /**\n * @dev Returns the largest of two numbers.\n */\n function max(uint256 a, uint256 b) internal pure returns (uint256) {\n return ternary(a > b, a, b);\n }\n\n /**\n * @dev Returns the smallest of two numbers.\n */\n function min(uint256 a, uint256 b) internal pure returns (uint256) {\n return ternary(a < b, a, b);\n }\n\n /**\n * @dev Returns the average of two numbers. The result is rounded towards\n * zero.\n */\n function average(uint256 a, uint256 b) internal pure returns (uint256) {\n // (a + b) / 2 can overflow.\n return (a & b) + (a ^ b) / 2;\n }\n\n /**\n * @dev Returns the ceiling of the division of two numbers.\n *\n * This differs from standard division with `/` in that it rounds towards infinity instead\n * of rounding towards zero.\n */\n function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {\n if (b == 0) {\n // Guarantee the same behavior as in a regular Solidity division.\n Panic.panic(Panic.DIVISION_BY_ZERO);\n }\n\n // The following calculation ensures accurate ceiling division without overflow.\n // Since a is non-zero, (a - 1) / b will not overflow.\n // The largest possible result occurs when (a - 1) / b is type(uint256).max,\n // but the largest value we can obtain is type(uint256).max - 1, which happens\n // when a = type(uint256).max and b = 1.\n unchecked {\n return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);\n }\n }\n\n /**\n * @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or\n * denominator == 0.\n *\n * Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by\n * Uniswap Labs also under MIT license.\n */\n function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {\n unchecked {\n // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use\n // the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256\n // variables such that product = prod1 * 2²⁵⁶ + prod0.\n uint256 prod0 = x * y; // Least significant 256 bits of the product\n uint256 prod1; // Most significant 256 bits of the product\n assembly {\n let mm := mulmod(x, y, not(0))\n prod1 := sub(sub(mm, prod0), lt(mm, prod0))\n }\n\n // Handle non-overflow cases, 256 by 256 division.\n if (prod1 == 0) {\n // Solidity will revert if denominator == 0, unlike the div opcode on its own.\n // The surrounding unchecked block does not change this fact.\n // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.\n return prod0 / denominator;\n }\n\n // Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.\n if (denominator <= prod1) {\n Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));\n }\n\n ///////////////////////////////////////////////\n // 512 by 256 division.\n ///////////////////////////////////////////////\n\n // Make division exact by subtracting the remainder from [prod1 prod0].\n uint256 remainder;\n assembly {\n // Compute remainder using mulmod.\n remainder := mulmod(x, y, denominator)\n\n // Subtract 256 bit number from 512 bit number.\n prod1 := sub(prod1, gt(remainder, prod0))\n prod0 := sub(prod0, remainder)\n }\n\n // Factor powers of two out of denominator and compute largest power of two divisor of denominator.\n // Always >= 1. See https://cs.stackexchange.com/q/138556/92363.\n\n uint256 twos = denominator & (0 - denominator);\n assembly {\n // Divide denominator by twos.\n denominator := div(denominator, twos)\n\n // Divide [prod1 prod0] by twos.\n prod0 := div(prod0, twos)\n\n // Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.\n twos := add(div(sub(0, twos), twos), 1)\n }\n\n // Shift in bits from prod1 into prod0.\n prod0 |= prod1 * twos;\n\n // Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such\n // that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for\n // four bits. That is, denominator * inv ≡ 1 mod 2⁴.\n uint256 inverse = (3 * denominator) ^ 2;\n\n // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also\n // works in modular arithmetic, doubling the correct bits in each step.\n inverse *= 2 - denominator * inverse; // inverse mod 2⁸\n inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶\n inverse *= 2 - denominator * inverse; // inverse mod 2³²\n inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴\n inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸\n inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶\n\n // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.\n // This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is\n // less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1\n // is no longer required.\n result = prod0 * inverse;\n return result;\n }\n }\n\n /**\n * @dev Calculates x * y / denominator with full precision, following the selected rounding direction.\n */\n function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {\n return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);\n }\n\n /**\n * @dev Calculate the modular multiplicative inverse of a number in Z/nZ.\n *\n * If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.\n * If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.\n *\n * If the input value is not inversible, 0 is returned.\n *\n * NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the\n * inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.\n */\n function invMod(uint256 a, uint256 n) internal pure returns (uint256) {\n unchecked {\n if (n == 0) return 0;\n\n // The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)\n // Used to compute integers x and y such that: ax + ny = gcd(a, n).\n // When the gcd is 1, then the inverse of a modulo n exists and it's x.\n // ax + ny = 1\n // ax = 1 + (-y)n\n // ax ≡ 1 (mod n) # x is the inverse of a modulo n\n\n // If the remainder is 0 the gcd is n right away.\n uint256 remainder = a % n;\n uint256 gcd = n;\n\n // Therefore the initial coefficients are:\n // ax + ny = gcd(a, n) = n\n // 0a + 1n = n\n int256 x = 0;\n int256 y = 1;\n\n while (remainder != 0) {\n uint256 quotient = gcd / remainder;\n\n (gcd, remainder) = (\n // The old remainder is the next gcd to try.\n remainder,\n // Compute the next remainder.\n // Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd\n // where gcd is at most n (capped to type(uint256).max)\n gcd - remainder * quotient\n );\n\n (x, y) = (\n // Increment the coefficient of a.\n y,\n // Decrement the coefficient of n.\n // Can overflow, but the result is casted to uint256 so that the\n // next value of y is \"wrapped around\" to a value between 0 and n - 1.\n x - y * int256(quotient)\n );\n }\n\n if (gcd != 1) return 0; // No inverse exists.\n return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.\n }\n }\n\n /**\n * @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.\n *\n * From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is\n * prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that\n * `a**(p-2)` is the modular multiplicative inverse of a in Fp.\n *\n * NOTE: this function does NOT check that `p` is a prime greater than `2`.\n */\n function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {\n unchecked {\n return Math.modExp(a, p - 2, p);\n }\n }\n\n /**\n * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)\n *\n * Requirements:\n * - modulus can't be zero\n * - underlying staticcall to precompile must succeed\n *\n * IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make\n * sure the chain you're using it on supports the precompiled contract for modular exponentiation\n * at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,\n * the underlying function will succeed given the lack of a revert, but the result may be incorrectly\n * interpreted as 0.\n */\n function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {\n (bool success, uint256 result) = tryModExp(b, e, m);\n if (!success) {\n Panic.panic(Panic.DIVISION_BY_ZERO);\n }\n return result;\n }\n\n /**\n * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).\n * It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying\n * to operate modulo 0 or if the underlying precompile reverted.\n *\n * IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain\n * you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in\n * https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack\n * of a revert, but the result may be incorrectly interpreted as 0.\n */\n function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {\n if (m == 0) return (false, 0);\n assembly (\"memory-safe\") {\n let ptr := mload(0x40)\n // | Offset | Content | Content (Hex) |\n // |-----------|------------|--------------------------------------------------------------------|\n // | 0x00:0x1f | size of b | 0x0000000000000000000000000000000000000000000000000000000000000020 |\n // | 0x20:0x3f | size of e | 0x0000000000000000000000000000000000000000000000000000000000000020 |\n // | 0x40:0x5f | size of m | 0x0000000000000000000000000000000000000000000000000000000000000020 |\n // | 0x60:0x7f | value of b | 0x<.............................................................b> |\n // | 0x80:0x9f | value of e | 0x<.............................................................e> |\n // | 0xa0:0xbf | value of m | 0x<.............................................................m> |\n mstore(ptr, 0x20)\n mstore(add(ptr, 0x20), 0x20)\n mstore(add(ptr, 0x40), 0x20)\n mstore(add(ptr, 0x60), b)\n mstore(add(ptr, 0x80), e)\n mstore(add(ptr, 0xa0), m)\n\n // Given the result < m, it's guaranteed to fit in 32 bytes,\n // so we can use the memory scratch space located at offset 0.\n success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)\n result := mload(0x00)\n }\n }\n\n /**\n * @dev Variant of {modExp} that supports inputs of arbitrary length.\n */\n function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {\n (bool success, bytes memory result) = tryModExp(b, e, m);\n if (!success) {\n Panic.panic(Panic.DIVISION_BY_ZERO);\n }\n return result;\n }\n\n /**\n * @dev Variant of {tryModExp} that supports inputs of arbitrary length.\n */\n function tryModExp(\n bytes memory b,\n bytes memory e,\n bytes memory m\n ) internal view returns (bool success, bytes memory result) {\n if (_zeroBytes(m)) return (false, new bytes(0));\n\n uint256 mLen = m.length;\n\n // Encode call args in result and move the free memory pointer\n result = abi.encodePacked(b.length, e.length, mLen, b, e, m);\n\n assembly (\"memory-safe\") {\n let dataPtr := add(result, 0x20)\n // Write result on top of args to avoid allocating extra memory.\n success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)\n // Overwrite the length.\n // result.length > returndatasize() is guaranteed because returndatasize() == m.length\n mstore(result, mLen)\n // Set the memory pointer after the returned data.\n mstore(0x40, add(dataPtr, mLen))\n }\n }\n\n /**\n * @dev Returns whether the provided byte array is zero.\n */\n function _zeroBytes(bytes memory byteArray) private pure returns (bool) {\n for (uint256 i = 0; i < byteArray.length; ++i) {\n if (byteArray[i] != 0) {\n return false;\n }\n }\n return true;\n }\n\n /**\n * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded\n * towards zero.\n *\n * This method is based on Newton's method for computing square roots; the algorithm is restricted to only\n * using integer operations.\n */\n function sqrt(uint256 a) internal pure returns (uint256) {\n unchecked {\n // Take care of easy edge cases when a == 0 or a == 1\n if (a <= 1) {\n return a;\n }\n\n // In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a\n // sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between\n // the current value as `ε_n = | x_n - sqrt(a) |`.\n //\n // For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root\n // of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is\n // bigger than any uint256.\n //\n // By noticing that\n // `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`\n // we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar\n // to the msb function.\n uint256 aa = a;\n uint256 xn = 1;\n\n if (aa >= (1 << 128)) {\n aa >>= 128;\n xn <<= 64;\n }\n if (aa >= (1 << 64)) {\n aa >>= 64;\n xn <<= 32;\n }\n if (aa >= (1 << 32)) {\n aa >>= 32;\n xn <<= 16;\n }\n if (aa >= (1 << 16)) {\n aa >>= 16;\n xn <<= 8;\n }\n if (aa >= (1 << 8)) {\n aa >>= 8;\n xn <<= 4;\n }\n if (aa >= (1 << 4)) {\n aa >>= 4;\n xn <<= 2;\n }\n if (aa >= (1 << 2)) {\n xn <<= 1;\n }\n\n // We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).\n //\n // We can refine our estimation by noticing that the middle of that interval minimizes the error.\n // If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).\n // This is going to be our x_0 (and ε_0)\n xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)\n\n // From here, Newton's method give us:\n // x_{n+1} = (x_n + a / x_n) / 2\n //\n // One should note that:\n // x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a\n // = ((x_n² + a) / (2 * x_n))² - a\n // = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a\n // = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)\n // = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)\n // = (x_n² - a)² / (2 * x_n)²\n // = ((x_n² - a) / (2 * x_n))²\n // ≥ 0\n // Which proves that for all n ≥ 1, sqrt(a) ≤ x_n\n //\n // This gives us the proof of quadratic convergence of the sequence:\n // ε_{n+1} = | x_{n+1} - sqrt(a) |\n // = | (x_n + a / x_n) / 2 - sqrt(a) |\n // = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |\n // = | (x_n - sqrt(a))² / (2 * x_n) |\n // = | ε_n² / (2 * x_n) |\n // = ε_n² / | (2 * x_n) |\n //\n // For the first iteration, we have a special case where x_0 is known:\n // ε_1 = ε_0² / | (2 * x_0) |\n // ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))\n // ≤ 2**(2*e-4) / (3 * 2**(e-1))\n // ≤ 2**(e-3) / 3\n // ≤ 2**(e-3-log2(3))\n // ≤ 2**(e-4.5)\n //\n // For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:\n // ε_{n+1} = ε_n² / | (2 * x_n) |\n // ≤ (2**(e-k))² / (2 * 2**(e-1))\n // ≤ 2**(2*e-2*k) / 2**e\n // ≤ 2**(e-2*k)\n xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5) -- special case, see above\n xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9) -- general case with k = 4.5\n xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18) -- general case with k = 9\n xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36) -- general case with k = 18\n xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72) -- general case with k = 36\n xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144) -- general case with k = 72\n\n // Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision\n // ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either\n // sqrt(a) or sqrt(a) + 1.\n return xn - SafeCast.toUint(xn > a / xn);\n }\n }\n\n /**\n * @dev Calculates sqrt(a), following the selected rounding direction.\n */\n function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {\n unchecked {\n uint256 result = sqrt(a);\n return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);\n }\n }\n\n /**\n * @dev Return the log in base 2 of a positive value rounded towards zero.\n * Returns 0 if given 0.\n */\n function log2(uint256 x) internal pure returns (uint256 r) {\n // If value has upper 128 bits set, log2 result is at least 128\n r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7;\n // If upper 64 bits of 128-bit half set, add 64 to result\n r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6;\n // If upper 32 bits of 64-bit half set, add 32 to result\n r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5;\n // If upper 16 bits of 32-bit half set, add 16 to result\n r |= SafeCast.toUint((x >> r) > 0xffff) << 4;\n // If upper 8 bits of 16-bit half set, add 8 to result\n r |= SafeCast.toUint((x >> r) > 0xff) << 3;\n // If upper 4 bits of 8-bit half set, add 4 to result\n r |= SafeCast.toUint((x >> r) > 0xf) << 2;\n\n // Shifts value right by the current result and use it as an index into this lookup table:\n //\n // | x (4 bits) | index | table[index] = MSB position |\n // |------------|---------|-----------------------------|\n // | 0000 | 0 | table[0] = 0 |\n // | 0001 | 1 | table[1] = 0 |\n // | 0010 | 2 | table[2] = 1 |\n // | 0011 | 3 | table[3] = 1 |\n // | 0100 | 4 | table[4] = 2 |\n // | 0101 | 5 | table[5] = 2 |\n // | 0110 | 6 | table[6] = 2 |\n // | 0111 | 7 | table[7] = 2 |\n // | 1000 | 8 | table[8] = 3 |\n // | 1001 | 9 | table[9] = 3 |\n // | 1010 | 10 | table[10] = 3 |\n // | 1011 | 11 | table[11] = 3 |\n // | 1100 | 12 | table[12] = 3 |\n // | 1101 | 13 | table[13] = 3 |\n // | 1110 | 14 | table[14] = 3 |\n // | 1111 | 15 | table[15] = 3 |\n //\n // The lookup table is represented as a 32-byte value with the MSB positions for 0-15 in the last 16 bytes.\n assembly (\"memory-safe\") {\n r := or(r, byte(shr(r, x), 0x0000010102020202030303030303030300000000000000000000000000000000))\n }\n }\n\n /**\n * @dev Return the log in base 2, following the selected rounding direction, of a positive value.\n * Returns 0 if given 0.\n */\n function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {\n unchecked {\n uint256 result = log2(value);\n return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);\n }\n }\n\n /**\n * @dev Return the log in base 10 of a positive value rounded towards zero.\n * Returns 0 if given 0.\n */\n function log10(uint256 value) internal pure returns (uint256) {\n uint256 result = 0;\n unchecked {\n if (value >= 10 ** 64) {\n value /= 10 ** 64;\n result += 64;\n }\n if (value >= 10 ** 32) {\n value /= 10 ** 32;\n result += 32;\n }\n if (value >= 10 ** 16) {\n value /= 10 ** 16;\n result += 16;\n }\n if (value >= 10 ** 8) {\n value /= 10 ** 8;\n result += 8;\n }\n if (value >= 10 ** 4) {\n value /= 10 ** 4;\n result += 4;\n }\n if (value >= 10 ** 2) {\n value /= 10 ** 2;\n result += 2;\n }\n if (value >= 10 ** 1) {\n result += 1;\n }\n }\n return result;\n }\n\n /**\n * @dev Return the log in base 10, following the selected rounding direction, of a positive value.\n * Returns 0 if given 0.\n */\n function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {\n unchecked {\n uint256 result = log10(value);\n return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);\n }\n }\n\n /**\n * @dev Return the log in base 256 of a positive value rounded towards zero.\n * Returns 0 if given 0.\n *\n * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.\n */\n function log256(uint256 x) internal pure returns (uint256 r) {\n // If value has upper 128 bits set, log2 result is at least 128\n r = SafeCast.toUint(x > 0xffffffffffffffffffffffffffffffff) << 7;\n // If upper 64 bits of 128-bit half set, add 64 to result\n r |= SafeCast.toUint((x >> r) > 0xffffffffffffffff) << 6;\n // If upper 32 bits of 64-bit half set, add 32 to result\n r |= SafeCast.toUint((x >> r) > 0xffffffff) << 5;\n // If upper 16 bits of 32-bit half set, add 16 to result\n r |= SafeCast.toUint((x >> r) > 0xffff) << 4;\n // Add 1 if upper 8 bits of 16-bit half set, and divide accumulated result by 8\n return (r >> 3) | SafeCast.toUint((x >> r) > 0xff);\n }\n\n /**\n * @dev Return the log in base 256, following the selected rounding direction, of a positive value.\n * Returns 0 if given 0.\n */\n function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {\n unchecked {\n uint256 result = log256(value);\n return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);\n }\n }\n\n /**\n * @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.\n */\n function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {\n return uint8(rounding) % 2 == 1;\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/math/SafeCast.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)\n// This file was procedurally generated from scripts/generate/templates/SafeCast.js.\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow\n * checks.\n *\n * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can\n * easily result in undesired exploitation or bugs, since developers usually\n * assume that overflows raise errors. `SafeCast` restores this intuition by\n * reverting the transaction when such an operation overflows.\n *\n * Using this library instead of the unchecked operations eliminates an entire\n * class of bugs, so it's recommended to use it always.\n */\nlibrary SafeCast {\n /**\n * @dev Value doesn't fit in an uint of `bits` size.\n */\n error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);\n\n /**\n * @dev An int value doesn't fit in an uint of `bits` size.\n */\n error SafeCastOverflowedIntToUint(int256 value);\n\n /**\n * @dev Value doesn't fit in an int of `bits` size.\n */\n error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);\n\n /**\n * @dev An uint value doesn't fit in an int of `bits` size.\n */\n error SafeCastOverflowedUintToInt(uint256 value);\n\n /**\n * @dev Returns the downcasted uint248 from uint256, reverting on\n * overflow (when the input is greater than largest uint248).\n *\n * Counterpart to Solidity's `uint248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n */\n function toUint248(uint256 value) internal pure returns (uint248) {\n if (value > type(uint248).max) {\n revert SafeCastOverflowedUintDowncast(248, value);\n }\n return uint248(value);\n }\n\n /**\n * @dev Returns the downcasted uint240 from uint256, reverting on\n * overflow (when the input is greater than largest uint240).\n *\n * Counterpart to Solidity's `uint240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n */\n function toUint240(uint256 value) internal pure returns (uint240) {\n if (value > type(uint240).max) {\n revert SafeCastOverflowedUintDowncast(240, value);\n }\n return uint240(value);\n }\n\n /**\n * @dev Returns the downcasted uint232 from uint256, reverting on\n * overflow (when the input is greater than largest uint232).\n *\n * Counterpart to Solidity's `uint232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n */\n function toUint232(uint256 value) internal pure returns (uint232) {\n if (value > type(uint232).max) {\n revert SafeCastOverflowedUintDowncast(232, value);\n }\n return uint232(value);\n }\n\n /**\n * @dev Returns the downcasted uint224 from uint256, reverting on\n * overflow (when the input is greater than largest uint224).\n *\n * Counterpart to Solidity's `uint224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n */\n function toUint224(uint256 value) internal pure returns (uint224) {\n if (value > type(uint224).max) {\n revert SafeCastOverflowedUintDowncast(224, value);\n }\n return uint224(value);\n }\n\n /**\n * @dev Returns the downcasted uint216 from uint256, reverting on\n * overflow (when the input is greater than largest uint216).\n *\n * Counterpart to Solidity's `uint216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n */\n function toUint216(uint256 value) internal pure returns (uint216) {\n if (value > type(uint216).max) {\n revert SafeCastOverflowedUintDowncast(216, value);\n }\n return uint216(value);\n }\n\n /**\n * @dev Returns the downcasted uint208 from uint256, reverting on\n * overflow (when the input is greater than largest uint208).\n *\n * Counterpart to Solidity's `uint208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n */\n function toUint208(uint256 value) internal pure returns (uint208) {\n if (value > type(uint208).max) {\n revert SafeCastOverflowedUintDowncast(208, value);\n }\n return uint208(value);\n }\n\n /**\n * @dev Returns the downcasted uint200 from uint256, reverting on\n * overflow (when the input is greater than largest uint200).\n *\n * Counterpart to Solidity's `uint200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n */\n function toUint200(uint256 value) internal pure returns (uint200) {\n if (value > type(uint200).max) {\n revert SafeCastOverflowedUintDowncast(200, value);\n }\n return uint200(value);\n }\n\n /**\n * @dev Returns the downcasted uint192 from uint256, reverting on\n * overflow (when the input is greater than largest uint192).\n *\n * Counterpart to Solidity's `uint192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n */\n function toUint192(uint256 value) internal pure returns (uint192) {\n if (value > type(uint192).max) {\n revert SafeCastOverflowedUintDowncast(192, value);\n }\n return uint192(value);\n }\n\n /**\n * @dev Returns the downcasted uint184 from uint256, reverting on\n * overflow (when the input is greater than largest uint184).\n *\n * Counterpart to Solidity's `uint184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n */\n function toUint184(uint256 value) internal pure returns (uint184) {\n if (value > type(uint184).max) {\n revert SafeCastOverflowedUintDowncast(184, value);\n }\n return uint184(value);\n }\n\n /**\n * @dev Returns the downcasted uint176 from uint256, reverting on\n * overflow (when the input is greater than largest uint176).\n *\n * Counterpart to Solidity's `uint176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n */\n function toUint176(uint256 value) internal pure returns (uint176) {\n if (value > type(uint176).max) {\n revert SafeCastOverflowedUintDowncast(176, value);\n }\n return uint176(value);\n }\n\n /**\n * @dev Returns the downcasted uint168 from uint256, reverting on\n * overflow (when the input is greater than largest uint168).\n *\n * Counterpart to Solidity's `uint168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n */\n function toUint168(uint256 value) internal pure returns (uint168) {\n if (value > type(uint168).max) {\n revert SafeCastOverflowedUintDowncast(168, value);\n }\n return uint168(value);\n }\n\n /**\n * @dev Returns the downcasted uint160 from uint256, reverting on\n * overflow (when the input is greater than largest uint160).\n *\n * Counterpart to Solidity's `uint160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n */\n function toUint160(uint256 value) internal pure returns (uint160) {\n if (value > type(uint160).max) {\n revert SafeCastOverflowedUintDowncast(160, value);\n }\n return uint160(value);\n }\n\n /**\n * @dev Returns the downcasted uint152 from uint256, reverting on\n * overflow (when the input is greater than largest uint152).\n *\n * Counterpart to Solidity's `uint152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n */\n function toUint152(uint256 value) internal pure returns (uint152) {\n if (value > type(uint152).max) {\n revert SafeCastOverflowedUintDowncast(152, value);\n }\n return uint152(value);\n }\n\n /**\n * @dev Returns the downcasted uint144 from uint256, reverting on\n * overflow (when the input is greater than largest uint144).\n *\n * Counterpart to Solidity's `uint144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n */\n function toUint144(uint256 value) internal pure returns (uint144) {\n if (value > type(uint144).max) {\n revert SafeCastOverflowedUintDowncast(144, value);\n }\n return uint144(value);\n }\n\n /**\n * @dev Returns the downcasted uint136 from uint256, reverting on\n * overflow (when the input is greater than largest uint136).\n *\n * Counterpart to Solidity's `uint136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n */\n function toUint136(uint256 value) internal pure returns (uint136) {\n if (value > type(uint136).max) {\n revert SafeCastOverflowedUintDowncast(136, value);\n }\n return uint136(value);\n }\n\n /**\n * @dev Returns the downcasted uint128 from uint256, reverting on\n * overflow (when the input is greater than largest uint128).\n *\n * Counterpart to Solidity's `uint128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n */\n function toUint128(uint256 value) internal pure returns (uint128) {\n if (value > type(uint128).max) {\n revert SafeCastOverflowedUintDowncast(128, value);\n }\n return uint128(value);\n }\n\n /**\n * @dev Returns the downcasted uint120 from uint256, reverting on\n * overflow (when the input is greater than largest uint120).\n *\n * Counterpart to Solidity's `uint120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n */\n function toUint120(uint256 value) internal pure returns (uint120) {\n if (value > type(uint120).max) {\n revert SafeCastOverflowedUintDowncast(120, value);\n }\n return uint120(value);\n }\n\n /**\n * @dev Returns the downcasted uint112 from uint256, reverting on\n * overflow (when the input is greater than largest uint112).\n *\n * Counterpart to Solidity's `uint112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n */\n function toUint112(uint256 value) internal pure returns (uint112) {\n if (value > type(uint112).max) {\n revert SafeCastOverflowedUintDowncast(112, value);\n }\n return uint112(value);\n }\n\n /**\n * @dev Returns the downcasted uint104 from uint256, reverting on\n * overflow (when the input is greater than largest uint104).\n *\n * Counterpart to Solidity's `uint104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n */\n function toUint104(uint256 value) internal pure returns (uint104) {\n if (value > type(uint104).max) {\n revert SafeCastOverflowedUintDowncast(104, value);\n }\n return uint104(value);\n }\n\n /**\n * @dev Returns the downcasted uint96 from uint256, reverting on\n * overflow (when the input is greater than largest uint96).\n *\n * Counterpart to Solidity's `uint96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n */\n function toUint96(uint256 value) internal pure returns (uint96) {\n if (value > type(uint96).max) {\n revert SafeCastOverflowedUintDowncast(96, value);\n }\n return uint96(value);\n }\n\n /**\n * @dev Returns the downcasted uint88 from uint256, reverting on\n * overflow (when the input is greater than largest uint88).\n *\n * Counterpart to Solidity's `uint88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n */\n function toUint88(uint256 value) internal pure returns (uint88) {\n if (value > type(uint88).max) {\n revert SafeCastOverflowedUintDowncast(88, value);\n }\n return uint88(value);\n }\n\n /**\n * @dev Returns the downcasted uint80 from uint256, reverting on\n * overflow (when the input is greater than largest uint80).\n *\n * Counterpart to Solidity's `uint80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n */\n function toUint80(uint256 value) internal pure returns (uint80) {\n if (value > type(uint80).max) {\n revert SafeCastOverflowedUintDowncast(80, value);\n }\n return uint80(value);\n }\n\n /**\n * @dev Returns the downcasted uint72 from uint256, reverting on\n * overflow (when the input is greater than largest uint72).\n *\n * Counterpart to Solidity's `uint72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n */\n function toUint72(uint256 value) internal pure returns (uint72) {\n if (value > type(uint72).max) {\n revert SafeCastOverflowedUintDowncast(72, value);\n }\n return uint72(value);\n }\n\n /**\n * @dev Returns the downcasted uint64 from uint256, reverting on\n * overflow (when the input is greater than largest uint64).\n *\n * Counterpart to Solidity's `uint64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n */\n function toUint64(uint256 value) internal pure returns (uint64) {\n if (value > type(uint64).max) {\n revert SafeCastOverflowedUintDowncast(64, value);\n }\n return uint64(value);\n }\n\n /**\n * @dev Returns the downcasted uint56 from uint256, reverting on\n * overflow (when the input is greater than largest uint56).\n *\n * Counterpart to Solidity's `uint56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n */\n function toUint56(uint256 value) internal pure returns (uint56) {\n if (value > type(uint56).max) {\n revert SafeCastOverflowedUintDowncast(56, value);\n }\n return uint56(value);\n }\n\n /**\n * @dev Returns the downcasted uint48 from uint256, reverting on\n * overflow (when the input is greater than largest uint48).\n *\n * Counterpart to Solidity's `uint48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n */\n function toUint48(uint256 value) internal pure returns (uint48) {\n if (value > type(uint48).max) {\n revert SafeCastOverflowedUintDowncast(48, value);\n }\n return uint48(value);\n }\n\n /**\n * @dev Returns the downcasted uint40 from uint256, reverting on\n * overflow (when the input is greater than largest uint40).\n *\n * Counterpart to Solidity's `uint40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n */\n function toUint40(uint256 value) internal pure returns (uint40) {\n if (value > type(uint40).max) {\n revert SafeCastOverflowedUintDowncast(40, value);\n }\n return uint40(value);\n }\n\n /**\n * @dev Returns the downcasted uint32 from uint256, reverting on\n * overflow (when the input is greater than largest uint32).\n *\n * Counterpart to Solidity's `uint32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n */\n function toUint32(uint256 value) internal pure returns (uint32) {\n if (value > type(uint32).max) {\n revert SafeCastOverflowedUintDowncast(32, value);\n }\n return uint32(value);\n }\n\n /**\n * @dev Returns the downcasted uint24 from uint256, reverting on\n * overflow (when the input is greater than largest uint24).\n *\n * Counterpart to Solidity's `uint24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n */\n function toUint24(uint256 value) internal pure returns (uint24) {\n if (value > type(uint24).max) {\n revert SafeCastOverflowedUintDowncast(24, value);\n }\n return uint24(value);\n }\n\n /**\n * @dev Returns the downcasted uint16 from uint256, reverting on\n * overflow (when the input is greater than largest uint16).\n *\n * Counterpart to Solidity's `uint16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n */\n function toUint16(uint256 value) internal pure returns (uint16) {\n if (value > type(uint16).max) {\n revert SafeCastOverflowedUintDowncast(16, value);\n }\n return uint16(value);\n }\n\n /**\n * @dev Returns the downcasted uint8 from uint256, reverting on\n * overflow (when the input is greater than largest uint8).\n *\n * Counterpart to Solidity's `uint8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n */\n function toUint8(uint256 value) internal pure returns (uint8) {\n if (value > type(uint8).max) {\n revert SafeCastOverflowedUintDowncast(8, value);\n }\n return uint8(value);\n }\n\n /**\n * @dev Converts a signed int256 into an unsigned uint256.\n *\n * Requirements:\n *\n * - input must be greater than or equal to 0.\n */\n function toUint256(int256 value) internal pure returns (uint256) {\n if (value < 0) {\n revert SafeCastOverflowedIntToUint(value);\n }\n return uint256(value);\n }\n\n /**\n * @dev Returns the downcasted int248 from int256, reverting on\n * overflow (when the input is less than smallest int248 or\n * greater than largest int248).\n *\n * Counterpart to Solidity's `int248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n */\n function toInt248(int256 value) internal pure returns (int248 downcasted) {\n downcasted = int248(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(248, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int240 from int256, reverting on\n * overflow (when the input is less than smallest int240 or\n * greater than largest int240).\n *\n * Counterpart to Solidity's `int240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n */\n function toInt240(int256 value) internal pure returns (int240 downcasted) {\n downcasted = int240(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(240, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int232 from int256, reverting on\n * overflow (when the input is less than smallest int232 or\n * greater than largest int232).\n *\n * Counterpart to Solidity's `int232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n */\n function toInt232(int256 value) internal pure returns (int232 downcasted) {\n downcasted = int232(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(232, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int224 from int256, reverting on\n * overflow (when the input is less than smallest int224 or\n * greater than largest int224).\n *\n * Counterpart to Solidity's `int224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n */\n function toInt224(int256 value) internal pure returns (int224 downcasted) {\n downcasted = int224(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(224, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int216 from int256, reverting on\n * overflow (when the input is less than smallest int216 or\n * greater than largest int216).\n *\n * Counterpart to Solidity's `int216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n */\n function toInt216(int256 value) internal pure returns (int216 downcasted) {\n downcasted = int216(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(216, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int208 from int256, reverting on\n * overflow (when the input is less than smallest int208 or\n * greater than largest int208).\n *\n * Counterpart to Solidity's `int208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n */\n function toInt208(int256 value) internal pure returns (int208 downcasted) {\n downcasted = int208(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(208, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int200 from int256, reverting on\n * overflow (when the input is less than smallest int200 or\n * greater than largest int200).\n *\n * Counterpart to Solidity's `int200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n */\n function toInt200(int256 value) internal pure returns (int200 downcasted) {\n downcasted = int200(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(200, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int192 from int256, reverting on\n * overflow (when the input is less than smallest int192 or\n * greater than largest int192).\n *\n * Counterpart to Solidity's `int192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n */\n function toInt192(int256 value) internal pure returns (int192 downcasted) {\n downcasted = int192(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(192, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int184 from int256, reverting on\n * overflow (when the input is less than smallest int184 or\n * greater than largest int184).\n *\n * Counterpart to Solidity's `int184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n */\n function toInt184(int256 value) internal pure returns (int184 downcasted) {\n downcasted = int184(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(184, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int176 from int256, reverting on\n * overflow (when the input is less than smallest int176 or\n * greater than largest int176).\n *\n * Counterpart to Solidity's `int176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n */\n function toInt176(int256 value) internal pure returns (int176 downcasted) {\n downcasted = int176(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(176, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int168 from int256, reverting on\n * overflow (when the input is less than smallest int168 or\n * greater than largest int168).\n *\n * Counterpart to Solidity's `int168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n */\n function toInt168(int256 value) internal pure returns (int168 downcasted) {\n downcasted = int168(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(168, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int160 from int256, reverting on\n * overflow (when the input is less than smallest int160 or\n * greater than largest int160).\n *\n * Counterpart to Solidity's `int160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n */\n function toInt160(int256 value) internal pure returns (int160 downcasted) {\n downcasted = int160(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(160, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int152 from int256, reverting on\n * overflow (when the input is less than smallest int152 or\n * greater than largest int152).\n *\n * Counterpart to Solidity's `int152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n */\n function toInt152(int256 value) internal pure returns (int152 downcasted) {\n downcasted = int152(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(152, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int144 from int256, reverting on\n * overflow (when the input is less than smallest int144 or\n * greater than largest int144).\n *\n * Counterpart to Solidity's `int144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n */\n function toInt144(int256 value) internal pure returns (int144 downcasted) {\n downcasted = int144(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(144, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int136 from int256, reverting on\n * overflow (when the input is less than smallest int136 or\n * greater than largest int136).\n *\n * Counterpart to Solidity's `int136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n */\n function toInt136(int256 value) internal pure returns (int136 downcasted) {\n downcasted = int136(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(136, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int128 from int256, reverting on\n * overflow (when the input is less than smallest int128 or\n * greater than largest int128).\n *\n * Counterpart to Solidity's `int128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n */\n function toInt128(int256 value) internal pure returns (int128 downcasted) {\n downcasted = int128(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(128, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int120 from int256, reverting on\n * overflow (when the input is less than smallest int120 or\n * greater than largest int120).\n *\n * Counterpart to Solidity's `int120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n */\n function toInt120(int256 value) internal pure returns (int120 downcasted) {\n downcasted = int120(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(120, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int112 from int256, reverting on\n * overflow (when the input is less than smallest int112 or\n * greater than largest int112).\n *\n * Counterpart to Solidity's `int112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n */\n function toInt112(int256 value) internal pure returns (int112 downcasted) {\n downcasted = int112(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(112, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int104 from int256, reverting on\n * overflow (when the input is less than smallest int104 or\n * greater than largest int104).\n *\n * Counterpart to Solidity's `int104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n */\n function toInt104(int256 value) internal pure returns (int104 downcasted) {\n downcasted = int104(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(104, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int96 from int256, reverting on\n * overflow (when the input is less than smallest int96 or\n * greater than largest int96).\n *\n * Counterpart to Solidity's `int96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n */\n function toInt96(int256 value) internal pure returns (int96 downcasted) {\n downcasted = int96(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(96, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int88 from int256, reverting on\n * overflow (when the input is less than smallest int88 or\n * greater than largest int88).\n *\n * Counterpart to Solidity's `int88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n */\n function toInt88(int256 value) internal pure returns (int88 downcasted) {\n downcasted = int88(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(88, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int80 from int256, reverting on\n * overflow (when the input is less than smallest int80 or\n * greater than largest int80).\n *\n * Counterpart to Solidity's `int80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n */\n function toInt80(int256 value) internal pure returns (int80 downcasted) {\n downcasted = int80(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(80, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int72 from int256, reverting on\n * overflow (when the input is less than smallest int72 or\n * greater than largest int72).\n *\n * Counterpart to Solidity's `int72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n */\n function toInt72(int256 value) internal pure returns (int72 downcasted) {\n downcasted = int72(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(72, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int64 from int256, reverting on\n * overflow (when the input is less than smallest int64 or\n * greater than largest int64).\n *\n * Counterpart to Solidity's `int64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n */\n function toInt64(int256 value) internal pure returns (int64 downcasted) {\n downcasted = int64(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(64, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int56 from int256, reverting on\n * overflow (when the input is less than smallest int56 or\n * greater than largest int56).\n *\n * Counterpart to Solidity's `int56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n */\n function toInt56(int256 value) internal pure returns (int56 downcasted) {\n downcasted = int56(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(56, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int48 from int256, reverting on\n * overflow (when the input is less than smallest int48 or\n * greater than largest int48).\n *\n * Counterpart to Solidity's `int48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n */\n function toInt48(int256 value) internal pure returns (int48 downcasted) {\n downcasted = int48(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(48, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int40 from int256, reverting on\n * overflow (when the input is less than smallest int40 or\n * greater than largest int40).\n *\n * Counterpart to Solidity's `int40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n */\n function toInt40(int256 value) internal pure returns (int40 downcasted) {\n downcasted = int40(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(40, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int32 from int256, reverting on\n * overflow (when the input is less than smallest int32 or\n * greater than largest int32).\n *\n * Counterpart to Solidity's `int32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n */\n function toInt32(int256 value) internal pure returns (int32 downcasted) {\n downcasted = int32(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(32, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int24 from int256, reverting on\n * overflow (when the input is less than smallest int24 or\n * greater than largest int24).\n *\n * Counterpart to Solidity's `int24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n */\n function toInt24(int256 value) internal pure returns (int24 downcasted) {\n downcasted = int24(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(24, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int16 from int256, reverting on\n * overflow (when the input is less than smallest int16 or\n * greater than largest int16).\n *\n * Counterpart to Solidity's `int16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n */\n function toInt16(int256 value) internal pure returns (int16 downcasted) {\n downcasted = int16(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(16, value);\n }\n }\n\n /**\n * @dev Returns the downcasted int8 from int256, reverting on\n * overflow (when the input is less than smallest int8 or\n * greater than largest int8).\n *\n * Counterpart to Solidity's `int8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n */\n function toInt8(int256 value) internal pure returns (int8 downcasted) {\n downcasted = int8(value);\n if (downcasted != value) {\n revert SafeCastOverflowedIntDowncast(8, value);\n }\n }\n\n /**\n * @dev Converts an unsigned uint256 into a signed int256.\n *\n * Requirements:\n *\n * - input must be less than or equal to maxInt256.\n */\n function toInt256(uint256 value) internal pure returns (int256) {\n // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive\n if (value > uint256(type(int256).max)) {\n revert SafeCastOverflowedUintToInt(value);\n }\n return int256(value);\n }\n\n /**\n * @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.\n */\n function toUint(bool b) internal pure returns (uint256 u) {\n assembly (\"memory-safe\") {\n u := iszero(iszero(b))\n }\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/OperatorSetLib.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\n/**\n * @notice An operator set identified by the AVS address and an identifier\n * @param avs The address of the AVS this operator set belongs to\n * @param id The unique identifier for the operator set\n */\nstruct OperatorSet {\n address avs;\n uint32 id;\n}\n\nlibrary OperatorSetLib {\n function key(\n OperatorSet memory os\n ) internal pure returns (bytes32) {\n return bytes32(abi.encodePacked(os.avs, uint96(os.id)));\n }\n\n function decode(\n bytes32 _key\n ) internal pure returns (OperatorSet memory) {\n /// forgefmt: disable-next-item\n return OperatorSet({\n avs: address(uint160(uint256(_key) >> 96)),\n id: uint32(uint256(_key) & type(uint96).max)\n });\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IPauserRegistry.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\n/**\n * @title Interface for the `PauserRegistry` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface IPauserRegistry {\n error OnlyUnpauser();\n error InputAddressZero();\n\n event PauserStatusChanged(address pauser, bool canPause);\n\n event UnpauserChanged(address previousUnpauser, address newUnpauser);\n\n /// @notice Mapping of addresses to whether they hold the pauser role.\n function isPauser(\n address pauser\n ) external view returns (bool);\n\n /// @notice Unique address that holds the unpauser role. Capable of changing *both* the pauser and unpauser addresses.\n function unpauser() external view returns (address);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/SlashingLib.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\nimport \"@openzeppelin/contracts/utils/math/Math.sol\";\nimport \"@openzeppelin-upgrades/contracts/utils/math/SafeCastUpgradeable.sol\";\n\n/// @dev All scaling factors have `1e18` as an initial/default value. This value is represented\n/// by the constant `WAD`, which is used to preserve precision with uint256 math.\n///\n/// When applying scaling factors, they are typically multiplied/divided by `WAD`, allowing this\n/// constant to act as a \"1\" in mathematical formulae.\nuint64 constant WAD = 1e18;\n\n/*\n * There are 2 types of shares:\n * 1. deposit shares\n * - These can be converted to an amount of tokens given a strategy\n * - by calling `sharesToUnderlying` on the strategy address (they're already tokens \n * in the case of EigenPods)\n * - These live in the storage of the EigenPodManager and individual StrategyManager strategies \n * 2. withdrawable shares\n * - For a staker, this is the amount of shares that they can withdraw\n * - For an operator, the shares delegated to them are equal to the sum of their stakers'\n * withdrawable shares\n *\n * Along with a slashing factor, the DepositScalingFactor is used to convert between the two share types.\n */\nstruct DepositScalingFactor {\n uint256 _scalingFactor;\n}\n\nusing SlashingLib for DepositScalingFactor global;\n\nlibrary SlashingLib {\n using Math for uint256;\n using SlashingLib for uint256;\n using SafeCastUpgradeable for uint256;\n\n // WAD MATH\n\n function mulWad(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(y, WAD);\n }\n\n function divWad(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(WAD, y);\n }\n\n /**\n * @notice Used explicitly for calculating slashed magnitude, we want to ensure even in the\n * situation where an operator is slashed several times and precision has been lost over time,\n * an incoming slashing request isn't rounded down to 0 and an operator is able to avoid slashing penalties.\n */\n function mulWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(y, WAD, Math.Rounding.Up);\n }\n\n /**\n * @notice Used as part of calculating wadSlashed in the EPM to ensure that we don't overslash\n */\n function divWadRoundUp(uint256 x, uint256 y) internal pure returns (uint256) {\n return x.mulDiv(WAD, y, Math.Rounding.Up);\n }\n\n // GETTERS\n\n function scalingFactor(\n DepositScalingFactor memory dsf\n ) internal pure returns (uint256) {\n return dsf._scalingFactor == 0 ? WAD : dsf._scalingFactor;\n }\n\n function scaleForQueueWithdrawal(\n DepositScalingFactor memory dsf,\n uint256 depositSharesToWithdraw\n ) internal pure returns (uint256) {\n return depositSharesToWithdraw.mulWad(dsf.scalingFactor());\n }\n\n function scaleForCompleteWithdrawal(uint256 scaledShares, uint256 slashingFactor) internal pure returns (uint256) {\n return scaledShares.mulWad(slashingFactor);\n }\n\n /**\n * @notice Scales shares according to the difference in an operator's magnitude before and\n * after being slashed. This is used to calculate the number of slashable shares in the\n * withdrawal queue.\n * NOTE: max magnitude is guaranteed to only ever decrease.\n */\n function scaleForBurning(\n uint256 scaledShares,\n uint64 prevMaxMagnitude,\n uint64 newMaxMagnitude\n ) internal pure returns (uint256) {\n return scaledShares.mulWad(prevMaxMagnitude - newMaxMagnitude);\n }\n\n function update(\n DepositScalingFactor storage dsf,\n uint256 prevDepositShares,\n uint256 addedShares,\n uint256 slashingFactor\n ) internal {\n // If this is the staker's first deposit, set the scaling factor to\n // the inverse of slashingFactor\n if (prevDepositShares == 0) {\n dsf._scalingFactor = uint256(WAD).divWad(slashingFactor);\n return;\n }\n\n /**\n * Base Equations:\n * (1) newShares = currentShares + addedShares\n * (2) newDepositShares = prevDepositShares + addedShares\n * (3) newShares = newDepositShares * newDepositScalingFactor * slashingFactor\n *\n * Plugging (1) into (3):\n * (4) newDepositShares * newDepositScalingFactor * slashingFactor = currentShares + addedShares\n *\n * Solving for newDepositScalingFactor\n * (5) newDepositScalingFactor = (currentShares + addedShares) / (newDepositShares * slashingFactor)\n *\n * Plugging in (2) into (5):\n * (7) newDepositScalingFactor = (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor)\n * Note that magnitudes must be divided by WAD for precision. Thus,\n *\n * (8) newDepositScalingFactor = WAD * (currentShares + addedShares) / ((prevDepositShares + addedShares) * slashingFactor / WAD)\n * (9) newDepositScalingFactor = (currentShares + addedShares) * WAD / (prevDepositShares + addedShares) * WAD / slashingFactor\n */\n\n // Step 1: Calculate Numerator\n uint256 currentShares = dsf.calcWithdrawable(prevDepositShares, slashingFactor);\n\n // Step 2: Compute currentShares + addedShares\n uint256 newShares = currentShares + addedShares;\n\n // Step 3: Calculate newDepositScalingFactor\n /// forgefmt: disable-next-item\n uint256 newDepositScalingFactor = newShares\n .divWad(prevDepositShares + addedShares)\n .divWad(slashingFactor);\n\n dsf._scalingFactor = newDepositScalingFactor;\n }\n\n // CONVERSION\n\n function calcWithdrawable(\n DepositScalingFactor memory dsf,\n uint256 depositShares,\n uint256 slashingFactor\n ) internal pure returns (uint256) {\n /// forgefmt: disable-next-item\n return depositShares\n .mulWad(dsf.scalingFactor())\n .mulWad(slashingFactor);\n }\n\n function calcDepositShares(\n DepositScalingFactor memory dsf,\n uint256 withdrawableShares,\n uint256 slashingFactor\n ) internal pure returns (uint256) {\n /// forgefmt: disable-next-item\n return withdrawableShares\n .divWad(dsf.scalingFactor())\n .divWad(slashingFactor);\n }\n\n function calcSlashedAmount(\n uint256 operatorShares,\n uint256 prevMaxMagnitude,\n uint256 newMaxMagnitude\n ) internal pure returns (uint256) {\n // round up mulDiv so we don't overslash\n return operatorShares - operatorShares.mulDiv(newMaxMagnitude, prevMaxMagnitude, Math.Rounding.Up);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IShareManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.27;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\nimport \"../libraries/SlashingLib.sol\";\nimport \"./IStrategy.sol\";\n\n/**\n * @title Interface for a `IShareManager` contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice This contract is used by the DelegationManager as a unified interface to interact with the EigenPodManager and StrategyManager\n */\ninterface IShareManager {\n /// @notice Used by the DelegationManager to remove a Staker's shares from a particular strategy when entering the withdrawal queue\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n function removeDepositShares(address staker, IStrategy strategy, uint256 depositSharesToRemove) external;\n\n /// @notice Used by the DelegationManager to award a Staker some shares that have passed through the withdrawal queue\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev token is not validated; it is only emitted as an event\n /// @return existingDepositShares the shares the staker had before any were added\n /// @return addedShares the new shares added to the staker's balance\n function addShares(\n address staker,\n IStrategy strategy,\n IERC20 token,\n uint256 shares\n ) external returns (uint256, uint256);\n\n /// @notice Used by the DelegationManager to convert deposit shares to tokens and send them to a staker\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev token is not validated when talking to the EigenPodManager\n function withdrawSharesAsTokens(address staker, IStrategy strategy, IERC20 token, uint256 shares) external;\n\n /// @notice Returns the current shares of `user` in `strategy`\n /// @dev strategy must be beaconChainETH when talking to the EigenPodManager\n /// @dev returns 0 if the user has negative shares\n function stakerDepositShares(address user, IStrategy strategy) external view returns (uint256 depositShares);\n\n /**\n * @notice Increase the amount of burnable shares for a given Strategy. This is called by the DelegationManager\n * when an operator is slashed in EigenLayer.\n * @param strategy The strategy to burn shares in.\n * @param addedSharesToBurn The amount of added shares to burn.\n * @dev This function is only called by the DelegationManager when an operator is slashed.\n */\n function increaseBurnableShares(IStrategy strategy, uint256 addedSharesToBurn) external;\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IEigenPodManager.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/proxy/beacon/IBeacon.sol\";\nimport \"./IETHPOSDeposit.sol\";\nimport \"./IStrategyManager.sol\";\nimport \"./IEigenPod.sol\";\nimport \"./IShareManager.sol\";\nimport \"./IPausable.sol\";\nimport \"./IStrategy.sol\";\n\ninterface IEigenPodManagerErrors {\n /// @dev Thrown when caller is not a EigenPod.\n error OnlyEigenPod();\n /// @dev Thrown when caller is not DelegationManager.\n error OnlyDelegationManager();\n /// @dev Thrown when caller already has an EigenPod.\n error EigenPodAlreadyExists();\n /// @dev Thrown when shares is not a multiple of gwei.\n error SharesNotMultipleOfGwei();\n /// @dev Thrown when shares would result in a negative integer.\n error SharesNegative();\n /// @dev Thrown when the strategy is not the beaconChainETH strategy.\n error InvalidStrategy();\n /// @dev Thrown when the pods shares are negative and a beacon chain balance update is attempted.\n /// The podOwner should complete legacy withdrawal first.\n error LegacyWithdrawalsNotCompleted();\n}\n\ninterface IEigenPodManagerEvents {\n /// @notice Emitted to notify the deployment of an EigenPod\n event PodDeployed(address indexed eigenPod, address indexed podOwner);\n\n /// @notice Emitted to notify a deposit of beacon chain ETH recorded in the strategy manager\n event BeaconChainETHDeposited(address indexed podOwner, uint256 amount);\n\n /// @notice Emitted when the balance of an EigenPod is updated\n event PodSharesUpdated(address indexed podOwner, int256 sharesDelta);\n\n /// @notice Emitted every time the total shares of a pod are updated\n event NewTotalShares(address indexed podOwner, int256 newTotalShares);\n\n /// @notice Emitted when a withdrawal of beacon chain ETH is completed\n event BeaconChainETHWithdrawalCompleted(\n address indexed podOwner,\n uint256 shares,\n uint96 nonce,\n address delegatedAddress,\n address withdrawer,\n bytes32 withdrawalRoot\n );\n\n /// @notice Emitted when a staker's beaconChainSlashingFactor is updated\n event BeaconChainSlashingFactorDecreased(\n address staker, uint64 prevBeaconChainSlashingFactor, uint64 newBeaconChainSlashingFactor\n );\n\n /// @notice Emitted when an operator is slashed and shares to be burned are increased\n event BurnableETHSharesIncreased(uint256 shares);\n}\n\ninterface IEigenPodManagerTypes {\n /**\n * @notice The amount of beacon chain slashing experienced by a pod owner as a proportion of WAD\n * @param isSet whether the slashingFactor has ever been updated. Used to distinguish between\n * a value of \"0\" and an uninitialized value.\n * @param slashingFactor the proportion of the pod owner's balance that has been decreased due to\n * slashing or other beacon chain balance decreases.\n * @dev NOTE: if !isSet, `slashingFactor` should be treated as WAD. `slashingFactor` is monotonically\n * decreasing and can hit 0 if fully slashed.\n */\n struct BeaconChainSlashingFactor {\n bool isSet;\n uint64 slashingFactor;\n }\n}\n\n/**\n * @title Interface for factory that creates and manages solo staking pods that have their withdrawal credentials pointed to EigenLayer.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n */\ninterface IEigenPodManager is\n IEigenPodManagerErrors,\n IEigenPodManagerEvents,\n IEigenPodManagerTypes,\n IShareManager,\n IPausable\n{\n /**\n * @notice Creates an EigenPod for the sender.\n * @dev Function will revert if the `msg.sender` already has an EigenPod.\n * @dev Returns EigenPod address\n */\n function createPod() external returns (address);\n\n /**\n * @notice Stakes for a new beacon chain validator on the sender's EigenPod.\n * Also creates an EigenPod for the sender if they don't have one already.\n * @param pubkey The 48 bytes public key of the beacon chain validator.\n * @param signature The validator's signature of the deposit data.\n * @param depositDataRoot The root/hash of the deposit data for the validator's deposit.\n */\n function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable;\n\n /**\n * @notice Adds any positive share delta to the pod owner's deposit shares, and delegates them to the pod\n * owner's operator (if applicable). A negative share delta does NOT impact the pod owner's deposit shares,\n * but will reduce their beacon chain slashing factor and delegated shares accordingly.\n * @param podOwner is the pod owner whose balance is being updated.\n * @param prevRestakedBalanceWei is the total amount restaked through the pod before the balance update, including\n * any amount currently in the withdrawal queue.\n * @param balanceDeltaWei is the amount the balance changed\n * @dev Callable only by the podOwner's EigenPod contract.\n * @dev Reverts if `sharesDelta` is not a whole Gwei amount\n */\n function recordBeaconChainETHBalanceUpdate(\n address podOwner,\n uint256 prevRestakedBalanceWei,\n int256 balanceDeltaWei\n ) external;\n\n /// @notice Returns the address of the `podOwner`'s EigenPod if it has been deployed.\n function ownerToPod(\n address podOwner\n ) external view returns (IEigenPod);\n\n /// @notice Returns the address of the `podOwner`'s EigenPod (whether it is deployed yet or not).\n function getPod(\n address podOwner\n ) external view returns (IEigenPod);\n\n /// @notice The ETH2 Deposit Contract\n function ethPOS() external view returns (IETHPOSDeposit);\n\n /// @notice Beacon proxy to which the EigenPods point\n function eigenPodBeacon() external view returns (IBeacon);\n\n /// @notice Returns 'true' if the `podOwner` has created an EigenPod, and 'false' otherwise.\n function hasPod(\n address podOwner\n ) external view returns (bool);\n\n /// @notice Returns the number of EigenPods that have been created\n function numPods() external view returns (uint256);\n\n /**\n * @notice Mapping from Pod owner owner to the number of shares they have in the virtual beacon chain ETH strategy.\n * @dev The share amount can become negative. This is necessary to accommodate the fact that a pod owner's virtual beacon chain ETH shares can\n * decrease between the pod owner queuing and completing a withdrawal.\n * When the pod owner's shares would otherwise increase, this \"deficit\" is decreased first _instead_.\n * Likewise, when a withdrawal is completed, this \"deficit\" is decreased and the withdrawal amount is decreased; We can think of this\n * as the withdrawal \"paying off the deficit\".\n */\n function podOwnerDepositShares(\n address podOwner\n ) external view returns (int256);\n\n /// @notice returns canonical, virtual beaconChainETH strategy\n function beaconChainETHStrategy() external view returns (IStrategy);\n\n /**\n * @notice Returns the historical sum of proportional balance decreases a pod owner has experienced when\n * updating their pod's balance.\n */\n function beaconChainSlashingFactor(\n address staker\n ) external view returns (uint64);\n\n /// @notice Returns the accumulated amount of beacon chain ETH Strategy shares\n function burnableETHShares() external view returns (uint256);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Interface of the ERC-20 standard as defined in the ERC.\n */\ninterface IERC20 {\n /**\n * @dev Emitted when `value` tokens are moved from one account (`from`) to\n * another (`to`).\n *\n * Note that `value` may be zero.\n */\n event Transfer(address indexed from, address indexed to, uint256 value);\n\n /**\n * @dev Emitted when the allowance of a `spender` for an `owner` is set by\n * a call to {approve}. `value` is the new allowance.\n */\n event Approval(address indexed owner, address indexed spender, uint256 value);\n\n /**\n * @dev Returns the value of tokens in existence.\n */\n function totalSupply() external view returns (uint256);\n\n /**\n * @dev Returns the value of tokens owned by `account`.\n */\n function balanceOf(address account) external view returns (uint256);\n\n /**\n * @dev Moves a `value` amount of tokens from the caller's account to `to`.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transfer(address to, uint256 value) external returns (bool);\n\n /**\n * @dev Returns the remaining number of tokens that `spender` will be\n * allowed to spend on behalf of `owner` through {transferFrom}. This is\n * zero by default.\n *\n * This value changes when {approve} or {transferFrom} are called.\n */\n function allowance(address owner, address spender) external view returns (uint256);\n\n /**\n * @dev Sets a `value` amount of tokens as the allowance of `spender` over the\n * caller's tokens.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * IMPORTANT: Beware that changing an allowance with this method brings the risk\n * that someone may use both the old and the new allowance by unfortunate\n * transaction ordering. One possible solution to mitigate this race\n * condition is to first reduce the spender's allowance to 0 and set the\n * desired value afterwards:\n * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729\n *\n * Emits an {Approval} event.\n */\n function approve(address spender, uint256 value) external returns (bool);\n\n /**\n * @dev Moves a `value` amount of tokens from `from` to `to` using the\n * allowance mechanism. `value` is then deducted from the caller's\n * allowance.\n *\n * Returns a boolean value indicating whether the operation succeeded.\n *\n * Emits a {Transfer} event.\n */\n function transferFrom(address from, address to, uint256 value) external returns (bool);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/proxy/beacon/IBeacon.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev This is the interface that {BeaconProxy} expects of its beacon.\n */\ninterface IBeacon {\n /**\n * @dev Must return an address that can be used as a delegate call target.\n *\n * {UpgradeableBeacon} will check that this address is a contract.\n */\n function implementation() external view returns (address);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/interfaces/IERC1967.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1967.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.\n */\ninterface IERC1967 {\n /**\n * @dev Emitted when the implementation is upgraded.\n */\n event Upgraded(address indexed implementation);\n\n /**\n * @dev Emitted when the admin account has changed.\n */\n event AdminChanged(address previousAdmin, address newAdmin);\n\n /**\n * @dev Emitted when the beacon is changed.\n */\n event BeaconUpgraded(address indexed beacon);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Address.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.2.0) (utils/Address.sol)\n\npragma solidity ^0.8.20;\n\nimport {Errors} from \"./Errors.sol\";\n\n/**\n * @dev Collection of functions related to the address type\n */\nlibrary Address {\n /**\n * @dev There's no code at `target` (it is not a contract).\n */\n error AddressEmptyCode(address target);\n\n /**\n * @dev Replacement for Solidity's `transfer`: sends `amount` wei to\n * `recipient`, forwarding all available gas and reverting on errors.\n *\n * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost\n * of certain opcodes, possibly making contracts go over the 2300 gas limit\n * imposed by `transfer`, making them unable to receive funds via\n * `transfer`. {sendValue} removes this limitation.\n *\n * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].\n *\n * IMPORTANT: because control is transferred to `recipient`, care must be\n * taken to not create reentrancy vulnerabilities. Consider using\n * {ReentrancyGuard} or the\n * https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].\n */\n function sendValue(address payable recipient, uint256 amount) internal {\n if (address(this).balance < amount) {\n revert Errors.InsufficientBalance(address(this).balance, amount);\n }\n\n (bool success, bytes memory returndata) = recipient.call{value: amount}(\"\");\n if (!success) {\n _revert(returndata);\n }\n }\n\n /**\n * @dev Performs a Solidity function call using a low level `call`. A\n * plain `call` is an unsafe replacement for a function call: use this\n * function instead.\n *\n * If `target` reverts with a revert reason or custom error, it is bubbled\n * up by this function (like regular Solidity function calls). However, if\n * the call reverted with no returned reason, this function reverts with a\n * {Errors.FailedCall} error.\n *\n * Returns the raw returned data. To convert to the expected return value,\n * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].\n *\n * Requirements:\n *\n * - `target` must be a contract.\n * - calling `target` with `data` must not revert.\n */\n function functionCall(address target, bytes memory data) internal returns (bytes memory) {\n return functionCallWithValue(target, data, 0);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but also transferring `value` wei to `target`.\n *\n * Requirements:\n *\n * - the calling contract must have an ETH balance of at least `value`.\n * - the called Solidity function must be `payable`.\n */\n function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {\n if (address(this).balance < value) {\n revert Errors.InsufficientBalance(address(this).balance, value);\n }\n (bool success, bytes memory returndata) = target.call{value: value}(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a static call.\n */\n function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {\n (bool success, bytes memory returndata) = target.staticcall(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],\n * but performing a delegate call.\n */\n function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {\n (bool success, bytes memory returndata) = target.delegatecall(data);\n return verifyCallResultFromTarget(target, success, returndata);\n }\n\n /**\n * @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target\n * was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case\n * of an unsuccessful call.\n */\n function verifyCallResultFromTarget(\n address target,\n bool success,\n bytes memory returndata\n ) internal view returns (bytes memory) {\n if (!success) {\n _revert(returndata);\n } else {\n // only check if target is a contract if the call was successful and the return data is empty\n // otherwise we already know that it was a contract\n if (returndata.length == 0 && target.code.length == 0) {\n revert AddressEmptyCode(target);\n }\n return returndata;\n }\n }\n\n /**\n * @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the\n * revert reason or with a default {Errors.FailedCall} error.\n */\n function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {\n if (!success) {\n _revert(returndata);\n } else {\n return returndata;\n }\n }\n\n /**\n * @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.\n */\n function _revert(bytes memory returndata) private pure {\n // Look for revert reason and bubble it up if present\n if (returndata.length > 0) {\n // The easiest way to bubble the revert reason is using memory via assembly\n assembly (\"memory-safe\") {\n let returndata_size := mload(returndata)\n revert(add(32, returndata), returndata_size)\n }\n } else {\n revert Errors.FailedCall();\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/StorageSlot.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol)\n// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Library for reading and writing primitive types to specific storage slots.\n *\n * Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.\n * This library helps with reading and writing to such slots without the need for inline assembly.\n *\n * The functions in this library return Slot structs that contain a `value` member that can be used to read or write.\n *\n * Example usage to set ERC-1967 implementation slot:\n * ```solidity\n * contract ERC1967 {\n * // Define the slot. Alternatively, use the SlotDerivation library to derive the slot.\n * bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;\n *\n * function _getImplementation() internal view returns (address) {\n * return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;\n * }\n *\n * function _setImplementation(address newImplementation) internal {\n * require(newImplementation.code.length > 0);\n * StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;\n * }\n * }\n * ```\n *\n * TIP: Consider using this library along with {SlotDerivation}.\n */\nlibrary StorageSlot {\n struct AddressSlot {\n address value;\n }\n\n struct BooleanSlot {\n bool value;\n }\n\n struct Bytes32Slot {\n bytes32 value;\n }\n\n struct Uint256Slot {\n uint256 value;\n }\n\n struct Int256Slot {\n int256 value;\n }\n\n struct StringSlot {\n string value;\n }\n\n struct BytesSlot {\n bytes value;\n }\n\n /**\n * @dev Returns an `AddressSlot` with member `value` located at `slot`.\n */\n function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `BooleanSlot` with member `value` located at `slot`.\n */\n function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Bytes32Slot` with member `value` located at `slot`.\n */\n function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Uint256Slot` with member `value` located at `slot`.\n */\n function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `Int256Slot` with member `value` located at `slot`.\n */\n function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns a `StringSlot` with member `value` located at `slot`.\n */\n function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns an `StringSlot` representation of the string storage pointer `store`.\n */\n function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := store.slot\n }\n }\n\n /**\n * @dev Returns a `BytesSlot` with member `value` located at `slot`.\n */\n function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := slot\n }\n }\n\n /**\n * @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.\n */\n function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {\n assembly (\"memory-safe\") {\n r.slot := store.slot\n }\n }\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Panic.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Helper library for emitting standardized panic codes.\n *\n * ```solidity\n * contract Example {\n * using Panic for uint256;\n *\n * // Use any of the declared internal constants\n * function foo() { Panic.GENERIC.panic(); }\n *\n * // Alternatively\n * function foo() { Panic.panic(Panic.GENERIC); }\n * }\n * ```\n *\n * Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].\n *\n * _Available since v5.1._\n */\n// slither-disable-next-line unused-state\nlibrary Panic {\n /// @dev generic / unspecified error\n uint256 internal constant GENERIC = 0x00;\n /// @dev used by the assert() builtin\n uint256 internal constant ASSERT = 0x01;\n /// @dev arithmetic underflow or overflow\n uint256 internal constant UNDER_OVERFLOW = 0x11;\n /// @dev division or modulo by zero\n uint256 internal constant DIVISION_BY_ZERO = 0x12;\n /// @dev enum conversion error\n uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;\n /// @dev invalid encoding in storage\n uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;\n /// @dev empty array pop\n uint256 internal constant EMPTY_ARRAY_POP = 0x31;\n /// @dev array out of bounds access\n uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;\n /// @dev resource error (too large allocation or too large array)\n uint256 internal constant RESOURCE_ERROR = 0x41;\n /// @dev calling invalid internal function\n uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;\n\n /// @dev Reverts with a panic code. Recommended to use with\n /// the internal constants with predefined codes.\n function panic(uint256 code) internal pure {\n assembly (\"memory-safe\") {\n mstore(0x00, 0x4e487b71)\n mstore(0x20, code)\n revert(0x1c, 0x24)\n }\n }\n}\n" - }, - "lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/contracts/utils/math/SafeCastUpgradeable.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SafeCast.sol)\n// This file was procedurally generated from scripts/generate/templates/SafeCast.js.\n\npragma solidity ^0.8.0;\n\n/**\n * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow\n * checks.\n *\n * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can\n * easily result in undesired exploitation or bugs, since developers usually\n * assume that overflows raise errors. `SafeCast` restores this intuition by\n * reverting the transaction when such an operation overflows.\n *\n * Using this library instead of the unchecked operations eliminates an entire\n * class of bugs, so it's recommended to use it always.\n *\n * Can be combined with {SafeMath} and {SignedSafeMath} to extend it to smaller types, by performing\n * all math on `uint256` and `int256` and then downcasting.\n */\nlibrary SafeCastUpgradeable {\n /**\n * @dev Returns the downcasted uint248 from uint256, reverting on\n * overflow (when the input is greater than largest uint248).\n *\n * Counterpart to Solidity's `uint248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n *\n * _Available since v4.7._\n */\n function toUint248(uint256 value) internal pure returns (uint248) {\n require(value <= type(uint248).max, \"SafeCast: value doesn't fit in 248 bits\");\n return uint248(value);\n }\n\n /**\n * @dev Returns the downcasted uint240 from uint256, reverting on\n * overflow (when the input is greater than largest uint240).\n *\n * Counterpart to Solidity's `uint240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n *\n * _Available since v4.7._\n */\n function toUint240(uint256 value) internal pure returns (uint240) {\n require(value <= type(uint240).max, \"SafeCast: value doesn't fit in 240 bits\");\n return uint240(value);\n }\n\n /**\n * @dev Returns the downcasted uint232 from uint256, reverting on\n * overflow (when the input is greater than largest uint232).\n *\n * Counterpart to Solidity's `uint232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n *\n * _Available since v4.7._\n */\n function toUint232(uint256 value) internal pure returns (uint232) {\n require(value <= type(uint232).max, \"SafeCast: value doesn't fit in 232 bits\");\n return uint232(value);\n }\n\n /**\n * @dev Returns the downcasted uint224 from uint256, reverting on\n * overflow (when the input is greater than largest uint224).\n *\n * Counterpart to Solidity's `uint224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n *\n * _Available since v4.2._\n */\n function toUint224(uint256 value) internal pure returns (uint224) {\n require(value <= type(uint224).max, \"SafeCast: value doesn't fit in 224 bits\");\n return uint224(value);\n }\n\n /**\n * @dev Returns the downcasted uint216 from uint256, reverting on\n * overflow (when the input is greater than largest uint216).\n *\n * Counterpart to Solidity's `uint216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n *\n * _Available since v4.7._\n */\n function toUint216(uint256 value) internal pure returns (uint216) {\n require(value <= type(uint216).max, \"SafeCast: value doesn't fit in 216 bits\");\n return uint216(value);\n }\n\n /**\n * @dev Returns the downcasted uint208 from uint256, reverting on\n * overflow (when the input is greater than largest uint208).\n *\n * Counterpart to Solidity's `uint208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n *\n * _Available since v4.7._\n */\n function toUint208(uint256 value) internal pure returns (uint208) {\n require(value <= type(uint208).max, \"SafeCast: value doesn't fit in 208 bits\");\n return uint208(value);\n }\n\n /**\n * @dev Returns the downcasted uint200 from uint256, reverting on\n * overflow (when the input is greater than largest uint200).\n *\n * Counterpart to Solidity's `uint200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n *\n * _Available since v4.7._\n */\n function toUint200(uint256 value) internal pure returns (uint200) {\n require(value <= type(uint200).max, \"SafeCast: value doesn't fit in 200 bits\");\n return uint200(value);\n }\n\n /**\n * @dev Returns the downcasted uint192 from uint256, reverting on\n * overflow (when the input is greater than largest uint192).\n *\n * Counterpart to Solidity's `uint192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n *\n * _Available since v4.7._\n */\n function toUint192(uint256 value) internal pure returns (uint192) {\n require(value <= type(uint192).max, \"SafeCast: value doesn't fit in 192 bits\");\n return uint192(value);\n }\n\n /**\n * @dev Returns the downcasted uint184 from uint256, reverting on\n * overflow (when the input is greater than largest uint184).\n *\n * Counterpart to Solidity's `uint184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n *\n * _Available since v4.7._\n */\n function toUint184(uint256 value) internal pure returns (uint184) {\n require(value <= type(uint184).max, \"SafeCast: value doesn't fit in 184 bits\");\n return uint184(value);\n }\n\n /**\n * @dev Returns the downcasted uint176 from uint256, reverting on\n * overflow (when the input is greater than largest uint176).\n *\n * Counterpart to Solidity's `uint176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n *\n * _Available since v4.7._\n */\n function toUint176(uint256 value) internal pure returns (uint176) {\n require(value <= type(uint176).max, \"SafeCast: value doesn't fit in 176 bits\");\n return uint176(value);\n }\n\n /**\n * @dev Returns the downcasted uint168 from uint256, reverting on\n * overflow (when the input is greater than largest uint168).\n *\n * Counterpart to Solidity's `uint168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n *\n * _Available since v4.7._\n */\n function toUint168(uint256 value) internal pure returns (uint168) {\n require(value <= type(uint168).max, \"SafeCast: value doesn't fit in 168 bits\");\n return uint168(value);\n }\n\n /**\n * @dev Returns the downcasted uint160 from uint256, reverting on\n * overflow (when the input is greater than largest uint160).\n *\n * Counterpart to Solidity's `uint160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n *\n * _Available since v4.7._\n */\n function toUint160(uint256 value) internal pure returns (uint160) {\n require(value <= type(uint160).max, \"SafeCast: value doesn't fit in 160 bits\");\n return uint160(value);\n }\n\n /**\n * @dev Returns the downcasted uint152 from uint256, reverting on\n * overflow (when the input is greater than largest uint152).\n *\n * Counterpart to Solidity's `uint152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n *\n * _Available since v4.7._\n */\n function toUint152(uint256 value) internal pure returns (uint152) {\n require(value <= type(uint152).max, \"SafeCast: value doesn't fit in 152 bits\");\n return uint152(value);\n }\n\n /**\n * @dev Returns the downcasted uint144 from uint256, reverting on\n * overflow (when the input is greater than largest uint144).\n *\n * Counterpart to Solidity's `uint144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n *\n * _Available since v4.7._\n */\n function toUint144(uint256 value) internal pure returns (uint144) {\n require(value <= type(uint144).max, \"SafeCast: value doesn't fit in 144 bits\");\n return uint144(value);\n }\n\n /**\n * @dev Returns the downcasted uint136 from uint256, reverting on\n * overflow (when the input is greater than largest uint136).\n *\n * Counterpart to Solidity's `uint136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n *\n * _Available since v4.7._\n */\n function toUint136(uint256 value) internal pure returns (uint136) {\n require(value <= type(uint136).max, \"SafeCast: value doesn't fit in 136 bits\");\n return uint136(value);\n }\n\n /**\n * @dev Returns the downcasted uint128 from uint256, reverting on\n * overflow (when the input is greater than largest uint128).\n *\n * Counterpart to Solidity's `uint128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n *\n * _Available since v2.5._\n */\n function toUint128(uint256 value) internal pure returns (uint128) {\n require(value <= type(uint128).max, \"SafeCast: value doesn't fit in 128 bits\");\n return uint128(value);\n }\n\n /**\n * @dev Returns the downcasted uint120 from uint256, reverting on\n * overflow (when the input is greater than largest uint120).\n *\n * Counterpart to Solidity's `uint120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n *\n * _Available since v4.7._\n */\n function toUint120(uint256 value) internal pure returns (uint120) {\n require(value <= type(uint120).max, \"SafeCast: value doesn't fit in 120 bits\");\n return uint120(value);\n }\n\n /**\n * @dev Returns the downcasted uint112 from uint256, reverting on\n * overflow (when the input is greater than largest uint112).\n *\n * Counterpart to Solidity's `uint112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n *\n * _Available since v4.7._\n */\n function toUint112(uint256 value) internal pure returns (uint112) {\n require(value <= type(uint112).max, \"SafeCast: value doesn't fit in 112 bits\");\n return uint112(value);\n }\n\n /**\n * @dev Returns the downcasted uint104 from uint256, reverting on\n * overflow (when the input is greater than largest uint104).\n *\n * Counterpart to Solidity's `uint104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n *\n * _Available since v4.7._\n */\n function toUint104(uint256 value) internal pure returns (uint104) {\n require(value <= type(uint104).max, \"SafeCast: value doesn't fit in 104 bits\");\n return uint104(value);\n }\n\n /**\n * @dev Returns the downcasted uint96 from uint256, reverting on\n * overflow (when the input is greater than largest uint96).\n *\n * Counterpart to Solidity's `uint96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n *\n * _Available since v4.2._\n */\n function toUint96(uint256 value) internal pure returns (uint96) {\n require(value <= type(uint96).max, \"SafeCast: value doesn't fit in 96 bits\");\n return uint96(value);\n }\n\n /**\n * @dev Returns the downcasted uint88 from uint256, reverting on\n * overflow (when the input is greater than largest uint88).\n *\n * Counterpart to Solidity's `uint88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n *\n * _Available since v4.7._\n */\n function toUint88(uint256 value) internal pure returns (uint88) {\n require(value <= type(uint88).max, \"SafeCast: value doesn't fit in 88 bits\");\n return uint88(value);\n }\n\n /**\n * @dev Returns the downcasted uint80 from uint256, reverting on\n * overflow (when the input is greater than largest uint80).\n *\n * Counterpart to Solidity's `uint80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n *\n * _Available since v4.7._\n */\n function toUint80(uint256 value) internal pure returns (uint80) {\n require(value <= type(uint80).max, \"SafeCast: value doesn't fit in 80 bits\");\n return uint80(value);\n }\n\n /**\n * @dev Returns the downcasted uint72 from uint256, reverting on\n * overflow (when the input is greater than largest uint72).\n *\n * Counterpart to Solidity's `uint72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n *\n * _Available since v4.7._\n */\n function toUint72(uint256 value) internal pure returns (uint72) {\n require(value <= type(uint72).max, \"SafeCast: value doesn't fit in 72 bits\");\n return uint72(value);\n }\n\n /**\n * @dev Returns the downcasted uint64 from uint256, reverting on\n * overflow (when the input is greater than largest uint64).\n *\n * Counterpart to Solidity's `uint64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n *\n * _Available since v2.5._\n */\n function toUint64(uint256 value) internal pure returns (uint64) {\n require(value <= type(uint64).max, \"SafeCast: value doesn't fit in 64 bits\");\n return uint64(value);\n }\n\n /**\n * @dev Returns the downcasted uint56 from uint256, reverting on\n * overflow (when the input is greater than largest uint56).\n *\n * Counterpart to Solidity's `uint56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n *\n * _Available since v4.7._\n */\n function toUint56(uint256 value) internal pure returns (uint56) {\n require(value <= type(uint56).max, \"SafeCast: value doesn't fit in 56 bits\");\n return uint56(value);\n }\n\n /**\n * @dev Returns the downcasted uint48 from uint256, reverting on\n * overflow (when the input is greater than largest uint48).\n *\n * Counterpart to Solidity's `uint48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n *\n * _Available since v4.7._\n */\n function toUint48(uint256 value) internal pure returns (uint48) {\n require(value <= type(uint48).max, \"SafeCast: value doesn't fit in 48 bits\");\n return uint48(value);\n }\n\n /**\n * @dev Returns the downcasted uint40 from uint256, reverting on\n * overflow (when the input is greater than largest uint40).\n *\n * Counterpart to Solidity's `uint40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n *\n * _Available since v4.7._\n */\n function toUint40(uint256 value) internal pure returns (uint40) {\n require(value <= type(uint40).max, \"SafeCast: value doesn't fit in 40 bits\");\n return uint40(value);\n }\n\n /**\n * @dev Returns the downcasted uint32 from uint256, reverting on\n * overflow (when the input is greater than largest uint32).\n *\n * Counterpart to Solidity's `uint32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n *\n * _Available since v2.5._\n */\n function toUint32(uint256 value) internal pure returns (uint32) {\n require(value <= type(uint32).max, \"SafeCast: value doesn't fit in 32 bits\");\n return uint32(value);\n }\n\n /**\n * @dev Returns the downcasted uint24 from uint256, reverting on\n * overflow (when the input is greater than largest uint24).\n *\n * Counterpart to Solidity's `uint24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n *\n * _Available since v4.7._\n */\n function toUint24(uint256 value) internal pure returns (uint24) {\n require(value <= type(uint24).max, \"SafeCast: value doesn't fit in 24 bits\");\n return uint24(value);\n }\n\n /**\n * @dev Returns the downcasted uint16 from uint256, reverting on\n * overflow (when the input is greater than largest uint16).\n *\n * Counterpart to Solidity's `uint16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n *\n * _Available since v2.5._\n */\n function toUint16(uint256 value) internal pure returns (uint16) {\n require(value <= type(uint16).max, \"SafeCast: value doesn't fit in 16 bits\");\n return uint16(value);\n }\n\n /**\n * @dev Returns the downcasted uint8 from uint256, reverting on\n * overflow (when the input is greater than largest uint8).\n *\n * Counterpart to Solidity's `uint8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n *\n * _Available since v2.5._\n */\n function toUint8(uint256 value) internal pure returns (uint8) {\n require(value <= type(uint8).max, \"SafeCast: value doesn't fit in 8 bits\");\n return uint8(value);\n }\n\n /**\n * @dev Converts a signed int256 into an unsigned uint256.\n *\n * Requirements:\n *\n * - input must be greater than or equal to 0.\n *\n * _Available since v3.0._\n */\n function toUint256(int256 value) internal pure returns (uint256) {\n require(value >= 0, \"SafeCast: value must be positive\");\n return uint256(value);\n }\n\n /**\n * @dev Returns the downcasted int248 from int256, reverting on\n * overflow (when the input is less than smallest int248 or\n * greater than largest int248).\n *\n * Counterpart to Solidity's `int248` operator.\n *\n * Requirements:\n *\n * - input must fit into 248 bits\n *\n * _Available since v4.7._\n */\n function toInt248(int256 value) internal pure returns (int248 downcasted) {\n downcasted = int248(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 248 bits\");\n }\n\n /**\n * @dev Returns the downcasted int240 from int256, reverting on\n * overflow (when the input is less than smallest int240 or\n * greater than largest int240).\n *\n * Counterpart to Solidity's `int240` operator.\n *\n * Requirements:\n *\n * - input must fit into 240 bits\n *\n * _Available since v4.7._\n */\n function toInt240(int256 value) internal pure returns (int240 downcasted) {\n downcasted = int240(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 240 bits\");\n }\n\n /**\n * @dev Returns the downcasted int232 from int256, reverting on\n * overflow (when the input is less than smallest int232 or\n * greater than largest int232).\n *\n * Counterpart to Solidity's `int232` operator.\n *\n * Requirements:\n *\n * - input must fit into 232 bits\n *\n * _Available since v4.7._\n */\n function toInt232(int256 value) internal pure returns (int232 downcasted) {\n downcasted = int232(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 232 bits\");\n }\n\n /**\n * @dev Returns the downcasted int224 from int256, reverting on\n * overflow (when the input is less than smallest int224 or\n * greater than largest int224).\n *\n * Counterpart to Solidity's `int224` operator.\n *\n * Requirements:\n *\n * - input must fit into 224 bits\n *\n * _Available since v4.7._\n */\n function toInt224(int256 value) internal pure returns (int224 downcasted) {\n downcasted = int224(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 224 bits\");\n }\n\n /**\n * @dev Returns the downcasted int216 from int256, reverting on\n * overflow (when the input is less than smallest int216 or\n * greater than largest int216).\n *\n * Counterpart to Solidity's `int216` operator.\n *\n * Requirements:\n *\n * - input must fit into 216 bits\n *\n * _Available since v4.7._\n */\n function toInt216(int256 value) internal pure returns (int216 downcasted) {\n downcasted = int216(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 216 bits\");\n }\n\n /**\n * @dev Returns the downcasted int208 from int256, reverting on\n * overflow (when the input is less than smallest int208 or\n * greater than largest int208).\n *\n * Counterpart to Solidity's `int208` operator.\n *\n * Requirements:\n *\n * - input must fit into 208 bits\n *\n * _Available since v4.7._\n */\n function toInt208(int256 value) internal pure returns (int208 downcasted) {\n downcasted = int208(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 208 bits\");\n }\n\n /**\n * @dev Returns the downcasted int200 from int256, reverting on\n * overflow (when the input is less than smallest int200 or\n * greater than largest int200).\n *\n * Counterpart to Solidity's `int200` operator.\n *\n * Requirements:\n *\n * - input must fit into 200 bits\n *\n * _Available since v4.7._\n */\n function toInt200(int256 value) internal pure returns (int200 downcasted) {\n downcasted = int200(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 200 bits\");\n }\n\n /**\n * @dev Returns the downcasted int192 from int256, reverting on\n * overflow (when the input is less than smallest int192 or\n * greater than largest int192).\n *\n * Counterpart to Solidity's `int192` operator.\n *\n * Requirements:\n *\n * - input must fit into 192 bits\n *\n * _Available since v4.7._\n */\n function toInt192(int256 value) internal pure returns (int192 downcasted) {\n downcasted = int192(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 192 bits\");\n }\n\n /**\n * @dev Returns the downcasted int184 from int256, reverting on\n * overflow (when the input is less than smallest int184 or\n * greater than largest int184).\n *\n * Counterpart to Solidity's `int184` operator.\n *\n * Requirements:\n *\n * - input must fit into 184 bits\n *\n * _Available since v4.7._\n */\n function toInt184(int256 value) internal pure returns (int184 downcasted) {\n downcasted = int184(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 184 bits\");\n }\n\n /**\n * @dev Returns the downcasted int176 from int256, reverting on\n * overflow (when the input is less than smallest int176 or\n * greater than largest int176).\n *\n * Counterpart to Solidity's `int176` operator.\n *\n * Requirements:\n *\n * - input must fit into 176 bits\n *\n * _Available since v4.7._\n */\n function toInt176(int256 value) internal pure returns (int176 downcasted) {\n downcasted = int176(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 176 bits\");\n }\n\n /**\n * @dev Returns the downcasted int168 from int256, reverting on\n * overflow (when the input is less than smallest int168 or\n * greater than largest int168).\n *\n * Counterpart to Solidity's `int168` operator.\n *\n * Requirements:\n *\n * - input must fit into 168 bits\n *\n * _Available since v4.7._\n */\n function toInt168(int256 value) internal pure returns (int168 downcasted) {\n downcasted = int168(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 168 bits\");\n }\n\n /**\n * @dev Returns the downcasted int160 from int256, reverting on\n * overflow (when the input is less than smallest int160 or\n * greater than largest int160).\n *\n * Counterpart to Solidity's `int160` operator.\n *\n * Requirements:\n *\n * - input must fit into 160 bits\n *\n * _Available since v4.7._\n */\n function toInt160(int256 value) internal pure returns (int160 downcasted) {\n downcasted = int160(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 160 bits\");\n }\n\n /**\n * @dev Returns the downcasted int152 from int256, reverting on\n * overflow (when the input is less than smallest int152 or\n * greater than largest int152).\n *\n * Counterpart to Solidity's `int152` operator.\n *\n * Requirements:\n *\n * - input must fit into 152 bits\n *\n * _Available since v4.7._\n */\n function toInt152(int256 value) internal pure returns (int152 downcasted) {\n downcasted = int152(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 152 bits\");\n }\n\n /**\n * @dev Returns the downcasted int144 from int256, reverting on\n * overflow (when the input is less than smallest int144 or\n * greater than largest int144).\n *\n * Counterpart to Solidity's `int144` operator.\n *\n * Requirements:\n *\n * - input must fit into 144 bits\n *\n * _Available since v4.7._\n */\n function toInt144(int256 value) internal pure returns (int144 downcasted) {\n downcasted = int144(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 144 bits\");\n }\n\n /**\n * @dev Returns the downcasted int136 from int256, reverting on\n * overflow (when the input is less than smallest int136 or\n * greater than largest int136).\n *\n * Counterpart to Solidity's `int136` operator.\n *\n * Requirements:\n *\n * - input must fit into 136 bits\n *\n * _Available since v4.7._\n */\n function toInt136(int256 value) internal pure returns (int136 downcasted) {\n downcasted = int136(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 136 bits\");\n }\n\n /**\n * @dev Returns the downcasted int128 from int256, reverting on\n * overflow (when the input is less than smallest int128 or\n * greater than largest int128).\n *\n * Counterpart to Solidity's `int128` operator.\n *\n * Requirements:\n *\n * - input must fit into 128 bits\n *\n * _Available since v3.1._\n */\n function toInt128(int256 value) internal pure returns (int128 downcasted) {\n downcasted = int128(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 128 bits\");\n }\n\n /**\n * @dev Returns the downcasted int120 from int256, reverting on\n * overflow (when the input is less than smallest int120 or\n * greater than largest int120).\n *\n * Counterpart to Solidity's `int120` operator.\n *\n * Requirements:\n *\n * - input must fit into 120 bits\n *\n * _Available since v4.7._\n */\n function toInt120(int256 value) internal pure returns (int120 downcasted) {\n downcasted = int120(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 120 bits\");\n }\n\n /**\n * @dev Returns the downcasted int112 from int256, reverting on\n * overflow (when the input is less than smallest int112 or\n * greater than largest int112).\n *\n * Counterpart to Solidity's `int112` operator.\n *\n * Requirements:\n *\n * - input must fit into 112 bits\n *\n * _Available since v4.7._\n */\n function toInt112(int256 value) internal pure returns (int112 downcasted) {\n downcasted = int112(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 112 bits\");\n }\n\n /**\n * @dev Returns the downcasted int104 from int256, reverting on\n * overflow (when the input is less than smallest int104 or\n * greater than largest int104).\n *\n * Counterpart to Solidity's `int104` operator.\n *\n * Requirements:\n *\n * - input must fit into 104 bits\n *\n * _Available since v4.7._\n */\n function toInt104(int256 value) internal pure returns (int104 downcasted) {\n downcasted = int104(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 104 bits\");\n }\n\n /**\n * @dev Returns the downcasted int96 from int256, reverting on\n * overflow (when the input is less than smallest int96 or\n * greater than largest int96).\n *\n * Counterpart to Solidity's `int96` operator.\n *\n * Requirements:\n *\n * - input must fit into 96 bits\n *\n * _Available since v4.7._\n */\n function toInt96(int256 value) internal pure returns (int96 downcasted) {\n downcasted = int96(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 96 bits\");\n }\n\n /**\n * @dev Returns the downcasted int88 from int256, reverting on\n * overflow (when the input is less than smallest int88 or\n * greater than largest int88).\n *\n * Counterpart to Solidity's `int88` operator.\n *\n * Requirements:\n *\n * - input must fit into 88 bits\n *\n * _Available since v4.7._\n */\n function toInt88(int256 value) internal pure returns (int88 downcasted) {\n downcasted = int88(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 88 bits\");\n }\n\n /**\n * @dev Returns the downcasted int80 from int256, reverting on\n * overflow (when the input is less than smallest int80 or\n * greater than largest int80).\n *\n * Counterpart to Solidity's `int80` operator.\n *\n * Requirements:\n *\n * - input must fit into 80 bits\n *\n * _Available since v4.7._\n */\n function toInt80(int256 value) internal pure returns (int80 downcasted) {\n downcasted = int80(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 80 bits\");\n }\n\n /**\n * @dev Returns the downcasted int72 from int256, reverting on\n * overflow (when the input is less than smallest int72 or\n * greater than largest int72).\n *\n * Counterpart to Solidity's `int72` operator.\n *\n * Requirements:\n *\n * - input must fit into 72 bits\n *\n * _Available since v4.7._\n */\n function toInt72(int256 value) internal pure returns (int72 downcasted) {\n downcasted = int72(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 72 bits\");\n }\n\n /**\n * @dev Returns the downcasted int64 from int256, reverting on\n * overflow (when the input is less than smallest int64 or\n * greater than largest int64).\n *\n * Counterpart to Solidity's `int64` operator.\n *\n * Requirements:\n *\n * - input must fit into 64 bits\n *\n * _Available since v3.1._\n */\n function toInt64(int256 value) internal pure returns (int64 downcasted) {\n downcasted = int64(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 64 bits\");\n }\n\n /**\n * @dev Returns the downcasted int56 from int256, reverting on\n * overflow (when the input is less than smallest int56 or\n * greater than largest int56).\n *\n * Counterpart to Solidity's `int56` operator.\n *\n * Requirements:\n *\n * - input must fit into 56 bits\n *\n * _Available since v4.7._\n */\n function toInt56(int256 value) internal pure returns (int56 downcasted) {\n downcasted = int56(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 56 bits\");\n }\n\n /**\n * @dev Returns the downcasted int48 from int256, reverting on\n * overflow (when the input is less than smallest int48 or\n * greater than largest int48).\n *\n * Counterpart to Solidity's `int48` operator.\n *\n * Requirements:\n *\n * - input must fit into 48 bits\n *\n * _Available since v4.7._\n */\n function toInt48(int256 value) internal pure returns (int48 downcasted) {\n downcasted = int48(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 48 bits\");\n }\n\n /**\n * @dev Returns the downcasted int40 from int256, reverting on\n * overflow (when the input is less than smallest int40 or\n * greater than largest int40).\n *\n * Counterpart to Solidity's `int40` operator.\n *\n * Requirements:\n *\n * - input must fit into 40 bits\n *\n * _Available since v4.7._\n */\n function toInt40(int256 value) internal pure returns (int40 downcasted) {\n downcasted = int40(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 40 bits\");\n }\n\n /**\n * @dev Returns the downcasted int32 from int256, reverting on\n * overflow (when the input is less than smallest int32 or\n * greater than largest int32).\n *\n * Counterpart to Solidity's `int32` operator.\n *\n * Requirements:\n *\n * - input must fit into 32 bits\n *\n * _Available since v3.1._\n */\n function toInt32(int256 value) internal pure returns (int32 downcasted) {\n downcasted = int32(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 32 bits\");\n }\n\n /**\n * @dev Returns the downcasted int24 from int256, reverting on\n * overflow (when the input is less than smallest int24 or\n * greater than largest int24).\n *\n * Counterpart to Solidity's `int24` operator.\n *\n * Requirements:\n *\n * - input must fit into 24 bits\n *\n * _Available since v4.7._\n */\n function toInt24(int256 value) internal pure returns (int24 downcasted) {\n downcasted = int24(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 24 bits\");\n }\n\n /**\n * @dev Returns the downcasted int16 from int256, reverting on\n * overflow (when the input is less than smallest int16 or\n * greater than largest int16).\n *\n * Counterpart to Solidity's `int16` operator.\n *\n * Requirements:\n *\n * - input must fit into 16 bits\n *\n * _Available since v3.1._\n */\n function toInt16(int256 value) internal pure returns (int16 downcasted) {\n downcasted = int16(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 16 bits\");\n }\n\n /**\n * @dev Returns the downcasted int8 from int256, reverting on\n * overflow (when the input is less than smallest int8 or\n * greater than largest int8).\n *\n * Counterpart to Solidity's `int8` operator.\n *\n * Requirements:\n *\n * - input must fit into 8 bits\n *\n * _Available since v3.1._\n */\n function toInt8(int256 value) internal pure returns (int8 downcasted) {\n downcasted = int8(value);\n require(downcasted == value, \"SafeCast: value doesn't fit in 8 bits\");\n }\n\n /**\n * @dev Converts an unsigned uint256 into a signed int256.\n *\n * Requirements:\n *\n * - input must be less than or equal to maxInt256.\n *\n * _Available since v3.0._\n */\n function toInt256(uint256 value) internal pure returns (int256) {\n // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive\n require(value <= uint256(type(int256).max), \"SafeCast: value doesn't fit in an int256\");\n return int256(value);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IETHPOSDeposit.sol": { - "content": "// ┏━━━┓━┏┓━┏┓━━┏━━━┓━━┏━━━┓━━━━┏━━━┓━━━━━━━━━━━━━━━━━━━┏┓━━━━━┏━━━┓━━━━━━━━━┏┓━━━━━━━━━━━━━━┏┓━\n// ┃┏━━┛┏┛┗┓┃┃━━┃┏━┓┃━━┃┏━┓┃━━━━┗┓┏┓┃━━━━━━━━━━━━━━━━━━┏┛┗┓━━━━┃┏━┓┃━━━━━━━━┏┛┗┓━━━━━━━━━━━━┏┛┗┓\n// ┃┗━━┓┗┓┏┛┃┗━┓┗┛┏┛┃━━┃┃━┃┃━━━━━┃┃┃┃┏━━┓┏━━┓┏━━┓┏━━┓┏┓┗┓┏┛━━━━┃┃━┗┛┏━━┓┏━┓━┗┓┏┛┏━┓┏━━┓━┏━━┓┗┓┏┛\n// ┃┏━━┛━┃┃━┃┏┓┃┏━┛┏┛━━┃┃━┃┃━━━━━┃┃┃┃┃┏┓┃┃┏┓┃┃┏┓┃┃━━┫┣┫━┃┃━━━━━┃┃━┏┓┃┏┓┃┃┏┓┓━┃┃━┃┏┛┗━┓┃━┃┏━┛━┃┃━\n// ┃┗━━┓━┃┗┓┃┃┃┃┃┃┗━┓┏┓┃┗━┛┃━━━━┏┛┗┛┃┃┃━┫┃┗┛┃┃┗┛┃┣━━┃┃┃━┃┗┓━━━━┃┗━┛┃┃┗┛┃┃┃┃┃━┃┗┓┃┃━┃┗┛┗┓┃┗━┓━┃┗┓\n// ┗━━━┛━┗━┛┗┛┗┛┗━━━┛┗┛┗━━━┛━━━━┗━━━┛┗━━┛┃┏━┛┗━━┛┗━━┛┗┛━┗━┛━━━━┗━━━┛┗━━┛┗┛┗┛━┗━┛┗┛━┗━━━┛┗━━┛━┗━┛\n// ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┃┃━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n// ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┗┛━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n// SPDX-License-Identifier: CC0-1.0\n\npragma solidity >=0.5.0;\n\n// This interface is designed to be compatible with the Vyper version.\n/// @notice This is the Ethereum 2.0 deposit contract interface.\n/// For more information see the Phase 0 specification under https://github.com/ethereum/eth2.0-specs\ninterface IETHPOSDeposit {\n /// @notice A processed deposit event.\n event DepositEvent(bytes pubkey, bytes withdrawal_credentials, bytes amount, bytes signature, bytes index);\n\n /// @notice Submit a Phase 0 DepositData object.\n /// @param pubkey A BLS12-381 public key.\n /// @param withdrawal_credentials Commitment to a public key for withdrawals.\n /// @param signature A BLS12-381 signature.\n /// @param deposit_data_root The SHA-256 hash of the SSZ-encoded DepositData object.\n /// Used as a protection against malformed input.\n function deposit(\n bytes calldata pubkey,\n bytes calldata withdrawal_credentials,\n bytes calldata signature,\n bytes32 deposit_data_root\n ) external payable;\n\n /// @notice Query the current deposit root hash.\n /// @return The deposit root hash.\n function get_deposit_root() external view returns (bytes32);\n\n /// @notice Query the current deposit count.\n /// @return The deposit count encoded as a little endian 64-bit number.\n function get_deposit_count() external view returns (bytes memory);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IEigenPod.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"@openzeppelin/contracts/token/ERC20/IERC20.sol\";\n\nimport \"../libraries/BeaconChainProofs.sol\";\nimport \"./IEigenPodManager.sol\";\n\ninterface IEigenPodErrors {\n /// @dev Thrown when msg.sender is not the EPM.\n error OnlyEigenPodManager();\n /// @dev Thrown when msg.sender is not the pod owner.\n error OnlyEigenPodOwner();\n /// @dev Thrown when msg.sender is not owner or the proof submitter.\n error OnlyEigenPodOwnerOrProofSubmitter();\n /// @dev Thrown when attempting an action that is currently paused.\n error CurrentlyPaused();\n\n /// Invalid Inputs\n\n /// @dev Thrown when an address of zero is provided.\n error InputAddressZero();\n /// @dev Thrown when two array parameters have mismatching lengths.\n error InputArrayLengthMismatch();\n /// @dev Thrown when `validatorPubKey` length is not equal to 48-bytes.\n error InvalidPubKeyLength();\n /// @dev Thrown when provided timestamp is out of range.\n error TimestampOutOfRange();\n\n /// Checkpoints\n\n /// @dev Thrown when no active checkpoints are found.\n error NoActiveCheckpoint();\n /// @dev Thrown if an uncompleted checkpoint exists.\n error CheckpointAlreadyActive();\n /// @dev Thrown if there's not a balance available to checkpoint.\n error NoBalanceToCheckpoint();\n /// @dev Thrown when attempting to create a checkpoint twice within a given block.\n error CannotCheckpointTwiceInSingleBlock();\n\n /// Withdrawing\n\n /// @dev Thrown when amount exceeds `restakedExecutionLayerGwei`.\n error InsufficientWithdrawableBalance();\n\n /// Validator Status\n\n /// @dev Thrown when a validator's withdrawal credentials have already been verified.\n error CredentialsAlreadyVerified();\n /// @dev Thrown if the provided proof is not valid for this EigenPod.\n error WithdrawalCredentialsNotForEigenPod();\n /// @dev Thrown when a validator is not in the ACTIVE status in the pod.\n error ValidatorNotActiveInPod();\n /// @dev Thrown when validator is not active yet on the beacon chain.\n error ValidatorInactiveOnBeaconChain();\n /// @dev Thrown if a validator is exiting the beacon chain.\n error ValidatorIsExitingBeaconChain();\n /// @dev Thrown when a validator has not been slashed on the beacon chain.\n error ValidatorNotSlashedOnBeaconChain();\n\n /// Misc\n\n /// @dev Thrown when an invalid block root is returned by the EIP-4788 oracle.\n error InvalidEIP4788Response();\n /// @dev Thrown when attempting to send an invalid amount to the beacon deposit contract.\n error MsgValueNot32ETH();\n /// @dev Thrown when provided `beaconTimestamp` is too far in the past.\n error BeaconTimestampTooFarInPast();\n}\n\ninterface IEigenPodTypes {\n enum VALIDATOR_STATUS {\n INACTIVE, // doesnt exist\n ACTIVE, // staked on ethpos and withdrawal credentials are pointed to the EigenPod\n WITHDRAWN // withdrawn from the Beacon Chain\n\n }\n\n struct ValidatorInfo {\n // index of the validator in the beacon chain\n uint64 validatorIndex;\n // amount of beacon chain ETH restaked on EigenLayer in gwei\n uint64 restakedBalanceGwei;\n //timestamp of the validator's most recent balance update\n uint64 lastCheckpointedAt;\n // status of the validator\n VALIDATOR_STATUS status;\n }\n\n struct Checkpoint {\n bytes32 beaconBlockRoot;\n uint24 proofsRemaining;\n uint64 podBalanceGwei;\n int64 balanceDeltasGwei;\n uint64 prevBeaconBalanceGwei;\n }\n}\n\ninterface IEigenPodEvents is IEigenPodTypes {\n /// @notice Emitted when an ETH validator stakes via this eigenPod\n event EigenPodStaked(bytes pubkey);\n\n /// @notice Emitted when a pod owner updates the proof submitter address\n event ProofSubmitterUpdated(address prevProofSubmitter, address newProofSubmitter);\n\n /// @notice Emitted when an ETH validator's withdrawal credentials are successfully verified to be pointed to this eigenPod\n event ValidatorRestaked(uint40 validatorIndex);\n\n /// @notice Emitted when an ETH validator's balance is proven to be updated. Here newValidatorBalanceGwei\n // is the validator's balance that is credited on EigenLayer.\n event ValidatorBalanceUpdated(uint40 validatorIndex, uint64 balanceTimestamp, uint64 newValidatorBalanceGwei);\n\n /// @notice Emitted when restaked beacon chain ETH is withdrawn from the eigenPod.\n event RestakedBeaconChainETHWithdrawn(address indexed recipient, uint256 amount);\n\n /// @notice Emitted when ETH is received via the `receive` fallback\n event NonBeaconChainETHReceived(uint256 amountReceived);\n\n /// @notice Emitted when a checkpoint is created\n event CheckpointCreated(\n uint64 indexed checkpointTimestamp, bytes32 indexed beaconBlockRoot, uint256 validatorCount\n );\n\n /// @notice Emitted when a checkpoint is finalized\n event CheckpointFinalized(uint64 indexed checkpointTimestamp, int256 totalShareDeltaWei);\n\n /// @notice Emitted when a validator is proven for a given checkpoint\n event ValidatorCheckpointed(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex);\n\n /// @notice Emitted when a validaor is proven to have 0 balance at a given checkpoint\n event ValidatorWithdrawn(uint64 indexed checkpointTimestamp, uint40 indexed validatorIndex);\n}\n\n/**\n * @title The implementation contract used for restaking beacon chain ETH on EigenLayer\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @dev Note that all beacon chain balances are stored as gwei within the beacon chain datastructures. We choose\n * to account balances in terms of gwei in the EigenPod contract and convert to wei when making calls to other contracts\n */\ninterface IEigenPod is IEigenPodErrors, IEigenPodEvents {\n /// @notice Used to initialize the pointers to contracts crucial to the pod's functionality, in beacon proxy construction from EigenPodManager\n function initialize(\n address owner\n ) external;\n\n /// @notice Called by EigenPodManager when the owner wants to create another ETH validator.\n function stake(bytes calldata pubkey, bytes calldata signature, bytes32 depositDataRoot) external payable;\n\n /**\n * @notice Transfers `amountWei` in ether from this contract to the specified `recipient` address\n * @notice Called by EigenPodManager to withdrawBeaconChainETH that has been added to the EigenPod's balance due to a withdrawal from the beacon chain.\n * @dev The podOwner must have already proved sufficient withdrawals, so that this pod's `restakedExecutionLayerGwei` exceeds the\n * `amountWei` input (when converted to GWEI).\n * @dev Reverts if `amountWei` is not a whole Gwei amount\n */\n function withdrawRestakedBeaconChainETH(address recipient, uint256 amount) external;\n\n /**\n * @dev Create a checkpoint used to prove this pod's active validator set. Checkpoints are completed\n * by submitting one checkpoint proof per ACTIVE validator. During the checkpoint process, the total\n * change in ACTIVE validator balance is tracked, and any validators with 0 balance are marked `WITHDRAWN`.\n * @dev Once finalized, the pod owner is awarded shares corresponding to:\n * - the total change in their ACTIVE validator balances\n * - any ETH in the pod not already awarded shares\n * @dev A checkpoint cannot be created if the pod already has an outstanding checkpoint. If\n * this is the case, the pod owner MUST complete the existing checkpoint before starting a new one.\n * @param revertIfNoBalance Forces a revert if the pod ETH balance is 0. This allows the pod owner\n * to prevent accidentally starting a checkpoint that will not increase their shares\n */\n function startCheckpoint(\n bool revertIfNoBalance\n ) external;\n\n /**\n * @dev Progress the current checkpoint towards completion by submitting one or more validator\n * checkpoint proofs. Anyone can call this method to submit proofs towards the current checkpoint.\n * For each validator proven, the current checkpoint's `proofsRemaining` decreases.\n * @dev If the checkpoint's `proofsRemaining` reaches 0, the checkpoint is finalized.\n * (see `_updateCheckpoint` for more details)\n * @dev This method can only be called when there is a currently-active checkpoint.\n * @param balanceContainerProof proves the beacon's current balance container root against a checkpoint's `beaconBlockRoot`\n * @param proofs Proofs for one or more validator current balances against the `balanceContainerRoot`\n */\n function verifyCheckpointProofs(\n BeaconChainProofs.BalanceContainerProof calldata balanceContainerProof,\n BeaconChainProofs.BalanceProof[] calldata proofs\n ) external;\n\n /**\n * @dev Verify one or more validators have their withdrawal credentials pointed at this EigenPod, and award\n * shares based on their effective balance. Proven validators are marked `ACTIVE` within the EigenPod, and\n * future checkpoint proofs will need to include them.\n * @dev Withdrawal credential proofs MUST NOT be older than `currentCheckpointTimestamp`.\n * @dev Validators proven via this method MUST NOT have an exit epoch set already.\n * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds\n * to the parent beacon block root against which the proof is verified.\n * @param stateRootProof proves a beacon state root against a beacon block root\n * @param validatorIndices a list of validator indices being proven\n * @param validatorFieldsProofs proofs of each validator's `validatorFields` against the beacon state root\n * @param validatorFields the fields of the beacon chain \"Validator\" container. See consensus specs for\n * details: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator\n */\n function verifyWithdrawalCredentials(\n uint64 beaconTimestamp,\n BeaconChainProofs.StateRootProof calldata stateRootProof,\n uint40[] calldata validatorIndices,\n bytes[] calldata validatorFieldsProofs,\n bytes32[][] calldata validatorFields\n ) external;\n\n /**\n * @dev Prove that one of this pod's active validators was slashed on the beacon chain. A successful\n * staleness proof allows the caller to start a checkpoint.\n *\n * @dev Note that in order to start a checkpoint, any existing checkpoint must already be completed!\n * (See `_startCheckpoint` for details)\n *\n * @dev Note that this method allows anyone to start a checkpoint as soon as a slashing occurs on the beacon\n * chain. This is intended to make it easier to external watchers to keep a pod's balance up to date.\n *\n * @dev Note too that beacon chain slashings are not instant. There is a delay between the initial slashing event\n * and the validator's final exit back to the execution layer. During this time, the validator's balance may or\n * may not drop further due to a correlation penalty. This method allows proof of a slashed validator\n * to initiate a checkpoint for as long as the validator remains on the beacon chain. Once the validator\n * has exited and been checkpointed at 0 balance, they are no longer \"checkpoint-able\" and cannot be proven\n * \"stale\" via this method.\n * See https://eth2book.info/capella/part3/transition/epoch/#slashings for more info.\n *\n * @param beaconTimestamp the beacon chain timestamp sent to the 4788 oracle contract. Corresponds\n * to the parent beacon block root against which the proof is verified.\n * @param stateRootProof proves a beacon state root against a beacon block root\n * @param proof the fields of the beacon chain \"Validator\" container, along with a merkle proof against\n * the beacon state root. See the consensus specs for more details:\n * https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator\n *\n * @dev Staleness conditions:\n * - Validator's last checkpoint is older than `beaconTimestamp`\n * - Validator MUST be in `ACTIVE` status in the pod\n * - Validator MUST be slashed on the beacon chain\n */\n function verifyStaleBalance(\n uint64 beaconTimestamp,\n BeaconChainProofs.StateRootProof calldata stateRootProof,\n BeaconChainProofs.ValidatorProof calldata proof\n ) external;\n\n /// @notice called by owner of a pod to remove any ERC20s deposited in the pod\n function recoverTokens(IERC20[] memory tokenList, uint256[] memory amountsToWithdraw, address recipient) external;\n\n /// @notice Allows the owner of a pod to update the proof submitter, a permissioned\n /// address that can call `startCheckpoint` and `verifyWithdrawalCredentials`.\n /// @dev Note that EITHER the podOwner OR proofSubmitter can access these methods,\n /// so it's fine to set your proofSubmitter to 0 if you want the podOwner to be the\n /// only address that can call these methods.\n /// @param newProofSubmitter The new proof submitter address. If set to 0, only the\n /// pod owner will be able to call `startCheckpoint` and `verifyWithdrawalCredentials`\n function setProofSubmitter(\n address newProofSubmitter\n ) external;\n\n /**\n *\n * VIEW METHODS\n *\n */\n\n /// @notice An address with permissions to call `startCheckpoint` and `verifyWithdrawalCredentials`, set\n /// by the podOwner. This role exists to allow a podOwner to designate a hot wallet that can call\n /// these methods, allowing the podOwner to remain a cold wallet that is only used to manage funds.\n /// @dev If this address is NOT set, only the podOwner can call `startCheckpoint` and `verifyWithdrawalCredentials`\n function proofSubmitter() external view returns (address);\n\n /// @notice the amount of execution layer ETH in this contract that is staked in EigenLayer (i.e. withdrawn from beaconchain but not EigenLayer),\n function withdrawableRestakedExecutionLayerGwei() external view returns (uint64);\n\n /// @notice The single EigenPodManager for EigenLayer\n function eigenPodManager() external view returns (IEigenPodManager);\n\n /// @notice The owner of this EigenPod\n function podOwner() external view returns (address);\n\n /// @notice Returns the validatorInfo struct for the provided pubkeyHash\n function validatorPubkeyHashToInfo(\n bytes32 validatorPubkeyHash\n ) external view returns (ValidatorInfo memory);\n\n /// @notice Returns the validatorInfo struct for the provided pubkey\n function validatorPubkeyToInfo(\n bytes calldata validatorPubkey\n ) external view returns (ValidatorInfo memory);\n\n /// @notice This returns the status of a given validator\n function validatorStatus(\n bytes32 pubkeyHash\n ) external view returns (VALIDATOR_STATUS);\n\n /// @notice This returns the status of a given validator pubkey\n function validatorStatus(\n bytes calldata validatorPubkey\n ) external view returns (VALIDATOR_STATUS);\n\n /// @notice Number of validators with proven withdrawal credentials, who do not have proven full withdrawals\n function activeValidatorCount() external view returns (uint256);\n\n /// @notice The timestamp of the last checkpoint finalized\n function lastCheckpointTimestamp() external view returns (uint64);\n\n /// @notice The timestamp of the currently-active checkpoint. Will be 0 if there is not active checkpoint\n function currentCheckpointTimestamp() external view returns (uint64);\n\n /// @notice Returns the currently-active checkpoint\n function currentCheckpoint() external view returns (Checkpoint memory);\n\n /// @notice For each checkpoint, the total balance attributed to exited validators, in gwei\n ///\n /// NOTE that the values added to this mapping are NOT guaranteed to capture the entirety of a validator's\n /// exit - rather, they capture the total change in a validator's balance when a checkpoint shows their\n /// balance change from nonzero to zero. While a change from nonzero to zero DOES guarantee that a validator\n /// has been fully exited, it is possible that the magnitude of this change does not capture what is\n /// typically thought of as a \"full exit.\"\n ///\n /// For example:\n /// 1. Consider a validator was last checkpointed at 32 ETH before exiting. Once the exit has been processed,\n /// it is expected that the validator's exited balance is calculated to be `32 ETH`.\n /// 2. However, before `startCheckpoint` is called, a deposit is made to the validator for 1 ETH. The beacon\n /// chain will automatically withdraw this ETH, but not until the withdrawal sweep passes over the validator\n /// again. Until this occurs, the validator's current balance (used for checkpointing) is 1 ETH.\n /// 3. If `startCheckpoint` is called at this point, the balance delta calculated for this validator will be\n /// `-31 ETH`, and because the validator has a nonzero balance, it is not marked WITHDRAWN.\n /// 4. After the exit is processed by the beacon chain, a subsequent `startCheckpoint` and checkpoint proof\n /// will calculate a balance delta of `-1 ETH` and attribute a 1 ETH exit to the validator.\n ///\n /// If this edge case impacts your usecase, it should be possible to mitigate this by monitoring for deposits\n /// to your exited validators, and waiting to call `startCheckpoint` until those deposits have been automatically\n /// exited.\n ///\n /// Additional edge cases this mapping does not cover:\n /// - If a validator is slashed, their balance exited will reflect their original balance rather than the slashed amount\n /// - The final partial withdrawal for an exited validator will be likely be included in this mapping.\n /// i.e. if a validator was last checkpointed at 32.1 ETH before exiting, the next checkpoint will calculate their\n /// \"exited\" amount to be 32.1 ETH rather than 32 ETH.\n function checkpointBalanceExitedGwei(\n uint64\n ) external view returns (uint64);\n\n /// @notice Query the 4788 oracle to get the parent block root of the slot with the given `timestamp`\n /// @param timestamp of the block for which the parent block root will be returned. MUST correspond\n /// to an existing slot within the last 24 hours. If the slot at `timestamp` was skipped, this method\n /// will revert.\n function getParentBlockRoot(\n uint64 timestamp\n ) external view returns (bytes32);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/interfaces/IPausable.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity >=0.5.0;\n\nimport \"../interfaces/IPauserRegistry.sol\";\n\n/**\n * @title Adds pausability to a contract, with pausing & unpausing controlled by the `pauser` and `unpauser` of a PauserRegistry contract.\n * @author Layr Labs, Inc.\n * @notice Terms of Service: https://docs.eigenlayer.xyz/overview/terms-of-service\n * @notice Contracts that inherit from this contract may define their own `pause` and `unpause` (and/or related) functions.\n * These functions should be permissioned as \"onlyPauser\" which defers to a `PauserRegistry` for determining access control.\n * @dev Pausability is implemented using a uint256, which allows up to 256 different single bit-flags; each bit can potentially pause different functionality.\n * Inspiration for this was taken from the NearBridge design here https://etherscan.io/address/0x3FEFc5A4B1c02f21cBc8D3613643ba0635b9a873#code.\n * For the `pause` and `unpause` functions we've implemented, if you pause, you can only flip (any number of) switches to on/1 (aka \"paused\"), and if you unpause,\n * you can only flip (any number of) switches to off/0 (aka \"paused\").\n * If you want a pauseXYZ function that just flips a single bit / \"pausing flag\", it will:\n * 1) 'bit-wise and' (aka `&`) a flag with the current paused state (as a uint256)\n * 2) update the paused state to this new value\n * @dev We note as well that we have chosen to identify flags by their *bit index* as opposed to their numerical value, so, e.g. defining `DEPOSITS_PAUSED = 3`\n * indicates specifically that if the *third bit* of `_paused` is flipped -- i.e. it is a '1' -- then deposits should be paused\n */\ninterface IPausable {\n /// @dev Thrown when caller is not pauser.\n error OnlyPauser();\n /// @dev Thrown when caller is not unpauser.\n error OnlyUnpauser();\n /// @dev Thrown when currently paused.\n error CurrentlyPaused();\n /// @dev Thrown when invalid `newPausedStatus` is provided.\n error InvalidNewPausedStatus();\n /// @dev Thrown when a null address input is provided.\n error InputAddressZero();\n\n /// @notice Emitted when the pause is triggered by `account`, and changed to `newPausedStatus`.\n event Paused(address indexed account, uint256 newPausedStatus);\n\n /// @notice Emitted when the pause is lifted by `account`, and changed to `newPausedStatus`.\n event Unpaused(address indexed account, uint256 newPausedStatus);\n\n /// @notice Address of the `PauserRegistry` contract that this contract defers to for determining access control (for pausing).\n function pauserRegistry() external view returns (IPauserRegistry);\n\n /**\n * @notice This function is used to pause an EigenLayer contract's functionality.\n * It is permissioned to the `pauser` address, which is expected to be a low threshold multisig.\n * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once.\n * @dev This function can only pause functionality, and thus cannot 'unflip' any bit in `_paused` from 1 to 0.\n */\n function pause(\n uint256 newPausedStatus\n ) external;\n\n /**\n * @notice Alias for `pause(type(uint256).max)`.\n */\n function pauseAll() external;\n\n /**\n * @notice This function is used to unpause an EigenLayer contract's functionality.\n * It is permissioned to the `unpauser` address, which is expected to be a high threshold multisig or governance contract.\n * @param newPausedStatus represents the new value for `_paused` to take, which means it may flip several bits at once.\n * @dev This function can only unpause functionality, and thus cannot 'flip' any bit in `_paused` from 0 to 1.\n */\n function unpause(\n uint256 newPausedStatus\n ) external;\n\n /// @notice Returns the current paused status as a uint256.\n function paused() external view returns (uint256);\n\n /// @notice Returns 'true' if the `indexed`th bit of `_paused` is 1, and 'false' otherwise\n function paused(\n uint8 index\n ) external view returns (bool);\n}\n" - }, - "lib/openzeppelin-contracts/contracts/utils/Errors.sol": { - "content": "// SPDX-License-Identifier: MIT\n// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)\n\npragma solidity ^0.8.20;\n\n/**\n * @dev Collection of common custom errors used in multiple contracts\n *\n * IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.\n * It is recommended to avoid relying on the error API for critical functionality.\n *\n * _Available since v5.1._\n */\nlibrary Errors {\n /**\n * @dev The ETH balance of the account is not enough to perform the operation.\n */\n error InsufficientBalance(uint256 balance, uint256 needed);\n\n /**\n * @dev A call to an address target failed. The target may have reverted.\n */\n error FailedCall();\n\n /**\n * @dev The deployment failed.\n */\n error FailedDeployment();\n\n /**\n * @dev A necessary precompile is missing.\n */\n error MissingPrecompile(address);\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/BeaconChainProofs.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\n\npragma solidity ^0.8.0;\n\nimport \"./Merkle.sol\";\nimport \"../libraries/Endian.sol\";\n\n//Utility library for parsing and PHASE0 beacon chain block headers\n//SSZ Spec: https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md#merkleization\n//BeaconBlockHeader Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader\n//BeaconState Spec: https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconstate\nlibrary BeaconChainProofs {\n /// @dev Thrown when a proof is invalid.\n error InvalidProof();\n /// @dev Thrown when a proof with an invalid length is provided.\n error InvalidProofLength();\n /// @dev Thrown when a validator fields length is invalid.\n error InvalidValidatorFieldsLength();\n\n /// @notice Heights of various merkle trees in the beacon chain\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// validatorContainerRoot, balanceContainerRoot\n /// | | HEIGHT: BALANCE_TREE_HEIGHT\n /// | individual balances\n /// | HEIGHT: VALIDATOR_TREE_HEIGHT\n /// individual validators\n uint256 internal constant BEACON_BLOCK_HEADER_TREE_HEIGHT = 3;\n uint256 internal constant BEACON_STATE_TREE_HEIGHT = 5;\n uint256 internal constant BALANCE_TREE_HEIGHT = 38;\n uint256 internal constant VALIDATOR_TREE_HEIGHT = 40;\n\n /// @notice Index of the beaconStateRoot in the `BeaconBlockHeader` container\n ///\n /// BeaconBlockHeader = [..., state_root, ...]\n /// 0... 3\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#beaconblockheader)\n uint256 internal constant STATE_ROOT_INDEX = 3;\n\n /// @notice Indices for fields in the `BeaconState` container\n ///\n /// BeaconState = [..., validators, balances, ...]\n /// 0... 11 12\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/capella/beacon-chain.md#beaconstate)\n uint256 internal constant VALIDATOR_CONTAINER_INDEX = 11;\n uint256 internal constant BALANCE_CONTAINER_INDEX = 12;\n\n /// @notice Number of fields in the `Validator` container\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator)\n uint256 internal constant VALIDATOR_FIELDS_LENGTH = 8;\n\n /// @notice Indices for fields in the `Validator` container\n uint256 internal constant VALIDATOR_PUBKEY_INDEX = 0;\n uint256 internal constant VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX = 1;\n uint256 internal constant VALIDATOR_BALANCE_INDEX = 2;\n uint256 internal constant VALIDATOR_SLASHED_INDEX = 3;\n uint256 internal constant VALIDATOR_ACTIVATION_EPOCH_INDEX = 5;\n uint256 internal constant VALIDATOR_EXIT_EPOCH_INDEX = 6;\n\n /// @notice Slot/Epoch timings\n uint64 internal constant SECONDS_PER_SLOT = 12;\n uint64 internal constant SLOTS_PER_EPOCH = 32;\n uint64 internal constant SECONDS_PER_EPOCH = SLOTS_PER_EPOCH * SECONDS_PER_SLOT;\n\n /// @notice `FAR_FUTURE_EPOCH` is used as the default value for certain `Validator`\n /// fields when a `Validator` is first created on the beacon chain\n uint64 internal constant FAR_FUTURE_EPOCH = type(uint64).max;\n bytes8 internal constant UINT64_MASK = 0xffffffffffffffff;\n\n /// @notice Contains a beacon state root and a merkle proof verifying its inclusion under a beacon block root\n struct StateRootProof {\n bytes32 beaconStateRoot;\n bytes proof;\n }\n\n /// @notice Contains a validator's fields and a merkle proof of their inclusion under a beacon state root\n struct ValidatorProof {\n bytes32[] validatorFields;\n bytes proof;\n }\n\n /// @notice Contains a beacon balance container root and a proof of this root under a beacon block root\n struct BalanceContainerProof {\n bytes32 balanceContainerRoot;\n bytes proof;\n }\n\n /// @notice Contains a validator balance root and a proof of its inclusion under a balance container root\n struct BalanceProof {\n bytes32 pubkeyHash;\n bytes32 balanceRoot;\n bytes proof;\n }\n\n /**\n *\n * VALIDATOR FIELDS -> BEACON STATE ROOT -> BEACON BLOCK ROOT\n *\n */\n\n /// @notice Verify a merkle proof of the beacon state root against a beacon block root\n /// @param beaconBlockRoot merkle root of the beacon block\n /// @param proof the beacon state root and merkle proof of its inclusion under `beaconBlockRoot`\n function verifyStateRoot(bytes32 beaconBlockRoot, StateRootProof calldata proof) internal view {\n require(proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT), InvalidProofLength());\n\n /// This merkle proof verifies the `beaconStateRoot` under the `beaconBlockRoot`\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: beaconBlockRoot,\n leaf: proof.beaconStateRoot,\n index: STATE_ROOT_INDEX\n }),\n InvalidProof()\n );\n }\n\n /// @notice Verify a merkle proof of a validator container against a `beaconStateRoot`\n /// @dev This proof starts at a validator's container root, proves through the validator container root,\n /// and continues proving to the root of the `BeaconState`\n /// @dev See https://eth2book.info/capella/part3/containers/dependencies/#validator for info on `Validator` containers\n /// @dev See https://eth2book.info/capella/part3/containers/state/#beaconstate for info on `BeaconState` containers\n /// @param beaconStateRoot merkle root of the `BeaconState` container\n /// @param validatorFields an individual validator's fields. These are merklized to form a `validatorRoot`,\n /// which is used as the leaf to prove against `beaconStateRoot`\n /// @param validatorFieldsProof a merkle proof of inclusion of `validatorFields` under `beaconStateRoot`\n /// @param validatorIndex the validator's unique index\n function verifyValidatorFields(\n bytes32 beaconStateRoot,\n bytes32[] calldata validatorFields,\n bytes calldata validatorFieldsProof,\n uint40 validatorIndex\n ) internal view {\n require(validatorFields.length == VALIDATOR_FIELDS_LENGTH, InvalidValidatorFieldsLength());\n\n /// Note: the reason we use `VALIDATOR_TREE_HEIGHT + 1` here is because the merklization process for\n /// this container includes hashing the root of the validator tree with the length of the validator list\n require(\n validatorFieldsProof.length == 32 * ((VALIDATOR_TREE_HEIGHT + 1) + BEACON_STATE_TREE_HEIGHT),\n InvalidProofLength()\n );\n\n // Merkleize `validatorFields` to get the leaf to prove\n bytes32 validatorRoot = Merkle.merkleizeSha256(validatorFields);\n\n /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees:\n /// - beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// -- validatorContainerRoot\n /// | HEIGHT: VALIDATOR_TREE_HEIGHT + 1\n /// ---- validatorRoot\n uint256 index = (VALIDATOR_CONTAINER_INDEX << (VALIDATOR_TREE_HEIGHT + 1)) | uint256(validatorIndex);\n\n require(\n Merkle.verifyInclusionSha256({\n proof: validatorFieldsProof,\n root: beaconStateRoot,\n leaf: validatorRoot,\n index: index\n }),\n InvalidProof()\n );\n }\n\n /**\n *\n * VALIDATOR BALANCE -> BALANCE CONTAINER ROOT -> BEACON BLOCK ROOT\n *\n */\n\n /// @notice Verify a merkle proof of the beacon state's balances container against the beacon block root\n /// @dev This proof starts at the balance container root, proves through the beacon state root, and\n /// continues proving through the beacon block root. As a result, this proof will contain elements\n /// of a `StateRootProof` under the same block root, with the addition of proving the balances field\n /// within the beacon state.\n /// @dev This is used to make checkpoint proofs more efficient, as a checkpoint will verify multiple balances\n /// against the same balance container root.\n /// @param beaconBlockRoot merkle root of the beacon block\n /// @param proof a beacon balance container root and merkle proof of its inclusion under `beaconBlockRoot`\n function verifyBalanceContainer(bytes32 beaconBlockRoot, BalanceContainerProof calldata proof) internal view {\n require(\n proof.proof.length == 32 * (BEACON_BLOCK_HEADER_TREE_HEIGHT + BEACON_STATE_TREE_HEIGHT),\n InvalidProofLength()\n );\n\n /// This proof combines two proofs, so its index accounts for the relative position of leaves in two trees:\n /// - beaconBlockRoot\n /// | HEIGHT: BEACON_BLOCK_HEADER_TREE_HEIGHT\n /// -- beaconStateRoot\n /// | HEIGHT: BEACON_STATE_TREE_HEIGHT\n /// ---- balancesContainerRoot\n uint256 index = (STATE_ROOT_INDEX << (BEACON_STATE_TREE_HEIGHT)) | BALANCE_CONTAINER_INDEX;\n\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: beaconBlockRoot,\n leaf: proof.balanceContainerRoot,\n index: index\n }),\n InvalidProof()\n );\n }\n\n /// @notice Verify a merkle proof of a validator's balance against the beacon state's `balanceContainerRoot`\n /// @param balanceContainerRoot the merkle root of all validators' current balances\n /// @param validatorIndex the index of the validator whose balance we are proving\n /// @param proof the validator's associated balance root and a merkle proof of inclusion under `balanceContainerRoot`\n /// @return validatorBalanceGwei the validator's current balance (in gwei)\n function verifyValidatorBalance(\n bytes32 balanceContainerRoot,\n uint40 validatorIndex,\n BalanceProof calldata proof\n ) internal view returns (uint64 validatorBalanceGwei) {\n /// Note: the reason we use `BALANCE_TREE_HEIGHT + 1` here is because the merklization process for\n /// this container includes hashing the root of the balances tree with the length of the balances list\n require(proof.proof.length == 32 * (BALANCE_TREE_HEIGHT + 1), InvalidProofLength());\n\n /// When merkleized, beacon chain balances are combined into groups of 4 called a `balanceRoot`. The merkle\n /// proof here verifies that this validator's `balanceRoot` is included in the `balanceContainerRoot`\n /// - balanceContainerRoot\n /// | HEIGHT: BALANCE_TREE_HEIGHT\n /// -- balanceRoot\n uint256 balanceIndex = uint256(validatorIndex / 4);\n\n require(\n Merkle.verifyInclusionSha256({\n proof: proof.proof,\n root: balanceContainerRoot,\n leaf: proof.balanceRoot,\n index: balanceIndex\n }),\n InvalidProof()\n );\n\n /// Extract the individual validator's balance from the `balanceRoot`\n return getBalanceAtIndex(proof.balanceRoot, validatorIndex);\n }\n\n /**\n * @notice Parses a balanceRoot to get the uint64 balance of a validator.\n * @dev During merkleization of the beacon state balance tree, four uint64 values are treated as a single\n * leaf in the merkle tree. We use validatorIndex % 4 to determine which of the four uint64 values to\n * extract from the balanceRoot.\n * @param balanceRoot is the combination of 4 validator balances being proven for\n * @param validatorIndex is the index of the validator being proven for\n * @return The validator's balance, in Gwei\n */\n function getBalanceAtIndex(bytes32 balanceRoot, uint40 validatorIndex) internal pure returns (uint64) {\n uint256 bitShiftAmount = (validatorIndex % 4) * 64;\n return Endian.fromLittleEndianUint64(bytes32((uint256(balanceRoot) << bitShiftAmount)));\n }\n\n /// @notice Indices for fields in the `Validator` container:\n /// 0: pubkey\n /// 1: withdrawal credentials\n /// 2: effective balance\n /// 3: slashed?\n /// 4: activation eligibility epoch\n /// 5: activation epoch\n /// 6: exit epoch\n /// 7: withdrawable epoch\n ///\n /// (See https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/beacon-chain.md#validator)\n\n /// @dev Retrieves a validator's pubkey hash\n function getPubkeyHash(\n bytes32[] memory validatorFields\n ) internal pure returns (bytes32) {\n return validatorFields[VALIDATOR_PUBKEY_INDEX];\n }\n\n /// @dev Retrieves a validator's withdrawal credentials\n function getWithdrawalCredentials(\n bytes32[] memory validatorFields\n ) internal pure returns (bytes32) {\n return validatorFields[VALIDATOR_WITHDRAWAL_CREDENTIALS_INDEX];\n }\n\n /// @dev Retrieves a validator's effective balance (in gwei)\n function getEffectiveBalanceGwei(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_BALANCE_INDEX]);\n }\n\n /// @dev Retrieves a validator's activation epoch\n function getActivationEpoch(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_ACTIVATION_EPOCH_INDEX]);\n }\n\n /// @dev Retrieves true IFF a validator is marked slashed\n function isValidatorSlashed(\n bytes32[] memory validatorFields\n ) internal pure returns (bool) {\n return validatorFields[VALIDATOR_SLASHED_INDEX] != 0;\n }\n\n /// @dev Retrieves a validator's exit epoch\n function getExitEpoch(\n bytes32[] memory validatorFields\n ) internal pure returns (uint64) {\n return Endian.fromLittleEndianUint64(validatorFields[VALIDATOR_EXIT_EPOCH_INDEX]);\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/Merkle.sol": { - "content": "// SPDX-License-Identifier: MIT\n// Adapted from OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/MerkleProof.sol)\n\npragma solidity ^0.8.0;\n\n/**\n * @dev These functions deal with verification of Merkle Tree proofs.\n *\n * The tree and the proofs can be generated using our\n * https://github.com/OpenZeppelin/merkle-tree[JavaScript library].\n * You will find a quickstart guide in the readme.\n *\n * WARNING: You should avoid using leaf values that are 64 bytes long prior to\n * hashing, or use a hash function other than keccak256 for hashing leaves.\n * This is because the concatenation of a sorted pair of internal nodes in\n * the merkle tree could be reinterpreted as a leaf value.\n * OpenZeppelin's JavaScript library generates merkle trees that are safe\n * against this attack out of the box.\n */\nlibrary Merkle {\n error InvalidProofLength();\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * Note this is for a Merkle tree using the keccak/sha3 hash function\n */\n function verifyInclusionKeccak(\n bytes memory proof,\n bytes32 root,\n bytes32 leaf,\n uint256 index\n ) internal pure returns (bool) {\n return processInclusionProofKeccak(proof, leaf, index) == root;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n * @dev If the proof length is 0 then the leaf hash is returned.\n *\n * _Available since v4.4._\n *\n * Note this is for a Merkle tree using the keccak/sha3 hash function\n */\n function processInclusionProofKeccak(\n bytes memory proof,\n bytes32 leaf,\n uint256 index\n ) internal pure returns (bytes32) {\n require(proof.length % 32 == 0, InvalidProofLength());\n bytes32 computedHash = leaf;\n for (uint256 i = 32; i <= proof.length; i += 32) {\n if (index % 2 == 0) {\n // if ith bit of index is 0, then computedHash is a left sibling\n assembly {\n mstore(0x00, computedHash)\n mstore(0x20, mload(add(proof, i)))\n computedHash := keccak256(0x00, 0x40)\n index := div(index, 2)\n }\n } else {\n // if ith bit of index is 1, then computedHash is a right sibling\n assembly {\n mstore(0x00, mload(add(proof, i)))\n mstore(0x20, computedHash)\n computedHash := keccak256(0x00, 0x40)\n index := div(index, 2)\n }\n }\n }\n return computedHash;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * Note this is for a Merkle tree using the sha256 hash function\n */\n function verifyInclusionSha256(\n bytes memory proof,\n bytes32 root,\n bytes32 leaf,\n uint256 index\n ) internal view returns (bool) {\n return processInclusionProofSha256(proof, leaf, index) == root;\n }\n\n /**\n * @dev Returns the rebuilt hash obtained by traversing a Merkle tree up\n * from `leaf` using `proof`. A `proof` is valid if and only if the rebuilt\n * hash matches the root of the tree. The tree is built assuming `leaf` is\n * the 0 indexed `index`'th leaf from the bottom left of the tree.\n *\n * _Available since v4.4._\n *\n * Note this is for a Merkle tree using the sha256 hash function\n */\n function processInclusionProofSha256(\n bytes memory proof,\n bytes32 leaf,\n uint256 index\n ) internal view returns (bytes32) {\n require(proof.length != 0 && proof.length % 32 == 0, InvalidProofLength());\n bytes32[1] memory computedHash = [leaf];\n for (uint256 i = 32; i <= proof.length; i += 32) {\n if (index % 2 == 0) {\n // if ith bit of index is 0, then computedHash is a left sibling\n assembly {\n mstore(0x00, mload(computedHash))\n mstore(0x20, mload(add(proof, i)))\n if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) }\n index := div(index, 2)\n }\n } else {\n // if ith bit of index is 1, then computedHash is a right sibling\n assembly {\n mstore(0x00, mload(add(proof, i)))\n mstore(0x20, mload(computedHash))\n if iszero(staticcall(sub(gas(), 2000), 2, 0x00, 0x40, computedHash, 0x20)) { revert(0, 0) }\n index := div(index, 2)\n }\n }\n }\n return computedHash[0];\n }\n\n /**\n * @notice this function returns the merkle root of a tree created from a set of leaves using sha256 as its hash function\n * @param leaves the leaves of the merkle tree\n * @return The computed Merkle root of the tree.\n * @dev A pre-condition to this function is that leaves.length is a power of two. If not, the function will merkleize the inputs incorrectly.\n */\n function merkleizeSha256(\n bytes32[] memory leaves\n ) internal pure returns (bytes32) {\n //there are half as many nodes in the layer above the leaves\n uint256 numNodesInLayer = leaves.length / 2;\n //create a layer to store the internal nodes\n bytes32[] memory layer = new bytes32[](numNodesInLayer);\n //fill the layer with the pairwise hashes of the leaves\n for (uint256 i = 0; i < numNodesInLayer; i++) {\n layer[i] = sha256(abi.encodePacked(leaves[2 * i], leaves[2 * i + 1]));\n }\n //the next layer above has half as many nodes\n numNodesInLayer /= 2;\n //while we haven't computed the root\n while (numNodesInLayer != 0) {\n //overwrite the first numNodesInLayer nodes in layer with the pairwise hashes of their children\n for (uint256 i = 0; i < numNodesInLayer; i++) {\n layer[i] = sha256(abi.encodePacked(layer[2 * i], layer[2 * i + 1]));\n }\n //the next layer above has half as many nodes\n numNodesInLayer /= 2;\n }\n //the first node in the layer is the root\n return layer[0];\n }\n}\n" - }, - "lib/eigenlayer-contracts/src/contracts/libraries/Endian.sol": { - "content": "// SPDX-License-Identifier: BUSL-1.1\npragma solidity ^0.8.0;\n\nlibrary Endian {\n /**\n * @notice Converts a little endian-formatted uint64 to a big endian-formatted uint64\n * @param lenum little endian-formatted uint64 input, provided as 'bytes32' type\n * @return n The big endian-formatted uint64\n * @dev Note that the input is formatted as a 'bytes32' type (i.e. 256 bits), but it is immediately truncated to a uint64 (i.e. 64 bits)\n * through a right-shift/shr operation.\n */\n function fromLittleEndianUint64(\n bytes32 lenum\n ) internal pure returns (uint64 n) {\n // the number needs to be stored in little-endian encoding (ie in bytes 0-8)\n n = uint64(uint256(lenum >> 192));\n // forgefmt: disable-next-item\n return (n >> 56) | \n ((0x00FF000000000000 & n) >> 40) | \n ((0x0000FF0000000000 & n) >> 24) | \n ((0x000000FF00000000 & n) >> 8) | \n ((0x00000000FF000000 & n) << 8) | \n ((0x0000000000FF0000 & n) << 24) | \n ((0x000000000000FF00 & n) << 40) | \n ((0x00000000000000FF & n) << 56);\n }\n}\n" - } - }, - "settings": { - "remappings": [ - "@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", - "@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", - "@openzeppelin/foundry-upgrades/=lib/openzeppelin-foundry-upgrades/", - "@symbiotic/middleware-sdk/=lib/middleware-sdk/src/", - "@symbiotic/core/=lib/core/src/", - "@eigenlayer/=lib/eigenlayer-contracts/", - "@openzeppelin/contracts-eigenlayer/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/contracts/", - "lib/openzeppelin-contracts/:@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/", - "lib/openzeppelin-contracts-upgradeable/:@openzeppelin/contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/contracts/", - "lib/middleware-sdk/:@symbiotic/=lib/core/src/", - "lib/eigenlayer-contracts/:@openzeppelin-upgrades/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "lib/eigenlayer-contracts/:@openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", - "lib/eigenlayer-contracts/:ds-test/=lib/eigenlayer-contracts/lib/ds-test/src/", - "lib/eigenlayer-contracts/:forge-std/=lib/eigenlayer-contracts/lib/forge-std/src/", - "@crypto-lib/=lib/middleware-sdk/lib/crypto-lib/src/", - "@openzeppelin-upgrades/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "@solidity/=lib/middleware-sdk/lib/crypto-lib/src/", - "@symbiotic-test/=lib/middleware-sdk/lib/core/test/", - "core/=lib/core/", - "crypto-lib/=lib/middleware-sdk/lib/crypto-lib/", - "ds-test/=lib/eigenlayer-contracts/lib/ds-test/src/", - "eigenlayer-contracts/=lib/eigenlayer-contracts/", - "erc4626-tests/=lib/openzeppelin-contracts-upgradeable/lib/erc4626-tests/", - "forge-std/=lib/forge-std/src/", - "halmos-cheatcodes/=lib/openzeppelin-contracts-upgradeable/lib/halmos-cheatcodes/src/", - "middleware-sdk/=lib/middleware-sdk/src/", - "openzeppelin-contracts-upgradeable-v4.9.0/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/", - "openzeppelin-contracts-upgradeable/=lib/openzeppelin-contracts-upgradeable/", - "openzeppelin-contracts-v4.9.0/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-v4.9.0/", - "openzeppelin-contracts/=lib/openzeppelin-contracts/", - "openzeppelin-foundry-upgrades/=lib/openzeppelin-foundry-upgrades/src/", - "openzeppelin/=lib/eigenlayer-contracts/lib/openzeppelin-contracts-upgradeable-v4.9.0/contracts/", - "solidity-stringutils/=lib/openzeppelin-foundry-upgrades/lib/solidity-stringutils/", - "zeus-templates/=lib/eigenlayer-contracts/lib/zeus-templates/src/" - ], - "optimizer": {}, - "metadata": { - "useLiteralContent": false, - "bytecodeHash": "ipfs", - "appendCBOR": true - }, - "outputSelection": { - "*": { - "*": [ - "abi", - "evm.bytecode.object", - "evm.bytecode.sourceMap", - "evm.bytecode.linkReferences", - "evm.deployedBytecode.object", - "evm.deployedBytecode.sourceMap", - "evm.deployedBytecode.linkReferences", - "evm.deployedBytecode.immutableReferences", - "evm.methodIdentifiers", - "metadata" - ] - } - }, - "evmVersion": "cancun", - "viaIR": true, - "libraries": {} - } -} diff --git a/smart-contracts/test/holesky/EigenLayerMiddlewareV1.t.sol b/smart-contracts/test/holesky/EigenLayerMiddlewareV1.t.sol index b1cc9a5..783b249 100644 --- a/smart-contracts/test/holesky/EigenLayerMiddlewareV1.t.sol +++ b/smart-contracts/test/holesky/EigenLayerMiddlewareV1.t.sol @@ -2,7 +2,7 @@ pragma solidity ^0.8.27; import {Test, console} from "forge-std/Test.sol"; -import {IERC20} from "@openzeppelin/contracts-eigenlayer/token/ERC20/IERC20.sol"; +import {IERC20} from "@openzeppelin-v4.9.0/contracts/token/ERC20/IERC20.sol"; import { IAllocationManager, IAllocationManagerTypes } from "@eigenlayer/src/contracts/interfaces/IAllocationManager.sol"; diff --git a/smart-contracts/test/holesky/SymbioticMiddleware.t.sol b/smart-contracts/test/holesky/SymbioticMiddleware.t.sol index 01b4c71..cce4d67 100644 --- a/smart-contracts/test/holesky/SymbioticMiddleware.t.sol +++ b/smart-contracts/test/holesky/SymbioticMiddleware.t.sol @@ -19,7 +19,7 @@ import {INetworkRegistry} from "@symbiotic/core/interfaces/INetworkRegistry.sol" import {IBaseDelegator} from "@symbiotic/core/interfaces/delegator/IBaseDelegator.sol"; import {Subnetwork} from "@symbiotic/core/contracts/libraries/Subnetwork.sol"; -import {IERC20} from "@openzeppelin/contracts/interfaces/IERC20.sol"; +import {IERC20} from "@openzeppelin-v4.9.0/contracts/interfaces/IERC20.sol"; contract SymbioticMiddlewareHoleskyTest is Test { using Subnetwork for address; diff --git a/smart-contracts/test/mainnet/EigenLayerMiddlewareV1.t.sol b/smart-contracts/test/mainnet/EigenLayerMiddlewareV1.t.sol index 7c17e5d..fdffe00 100644 --- a/smart-contracts/test/mainnet/EigenLayerMiddlewareV1.t.sol +++ b/smart-contracts/test/mainnet/EigenLayerMiddlewareV1.t.sol @@ -2,7 +2,7 @@ pragma solidity ^0.8.27; import {Test, console} from "forge-std/Test.sol"; -import {IERC20} from "@openzeppelin/contracts-eigenlayer/token/ERC20/IERC20.sol"; +import {IERC20} from "@openzeppelin-v4.9.0/contracts/token/ERC20/IERC20.sol"; import { IAllocationManager, IAllocationManagerTypes } from "@eigenlayer/src/contracts/interfaces/IAllocationManager.sol"; diff --git a/smart-contracts/test/mainnet/SymbioticMiddleware.t.sol b/smart-contracts/test/mainnet/SymbioticMiddleware.t.sol index 21ac56d..0aa5b8e 100644 --- a/smart-contracts/test/mainnet/SymbioticMiddleware.t.sol +++ b/smart-contracts/test/mainnet/SymbioticMiddleware.t.sol @@ -20,7 +20,7 @@ import {INetworkRegistry} from "@symbiotic/core/interfaces/INetworkRegistry.sol" import {IBaseDelegator} from "@symbiotic/core/interfaces/delegator/IBaseDelegator.sol"; import {Subnetwork} from "@symbiotic/core/contracts/libraries/Subnetwork.sol"; -import {IERC20} from "@openzeppelin/contracts/interfaces/IERC20.sol"; +import {IERC20} from "@openzeppelin-v4.9.0/contracts/interfaces/IERC20.sol"; contract SymbioticMiddlewareMainnetTest is Test { using Subnetwork for address;