Contract

/**
 *Submitted for verification at Etherscan.io on 2023-05-24
*/

// SPDX-License-Identifier: MIXED

// File @openzeppelin/contracts/utils/math/[email protected]
// License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/SafeMath.sol)

pragma solidity ^0.8.0;

// CAUTION
// This version of SafeMath should only be used with Solidity 0.8 or later,
// because it relies on the compiler's built in overflow checks.

/**
 * @dev Wrappers over Solidity's arithmetic operations.
 *
 * NOTE: `SafeMath` is generally not needed starting with Solidity 0.8, since the compiler
 * now has built in overflow checking.
 */
library SafeMath {
    /**
     * @dev Returns the addition of two unsigned integers, with an overflow flag.
     *
     * _Available since v3.4._
     */
    function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
        unchecked {
            uint256 c = a + b;
            if (c < a) return (false, 0);
            return (true, c);
        }
    }

    /**
     * @dev Returns the subtraction of two unsigned integers, with an overflow flag.
     *
     * _Available since v3.4._
     */
    function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
        unchecked {
            if (b > a) return (false, 0);
            return (true, a - b);
        }
    }

    /**
     * @dev Returns the multiplication of two unsigned integers, with an overflow flag.
     *
     * _Available since v3.4._
     */
    function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
        unchecked {
            // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
            // benefit is lost if 'b' is also tested.
            // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
            if (a == 0) return (true, 0);
            uint256 c = a * b;
            if (c / a != b) return (false, 0);
            return (true, c);
        }
    }

    /**
     * @dev Returns the division of two unsigned integers, with a division by zero flag.
     *
     * _Available since v3.4._
     */
    function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
        unchecked {
            if (b == 0) return (false, 0);
            return (true, a / b);
        }
    }

    /**
     * @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
     *
     * _Available since v3.4._
     */
    function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
        unchecked {
            if (b == 0) return (false, 0);
            return (true, a % b);
        }
    }

    /**
     * @dev Returns the addition of two unsigned integers, reverting on
     * overflow.
     *
     * Counterpart to Solidity's `+` operator.
     *
     * Requirements:
     *
     * - Addition cannot overflow.
     */
    function add(uint256 a, uint256 b) internal pure returns (uint256) {
        return a + b;
    }

    /**
     * @dev Returns the subtraction of two unsigned integers, reverting on
     * overflow (when the result is negative).
     *
     * Counterpart to Solidity's `-` operator.
     *
     * Requirements:
     *
     * - Subtraction cannot overflow.
     */
    function sub(uint256 a, uint256 b) internal pure returns (uint256) {
        return a - b;
    }

    /**
     * @dev Returns the multiplication of two unsigned integers, reverting on
     * overflow.
     *
     * Counterpart to Solidity's `*` operator.
     *
     * Requirements:
     *
     * - Multiplication cannot overflow.
     */
    function mul(uint256 a, uint256 b) internal pure returns (uint256) {
        return a * b;
    }

    /**
     * @dev Returns the integer division of two unsigned integers, reverting on
     * division by zero. The result is rounded towards zero.
     *
     * Counterpart to Solidity's `/` operator.
     *
     * Requirements:
     *
     * - The divisor cannot be zero.
     */
    function div(uint256 a, uint256 b) internal pure returns (uint256) {
        return a / b;
    }

    /**
     * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
     * reverting when dividing by zero.
     *
     * Counterpart to Solidity's `%` operator. This function uses a `revert`
     * opcode (which leaves remaining gas untouched) while Solidity uses an
     * invalid opcode to revert (consuming all remaining gas).
     *
     * Requirements:
     *
     * - The divisor cannot be zero.
     */
    function mod(uint256 a, uint256 b) internal pure returns (uint256) {
        return a % b;
    }

    /**
     * @dev Returns the subtraction of two unsigned integers, reverting with custom message on
     * overflow (when the result is negative).
     *
     * CAUTION: This function is deprecated because it requires allocating memory for the error
     * message unnecessarily. For custom revert reasons use {trySub}.
     *
     * Counterpart to Solidity's `-` operator.
     *
     * Requirements:
     *
     * - Subtraction cannot overflow.
     */
    function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
        unchecked {
            require(b <= a, errorMessage);
            return a - b;
        }
    }

    /**
     * @dev Returns the integer division of two unsigned integers, reverting with custom message on
     * division by zero. The result is rounded towards zero.
     *
     * Counterpart to Solidity's `/` operator. Note: this function uses a
     * `revert` opcode (which leaves remaining gas untouched) while Solidity
     * uses an invalid opcode to revert (consuming all remaining gas).
     *
     * Requirements:
     *
     * - The divisor cannot be zero.
     */
    function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
        unchecked {
            require(b > 0, errorMessage);
            return a / b;
        }
    }

    /**
     * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
     * reverting with custom message when dividing by zero.
     *
     * CAUTION: This function is deprecated because it requires allocating memory for the error
     * message unnecessarily. For custom revert reasons use {tryMod}.
     *
     * Counterpart to Solidity's `%` operator. This function uses a `revert`
     * opcode (which leaves remaining gas untouched) while Solidity uses an
     * invalid opcode to revert (consuming all remaining gas).
     *
     * Requirements:
     *
     * - The divisor cannot be zero.
     */
    function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
        unchecked {
            require(b > 0, errorMessage);
            return a % b;
        }
    }
}

// File @openzeppelin/contracts/token/ERC20/[email protected]
// License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)

pragma solidity ^0.8.0;

/**
 * @dev Interface of the ERC20 standard as defined in the EIP.
 */
interface IERC20 {
    /**
     * @dev Emitted when `value` tokens are moved from one account (`from`) to
     * another (`to`).
     *
     * Note that `value` may be zero.
     */
    event Transfer(address indexed from, address indexed to, uint256 value);

    /**
     * @dev Emitted when the allowance of a `spender` for an `owner` is set by
     * a call to {approve}. `value` is the new allowance.
     */
    event Approval(address indexed owner, address indexed spender, uint256 value);

    /**
     * @dev Returns the amount of tokens in existence.
     */
    function totalSupply() external view returns (uint256);

    /**
     * @dev Returns the amount of tokens owned by `account`.
     */
    function balanceOf(address account) external view returns (uint256);

    /**
     * @dev Moves `amount` tokens from the caller's account to `to`.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transfer(address to, uint256 amount) external returns (bool);

    /**
     * @dev Returns the remaining number of tokens that `spender` will be
     * allowed to spend on behalf of `owner` through {transferFrom}. This is
     * zero by default.
     *
     * This value changes when {approve} or {transferFrom} are called.
     */
    function allowance(address owner, address spender) external view returns (uint256);

    /**
     * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * IMPORTANT: Beware that changing an allowance with this method brings the risk
     * that someone may use both the old and the new allowance by unfortunate
     * transaction ordering. One possible solution to mitigate this race
     * condition is to first reduce the spender's allowance to 0 and set the
     * desired value afterwards:
     * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
     *
     * Emits an {Approval} event.
     */
    function approve(address spender, uint256 amount) external returns (bool);

    /**
     * @dev Moves `amount` tokens from `from` to `to` using the
     * allowance mechanism. `amount` is then deducted from the caller's
     * allowance.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transferFrom(address from, address to, uint256 amount) external returns (bool);
}

// File @openzeppelin/contracts/token/ERC20/extensions/IER[email protected]
// License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/extensions/IERC20Permit.sol)

pragma solidity ^0.8.0;

/**
 * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
 * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
 *
 * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
 * presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
 * need to send a transaction, and thus is not required to hold Ether at all.
 */
interface IERC20Permit {
    /**
     * @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
     * given ``owner``'s signed approval.
     *
     * IMPORTANT: The same issues {IERC20-approve} has related to transaction
     * ordering also apply here.
     *
     * Emits an {Approval} event.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     * - `deadline` must be a timestamp in the future.
     * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
     * over the EIP712-formatted function arguments.
     * - the signature must use ``owner``'s current nonce (see {nonces}).
     *
     * For more information on the signature format, see the
     * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
     * section].
     */
    function permit(
        address owner,
        address spender,
        uint256 value,
        uint256 deadline,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) external;

    /**
     * @dev Returns the current nonce for `owner`. This value must be
     * included whenever a signature is generated for {permit}.
     *
     * Every successful call to {permit} increases ``owner``'s nonce by one. This
     * prevents a signature from being used multiple times.
     */
    function nonces(address owner) external view returns (uint256);

    /**
     * @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
     */
    // solhint-disable-next-line func-name-mixedcase
    function DOMAIN_SEPARATOR() external view returns (bytes32);
}

// File @openzeppelin/contracts/utils/[email protected]
// License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)

pragma solidity ^0.8.1;

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     *
     * Furthermore, `isContract` will also return true if the target contract within
     * the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
     * which only has an effect at the end of a transaction.
     * ====
     *
     * [IMPORTANT]
     * ====
     * You shouldn't rely on `isContract` to protect against flash loan attacks!
     *
     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
     * constructor.
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize/address.code.length, which returns 0
        // for contracts in construction, since the code is only stored at the end
        // of the constructor execution.

        return account.code.length > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        (bool success, ) = recipient.call{value: amount}("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value,
        string memory errorMessage
    ) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionDelegateCall(target, data, "Address: low-level delegate call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
     *
     * _Available since v4.8._
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        if (success) {
            if (returndata.length == 0) {
                // only check isContract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                require(isContract(target), "Address: call to non-contract");
            }
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
     * revert reason or using the provided one.
     *
     * _Available since v4.3._
     */
    function verifyCallResult(
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal pure returns (bytes memory) {
        if (success) {
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    function _revert(bytes memory returndata, string memory errorMessage) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            /// @solidity memory-safe-assembly
            assembly {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert(errorMessage);
        }
    }
}

// File @openzeppelin/contracts/token/ERC20/utils/[email protected]
// License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/utils/SafeERC20.sol)

pragma solidity ^0.8.0;



/**
 * @title SafeERC20
 * @dev Wrappers around ERC20 operations that throw on failure (when the token
 * contract returns false). Tokens that return no value (and instead revert or
 * throw on failure) are also supported, non-reverting calls are assumed to be
 * successful.
 * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
 * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
 */
library SafeERC20 {
    using Address for address;

    /**
     * @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeTransfer(IERC20 token, address to, uint256 value) internal {
        _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
    }

    /**
     * @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
     * calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
     */
    function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
        _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
    }

    /**
     * @dev Deprecated. This function has issues similar to the ones found in
     * {IERC20-approve}, and its usage is discouraged.
     *
     * Whenever possible, use {safeIncreaseAllowance} and
     * {safeDecreaseAllowance} instead.
     */
    function safeApprove(IERC20 token, address spender, uint256 value) internal {
        // safeApprove should only be called when setting an initial allowance,
        // or when resetting it to zero. To increase and decrease it, use
        // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
        require(
            (value == 0) || (token.allowance(address(this), spender) == 0),
            "SafeERC20: approve from non-zero to non-zero allowance"
        );
        _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
    }

    /**
     * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
        uint256 oldAllowance = token.allowance(address(this), spender);
        _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value));
    }

    /**
     * @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
        unchecked {
            uint256 oldAllowance = token.allowance(address(this), spender);
            require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value));
        }
    }

    /**
     * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful. Compatible with tokens that require the approval to be set to
     * 0 before setting it to a non-zero value.
     */
    function forceApprove(IERC20 token, address spender, uint256 value) internal {
        bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value);

        if (!_callOptionalReturnBool(token, approvalCall)) {
            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0));
            _callOptionalReturn(token, approvalCall);
        }
    }

    /**
     * @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`.
     * Revert on invalid signature.
     */
    function safePermit(
        IERC20Permit token,
        address owner,
        address spender,
        uint256 value,
        uint256 deadline,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) internal {
        uint256 nonceBefore = token.nonces(owner);
        token.permit(owner, spender, value, deadline, v, r, s);
        uint256 nonceAfter = token.nonces(owner);
        require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
    }

    /**
     * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
     * on the return value: the return value is optional (but if data is returned, it must not be false).
     * @param token The token targeted by the call.
     * @param data The call data (encoded using abi.encode or one of its variants).
     */
    function _callOptionalReturn(IERC20 token, bytes memory data) private {
        // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
        // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
        // the target address contains contract code and also asserts for success in the low-level call.

        bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
        require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
    }

    /**
     * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
     * on the return value: the return value is optional (but if data is returned, it must not be false).
     * @param token The token targeted by the call.
     * @param data The call data (encoded using abi.encode or one of its variants).
     *
     * This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
     */
    function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
        // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
        // we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
        // and not revert is the subcall reverts.

        (bool success, bytes memory returndata) = address(token).call(data);
        return
            success && (returndata.length == 0 || abi.decode(returndata, (bool))) && Address.isContract(address(token));
    }
}

// File contracts/v2/core/Withdrawals.sol
pragma solidity 0.8.20;

// License-Identifier: MIT


/// @title Withdrawals - ERC20 token to ETH redemption contract
/// @author @ChimeraDefi - sharedstake.org
/// @notice Deployer chooses static virtual price at launch in 1e18 and the underlying ERC20 token
/// @notice Users call deposit(amt) to stake their ERC20 and signal intent to exit
/// @notice When the contract has enough ETH to service the users debt
/// @notice Users call redeem() to redem for ETH = deposited shares * virtualPrice
/// @notice The user can further call withdraw() if they change their mind about redeeming for ETH
/// @dev TODO Docs
/// @dev TODO Test goerli
contract Withdrawals {
    using SafeMath for uint256;
    using SafeERC20 for IERC20;

    error ContractBalanceTooLow();
    struct UserEntry {
        uint256 amount;
    }

    mapping(address => UserEntry) internal _userEntries;
    IERC20 public vEth2Token;
    uint256 public virtualPrice;
    uint256 public totalOut;

    constructor(address _underlying, uint256 _virtualPrice) payable {
        vEth2Token = IERC20(_underlying);
        virtualPrice = _virtualPrice;
    }

    function deposit(uint256 amount) external {
        // vEth2 transfer from returns true otherwise reverts
        if (vEth2Token.transferFrom(msg.sender, address(this), amount)) {
            _stakeForWithdrawal(msg.sender, amount);
        }
    }

    function withdraw() external {
        uint256 amt = _userEntries[msg.sender].amount;
        delete _userEntries[msg.sender];

        vEth2Token.transferFrom(address(this), msg.sender, amt);
    }

    function redeem() external {
        uint256 amountToReturn = _getAmountGivenShares(_userEntries[msg.sender].amount, virtualPrice);
        if (amountToReturn > address(this).balance) {
            revert ContractBalanceTooLow();
        }
        delete _userEntries[msg.sender];
        totalOut += amountToReturn;

        payable(msg.sender).transfer(amountToReturn);
    }

    function _stakeForWithdrawal(address sender, uint256 amount) internal {
        UserEntry memory ue = _userEntries[sender];
        ue.amount = ue.amount.add(amount);
        _userEntries[sender] = ue;
    }

    function _getAmountGivenShares(uint256 shares, uint256 _vp) internal pure returns (uint256) {
        return shares.mul(_vp).div(1e18);
    }

    receive() external payable {} // solhint-disable-line

    fallback() external payable {} // solhint-disable-line
}

[{"inputs":[{"internalType":"address","name":"_underlying","type":"address"},{"internalType":"uint256","name":"_virtualPrice","type":"uint256"}],"stateMutability":"payable","type":"constructor"},{"inputs":[],"name":"ContractBalanceTooLow","type":"error"},{"stateMutability":"payable","type":"fallback"},{"inputs":[{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"deposit","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"redeem","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"totalOut","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"vEth2Token","outputs":[{"internalType":"contract IERC20","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"virtualPrice","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"withdraw","outputs":[],"stateMutability":"nonpayable","type":"function"},{"stateMutability":"payable","type":"receive"}]

60806040526040516109f13803806109f183398181016040528101906100259190610104565b8160015f6101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550806002819055505050610142565b5f80fd5b5f73ffffffffffffffffffffffffffffffffffffffff82169050919050565b5f6100a082610077565b9050919050565b6100b081610096565b81146100ba575f80fd5b50565b5f815190506100cb816100a7565b92915050565b5f819050919050565b6100e3816100d1565b81146100ed575f80fd5b50565b5f815190506100fe816100da565b92915050565b5f806040838503121561011a57610119610073565b5b5f610127858286016100bd565b9250506020610138858286016100f0565b9150509250929050565b6108a28061014f5f395ff3fe608060405260043610610058575f3560e01c80633c0d84de146100615780633ccfd60b1461008b5780638ea875f3146100a1578063b6b55f25146100cb578063be040fb0146100f3578063efeaeee3146101095761005f565b3661005f57005b005b34801561006c575f80fd5b50610075610133565b60405161008291906105b4565b60405180910390f35b348015610096575f80fd5b5061009f610139565b005b3480156100ac575f80fd5b506100b5610262565b6040516100c291906105b4565b60405180910390f35b3480156100d6575f80fd5b506100f160048036038101906100ec91906105fb565b610268565b005b3480156100fe575f80fd5b50610107610319565b005b348015610114575f80fd5b5061011d610444565b60405161012a91906106a0565b60405180910390f35b60035481565b5f805f3373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f015490505f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f8082015f9055505060015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166323b872dd3033846040518463ffffffff1660e01b815260040161021e939291906106d9565b6020604051808303815f875af115801561023a573d5f803e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061025e9190610743565b5050565b60025481565b60015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166323b872dd3330846040518463ffffffff1660e01b81526004016102c6939291906106d9565b6020604051808303815f875af11580156102e2573d5f803e3d5ffd5b505050506040513d601f19601f820116820180604052508101906103069190610743565b15610316576103153382610469565b5b50565b5f6103645f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f0154600254610527565b9050478111156103a0576040517f35e9ab3200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f8082015f905550508060035f8282546103f6919061079b565b925050819055503373ffffffffffffffffffffffffffffffffffffffff166108fc8290811502906040515f60405180830381858888f19350505050158015610440573d5f803e3d5ffd5b5050565b60015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b5f805f8473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f206040518060200160405290815f8201548152505090506104d282825f015161055d90919063ffffffff16565b815f018181525050805f808573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f820151815f0155905050505050565b5f610555670de0b6b3a7640000610547848661057290919063ffffffff16565b61058790919063ffffffff16565b905092915050565b5f818361056a919061079b565b905092915050565b5f818361057f91906107ce565b905092915050565b5f8183610594919061083c565b905092915050565b5f819050919050565b6105ae8161059c565b82525050565b5f6020820190506105c75f8301846105a5565b92915050565b5f80fd5b6105da8161059c565b81146105e4575f80fd5b50565b5f813590506105f5816105d1565b92915050565b5f602082840312156106105761060f6105cd565b5b5f61061d848285016105e7565b91505092915050565b5f73ffffffffffffffffffffffffffffffffffffffff82169050919050565b5f819050919050565b5f61066861066361065e84610626565b610645565b610626565b9050919050565b5f6106798261064e565b9050919050565b5f61068a8261066f565b9050919050565b61069a81610680565b82525050565b5f6020820190506106b35f830184610691565b92915050565b5f6106c382610626565b9050919050565b6106d3816106b9565b82525050565b5f6060820190506106ec5f8301866106ca565b6106f960208301856106ca565b61070660408301846105a5565b949350505050565b5f8115159050919050565b6107228161070e565b811461072c575f80fd5b50565b5f8151905061073d81610719565b92915050565b5f60208284031215610758576107576105cd565b5b5f6107658482850161072f565b91505092915050565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52601160045260245ffd5b5f6107a58261059c565b91506107b08361059c565b92508282019050808211156107c8576107c761076e565b5b92915050565b5f6107d88261059c565b91506107e38361059c565b92508282026107f18161059c565b915082820484148315176108085761080761076e565b5b5092915050565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52601260045260245ffd5b5f6108468261059c565b91506108518361059c565b9250826108615761086061080f565b5b82820490509291505056fea264697066735822122002db914fd4823b2008f6734fe8928e6ff2e8ed81ec9eb33f2ece60bca9f4a7a064736f6c634300081400330000000000000000000000000d3c0916b0df1ae387eda7fd1cb77d2e244826e60000000000000000000000000000000000000000000000000f406eb960f253a0

0x608060405260043610610058575f3560e01c80633c0d84de146100615780633ccfd60b1461008b5780638ea875f3146100a1578063b6b55f25146100cb578063be040fb0146100f3578063efeaeee3146101095761005f565b3661005f57005b005b34801561006c575f80fd5b50610075610133565b60405161008291906105b4565b60405180910390f35b348015610096575f80fd5b5061009f610139565b005b3480156100ac575f80fd5b506100b5610262565b6040516100c291906105b4565b60405180910390f35b3480156100d6575f80fd5b506100f160048036038101906100ec91906105fb565b610268565b005b3480156100fe575f80fd5b50610107610319565b005b348015610114575f80fd5b5061011d610444565b60405161012a91906106a0565b60405180910390f35b60035481565b5f805f3373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f015490505f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f8082015f9055505060015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166323b872dd3033846040518463ffffffff1660e01b815260040161021e939291906106d9565b6020604051808303815f875af115801561023a573d5f803e3d5ffd5b505050506040513d601f19601f8201168201806040525081019061025e9190610743565b5050565b60025481565b60015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff166323b872dd3330846040518463ffffffff1660e01b81526004016102c6939291906106d9565b6020604051808303815f875af11580156102e2573d5f803e3d5ffd5b505050506040513d601f19601f820116820180604052508101906103069190610743565b15610316576103153382610469565b5b50565b5f6103645f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f0154600254610527565b9050478111156103a0576040517f35e9ab3200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5f803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f8082015f905550508060035f8282546103f6919061079b565b925050819055503373ffffffffffffffffffffffffffffffffffffffff166108fc8290811502906040515f60405180830381858888f19350505050158015610440573d5f803e3d5ffd5b5050565b60015f9054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b5f805f8473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f206040518060200160405290815f8201548152505090506104d282825f015161055d90919063ffffffff16565b815f018181525050805f808573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020015f205f820151815f0155905050505050565b5f610555670de0b6b3a7640000610547848661057290919063ffffffff16565b61058790919063ffffffff16565b905092915050565b5f818361056a919061079b565b905092915050565b5f818361057f91906107ce565b905092915050565b5f8183610594919061083c565b905092915050565b5f819050919050565b6105ae8161059c565b82525050565b5f6020820190506105c75f8301846105a5565b92915050565b5f80fd5b6105da8161059c565b81146105e4575f80fd5b50565b5f813590506105f5816105d1565b92915050565b5f602082840312156106105761060f6105cd565b5b5f61061d848285016105e7565b91505092915050565b5f73ffffffffffffffffffffffffffffffffffffffff82169050919050565b5f819050919050565b5f61066861066361065e84610626565b610645565b610626565b9050919050565b5f6106798261064e565b9050919050565b5f61068a8261066f565b9050919050565b61069a81610680565b82525050565b5f6020820190506106b35f830184610691565b92915050565b5f6106c382610626565b9050919050565b6106d3816106b9565b82525050565b5f6060820190506106ec5f8301866106ca565b6106f960208301856106ca565b61070660408301846105a5565b949350505050565b5f8115159050919050565b6107228161070e565b811461072c575f80fd5b50565b5f8151905061073d81610719565b92915050565b5f60208284031215610758576107576105cd565b5b5f6107658482850161072f565b91505092915050565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52601160045260245ffd5b5f6107a58261059c565b91506107b08361059c565b92508282019050808211156107c8576107c761076e565b5b92915050565b5f6107d88261059c565b91506107e38361059c565b92508282026107f18161059c565b915082820484148315176108085761080761076e565b5b5092915050565b7f4e487b71000000000000000000000000000000000000000000000000000000005f52601260045260245ffd5b5f6108468261059c565b91506108518361059c565b9250826108615761086061080f565b5b82820490509291505056fea264697066735822122002db914fd4823b2008f6734fe8928e6ff2e8ed81ec9eb33f2ece60bca9f4a7a064736f6c63430008140033

0000000000000000000000000d3c0916b0df1ae387eda7fd1cb77d2e244826e60000000000000000000000000000000000000000000000000f406eb960f253a0

-----Decoded View---------------
Arg [0] : _underlying (address): 0x0D3C0916B0DF1Ae387eDa7fD1cb77d2e244826E6
Arg [1] : _virtualPrice (uint256): 1099000051552900000

-----Encoded View---------------
2 Constructor Arguments found :
Arg [0] : 0000000000000000000000000d3c0916b0df1ae387eda7fd1cb77d2e244826e6
Arg [1] : 0000000000000000000000000000000000000000000000000f406eb960f253a0

29662:1861:0:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;29975:23;;;;;;;;;;;;;:::i;:::-;;;;;;;:::i;:::-;;;;;;;;30430:203;;;;;;;;;;;;;:::i;:::-;;29941:27;;;;;;;;;;;;;:::i;:::-;;;;;;;:::i;:::-;;;;;;;;30169:253;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;;:::i;:::-;;30641:386;;;;;;;;;;;;;:::i;:::-;;29910:24;;;;;;;;;;;;;:::i;:::-;;;;;;;:::i;:::-;;;;;;;;29975:23;;;;:::o;30430:203::-;30470:11;30484:12;:24;30497:10;30484:24;;;;;;;;;;;;;;;:31;;;30470:45;;30533:12;:24;30546:10;30533:24;;;;;;;;;;;;;;;;30526:31;;;;;;;;30570:10;;;;;;;;;;;:23;;;30602:4;30609:10;30621:3;30570:55;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;;30459:174;30430:203::o;29941:27::-;;;;:::o;30169:253::-;30289:10;;;;;;;;;;;:23;;;30313:10;30333:4;30340:6;30289:58;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;30285:130;;;30364:39;30384:10;30396:6;30364:19;:39::i;:::-;30285:130;30169:253;:::o;30641:386::-;30679:22;30704:68;30726:12;:24;30739:10;30726:24;;;;;;;;;;;;;;;:31;;;30759:12;;30704:21;:68::i;:::-;30679:93;;30804:21;30787:14;:38;30783:101;;;30849:23;;;;;;;;;;;;;;30783:101;30901:12;:24;30914:10;30901:24;;;;;;;;;;;;;;;;30894:31;;;;;;;;30948:14;30936:8;;:26;;;;;;;:::i;:::-;;;;;;;;30983:10;30975:28;;:44;31004:14;30975:44;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;30668:359;30641:386::o;29910:24::-;;;;;;;;;;;;;:::o;31035:211::-;31116:19;31138:12;:20;31151:6;31138:20;;;;;;;;;;;;;;;31116:42;;;;;;;;;;;;;;;;;;;31181:21;31195:6;31181:2;:9;;;:13;;:21;;;;:::i;:::-;31169:2;:9;;:33;;;;;31236:2;31213:12;:20;31226:6;31213:20;;;;;;;;;;;;;;;:25;;;;;;;;;;;31105:141;31035:211;;:::o;31254:143::-;31337:7;31364:25;31384:4;31364:15;31375:3;31364:6;:10;;:15;;;;:::i;:::-;:19;;:25;;;;:::i;:::-;31357:32;;31254:143;;;;:::o;2943:98::-;3001:7;3032:1;3028;:5;;;;:::i;:::-;3021:12;;2943:98;;;;:::o;3681:::-;3739:7;3770:1;3766;:5;;;;:::i;:::-;3759:12;;3681:98;;;;:::o;4080:::-;4138:7;4169:1;4165;:5;;;;:::i;:::-;4158:12;;4080:98;;;;:::o;7:77:1:-;44:7;73:5;62:16;;7:77;;;:::o;90:118::-;177:24;195:5;177:24;:::i;:::-;172:3;165:37;90:118;;:::o;214:222::-;307:4;345:2;334:9;330:18;322:26;;358:71;426:1;415:9;411:17;402:6;358:71;:::i;:::-;214:222;;;;:::o;523:117::-;632:1;629;622:12;769:122;842:24;860:5;842:24;:::i;:::-;835:5;832:35;822:63;;881:1;878;871:12;822:63;769:122;:::o;897:139::-;943:5;981:6;968:20;959:29;;997:33;1024:5;997:33;:::i;:::-;897:139;;;;:::o;1042:329::-;1101:6;1150:2;1138:9;1129:7;1125:23;1121:32;1118:119;;;1156:79;;:::i;:::-;1118:119;1276:1;1301:53;1346:7;1337:6;1326:9;1322:22;1301:53;:::i;:::-;1291:63;;1247:117;1042:329;;;;:::o;1377:126::-;1414:7;1454:42;1447:5;1443:54;1432:65;;1377:126;;;:::o;1509:60::-;1537:3;1558:5;1551:12;;1509:60;;;:::o;1575:142::-;1625:9;1658:53;1676:34;1685:24;1703:5;1685:24;:::i;:::-;1676:34;:::i;:::-;1658:53;:::i;:::-;1645:66;;1575:142;;;:::o;1723:126::-;1773:9;1806:37;1837:5;1806:37;:::i;:::-;1793:50;;1723:126;;;:::o;1855:140::-;1919:9;1952:37;1983:5;1952:37;:::i;:::-;1939:50;;1855:140;;;:::o;2001:159::-;2102:51;2147:5;2102:51;:::i;:::-;2097:3;2090:64;2001:159;;:::o;2166:250::-;2273:4;2311:2;2300:9;2296:18;2288:26;;2324:85;2406:1;2395:9;2391:17;2382:6;2324:85;:::i;:::-;2166:250;;;;:::o;2422:96::-;2459:7;2488:24;2506:5;2488:24;:::i;:::-;2477:35;;2422:96;;;:::o;2524:118::-;2611:24;2629:5;2611:24;:::i;:::-;2606:3;2599:37;2524:118;;:::o;2648:442::-;2797:4;2835:2;2824:9;2820:18;2812:26;;2848:71;2916:1;2905:9;2901:17;2892:6;2848:71;:::i;:::-;2929:72;2997:2;2986:9;2982:18;2973:6;2929:72;:::i;:::-;3011;3079:2;3068:9;3064:18;3055:6;3011:72;:::i;:::-;2648:442;;;;;;:::o;3096:90::-;3130:7;3173:5;3166:13;3159:21;3148:32;;3096:90;;;:::o;3192:116::-;3262:21;3277:5;3262:21;:::i;:::-;3255:5;3252:32;3242:60;;3298:1;3295;3288:12;3242:60;3192:116;:::o;3314:137::-;3368:5;3399:6;3393:13;3384:22;;3415:30;3439:5;3415:30;:::i;:::-;3314:137;;;;:::o;3457:345::-;3524:6;3573:2;3561:9;3552:7;3548:23;3544:32;3541:119;;;3579:79;;:::i;:::-;3541:119;3699:1;3724:61;3777:7;3768:6;3757:9;3753:22;3724:61;:::i;:::-;3714:71;;3670:125;3457:345;;;;:::o;3808:180::-;3856:77;3853:1;3846:88;3953:4;3950:1;3943:15;3977:4;3974:1;3967:15;3994:191;4034:3;4053:20;4071:1;4053:20;:::i;:::-;4048:25;;4087:20;4105:1;4087:20;:::i;:::-;4082:25;;4130:1;4127;4123:9;4116:16;;4151:3;4148:1;4145:10;4142:36;;;4158:18;;:::i;:::-;4142:36;3994:191;;;;:::o;4191:410::-;4231:7;4254:20;4272:1;4254:20;:::i;:::-;4249:25;;4288:20;4306:1;4288:20;:::i;:::-;4283:25;;4343:1;4340;4336:9;4365:30;4383:11;4365:30;:::i;:::-;4354:41;;4544:1;4535:7;4531:15;4528:1;4525:22;4505:1;4498:9;4478:83;4455:139;;4574:18;;:::i;:::-;4455:139;4239:362;4191:410;;;;:::o;4607:180::-;4655:77;4652:1;4645:88;4752:4;4749:1;4742:15;4776:4;4773:1;4766:15;4793:185;4833:1;4850:20;4868:1;4850:20;:::i;:::-;4845:25;;4884:20;4902:1;4884:20;:::i;:::-;4879:25;;4923:1;4913:35;;4928:18;;:::i;:::-;4913:35;4970:1;4967;4963:9;4958:14;;4793:185;;;;:::o

ipfs://02db914fd4823b2008f6734fe8928e6ff2e8ed81ec9eb33f2ece60bca9f4a7a0