ETH Price: $2,709.97 (+8.56%)

Transaction Decoder

Block:
20670785 at Sep-03-2024 02:55:59 PM +UTC
Transaction Fee:
0.001586435108142705 ETH $4.30
Gas Used:
209,085 Gas / 7.587512773 Gwei

Emitted Events:

204 FiatTokenProxy.0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef( 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, 0x00000000000000000000000082c5c6d83041e34b186582bf10128d66ba93003f, 0x00000000000000000000000074de5d4fcbf63e00296fd95d33236b9794016631, 000000000000000000000000000000000000000000000000000000001e7b0f1a )
205 FiatTokenProxy.0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef( 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, 0x00000000000000000000000074de5d4fcbf63e00296fd95d33236b9794016631, 0x00000000000000000000000051c72848c68a965f66fa7a88855f9f7784502a7f, 000000000000000000000000000000000000000000000000000000001e36c840 )
206 TetherToken.Transfer( from=0x51C72848c68a965f66FA7a88855F9f7784502a7F, to=Spender, value=506798617 )
207 TetherToken.Transfer( from=0x51C72848c68a965f66FA7a88855F9f7784502a7F, to=SplitWallet, value=253399 )
208 SwapERC20.SwapERC20( nonce=1721748611322, signerWallet=0x51C72848c68a965f66FA7a88855F9f7784502a7F, signerToken=TetherToken, signerAmount=506798617, protocolFee=5, senderWallet=Spender, senderToken=FiatTokenProxy, senderAmount=506906688 )
209 FiatTokenProxy.0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef( 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, 0x00000000000000000000000074de5d4fcbf63e00296fd95d33236b9794016631, 0x0000000000000000000000002acf35c9a3f4c5c3f4c78ef5fb64c3ee82f07c45, 00000000000000000000000000000000000000000000000000000000004446da )
210 TetherToken.Transfer( from=Spender, to=[Sender] 0x82c5c6d83041e34b186582bf10128d66ba93003f, value=506798617 )
211 MetaSwap.Swap( 0xbeee1e6e7fe307ddcf84b0a16137a4430ad5e2480fc4f4a8e250ab56ccd7630d, 0x015123c6e2552626efe611b6c48de60d080a6650860a38f237bc2b6f651f79d1, 0x00000000000000000000000082c5c6d83041e34b186582bf10128d66ba93003f )

Account State Difference:

  Address   Before After State Difference Code
(Titan Builder)
8.038930569638168242 Eth8.039348739638168242 Eth0.00041817
0x82c5C6D8...6ba93003F
0.004830840051775094 Eth
Nonce: 137
0.003244404943632389 Eth
Nonce: 138
0.001586435108142705
0xA0b86991...E3606eB48
0xd82FA167...bB4b3a0F8
(AirSwap: V4 DEX SwapERC20)
0xdAC17F95...13D831ec7

Execution Trace

MetaSwap.swap( aggregatorId=airswapLight4FeeDynamicFixed, tokenFrom=0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48, amount=511381274, data=0x00000000000000000000000000000000000000000000000000000190E036E0FA0000000000000000000000000000000000000000000000000000000066D723AC00000000000000000000000051C72848C68A965F66FA7A88855F9F7784502A7F000000000000000000000000DAC17F958D2EE523A2206206994597C13D831EC7000000000000000000000000000000000000000000000000000000001E352219000000000000000000000000A0B86991C6218B36C1D19D4A2E9EB0CE3606EB48000000000000000000000000000000000000000000000000000000001E36C840000000000000000000000000000000000000000000000000000000000000001C3F2D258A274C530F2CB334085E5B11CEE01F7B9A8FA6894C08CCE5AA33826BAA75470BFE2A76E207EC96179DF6EF9D015550FF12B192D99CA9BBC6BC7810D38200000000000000000000000000000000000000000000000000000000004446DA0000000000000000000000002ACF35C9A3F4C5C3F4C78EF5FB64C3EE82F07C450000000000000000000000000000000000000000000000000000000000000000 )
  • FiatTokenProxy.23b872dd( )
    • FiatTokenV2_2.transferFrom( from=0x82c5C6D83041e34B186582bF10128D66ba93003F, to=0x74de5d4FCbf63E00296fd95d33236B9794016631, value=511381274 ) => ( True )
    • Spender.swap( adapter=0xBBB0c50473990162A4A02B6A4Cce16fB0a6C38d1, data=0x4495C08800000000000000000000000082C5C6D83041E34B186582BF10128D66BA93003F00000000000000000000000000000000000000000000000000000190E036E0FA0000000000000000000000000000000000000000000000000000000066D723AC00000000000000000000000051C72848C68A965F66FA7A88855F9F7784502A7F000000000000000000000000DAC17F958D2EE523A2206206994597C13D831EC7000000000000000000000000000000000000000000000000000000001E352219000000000000000000000000A0B86991C6218B36C1D19D4A2E9EB0CE3606EB48000000000000000000000000000000000000000000000000000000001E36C840000000000000000000000000000000000000000000000000000000000000001C3F2D258A274C530F2CB334085E5B11CEE01F7B9A8FA6894C08CCE5AA33826BAA75470BFE2A76E207EC96179DF6EF9D015550FF12B192D99CA9BBC6BC7810D38200000000000000000000000000000000000000000000000000000000004446DA0000000000000000000000002ACF35C9A3F4C5C3F4C78EF5FB64C3EE82F07C450000000000000000000000000000000000000000000000000000000000000000 )
      • 0xbbb0c50473990162a4a02b6a4cce16fb0a6c38d1.4495c088( )
        • FiatTokenProxy.dd62ed3e( )
          • FiatTokenV2_2.allowance( owner=0x74de5d4FCbf63E00296fd95d33236B9794016631, spender=0xd82FA167727a4dc6D6F55830A2c47aBbB4b3a0F8 ) => ( 115792089237316195423570985008687907853269984665640564039457583898236147465273 )
          • SwapERC20.swapLight( nonce=1721748611322, expiry=1725375404, signerWallet=0x51C72848c68a965f66FA7a88855F9f7784502a7F, signerToken=0xdAC17F958D2ee523a2206206994597C13D831ec7, signerAmount=506798617, senderToken=0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48, senderAmount=506906688, v=28, r=3F2D258A274C530F2CB334085E5B11CEE01F7B9A8FA6894C08CCE5AA33826BAA, s=75470BFE2A76E207EC96179DF6EF9D015550FF12B192D99CA9BBC6BC7810D382 )
            • Null: 0x000...001.1f75af97( )
            • FiatTokenProxy.23b872dd( )
              • FiatTokenV2_2.transferFrom( from=0x74de5d4FCbf63E00296fd95d33236B9794016631, to=0x51C72848c68a965f66FA7a88855F9f7784502a7F, value=506906688 ) => ( True )
              • TetherToken.transferFrom( _from=0x51C72848c68a965f66FA7a88855F9f7784502a7F, _to=0x74de5d4FCbf63E00296fd95d33236B9794016631, _value=506798617 )
              • TetherToken.transferFrom( _from=0x51C72848c68a965f66FA7a88855F9f7784502a7F, _to=0xaD30f7EEBD9Bd5150a256F47DA41d4403033CdF0, _value=253399 )
              • FiatTokenProxy.a9059cbb( )
                • FiatTokenV2_2.transfer( to=0x2aCf35C9A3F4c5C3F4c78EF5Fb64c3EE82f07c45, value=4474586 ) => ( True )
                • FiatTokenProxy.70a08231( )
                  • FiatTokenV2_2.balanceOf( account=0x74de5d4FCbf63E00296fd95d33236B9794016631 ) => ( 0 )
                  • TetherToken.balanceOf( who=0x74de5d4FCbf63E00296fd95d33236B9794016631 ) => ( 506798617 )
                  • TetherToken.transfer( _to=0x82c5C6D83041e34B186582bF10128D66ba93003F, _value=506798617 )
                    File 1 of 7: MetaSwap
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "../Constants.sol";
                    contract CommonAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        /**
                         * @dev Performs a swap
                         * @param recipient The original msg.sender performing the swap
                         * @param aggregator Address of the aggregator's contract
                         * @param spender Address to which tokens will be approved
                         * @param method Selector of the function to be called in the aggregator's contract
                         * @param tokenFrom Token to be swapped
                         * @param tokenTo Token to be received
                         * @param amountFrom Amount of tokenFrom to swap
                         * @param amountTo Minimum amount of tokenTo to receive
                         * @param data Data used for the call made to the aggregator's contract
                         */
                        function swap(
                            address payable recipient,
                            address aggregator,
                            address spender,
                            bytes4 method,
                            IERC20 tokenFrom,
                            IERC20 tokenTo,
                            uint256 amountFrom,
                            uint256 amountTo,
                            bytes calldata data
                        ) external payable {
                            require(tokenFrom != tokenTo, "TOKEN_PAIR_INVALID");
                            if (address(tokenFrom) != Constants.ETH) {
                                _approveSpender(tokenFrom, spender, amountFrom);
                            }
                            // We always forward msg.value as it may be necessary to pay fees
                            bytes memory encodedData = abi.encodePacked(method, data);
                            aggregator.functionCallWithValue(encodedData, msg.value);
                            // Transfer remaining balance of tokenFrom to sender
                            if (address(tokenFrom) != Constants.ETH) {
                                uint256 balance = tokenFrom.balanceOf(address(this));
                                _transfer(tokenFrom, balance, recipient);
                            }
                            uint256 weiBalance = address(this).balance;
                            // Transfer remaining balance of tokenTo to sender
                            if (address(tokenTo) != Constants.ETH) {
                                uint256 balance = tokenTo.balanceOf(address(this));
                                require(balance >= amountTo, "INSUFFICIENT_AMOUNT");
                                _transfer(tokenTo, balance, recipient);
                            } else {
                                // If tokenTo == ETH, then check that the remaining ETH balance >= amountTo
                                require(weiBalance >= amountTo, "INSUFFICIENT_AMOUNT");
                            }
                            // If there are unused fees or if tokenTo is ETH, transfer to sender
                            if (weiBalance > 0) {
                                recipient.sendValue(weiBalance);
                            }
                        }
                        /**
                         * @dev Transfers token to sender if amount > 0
                         * @param token IERC20 token to transfer to sender
                         * @param amount Amount of token to transfer
                         * @param recipient Address that will receive the tokens
                         */
                        function _transfer(
                            IERC20 token,
                            uint256 amount,
                            address recipient
                        ) internal {
                            if (amount > 0) {
                                token.safeTransfer(recipient, amount);
                            }
                        }
                        // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/SafeERC20.sol
                        /**
                         * @dev Approves max amount of token to the spender if the allowance is lower than amount
                         * @param token The ERC20 token to approve
                         * @param spender Address to which funds will be approved
                         * @param amount Amount used to compare current allowance
                         */
                        function _approveSpender(
                            IERC20 token,
                            address spender,
                            uint256 amount
                        ) internal {
                            // If allowance is not enough, approve max possible amount
                            uint256 allowance = token.allowance(address(this), spender);
                            if (allowance < amount) {
                                bytes memory returndata = address(token).functionCall(
                                    abi.encodeWithSelector(
                                        token.approve.selector,
                                        spender,
                                        type(uint256).max
                                    )
                                );
                                if (returndata.length > 0) {
                                    // Return data is optional
                                    require(abi.decode(returndata, (bool)), "APPROVAL_FAILED");
                                }
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    /**
                     * @dev Interface of the ERC20 standard as defined in the EIP.
                     */
                    interface IERC20 {
                        /**
                         * @dev Returns the amount of tokens in existence.
                         */
                        function totalSupply() external view returns (uint256);
                        /**
                         * @dev Returns the amount of tokens owned by `account`.
                         */
                        function balanceOf(address account) external view returns (uint256);
                        /**
                         * @dev Moves `amount` tokens from the caller's account to `recipient`.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transfer(address recipient, uint256 amount) external returns (bool);
                        /**
                         * @dev Returns the remaining number of tokens that `spender` will be
                         * allowed to spend on behalf of `owner` through {transferFrom}. This is
                         * zero by default.
                         *
                         * This value changes when {approve} or {transferFrom} are called.
                         */
                        function allowance(address owner, address spender) external view returns (uint256);
                        /**
                         * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * IMPORTANT: Beware that changing an allowance with this method brings the risk
                         * that someone may use both the old and the new allowance by unfortunate
                         * transaction ordering. One possible solution to mitigate this race
                         * condition is to first reduce the spender's allowance to 0 and set the
                         * desired value afterwards:
                         * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
                         *
                         * Emits an {Approval} event.
                         */
                        function approve(address spender, uint256 amount) external returns (bool);
                        /**
                         * @dev Moves `amount` tokens from `sender` to `recipient` using the
                         * allowance mechanism. `amount` is then deducted from the caller's
                         * allowance.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
                        /**
                         * @dev Emitted when `value` tokens are moved from one account (`from`) to
                         * another (`to`).
                         *
                         * Note that `value` may be zero.
                         */
                        event Transfer(address indexed from, address indexed to, uint256 value);
                        /**
                         * @dev Emitted when the allowance of a `spender` for an `owner` is set by
                         * a call to {approve}. `value` is the new allowance.
                         */
                        event Approval(address indexed owner, address indexed spender, uint256 value);
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "./IERC20.sol";
                    import "../../math/SafeMath.sol";
                    import "../../utils/Address.sol";
                    /**
                     * @title SafeERC20
                     * @dev Wrappers around ERC20 operations that throw on failure (when the token
                     * contract returns false). Tokens that return no value (and instead revert or
                     * throw on failure) are also supported, non-reverting calls are assumed to be
                     * successful.
                     * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
                     * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
                     */
                    library SafeERC20 {
                        using SafeMath for uint256;
                        using Address for address;
                        function safeTransfer(IERC20 token, address to, uint256 value) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
                        }
                        function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
                        }
                        /**
                         * @dev Deprecated. This function has issues similar to the ones found in
                         * {IERC20-approve}, and its usage is discouraged.
                         *
                         * Whenever possible, use {safeIncreaseAllowance} and
                         * {safeDecreaseAllowance} instead.
                         */
                        function safeApprove(IERC20 token, address spender, uint256 value) internal {
                            // safeApprove should only be called when setting an initial allowance,
                            // or when resetting it to zero. To increase and decrease it, use
                            // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
                            // solhint-disable-next-line max-line-length
                            require((value == 0) || (token.allowance(address(this), spender) == 0),
                                "SafeERC20: approve from non-zero to non-zero allowance"
                            );
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
                        }
                        function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
                            uint256 newAllowance = token.allowance(address(this), spender).add(value);
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                        }
                        function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
                            uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                        }
                        /**
                         * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
                         * on the return value: the return value is optional (but if data is returned, it must not be false).
                         * @param token The token targeted by the call.
                         * @param data The call data (encoded using abi.encode or one of its variants).
                         */
                        function _callOptionalReturn(IERC20 token, bytes memory data) private {
                            // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
                            // we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
                            // the target address contains contract code and also asserts for success in the low-level call.
                            bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
                            if (returndata.length > 0) { // Return data is optional
                                // solhint-disable-next-line max-line-length
                                require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    /**
                     * @dev Wrappers over Solidity's arithmetic operations with added overflow
                     * checks.
                     *
                     * Arithmetic operations in Solidity wrap on overflow. This can easily result
                     * in bugs, because programmers usually assume that an overflow raises an
                     * error, which is the standard behavior in high level programming languages.
                     * `SafeMath` restores this intuition by reverting the transaction when an
                     * operation overflows.
                     *
                     * Using this library instead of the unchecked operations eliminates an entire
                     * class of bugs, so it's recommended to use it always.
                     */
                    library SafeMath {
                        /**
                         * @dev Returns the addition of two unsigned integers, reverting on
                         * overflow.
                         *
                         * Counterpart to Solidity's `+` operator.
                         *
                         * Requirements:
                         *
                         * - Addition cannot overflow.
                         */
                        function add(uint256 a, uint256 b) internal pure returns (uint256) {
                            uint256 c = a + b;
                            require(c >= a, "SafeMath: addition overflow");
                            return c;
                        }
                        /**
                         * @dev Returns the subtraction of two unsigned integers, reverting on
                         * overflow (when the result is negative).
                         *
                         * Counterpart to Solidity's `-` operator.
                         *
                         * Requirements:
                         *
                         * - Subtraction cannot overflow.
                         */
                        function sub(uint256 a, uint256 b) internal pure returns (uint256) {
                            return sub(a, b, "SafeMath: subtraction overflow");
                        }
                        /**
                         * @dev Returns the subtraction of two unsigned integers, reverting with custom message on
                         * overflow (when the result is negative).
                         *
                         * Counterpart to Solidity's `-` operator.
                         *
                         * Requirements:
                         *
                         * - Subtraction cannot overflow.
                         */
                        function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b <= a, errorMessage);
                            uint256 c = a - b;
                            return c;
                        }
                        /**
                         * @dev Returns the multiplication of two unsigned integers, reverting on
                         * overflow.
                         *
                         * Counterpart to Solidity's `*` operator.
                         *
                         * Requirements:
                         *
                         * - Multiplication cannot overflow.
                         */
                        function mul(uint256 a, uint256 b) internal pure returns (uint256) {
                            // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
                            // benefit is lost if 'b' is also tested.
                            // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
                            if (a == 0) {
                                return 0;
                            }
                            uint256 c = a * b;
                            require(c / a == b, "SafeMath: multiplication overflow");
                            return c;
                        }
                        /**
                         * @dev Returns the integer division of two unsigned integers. Reverts on
                         * division by zero. The result is rounded towards zero.
                         *
                         * Counterpart to Solidity's `/` operator. Note: this function uses a
                         * `revert` opcode (which leaves remaining gas untouched) while Solidity
                         * uses an invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function div(uint256 a, uint256 b) internal pure returns (uint256) {
                            return div(a, b, "SafeMath: division by zero");
                        }
                        /**
                         * @dev Returns the integer division of two unsigned integers. Reverts with custom message on
                         * division by zero. The result is rounded towards zero.
                         *
                         * Counterpart to Solidity's `/` operator. Note: this function uses a
                         * `revert` opcode (which leaves remaining gas untouched) while Solidity
                         * uses an invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b > 0, errorMessage);
                            uint256 c = a / b;
                            // assert(a == b * c + a % b); // There is no case in which this doesn't hold
                            return c;
                        }
                        /**
                         * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
                         * Reverts when dividing by zero.
                         *
                         * Counterpart to Solidity's `%` operator. This function uses a `revert`
                         * opcode (which leaves remaining gas untouched) while Solidity uses an
                         * invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function mod(uint256 a, uint256 b) internal pure returns (uint256) {
                            return mod(a, b, "SafeMath: modulo by zero");
                        }
                        /**
                         * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
                         * Reverts with custom message when dividing by zero.
                         *
                         * Counterpart to Solidity's `%` operator. This function uses a `revert`
                         * opcode (which leaves remaining gas untouched) while Solidity uses an
                         * invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b != 0, errorMessage);
                            return a % b;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.2;
                    /**
                     * @dev Collection of functions related to the address type
                     */
                    library Address {
                        /**
                         * @dev Returns true if `account` is a contract.
                         *
                         * [IMPORTANT]
                         * ====
                         * It is unsafe to assume that an address for which this function returns
                         * false is an externally-owned account (EOA) and not a contract.
                         *
                         * Among others, `isContract` will return false for the following
                         * types of addresses:
                         *
                         *  - an externally-owned account
                         *  - a contract in construction
                         *  - an address where a contract will be created
                         *  - an address where a contract lived, but was destroyed
                         * ====
                         */
                        function isContract(address account) internal view returns (bool) {
                            // This method relies in extcodesize, which returns 0 for contracts in
                            // construction, since the code is only stored at the end of the
                            // constructor execution.
                            uint256 size;
                            // solhint-disable-next-line no-inline-assembly
                            assembly { size := extcodesize(account) }
                            return size > 0;
                        }
                        /**
                         * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
                         * `recipient`, forwarding all available gas and reverting on errors.
                         *
                         * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
                         * of certain opcodes, possibly making contracts go over the 2300 gas limit
                         * imposed by `transfer`, making them unable to receive funds via
                         * `transfer`. {sendValue} removes this limitation.
                         *
                         * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
                         *
                         * IMPORTANT: because control is transferred to `recipient`, care must be
                         * taken to not create reentrancy vulnerabilities. Consider using
                         * {ReentrancyGuard} or the
                         * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
                         */
                        function sendValue(address payable recipient, uint256 amount) internal {
                            require(address(this).balance >= amount, "Address: insufficient balance");
                            // solhint-disable-next-line avoid-low-level-calls, avoid-call-value
                            (bool success, ) = recipient.call{ value: amount }("");
                            require(success, "Address: unable to send value, recipient may have reverted");
                        }
                        /**
                         * @dev Performs a Solidity function call using a low level `call`. A
                         * plain`call` is an unsafe replacement for a function call: use this
                         * function instead.
                         *
                         * If `target` reverts with a revert reason, it is bubbled up by this
                         * function (like regular Solidity function calls).
                         *
                         * Returns the raw returned data. To convert to the expected return value,
                         * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
                         *
                         * Requirements:
                         *
                         * - `target` must be a contract.
                         * - calling `target` with `data` must not revert.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(address target, bytes memory data) internal returns (bytes memory) {
                          return functionCall(target, data, "Address: low-level call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
                         * `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
                            return _functionCallWithValue(target, data, 0, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but also transferring `value` wei to `target`.
                         *
                         * Requirements:
                         *
                         * - the calling contract must have an ETH balance of at least `value`.
                         * - the called Solidity function must be `payable`.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
                         * with `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
                            require(address(this).balance >= value, "Address: insufficient balance for call");
                            return _functionCallWithValue(target, data, value, errorMessage);
                        }
                        function _functionCallWithValue(address target, bytes memory data, uint256 weiValue, string memory errorMessage) private returns (bytes memory) {
                            require(isContract(target), "Address: call to non-contract");
                            // solhint-disable-next-line avoid-low-level-calls
                            (bool success, bytes memory returndata) = target.call{ value: weiValue }(data);
                            if (success) {
                                return returndata;
                            } else {
                                // Look for revert reason and bubble it up if present
                                if (returndata.length > 0) {
                                    // The easiest way to bubble the revert reason is using memory via assembly
                                    // solhint-disable-next-line no-inline-assembly
                                    assembly {
                                        let returndata_size := mload(returndata)
                                        revert(add(32, returndata), returndata_size)
                                    }
                                } else {
                                    revert(errorMessage);
                                }
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    library Constants {
                        address internal constant ETH = 0x0000000000000000000000000000000000000000;
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/math/SafeMath.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "../Constants.sol";
                    contract FeeCommonAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        using SafeMath for uint256;
                        // solhint-disable-next-line var-name-mixedcase
                        address payable public immutable FEE_WALLET;
                        constructor(address payable feeWallet) public {
                            FEE_WALLET = feeWallet;
                        }
                        /**
                         * @dev Performs a swap
                         * @param recipient The original msg.sender performing the swap
                         * @param aggregator Address of the aggregator's contract
                         * @param spender Address to which tokens will be approved
                         * @param method Selector of the function to be called in the aggregator's contract
                         * @param tokenFrom Token to be swapped
                         * @param tokenTo Token to be received
                         * @param amountFrom Amount of tokenFrom to swap
                         * @param amountTo Minimum amount of tokenTo to receive
                         * @param data Data used for the call made to the aggregator's contract
                         * @param fee Amount of tokenFrom sent to the fee wallet
                         */
                        function swap(
                            address payable recipient,
                            address aggregator,
                            address spender,
                            bytes4 method,
                            IERC20 tokenFrom,
                            IERC20 tokenTo,
                            uint256 amountFrom,
                            uint256 amountTo,
                            bytes calldata data,
                            uint256 fee
                        ) external payable {
                            require(tokenFrom != tokenTo, "TOKEN_PAIR_INVALID");
                            if (address(tokenFrom) == Constants.ETH) {
                                FEE_WALLET.sendValue(fee);
                            } else {
                                _transfer(tokenFrom, fee, FEE_WALLET);
                                _approveSpender(tokenFrom, spender, amountFrom);
                            }
                            // We always forward msg.value as it may be necessary to pay fees
                            aggregator.functionCallWithValue(
                                abi.encodePacked(method, data),
                                address(this).balance
                            );
                            // Transfer remaining balance of tokenFrom to sender
                            if (address(tokenFrom) != Constants.ETH) {
                                _transfer(tokenFrom, tokenFrom.balanceOf(address(this)), recipient);
                            }
                            uint256 weiBalance = address(this).balance;
                            // Transfer remaining balance of tokenTo to sender
                            if (address(tokenTo) != Constants.ETH) {
                                uint256 balance = tokenTo.balanceOf(address(this));
                                require(balance >= amountTo, "INSUFFICIENT_AMOUNT");
                                _transfer(tokenTo, balance, recipient);
                            } else {
                                // If tokenTo == ETH, then check that the remaining ETH balance >= amountTo
                                require(weiBalance >= amountTo, "INSUFFICIENT_AMOUNT");
                            }
                            // If there are unused fees or if tokenTo is ETH, transfer to sender
                            if (weiBalance > 0) {
                                recipient.sendValue(weiBalance);
                            }
                        }
                        /**
                         * @dev Transfers token to sender if amount > 0
                         * @param token IERC20 token to transfer to sender
                         * @param amount Amount of token to transfer
                         * @param recipient Address that will receive the tokens
                         */
                        function _transfer(
                            IERC20 token,
                            uint256 amount,
                            address recipient
                        ) internal {
                            if (amount > 0) {
                                token.safeTransfer(recipient, amount);
                            }
                        }
                        // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/SafeERC20.sol
                        /**
                         * @dev Approves max amount of token to the spender if the allowance is lower than amount
                         * @param token The ERC20 token to approve
                         * @param spender Address to which funds will be approved
                         * @param amount Amount used to compare current allowance
                         */
                        function _approveSpender(
                            IERC20 token,
                            address spender,
                            uint256 amount
                        ) internal {
                            // If allowance is not enough, approve max possible amount
                            uint256 allowance = token.allowance(address(this), spender);
                            if (allowance < amount) {
                                bytes memory returndata = address(token).functionCall(
                                    abi.encodeWithSelector(
                                        token.approve.selector,
                                        spender,
                                        type(uint256).max
                                    )
                                );
                                if (returndata.length > 0) {
                                    // Return data is optional
                                    require(abi.decode(returndata, (bool)), "APPROVAL_FAILED");
                                }
                            }
                        }
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/math/SafeMath.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "../Constants.sol";
                    import "../IWETH.sol";
                    contract FeeWethAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        using SafeMath for uint256;
                        IWETH public immutable weth;
                        // solhint-disable-next-line var-name-mixedcase
                        address payable public immutable FEE_WALLET;
                        constructor(IWETH _weth, address payable feeWallet) public {
                            weth = _weth;
                            FEE_WALLET = feeWallet;
                        }
                        /**
                         * @dev Performs a swap
                         * @param recipient The original msg.sender performing the swap
                         * @param aggregator Address of the aggregator's contract
                         * @param spender Address to which tokens will be approved
                         * @param method Selector of the function to be called in the aggregator's contract
                         * @param tokenFrom Token to be swapped
                         * @param tokenTo Token to be received
                         * @param amountFrom Amount of tokenFrom to swap
                         * @param amountTo Minimum amount of tokenTo to receive
                         * @param data Data used for the call made to the aggregator's contract
                         * @param fee Amount of tokenFrom sent to the fee wallet
                         */
                        function swap(
                            address payable recipient,
                            address aggregator,
                            address spender,
                            bytes4 method,
                            IERC20 tokenFrom,
                            IERC20 tokenTo,
                            uint256 amountFrom,
                            uint256 amountTo,
                            bytes calldata data,
                            uint256 fee
                        ) external payable {
                            require(tokenFrom != tokenTo, "TOKEN_PAIR_INVALID");
                            if (address(tokenFrom) == Constants.ETH) {
                                FEE_WALLET.sendValue(fee);
                                // If tokenFrom is ETH, msg.value = fee + amountFrom (total fee could be 0)
                                // Can't deal with ETH, convert to WETH, the remaining balance will be the fee
                                weth.deposit{value: amountFrom}();
                                _approveSpender(weth, spender, amountFrom);
                            } else {
                                _transfer(tokenFrom, fee, FEE_WALLET);
                                // Otherwise capture tokens from sender
                                _approveSpender(tokenFrom, spender, amountFrom);
                            }
                            // Perform the swap
                            aggregator.functionCallWithValue(
                                abi.encodePacked(method, data),
                                address(this).balance
                            );
                            // Transfer remaining balance of tokenFrom to sender
                            if (address(tokenFrom) != Constants.ETH) {
                                _transfer(tokenFrom, tokenFrom.balanceOf(address(this)), recipient);
                            } else {
                                // If using ETH, just unwrap any remaining WETH
                                // At the end of this function all ETH will be transferred to the sender
                                _unwrapWETH();
                            }
                            uint256 weiBalance = address(this).balance;
                            // Transfer remaining balance of tokenTo to sender
                            if (address(tokenTo) != Constants.ETH) {
                                uint256 balance = tokenTo.balanceOf(address(this));
                                require(balance >= amountTo, "INSUFFICIENT_AMOUNT");
                                _transfer(tokenTo, balance, recipient);
                            } else {
                                // If tokenTo == ETH, unwrap received WETH and add it to the wei balance,
                                // then check that the remaining ETH balance >= amountTo
                                // It is safe to not use safeMath as no one can have enough Ether to overflow
                                weiBalance += _unwrapWETH();
                                require(weiBalance >= amountTo, "INSUFFICIENT_AMOUNT");
                            }
                            // If there are unused fees or if tokenTo is ETH, transfer to sender
                            if (weiBalance > 0) {
                                recipient.sendValue(weiBalance);
                            }
                        }
                        /**
                         * @dev Unwraps all available WETH into ETH
                         */
                        function _unwrapWETH() internal returns (uint256) {
                            uint256 balance = weth.balanceOf(address(this));
                            weth.withdraw(balance);
                            return balance;
                        }
                        /**
                         * @dev Transfers token to sender if amount > 0
                         * @param token IERC20 token to transfer to sender
                         * @param amount Amount of token to transfer
                         * @param recipient Address that will receive the tokens
                         */
                        function _transfer(
                            IERC20 token,
                            uint256 amount,
                            address recipient
                        ) internal {
                            if (amount > 0) {
                                token.safeTransfer(recipient, amount);
                            }
                        }
                        // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/SafeERC20.sol
                        /**
                         * @dev Approves max amount of token to the spender if the allowance is lower than amount
                         * @param token The ERC20 token to approve
                         * @param spender Address to which funds will be approved
                         * @param amount Amount used to compare current allowance
                         */
                        function _approveSpender(
                            IERC20 token,
                            address spender,
                            uint256 amount
                        ) internal {
                            // If allowance is not enough, approve max possible amount
                            uint256 allowance = token.allowance(address(this), spender);
                            if (allowance < amount) {
                                bytes memory returndata = address(token).functionCall(
                                    abi.encodeWithSelector(
                                        token.approve.selector,
                                        spender,
                                        type(uint256).max
                                    )
                                );
                                if (returndata.length > 0) {
                                    // Return data is optional
                                    require(abi.decode(returndata, (bool)), "APPROVAL_FAILED");
                                }
                            }
                        }
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    interface IWETH is IERC20 {
                        function deposit() external payable;
                        function withdraw(uint256) external;
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/math/SafeMath.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "@uniswap/v2-periphery/contracts/interfaces/IUniswapV2Router02.sol";
                    import "../Constants.sol";
                    contract UniswapAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        using SafeMath for uint256;
                        // solhint-disable-next-line var-name-mixedcase
                        IUniswapV2Router02 public immutable UNISWAP;
                        // solhint-disable-next-line var-name-mixedcase
                        address payable public immutable FEE_WALLET;
                        constructor(address payable feeWallet, IUniswapV2Router02 uniswap) public {
                            FEE_WALLET = feeWallet;
                            UNISWAP = uniswap;
                        }
                        /**
                         * @dev Performs a swap
                         * @param recipient The original msg.sender performing the swap
                         * @param tokenFrom Token to be swapped
                         * @param tokenTo Token to be received
                         * @param amountFrom Amount of tokenFrom to swap
                         * @param amountTo Minimum amount of tokenTo to receive
                         * @param path Used by Uniswap
                         * @param deadline Timestamp at which the swap becomes invalid. Used by Uniswap
                         * @param feeOnTransfer Use `supportingFeeOnTransfer` Uniswap methods
                         * @param fee Amount of tokenFrom sent to the fee wallet
                         */
                        function swap(
                            address payable recipient,
                            IERC20 tokenFrom,
                            IERC20 tokenTo,
                            uint256 amountFrom,
                            uint256 amountTo,
                            address[] calldata path,
                            uint256 deadline,
                            bool feeOnTransfer,
                            uint256 fee
                        ) external payable {
                            require(tokenFrom != tokenTo, "TOKEN_PAIR_INVALID");
                            if (address(tokenFrom) == Constants.ETH) {
                                FEE_WALLET.sendValue(fee);
                            } else {
                                _transfer(tokenFrom, fee, FEE_WALLET);
                            }
                            if (address(tokenFrom) == Constants.ETH) {
                                if (feeOnTransfer) {
                                    UNISWAP.swapExactETHForTokensSupportingFeeOnTransferTokens{
                                        value: address(this).balance
                                    }(amountTo, path, address(this), deadline);
                                } else {
                                    UNISWAP.swapExactETHForTokens{value: address(this).balance}(
                                        amountTo,
                                        path,
                                        address(this),
                                        deadline
                                    );
                                }
                            } else {
                                _approveSpender(tokenFrom, address(UNISWAP), amountFrom);
                                if (address(tokenTo) == Constants.ETH) {
                                    if (feeOnTransfer) {
                                        UNISWAP.swapExactTokensForETHSupportingFeeOnTransferTokens(
                                            amountFrom,
                                            amountTo,
                                            path,
                                            address(this),
                                            deadline
                                        );
                                    } else {
                                        UNISWAP.swapExactTokensForETH(
                                            amountFrom,
                                            amountTo,
                                            path,
                                            address(this),
                                            deadline
                                        );
                                    }
                                } else {
                                    if (feeOnTransfer) {
                                        UNISWAP
                                            .swapExactTokensForTokensSupportingFeeOnTransferTokens(
                                            amountFrom,
                                            amountTo,
                                            path,
                                            address(this),
                                            deadline
                                        );
                                    } else {
                                        UNISWAP.swapExactTokensForTokens(
                                            amountFrom,
                                            amountTo,
                                            path,
                                            address(this),
                                            deadline
                                        );
                                    }
                                }
                            }
                            // Transfer remaining balance of tokenFrom to sender
                            if (address(tokenFrom) != Constants.ETH) {
                                _transfer(tokenFrom, tokenFrom.balanceOf(address(this)), recipient);
                            }
                            uint256 weiBalance = address(this).balance;
                            // Transfer remaining balance of tokenTo to sender
                            if (address(tokenTo) != Constants.ETH) {
                                uint256 balance = tokenTo.balanceOf(address(this));
                                require(balance >= amountTo, "INSUFFICIENT_AMOUNT");
                                _transfer(tokenTo, balance, recipient);
                            } else {
                                // If tokenTo == ETH, then check that the remaining ETH balance >= amountTo
                                require(weiBalance >= amountTo, "INSUFFICIENT_AMOUNT");
                            }
                            // If there are unused fees or if tokenTo is ETH, transfer to sender
                            if (weiBalance > 0) {
                                recipient.sendValue(weiBalance);
                            }
                        }
                        /**
                         * @dev Transfers token to sender if amount > 0
                         * @param token IERC20 token to transfer to sender
                         * @param amount Amount of token to transfer
                         * @param recipient Address that will receive the tokens
                         */
                        function _transfer(
                            IERC20 token,
                            uint256 amount,
                            address recipient
                        ) internal {
                            if (amount > 0) {
                                token.safeTransfer(recipient, amount);
                            }
                        }
                        // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/SafeERC20.sol
                        /**
                         * @dev Approves max amount of token to the spender if the allowance is lower than amount
                         * @param token The ERC20 token to approve
                         * @param spender Address to which funds will be approved
                         * @param amount Amount used to compare current allowance
                         */
                        function _approveSpender(
                            IERC20 token,
                            address spender,
                            uint256 amount
                        ) internal {
                            // If allowance is not enough, approve max possible amount
                            uint256 allowance = token.allowance(address(this), spender);
                            if (allowance < amount) {
                                bytes memory returndata = address(token).functionCall(
                                    abi.encodeWithSelector(
                                        token.approve.selector,
                                        spender,
                                        type(uint256).max
                                    )
                                );
                                if (returndata.length > 0) {
                                    // Return data is optional
                                    require(abi.decode(returndata, (bool)), "APPROVAL_FAILED");
                                }
                            }
                        }
                    }
                    pragma solidity >=0.6.2;
                    import './IUniswapV2Router01.sol';
                    interface IUniswapV2Router02 is IUniswapV2Router01 {
                        function removeLiquidityETHSupportingFeeOnTransferTokens(
                            address token,
                            uint liquidity,
                            uint amountTokenMin,
                            uint amountETHMin,
                            address to,
                            uint deadline
                        ) external returns (uint amountETH);
                        function removeLiquidityETHWithPermitSupportingFeeOnTransferTokens(
                            address token,
                            uint liquidity,
                            uint amountTokenMin,
                            uint amountETHMin,
                            address to,
                            uint deadline,
                            bool approveMax, uint8 v, bytes32 r, bytes32 s
                        ) external returns (uint amountETH);
                        function swapExactTokensForTokensSupportingFeeOnTransferTokens(
                            uint amountIn,
                            uint amountOutMin,
                            address[] calldata path,
                            address to,
                            uint deadline
                        ) external;
                        function swapExactETHForTokensSupportingFeeOnTransferTokens(
                            uint amountOutMin,
                            address[] calldata path,
                            address to,
                            uint deadline
                        ) external payable;
                        function swapExactTokensForETHSupportingFeeOnTransferTokens(
                            uint amountIn,
                            uint amountOutMin,
                            address[] calldata path,
                            address to,
                            uint deadline
                        ) external;
                    }
                    pragma solidity >=0.6.2;
                    interface IUniswapV2Router01 {
                        function factory() external pure returns (address);
                        function WETH() external pure returns (address);
                        function addLiquidity(
                            address tokenA,
                            address tokenB,
                            uint amountADesired,
                            uint amountBDesired,
                            uint amountAMin,
                            uint amountBMin,
                            address to,
                            uint deadline
                        ) external returns (uint amountA, uint amountB, uint liquidity);
                        function addLiquidityETH(
                            address token,
                            uint amountTokenDesired,
                            uint amountTokenMin,
                            uint amountETHMin,
                            address to,
                            uint deadline
                        ) external payable returns (uint amountToken, uint amountETH, uint liquidity);
                        function removeLiquidity(
                            address tokenA,
                            address tokenB,
                            uint liquidity,
                            uint amountAMin,
                            uint amountBMin,
                            address to,
                            uint deadline
                        ) external returns (uint amountA, uint amountB);
                        function removeLiquidityETH(
                            address token,
                            uint liquidity,
                            uint amountTokenMin,
                            uint amountETHMin,
                            address to,
                            uint deadline
                        ) external returns (uint amountToken, uint amountETH);
                        function removeLiquidityWithPermit(
                            address tokenA,
                            address tokenB,
                            uint liquidity,
                            uint amountAMin,
                            uint amountBMin,
                            address to,
                            uint deadline,
                            bool approveMax, uint8 v, bytes32 r, bytes32 s
                        ) external returns (uint amountA, uint amountB);
                        function removeLiquidityETHWithPermit(
                            address token,
                            uint liquidity,
                            uint amountTokenMin,
                            uint amountETHMin,
                            address to,
                            uint deadline,
                            bool approveMax, uint8 v, bytes32 r, bytes32 s
                        ) external returns (uint amountToken, uint amountETH);
                        function swapExactTokensForTokens(
                            uint amountIn,
                            uint amountOutMin,
                            address[] calldata path,
                            address to,
                            uint deadline
                        ) external returns (uint[] memory amounts);
                        function swapTokensForExactTokens(
                            uint amountOut,
                            uint amountInMax,
                            address[] calldata path,
                            address to,
                            uint deadline
                        ) external returns (uint[] memory amounts);
                        function swapExactETHForTokens(uint amountOutMin, address[] calldata path, address to, uint deadline)
                            external
                            payable
                            returns (uint[] memory amounts);
                        function swapTokensForExactETH(uint amountOut, uint amountInMax, address[] calldata path, address to, uint deadline)
                            external
                            returns (uint[] memory amounts);
                        function swapExactTokensForETH(uint amountIn, uint amountOutMin, address[] calldata path, address to, uint deadline)
                            external
                            returns (uint[] memory amounts);
                        function swapETHForExactTokens(uint amountOut, address[] calldata path, address to, uint deadline)
                            external
                            payable
                            returns (uint[] memory amounts);
                        function quote(uint amountA, uint reserveA, uint reserveB) external pure returns (uint amountB);
                        function getAmountOut(uint amountIn, uint reserveIn, uint reserveOut) external pure returns (uint amountOut);
                        function getAmountIn(uint amountOut, uint reserveIn, uint reserveOut) external pure returns (uint amountIn);
                        function getAmountsOut(uint amountIn, address[] calldata path) external view returns (uint[] memory amounts);
                        function getAmountsIn(uint amountOut, address[] calldata path) external view returns (uint[] memory amounts);
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "../Constants.sol";
                    import "../IWETH.sol";
                    contract WethAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        IWETH public immutable weth;
                        constructor(IWETH _weth) public {
                            weth = _weth;
                        }
                        /**
                         * @dev Performs a swap
                         * @param recipient The original msg.sender performing the swap
                         * @param aggregator Address of the aggregator's contract
                         * @param spender Address to which tokens will be approved
                         * @param method Selector of the function to be called in the aggregator's contract
                         * @param tokenFrom Token to be swapped
                         * @param tokenTo Token to be received
                         * @param amountFrom Amount of tokenFrom to swap
                         * @param amountTo Minimum amount of tokenTo to receive
                         * @param data Data used for the call made to the aggregator's contract
                         */
                        function swap(
                            address payable recipient,
                            address aggregator,
                            address spender,
                            bytes4 method,
                            IERC20 tokenFrom,
                            IERC20 tokenTo,
                            uint256 amountFrom,
                            uint256 amountTo,
                            bytes calldata data
                        ) external payable {
                            require(tokenFrom != tokenTo, "TOKEN_PAIR_INVALID");
                            if (address(tokenFrom) == Constants.ETH) {
                                // If tokenFrom is ETH, msg.value = fee + amountFrom (total fee could be 0)
                                // Can't deal with ETH, convert to WETH, the remaining balance will be the fee
                                weth.deposit{value: amountFrom}();
                                _approveSpender(weth, spender, amountFrom);
                            } else {
                                // Otherwise capture tokens from sender
                                _approveSpender(tokenFrom, spender, amountFrom);
                            }
                            // Perform the swap
                            aggregator.functionCallWithValue(
                                abi.encodePacked(method, data),
                                address(this).balance
                            );
                            // Transfer remaining balance of tokenFrom to sender
                            if (address(tokenFrom) != Constants.ETH) {
                                _transfer(tokenFrom, tokenFrom.balanceOf(address(this)), recipient);
                            } else {
                                // If using ETH, just unwrap any remaining WETH
                                // At the end of this function all ETH will be transferred to the sender
                                _unwrapWETH();
                            }
                            uint256 weiBalance = address(this).balance;
                            // Transfer remaining balance of tokenTo to sender
                            if (address(tokenTo) != Constants.ETH) {
                                uint256 balance = tokenTo.balanceOf(address(this));
                                require(balance >= amountTo, "INSUFFICIENT_AMOUNT");
                                _transfer(tokenTo, balance, recipient);
                            } else {
                                // If tokenTo == ETH, unwrap received WETH and add it to the wei balance,
                                // then check that the remaining ETH balance >= amountTo
                                // It is safe to not use safeMath as no one can have enough Ether to overflow
                                weiBalance += _unwrapWETH();
                                require(weiBalance >= amountTo, "INSUFFICIENT_AMOUNT");
                            }
                            // If there are unused fees or if tokenTo is ETH, transfer to sender
                            if (weiBalance > 0) {
                                recipient.sendValue(weiBalance);
                            }
                        }
                        /**
                         * @dev Unwraps all available WETH into ETH
                         */
                        function _unwrapWETH() internal returns (uint256) {
                            uint256 balance = weth.balanceOf(address(this));
                            weth.withdraw(balance);
                            return balance;
                        }
                        /**
                         * @dev Transfers token to sender if amount > 0
                         * @param token IERC20 token to transfer to sender
                         * @param amount Amount of token to transfer
                         * @param recipient Address that will receive the tokens
                         */
                        function _transfer(
                            IERC20 token,
                            uint256 amount,
                            address recipient
                        ) internal {
                            if (amount > 0) {
                                token.safeTransfer(recipient, amount);
                            }
                        }
                        // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/SafeERC20.sol
                        /**
                         * @dev Approves max amount of token to the spender if the allowance is lower than amount
                         * @param token The ERC20 token to approve
                         * @param spender Address to which funds will be approved
                         * @param amount Amount used to compare current allowance
                         */
                        function _approveSpender(
                            IERC20 token,
                            address spender,
                            uint256 amount
                        ) internal {
                            // If allowance is not enough, approve max possible amount
                            uint256 allowance = token.allowance(address(this), spender);
                            if (allowance < amount) {
                                bytes memory returndata = address(token).functionCall(
                                    abi.encodeWithSelector(
                                        token.approve.selector,
                                        spender,
                                        type(uint256).max
                                    )
                                );
                                if (returndata.length > 0) {
                                    // Return data is optional
                                    require(abi.decode(returndata, (bool)), "APPROVAL_FAILED");
                                }
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    interface ICHI is IERC20 {
                        function freeUpTo(uint256 value) external returns (uint256);
                        function freeFromUpTo(
                            address from,
                            uint256 value
                        ) external returns (uint256);
                        function mint(uint256 value) external;
                    }
                      
                    // SPDX-License-Identifier: UNLICENSED
                    pragma solidity ^0.6.0;
                    // We import the contract so truffle compiles it, and we have the ABI
                    // available when working from truffle console.
                    import "@openzeppelin/contracts/token/ERC20/ERC20.sol"; //helpers// SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "../../GSN/Context.sol";
                    import "./IERC20.sol";
                    import "../../math/SafeMath.sol";
                    import "../../utils/Address.sol";
                    /**
                     * @dev Implementation of the {IERC20} interface.
                     *
                     * This implementation is agnostic to the way tokens are created. This means
                     * that a supply mechanism has to be added in a derived contract using {_mint}.
                     * For a generic mechanism see {ERC20PresetMinterPauser}.
                     *
                     * TIP: For a detailed writeup see our guide
                     * https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
                     * to implement supply mechanisms].
                     *
                     * We have followed general OpenZeppelin guidelines: functions revert instead
                     * of returning `false` on failure. This behavior is nonetheless conventional
                     * and does not conflict with the expectations of ERC20 applications.
                     *
                     * Additionally, an {Approval} event is emitted on calls to {transferFrom}.
                     * This allows applications to reconstruct the allowance for all accounts just
                     * by listening to said events. Other implementations of the EIP may not emit
                     * these events, as it isn't required by the specification.
                     *
                     * Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
                     * functions have been added to mitigate the well-known issues around setting
                     * allowances. See {IERC20-approve}.
                     */
                    contract ERC20 is Context, IERC20 {
                        using SafeMath for uint256;
                        using Address for address;
                        mapping (address => uint256) private _balances;
                        mapping (address => mapping (address => uint256)) private _allowances;
                        uint256 private _totalSupply;
                        string private _name;
                        string private _symbol;
                        uint8 private _decimals;
                        /**
                         * @dev Sets the values for {name} and {symbol}, initializes {decimals} with
                         * a default value of 18.
                         *
                         * To select a different value for {decimals}, use {_setupDecimals}.
                         *
                         * All three of these values are immutable: they can only be set once during
                         * construction.
                         */
                        constructor (string memory name, string memory symbol) public {
                            _name = name;
                            _symbol = symbol;
                            _decimals = 18;
                        }
                        /**
                         * @dev Returns the name of the token.
                         */
                        function name() public view returns (string memory) {
                            return _name;
                        }
                        /**
                         * @dev Returns the symbol of the token, usually a shorter version of the
                         * name.
                         */
                        function symbol() public view returns (string memory) {
                            return _symbol;
                        }
                        /**
                         * @dev Returns the number of decimals used to get its user representation.
                         * For example, if `decimals` equals `2`, a balance of `505` tokens should
                         * be displayed to a user as `5,05` (`505 / 10 ** 2`).
                         *
                         * Tokens usually opt for a value of 18, imitating the relationship between
                         * Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is
                         * called.
                         *
                         * NOTE: This information is only used for _display_ purposes: it in
                         * no way affects any of the arithmetic of the contract, including
                         * {IERC20-balanceOf} and {IERC20-transfer}.
                         */
                        function decimals() public view returns (uint8) {
                            return _decimals;
                        }
                        /**
                         * @dev See {IERC20-totalSupply}.
                         */
                        function totalSupply() public view override returns (uint256) {
                            return _totalSupply;
                        }
                        /**
                         * @dev See {IERC20-balanceOf}.
                         */
                        function balanceOf(address account) public view override returns (uint256) {
                            return _balances[account];
                        }
                        /**
                         * @dev See {IERC20-transfer}.
                         *
                         * Requirements:
                         *
                         * - `recipient` cannot be the zero address.
                         * - the caller must have a balance of at least `amount`.
                         */
                        function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
                            _transfer(_msgSender(), recipient, amount);
                            return true;
                        }
                        /**
                         * @dev See {IERC20-allowance}.
                         */
                        function allowance(address owner, address spender) public view virtual override returns (uint256) {
                            return _allowances[owner][spender];
                        }
                        /**
                         * @dev See {IERC20-approve}.
                         *
                         * Requirements:
                         *
                         * - `spender` cannot be the zero address.
                         */
                        function approve(address spender, uint256 amount) public virtual override returns (bool) {
                            _approve(_msgSender(), spender, amount);
                            return true;
                        }
                        /**
                         * @dev See {IERC20-transferFrom}.
                         *
                         * Emits an {Approval} event indicating the updated allowance. This is not
                         * required by the EIP. See the note at the beginning of {ERC20};
                         *
                         * Requirements:
                         * - `sender` and `recipient` cannot be the zero address.
                         * - `sender` must have a balance of at least `amount`.
                         * - the caller must have allowance for ``sender``'s tokens of at least
                         * `amount`.
                         */
                        function transferFrom(address sender, address recipient, uint256 amount) public virtual override returns (bool) {
                            _transfer(sender, recipient, amount);
                            _approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
                            return true;
                        }
                        /**
                         * @dev Atomically increases the allowance granted to `spender` by the caller.
                         *
                         * This is an alternative to {approve} that can be used as a mitigation for
                         * problems described in {IERC20-approve}.
                         *
                         * Emits an {Approval} event indicating the updated allowance.
                         *
                         * Requirements:
                         *
                         * - `spender` cannot be the zero address.
                         */
                        function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
                            _approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
                            return true;
                        }
                        /**
                         * @dev Atomically decreases the allowance granted to `spender` by the caller.
                         *
                         * This is an alternative to {approve} that can be used as a mitigation for
                         * problems described in {IERC20-approve}.
                         *
                         * Emits an {Approval} event indicating the updated allowance.
                         *
                         * Requirements:
                         *
                         * - `spender` cannot be the zero address.
                         * - `spender` must have allowance for the caller of at least
                         * `subtractedValue`.
                         */
                        function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
                            _approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
                            return true;
                        }
                        /**
                         * @dev Moves tokens `amount` from `sender` to `recipient`.
                         *
                         * This is internal function is equivalent to {transfer}, and can be used to
                         * e.g. implement automatic token fees, slashing mechanisms, etc.
                         *
                         * Emits a {Transfer} event.
                         *
                         * Requirements:
                         *
                         * - `sender` cannot be the zero address.
                         * - `recipient` cannot be the zero address.
                         * - `sender` must have a balance of at least `amount`.
                         */
                        function _transfer(address sender, address recipient, uint256 amount) internal virtual {
                            require(sender != address(0), "ERC20: transfer from the zero address");
                            require(recipient != address(0), "ERC20: transfer to the zero address");
                            _beforeTokenTransfer(sender, recipient, amount);
                            _balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
                            _balances[recipient] = _balances[recipient].add(amount);
                            emit Transfer(sender, recipient, amount);
                        }
                        /** @dev Creates `amount` tokens and assigns them to `account`, increasing
                         * the total supply.
                         *
                         * Emits a {Transfer} event with `from` set to the zero address.
                         *
                         * Requirements
                         *
                         * - `to` cannot be the zero address.
                         */
                        function _mint(address account, uint256 amount) internal virtual {
                            require(account != address(0), "ERC20: mint to the zero address");
                            _beforeTokenTransfer(address(0), account, amount);
                            _totalSupply = _totalSupply.add(amount);
                            _balances[account] = _balances[account].add(amount);
                            emit Transfer(address(0), account, amount);
                        }
                        /**
                         * @dev Destroys `amount` tokens from `account`, reducing the
                         * total supply.
                         *
                         * Emits a {Transfer} event with `to` set to the zero address.
                         *
                         * Requirements
                         *
                         * - `account` cannot be the zero address.
                         * - `account` must have at least `amount` tokens.
                         */
                        function _burn(address account, uint256 amount) internal virtual {
                            require(account != address(0), "ERC20: burn from the zero address");
                            _beforeTokenTransfer(account, address(0), amount);
                            _balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
                            _totalSupply = _totalSupply.sub(amount);
                            emit Transfer(account, address(0), amount);
                        }
                        /**
                         * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
                         *
                         * This internal function is equivalent to `approve`, and can be used to
                         * e.g. set automatic allowances for certain subsystems, etc.
                         *
                         * Emits an {Approval} event.
                         *
                         * Requirements:
                         *
                         * - `owner` cannot be the zero address.
                         * - `spender` cannot be the zero address.
                         */
                        function _approve(address owner, address spender, uint256 amount) internal virtual {
                            require(owner != address(0), "ERC20: approve from the zero address");
                            require(spender != address(0), "ERC20: approve to the zero address");
                            _allowances[owner][spender] = amount;
                            emit Approval(owner, spender, amount);
                        }
                        /**
                         * @dev Sets {decimals} to a value other than the default one of 18.
                         *
                         * WARNING: This function should only be called from the constructor. Most
                         * applications that interact with token contracts will not expect
                         * {decimals} to ever change, and may work incorrectly if it does.
                         */
                        function _setupDecimals(uint8 decimals_) internal {
                            _decimals = decimals_;
                        }
                        /**
                         * @dev Hook that is called before any transfer of tokens. This includes
                         * minting and burning.
                         *
                         * Calling conditions:
                         *
                         * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
                         * will be to transferred to `to`.
                         * - when `from` is zero, `amount` tokens will be minted for `to`.
                         * - when `to` is zero, `amount` of ``from``'s tokens will be burned.
                         * - `from` and `to` are never both zero.
                         *
                         * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
                         */
                        function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual { }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    /*
                     * @dev Provides information about the current execution context, including the
                     * sender of the transaction and its data. While these are generally available
                     * via msg.sender and msg.data, they should not be accessed in such a direct
                     * manner, since when dealing with GSN meta-transactions the account sending and
                     * paying for execution may not be the actual sender (as far as an application
                     * is concerned).
                     *
                     * This contract is only required for intermediate, library-like contracts.
                     */
                    abstract contract Context {
                        function _msgSender() internal view virtual returns (address payable) {
                            return msg.sender;
                        }
                        function _msgData() internal view virtual returns (bytes memory) {
                            this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
                            return msg.data;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/access/Ownable.sol";
                    import "@openzeppelin/contracts/utils/Pausable.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    import "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "./ICHI.sol";
                    import "./Spender.sol";
                    /**
                     * @title MetaSwap
                     */
                    contract MetaSwap is Ownable, Pausable, ReentrancyGuard {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        struct Adapter {
                            address addr; // adapter's address
                            bytes4 selector;
                            bytes data; // adapter's fixed data
                        }
                        ICHI public immutable chi;
                        Spender public immutable spender;
                        // Mapping of aggregatorId to aggregator
                        mapping(string => Adapter) public adapters;
                        mapping(string => bool) public adapterRemoved;
                        event AdapterSet(
                            string indexed aggregatorId,
                            address indexed addr,
                            bytes4 selector,
                            bytes data
                        );
                        event AdapterRemoved(string indexed aggregatorId);
                        event Swap(string indexed aggregatorId, address indexed sender);
                        constructor(ICHI _chi) public {
                            chi = _chi;
                            spender = new Spender();
                        }
                        /**
                         * @dev Sets the adapter for an aggregator. It can't be changed later.
                         * @param aggregatorId Aggregator's identifier
                         * @param addr Address of the contract that contains the logic for this aggregator
                         * @param selector The function selector of the swap function in the adapter
                         * @param data Fixed abi encoded data the will be passed in each delegatecall made to the adapter
                         */
                        function setAdapter(
                            string calldata aggregatorId,
                            address addr,
                            bytes4 selector,
                            bytes calldata data
                        ) external onlyOwner {
                            require(addr.isContract(), "ADAPTER_IS_NOT_A_CONTRACT");
                            require(!adapterRemoved[aggregatorId], "ADAPTER_REMOVED");
                            Adapter storage adapter = adapters[aggregatorId];
                            require(adapter.addr == address(0), "ADAPTER_EXISTS");
                            adapter.addr = addr;
                            adapter.selector = selector;
                            adapter.data = data;
                            emit AdapterSet(aggregatorId, addr, selector, data);
                        }
                        /**
                         * @dev Removes the adapter for an existing aggregator. This can't be undone.
                         * @param aggregatorId Aggregator's identifier
                         */
                        function removeAdapter(string calldata aggregatorId) external onlyOwner {
                            require(
                                adapters[aggregatorId].addr != address(0),
                                "ADAPTER_DOES_NOT_EXIST"
                            );
                            delete adapters[aggregatorId];
                            adapterRemoved[aggregatorId] = true;
                            emit AdapterRemoved(aggregatorId);
                        }
                        /**
                         * @dev Performs a swap
                         * @param aggregatorId Identifier of the aggregator to be used for the swap
                         * @param data Dynamic data which is concatenated with the fixed aggregator's
                         * data in the delecatecall made to the adapter
                         */
                        function swap(
                            string calldata aggregatorId,
                            IERC20 tokenFrom,
                            uint256 amount,
                            bytes calldata data
                        ) external payable whenNotPaused nonReentrant {
                            _swap(aggregatorId, tokenFrom, amount, data);
                        }
                        /**
                         * @dev Performs a swap
                         * @param aggregatorId Identifier of the aggregator to be used for the swap
                         * @param data Dynamic data which is concatenated with the fixed aggregator's
                         * data in the delecatecall made to the adapter
                         */
                        function swapUsingGasToken(
                            string calldata aggregatorId,
                            IERC20 tokenFrom,
                            uint256 amount,
                            bytes calldata data
                        ) external payable whenNotPaused nonReentrant {
                            uint256 gas = gasleft();
                            _swap(aggregatorId, tokenFrom, amount, data);
                            uint256 gasSpent = 21000 + gas - gasleft() + 16 * msg.data.length;
                            chi.freeFromUpTo(msg.sender, (gasSpent + 14154) / 41947);
                        }
                        function pauseSwaps() external onlyOwner {
                            _pause();
                        }
                        function unpauseSwaps() external onlyOwner {
                            _unpause();
                        }
                        function _swap(
                            string calldata aggregatorId,
                            IERC20 tokenFrom,
                            uint256 amount,
                            bytes calldata data
                        ) internal {
                            Adapter storage adapter = adapters[aggregatorId];
                            if (address(tokenFrom) != Constants.ETH) {
                                tokenFrom.safeTransferFrom(msg.sender, address(spender), amount);
                            }
                            spender.swap{value: msg.value}(
                                adapter.addr,
                                abi.encodePacked(
                                    adapter.selector,
                                    abi.encode(msg.sender),
                                    adapter.data,
                                    data
                                )
                            );
                            emit Swap(aggregatorId, msg.sender);
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "../GSN/Context.sol";
                    /**
                     * @dev Contract module which provides a basic access control mechanism, where
                     * there is an account (an owner) that can be granted exclusive access to
                     * specific functions.
                     *
                     * By default, the owner account will be the one that deploys the contract. This
                     * can later be changed with {transferOwnership}.
                     *
                     * This module is used through inheritance. It will make available the modifier
                     * `onlyOwner`, which can be applied to your functions to restrict their use to
                     * the owner.
                     */
                    contract Ownable is Context {
                        address private _owner;
                        event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
                        /**
                         * @dev Initializes the contract setting the deployer as the initial owner.
                         */
                        constructor () internal {
                            address msgSender = _msgSender();
                            _owner = msgSender;
                            emit OwnershipTransferred(address(0), msgSender);
                        }
                        /**
                         * @dev Returns the address of the current owner.
                         */
                        function owner() public view returns (address) {
                            return _owner;
                        }
                        /**
                         * @dev Throws if called by any account other than the owner.
                         */
                        modifier onlyOwner() {
                            require(_owner == _msgSender(), "Ownable: caller is not the owner");
                            _;
                        }
                        /**
                         * @dev Leaves the contract without owner. It will not be possible to call
                         * `onlyOwner` functions anymore. Can only be called by the current owner.
                         *
                         * NOTE: Renouncing ownership will leave the contract without an owner,
                         * thereby removing any functionality that is only available to the owner.
                         */
                        function renounceOwnership() public virtual onlyOwner {
                            emit OwnershipTransferred(_owner, address(0));
                            _owner = address(0);
                        }
                        /**
                         * @dev Transfers ownership of the contract to a new account (`newOwner`).
                         * Can only be called by the current owner.
                         */
                        function transferOwnership(address newOwner) public virtual onlyOwner {
                            require(newOwner != address(0), "Ownable: new owner is the zero address");
                            emit OwnershipTransferred(_owner, newOwner);
                            _owner = newOwner;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "../GSN/Context.sol";
                    /**
                     * @dev Contract module which allows children to implement an emergency stop
                     * mechanism that can be triggered by an authorized account.
                     *
                     * This module is used through inheritance. It will make available the
                     * modifiers `whenNotPaused` and `whenPaused`, which can be applied to
                     * the functions of your contract. Note that they will not be pausable by
                     * simply including this module, only once the modifiers are put in place.
                     */
                    contract Pausable is Context {
                        /**
                         * @dev Emitted when the pause is triggered by `account`.
                         */
                        event Paused(address account);
                        /**
                         * @dev Emitted when the pause is lifted by `account`.
                         */
                        event Unpaused(address account);
                        bool private _paused;
                        /**
                         * @dev Initializes the contract in unpaused state.
                         */
                        constructor () internal {
                            _paused = false;
                        }
                        /**
                         * @dev Returns true if the contract is paused, and false otherwise.
                         */
                        function paused() public view returns (bool) {
                            return _paused;
                        }
                        /**
                         * @dev Modifier to make a function callable only when the contract is not paused.
                         *
                         * Requirements:
                         *
                         * - The contract must not be paused.
                         */
                        modifier whenNotPaused() {
                            require(!_paused, "Pausable: paused");
                            _;
                        }
                        /**
                         * @dev Modifier to make a function callable only when the contract is paused.
                         *
                         * Requirements:
                         *
                         * - The contract must be paused.
                         */
                        modifier whenPaused() {
                            require(_paused, "Pausable: not paused");
                            _;
                        }
                        /**
                         * @dev Triggers stopped state.
                         *
                         * Requirements:
                         *
                         * - The contract must not be paused.
                         */
                        function _pause() internal virtual whenNotPaused {
                            _paused = true;
                            emit Paused(_msgSender());
                        }
                        /**
                         * @dev Returns to normal state.
                         *
                         * Requirements:
                         *
                         * - The contract must be paused.
                         */
                        function _unpause() internal virtual whenPaused {
                            _paused = false;
                            emit Unpaused(_msgSender());
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    /**
                     * @dev Contract module that helps prevent reentrant calls to a function.
                     *
                     * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
                     * available, which can be applied to functions to make sure there are no nested
                     * (reentrant) calls to them.
                     *
                     * Note that because there is a single `nonReentrant` guard, functions marked as
                     * `nonReentrant` may not call one another. This can be worked around by making
                     * those functions `private`, and then adding `external` `nonReentrant` entry
                     * points to them.
                     *
                     * TIP: If you would like to learn more about reentrancy and alternative ways
                     * to protect against it, check out our blog post
                     * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
                     */
                    contract ReentrancyGuard {
                        // Booleans are more expensive than uint256 or any type that takes up a full
                        // word because each write operation emits an extra SLOAD to first read the
                        // slot's contents, replace the bits taken up by the boolean, and then write
                        // back. This is the compiler's defense against contract upgrades and
                        // pointer aliasing, and it cannot be disabled.
                        // The values being non-zero value makes deployment a bit more expensive,
                        // but in exchange the refund on every call to nonReentrant will be lower in
                        // amount. Since refunds are capped to a percentage of the total
                        // transaction's gas, it is best to keep them low in cases like this one, to
                        // increase the likelihood of the full refund coming into effect.
                        uint256 private constant _NOT_ENTERED = 1;
                        uint256 private constant _ENTERED = 2;
                        uint256 private _status;
                        constructor () internal {
                            _status = _NOT_ENTERED;
                        }
                        /**
                         * @dev Prevents a contract from calling itself, directly or indirectly.
                         * Calling a `nonReentrant` function from another `nonReentrant`
                         * function is not supported. It is possible to prevent this from happening
                         * by making the `nonReentrant` function external, and make it call a
                         * `private` function that does the actual work.
                         */
                        modifier nonReentrant() {
                            // On the first call to nonReentrant, _notEntered will be true
                            require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
                            // Any calls to nonReentrant after this point will fail
                            _status = _ENTERED;
                            _;
                            // By storing the original value once again, a refund is triggered (see
                            // https://eips.ethereum.org/EIPS/eip-2200)
                            _status = _NOT_ENTERED;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity ^0.6.0;
                    import "./Constants.sol";
                    contract Spender {
                        address public immutable metaswap;
                        constructor() public {
                            metaswap = msg.sender;
                        }
                        /// @dev Receives ether from swaps
                        fallback() external payable {}
                        function swap(address adapter, bytes calldata data) external payable {
                            require(msg.sender == metaswap, "FORBIDDEN");
                            require(adapter != address(0), "ADAPTER_NOT_PROVIDED");
                            _delegate(adapter, data, "ADAPTER_DELEGATECALL_FAILED");
                        }
                        /**
                         * @dev Performs a delegatecall and bubbles up the errors, adapted from
                         * https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol
                         * @param target Address of the contract to delegatecall
                         * @param data Data passed in the delegatecall
                         * @param errorMessage Fallback revert reason
                         */
                        function _delegate(
                            address target,
                            bytes memory data,
                            string memory errorMessage
                        ) private returns (bytes memory) {
                            // solhint-disable-next-line avoid-low-level-calls
                            (bool success, bytes memory returndata) = target.delegatecall(data);
                            if (success) {
                                return returndata;
                            } else {
                                // Look for revert reason and bubble it up if present
                                if (returndata.length > 0) {
                                    // The easiest way to bubble the revert reason is using memory via assembly
                                    // solhint-disable-next-line no-inline-assembly
                                    assembly {
                                        let returndata_size := mload(returndata)
                                        revert(add(32, returndata), returndata_size)
                                    }
                                } else {
                                    revert(errorMessage);
                                }
                            }
                        }
                    }
                    pragma solidity ^0.6.0;
                    import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    import "@openzeppelin/contracts/utils/Address.sol";
                    contract MockAdapter {
                        using SafeERC20 for IERC20;
                        using Address for address;
                        using Address for address payable;
                        event MockAdapterEvent(
                            address sender,
                            uint256 valueFixed,
                            uint256 valueDynamic
                        );
                        function test(
                            address sender,
                            uint256 valueFixed,
                            uint256 valueDynamic
                        ) external payable {
                            emit MockAdapterEvent(sender, valueFixed, valueDynamic);
                        }
                        function testRevert(
                            address,
                            uint256,
                            uint256
                        ) external payable {
                            revert("SWAP_FAILED");
                        }
                        function testRevertNoReturnData(
                            address,
                            uint256,
                            uint256
                        ) external payable {
                            revert();
                        }
                    }
                    pragma solidity ^0.6.0;
                    // TAKEN FROM https://github.com/gnosis/mock-contract
                    // TODO: use their npm package once it is published for solidity 0.6
                    interface MockInterface {
                        /**
                         * @dev After calling this method, the mock will return `response` when it is called
                         * with any calldata that is not mocked more specifically below
                         * (e.g. using givenMethodReturn).
                         * @param response ABI encoded response that will be returned if method is invoked
                         */
                        function givenAnyReturn(bytes calldata response) external;
                        function givenAnyReturnBool(bool response) external;
                        function givenAnyReturnUint(uint256 response) external;
                        function givenAnyReturnAddress(address response) external;
                        function givenAnyRevert() external;
                        function givenAnyRevertWithMessage(string calldata message) external;
                        function givenAnyRunOutOfGas() external;
                        /**
                         * @dev After calling this method, the mock will return `response` when the given
                         * methodId is called regardless of arguments. If the methodId and arguments
                         * are mocked more specifically (using `givenMethodAndArguments`) the latter
                         * will take precedence.
                         * @param method ABI encoded methodId. It is valid to pass full calldata (including arguments). The mock will extract the methodId from it
                         * @param response ABI encoded response that will be returned if method is invoked
                         */
                        function givenMethodReturn(bytes calldata method, bytes calldata response)
                            external;
                        function givenMethodReturnBool(bytes calldata method, bool response)
                            external;
                        function givenMethodReturnUint(bytes calldata method, uint256 response)
                            external;
                        function givenMethodReturnAddress(bytes calldata method, address response)
                            external;
                        function givenMethodRevert(bytes calldata method) external;
                        function givenMethodRevertWithMessage(
                            bytes calldata method,
                            string calldata message
                        ) external;
                        function givenMethodRunOutOfGas(bytes calldata method) external;
                        /**
                         * @dev After calling this method, the mock will return `response` when the given
                         * methodId is called with matching arguments. These exact calldataMocks will take
                         * precedence over all other calldataMocks.
                         * @param call ABI encoded calldata (methodId and arguments)
                         * @param response ABI encoded response that will be returned if contract is invoked with calldata
                         */
                        function givenCalldataReturn(bytes calldata call, bytes calldata response)
                            external;
                        function givenCalldataReturnBool(bytes calldata call, bool response)
                            external;
                        function givenCalldataReturnUint(bytes calldata call, uint256 response)
                            external;
                        function givenCalldataReturnAddress(bytes calldata call, address response)
                            external;
                        function givenCalldataRevert(bytes calldata call) external;
                        function givenCalldataRevertWithMessage(
                            bytes calldata call,
                            string calldata message
                        ) external;
                        function givenCalldataRunOutOfGas(bytes calldata call) external;
                        /**
                         * @dev Returns the number of times anything has been called on this mock since last reset
                         */
                        function invocationCount() external returns (uint256);
                        /**
                         * @dev Returns the number of times the given method has been called on this mock since last reset
                         * @param method ABI encoded methodId. It is valid to pass full calldata (including arguments). The mock will extract the methodId from it
                         */
                        function invocationCountForMethod(bytes calldata method)
                            external
                            returns (uint256);
                        /**
                         * @dev Returns the number of times this mock has been called with the exact calldata since last reset.
                         * @param call ABI encoded calldata (methodId and arguments)
                         */
                        function invocationCountForCalldata(bytes calldata call)
                            external
                            returns (uint256);
                        /**
                         * @dev Resets all mocked methods and invocation counts.
                         */
                        function reset() external;
                    }
                    /**
                     * Implementation of the MockInterface.
                     */
                    contract MockContract is MockInterface {
                        enum MockType {Return, Revert, OutOfGas}
                        bytes32 public constant MOCKS_LIST_START = hex"01";
                        bytes public constant MOCKS_LIST_END = "0xff";
                        bytes32 public constant MOCKS_LIST_END_HASH = keccak256(MOCKS_LIST_END);
                        bytes4 public constant SENTINEL_ANY_MOCKS = hex"01";
                        bytes public constant DEFAULT_FALLBACK_VALUE = abi.encode(false);
                        // A linked list allows easy iteration and inclusion checks
                        mapping(bytes32 => bytes) calldataMocks;
                        mapping(bytes => MockType) calldataMockTypes;
                        mapping(bytes => bytes) calldataExpectations;
                        mapping(bytes => string) calldataRevertMessage;
                        mapping(bytes32 => uint256) calldataInvocations;
                        mapping(bytes4 => bytes4) methodIdMocks;
                        mapping(bytes4 => MockType) methodIdMockTypes;
                        mapping(bytes4 => bytes) methodIdExpectations;
                        mapping(bytes4 => string) methodIdRevertMessages;
                        mapping(bytes32 => uint256) methodIdInvocations;
                        MockType fallbackMockType;
                        bytes fallbackExpectation = DEFAULT_FALLBACK_VALUE;
                        string fallbackRevertMessage;
                        uint256 invocations;
                        uint256 resetCount;
                        constructor() public {
                            calldataMocks[MOCKS_LIST_START] = MOCKS_LIST_END;
                            methodIdMocks[SENTINEL_ANY_MOCKS] = SENTINEL_ANY_MOCKS;
                        }
                        function trackCalldataMock(bytes memory call) private {
                            bytes32 callHash = keccak256(call);
                            if (calldataMocks[callHash].length == 0) {
                                calldataMocks[callHash] = calldataMocks[MOCKS_LIST_START];
                                calldataMocks[MOCKS_LIST_START] = call;
                            }
                        }
                        function trackMethodIdMock(bytes4 methodId) private {
                            if (methodIdMocks[methodId] == 0x0) {
                                methodIdMocks[methodId] = methodIdMocks[SENTINEL_ANY_MOCKS];
                                methodIdMocks[SENTINEL_ANY_MOCKS] = methodId;
                            }
                        }
                        function _givenAnyReturn(bytes memory response) internal {
                            fallbackMockType = MockType.Return;
                            fallbackExpectation = response;
                        }
                        function givenAnyReturn(bytes calldata response) external override {
                            _givenAnyReturn(response);
                        }
                        function givenAnyReturnBool(bool response) external override {
                            uint256 flag = response ? 1 : 0;
                            _givenAnyReturn(uintToBytes(flag));
                        }
                        function givenAnyReturnUint(uint256 response) external override {
                            _givenAnyReturn(uintToBytes(response));
                        }
                        function givenAnyReturnAddress(address response) external override {
                            _givenAnyReturn(uintToBytes(uint256(response)));
                        }
                        function givenAnyRevert() external override {
                            fallbackMockType = MockType.Revert;
                            fallbackRevertMessage = "";
                        }
                        function givenAnyRevertWithMessage(string calldata message)
                            external
                            override
                        {
                            fallbackMockType = MockType.Revert;
                            fallbackRevertMessage = message;
                        }
                        function givenAnyRunOutOfGas() external override {
                            fallbackMockType = MockType.OutOfGas;
                        }
                        function _givenCalldataReturn(bytes memory call, bytes memory response)
                            private
                        {
                            calldataMockTypes[call] = MockType.Return;
                            calldataExpectations[call] = response;
                            trackCalldataMock(call);
                        }
                        function givenCalldataReturn(bytes calldata call, bytes calldata response)
                            external
                            override
                        {
                            _givenCalldataReturn(call, response);
                        }
                        function givenCalldataReturnBool(bytes calldata call, bool response)
                            external
                            override
                        {
                            uint256 flag = response ? 1 : 0;
                            _givenCalldataReturn(call, uintToBytes(flag));
                        }
                        function givenCalldataReturnUint(bytes calldata call, uint256 response)
                            external
                            override
                        {
                            _givenCalldataReturn(call, uintToBytes(response));
                        }
                        function givenCalldataReturnAddress(bytes calldata call, address response)
                            external
                            override
                        {
                            _givenCalldataReturn(call, uintToBytes(uint256(response)));
                        }
                        function _givenMethodReturn(bytes memory call, bytes memory response)
                            private
                        {
                            bytes4 method = bytesToBytes4(call);
                            methodIdMockTypes[method] = MockType.Return;
                            methodIdExpectations[method] = response;
                            trackMethodIdMock(method);
                        }
                        function givenMethodReturn(bytes calldata call, bytes calldata response)
                            external
                            override
                        {
                            _givenMethodReturn(call, response);
                        }
                        function givenMethodReturnBool(bytes calldata call, bool response)
                            external
                            override
                        {
                            uint256 flag = response ? 1 : 0;
                            _givenMethodReturn(call, uintToBytes(flag));
                        }
                        function givenMethodReturnUint(bytes calldata call, uint256 response)
                            external
                            override
                        {
                            _givenMethodReturn(call, uintToBytes(response));
                        }
                        function givenMethodReturnAddress(bytes calldata call, address response)
                            external
                            override
                        {
                            _givenMethodReturn(call, uintToBytes(uint256(response)));
                        }
                        function givenCalldataRevert(bytes calldata call) external override {
                            calldataMockTypes[call] = MockType.Revert;
                            calldataRevertMessage[call] = "";
                            trackCalldataMock(call);
                        }
                        function givenMethodRevert(bytes calldata call) external override {
                            bytes4 method = bytesToBytes4(call);
                            methodIdMockTypes[method] = MockType.Revert;
                            trackMethodIdMock(method);
                        }
                        function givenCalldataRevertWithMessage(
                            bytes calldata call,
                            string calldata message
                        ) external override {
                            calldataMockTypes[call] = MockType.Revert;
                            calldataRevertMessage[call] = message;
                            trackCalldataMock(call);
                        }
                        function givenMethodRevertWithMessage(
                            bytes calldata call,
                            string calldata message
                        ) external override {
                            bytes4 method = bytesToBytes4(call);
                            methodIdMockTypes[method] = MockType.Revert;
                            methodIdRevertMessages[method] = message;
                            trackMethodIdMock(method);
                        }
                        function givenCalldataRunOutOfGas(bytes calldata call) external override {
                            calldataMockTypes[call] = MockType.OutOfGas;
                            trackCalldataMock(call);
                        }
                        function givenMethodRunOutOfGas(bytes calldata call) external override {
                            bytes4 method = bytesToBytes4(call);
                            methodIdMockTypes[method] = MockType.OutOfGas;
                            trackMethodIdMock(method);
                        }
                        function invocationCount() external override returns (uint256) {
                            return invocations;
                        }
                        function invocationCountForMethod(bytes calldata call)
                            external
                            override
                            returns (uint256)
                        {
                            bytes4 method = bytesToBytes4(call);
                            return
                                methodIdInvocations[keccak256(
                                    abi.encodePacked(resetCount, method)
                                )];
                        }
                        function invocationCountForCalldata(bytes calldata call)
                            external
                            override
                            returns (uint256)
                        {
                            return
                                calldataInvocations[keccak256(abi.encodePacked(resetCount, call))];
                        }
                        function reset() external override {
                            // Reset all exact calldataMocks
                            bytes memory nextMock = calldataMocks[MOCKS_LIST_START];
                            bytes32 mockHash = keccak256(nextMock);
                            // We cannot compary bytes
                            while (mockHash != MOCKS_LIST_END_HASH) {
                                // Reset all mock maps
                                calldataMockTypes[nextMock] = MockType.Return;
                                calldataExpectations[nextMock] = hex"";
                                calldataRevertMessage[nextMock] = "";
                                // Set next mock to remove
                                nextMock = calldataMocks[mockHash];
                                // Remove from linked list
                                calldataMocks[mockHash] = "";
                                // Update mock hash
                                mockHash = keccak256(nextMock);
                            }
                            // Clear list
                            calldataMocks[MOCKS_LIST_START] = MOCKS_LIST_END;
                            // Reset all any calldataMocks
                            bytes4 nextAnyMock = methodIdMocks[SENTINEL_ANY_MOCKS];
                            while (nextAnyMock != SENTINEL_ANY_MOCKS) {
                                bytes4 currentAnyMock = nextAnyMock;
                                methodIdMockTypes[currentAnyMock] = MockType.Return;
                                methodIdExpectations[currentAnyMock] = hex"";
                                methodIdRevertMessages[currentAnyMock] = "";
                                nextAnyMock = methodIdMocks[currentAnyMock];
                                // Remove from linked list
                                methodIdMocks[currentAnyMock] = 0x0;
                            }
                            // Clear list
                            methodIdMocks[SENTINEL_ANY_MOCKS] = SENTINEL_ANY_MOCKS;
                            fallbackExpectation = DEFAULT_FALLBACK_VALUE;
                            fallbackMockType = MockType.Return;
                            invocations = 0;
                            resetCount += 1;
                        }
                        function useAllGas() private {
                            while (true) {
                                bool s;
                                assembly {
                                    //expensive call to EC multiply contract
                                    s := call(sub(gas(), 2000), 6, 0, 0x0, 0xc0, 0x0, 0x60)
                                }
                            }
                        }
                        function bytesToBytes4(bytes memory b) private pure returns (bytes4) {
                            bytes4 out;
                            for (uint256 i = 0; i < 4; i++) {
                                out |= bytes4(b[i] & 0xFF) >> (i * 8);
                            }
                            return out;
                        }
                        function uintToBytes(uint256 x) private pure returns (bytes memory b) {
                            b = new bytes(32);
                            assembly {
                                mstore(add(b, 32), x)
                            }
                        }
                        function updateInvocationCount(
                            bytes4 methodId,
                            bytes memory originalMsgData
                        ) public {
                            require(
                                msg.sender == address(this),
                                "Can only be called from the contract itself"
                            );
                            invocations += 1;
                            methodIdInvocations[keccak256(
                                abi.encodePacked(resetCount, methodId)
                            )] += 1;
                            calldataInvocations[keccak256(
                                abi.encodePacked(resetCount, originalMsgData)
                            )] += 1;
                        }
                        fallback() external payable {
                            bytes4 methodId;
                            assembly {
                                methodId := calldataload(0)
                            }
                            // First, check exact matching overrides
                            if (calldataMockTypes[msg.data] == MockType.Revert) {
                                revert(calldataRevertMessage[msg.data]);
                            }
                            if (calldataMockTypes[msg.data] == MockType.OutOfGas) {
                                useAllGas();
                            }
                            bytes memory result = calldataExpectations[msg.data];
                            // Then check method Id overrides
                            if (result.length == 0) {
                                if (methodIdMockTypes[methodId] == MockType.Revert) {
                                    revert(methodIdRevertMessages[methodId]);
                                }
                                if (methodIdMockTypes[methodId] == MockType.OutOfGas) {
                                    useAllGas();
                                }
                                result = methodIdExpectations[methodId];
                            }
                            // Last, use the fallback override
                            if (result.length == 0) {
                                if (fallbackMockType == MockType.Revert) {
                                    revert(fallbackRevertMessage);
                                }
                                if (fallbackMockType == MockType.OutOfGas) {
                                    useAllGas();
                                }
                                result = fallbackExpectation;
                            }
                            // Record invocation as separate call so we don't rollback in case we are called with STATICCALL
                            (, bytes memory r) = address(this).call{gas: 100000}(
                                abi.encodeWithSignature(
                                    "updateInvocationCount(bytes4,bytes)",
                                    methodId,
                                    msg.data
                                )
                            );
                            assert(r.length == 0);
                            assembly {
                                return(add(0x20, result), mload(result))
                            }
                        }
                    }
                    pragma solidity ^0.6.0;
                    contract MockSelfDestruct {
                        constructor() public payable {}
                        fallback() external payable {
                            selfdestruct(msg.sender);
                        }
                        function kill(address payable target) external payable {
                            selfdestruct(target);
                        }
                    }
                    

                    File 2 of 7: FiatTokenProxy
                    pragma solidity ^0.4.24;
                    
                    // File: zos-lib/contracts/upgradeability/Proxy.sol
                    
                    /**
                     * @title Proxy
                     * @dev Implements delegation of calls to other contracts, with proper
                     * forwarding of return values and bubbling of failures.
                     * It defines a fallback function that delegates all calls to the address
                     * returned by the abstract _implementation() internal function.
                     */
                    contract Proxy {
                      /**
                       * @dev Fallback function.
                       * Implemented entirely in `_fallback`.
                       */
                      function () payable external {
                        _fallback();
                      }
                    
                      /**
                       * @return The Address of the implementation.
                       */
                      function _implementation() internal view returns (address);
                    
                      /**
                       * @dev Delegates execution to an implementation contract.
                       * This is a low level function that doesn't return to its internal call site.
                       * It will return to the external caller whatever the implementation returns.
                       * @param implementation Address to delegate.
                       */
                      function _delegate(address implementation) internal {
                        assembly {
                          // Copy msg.data. We take full control of memory in this inline assembly
                          // block because it will not return to Solidity code. We overwrite the
                          // Solidity scratch pad at memory position 0.
                          calldatacopy(0, 0, calldatasize)
                    
                          // Call the implementation.
                          // out and outsize are 0 because we don't know the size yet.
                          let result := delegatecall(gas, implementation, 0, calldatasize, 0, 0)
                    
                          // Copy the returned data.
                          returndatacopy(0, 0, returndatasize)
                    
                          switch result
                          // delegatecall returns 0 on error.
                          case 0 { revert(0, returndatasize) }
                          default { return(0, returndatasize) }
                        }
                      }
                    
                      /**
                       * @dev Function that is run as the first thing in the fallback function.
                       * Can be redefined in derived contracts to add functionality.
                       * Redefinitions must call super._willFallback().
                       */
                      function _willFallback() internal {
                      }
                    
                      /**
                       * @dev fallback implementation.
                       * Extracted to enable manual triggering.
                       */
                      function _fallback() internal {
                        _willFallback();
                        _delegate(_implementation());
                      }
                    }
                    
                    // File: openzeppelin-solidity/contracts/AddressUtils.sol
                    
                    /**
                     * Utility library of inline functions on addresses
                     */
                    library AddressUtils {
                    
                      /**
                       * Returns whether the target address is a contract
                       * @dev This function will return false if invoked during the constructor of a contract,
                       * as the code is not actually created until after the constructor finishes.
                       * @param addr address to check
                       * @return whether the target address is a contract
                       */
                      function isContract(address addr) internal view returns (bool) {
                        uint256 size;
                        // XXX Currently there is no better way to check if there is a contract in an address
                        // than to check the size of the code at that address.
                        // See https://ethereum.stackexchange.com/a/14016/36603
                        // for more details about how this works.
                        // TODO Check this again before the Serenity release, because all addresses will be
                        // contracts then.
                        // solium-disable-next-line security/no-inline-assembly
                        assembly { size := extcodesize(addr) }
                        return size > 0;
                      }
                    
                    }
                    
                    // File: zos-lib/contracts/upgradeability/UpgradeabilityProxy.sol
                    
                    /**
                     * @title UpgradeabilityProxy
                     * @dev This contract implements a proxy that allows to change the
                     * implementation address to which it will delegate.
                     * Such a change is called an implementation upgrade.
                     */
                    contract UpgradeabilityProxy is Proxy {
                      /**
                       * @dev Emitted when the implementation is upgraded.
                       * @param implementation Address of the new implementation.
                       */
                      event Upgraded(address implementation);
                    
                      /**
                       * @dev Storage slot with the address of the current implementation.
                       * This is the keccak-256 hash of "org.zeppelinos.proxy.implementation", and is
                       * validated in the constructor.
                       */
                      bytes32 private constant IMPLEMENTATION_SLOT = 0x7050c9e0f4ca769c69bd3a8ef740bc37934f8e2c036e5a723fd8ee048ed3f8c3;
                    
                      /**
                       * @dev Contract constructor.
                       * @param _implementation Address of the initial implementation.
                       */
                      constructor(address _implementation) public {
                        assert(IMPLEMENTATION_SLOT == keccak256("org.zeppelinos.proxy.implementation"));
                    
                        _setImplementation(_implementation);
                      }
                    
                      /**
                       * @dev Returns the current implementation.
                       * @return Address of the current implementation
                       */
                      function _implementation() internal view returns (address impl) {
                        bytes32 slot = IMPLEMENTATION_SLOT;
                        assembly {
                          impl := sload(slot)
                        }
                      }
                    
                      /**
                       * @dev Upgrades the proxy to a new implementation.
                       * @param newImplementation Address of the new implementation.
                       */
                      function _upgradeTo(address newImplementation) internal {
                        _setImplementation(newImplementation);
                        emit Upgraded(newImplementation);
                      }
                    
                      /**
                       * @dev Sets the implementation address of the proxy.
                       * @param newImplementation Address of the new implementation.
                       */
                      function _setImplementation(address newImplementation) private {
                        require(AddressUtils.isContract(newImplementation), "Cannot set a proxy implementation to a non-contract address");
                    
                        bytes32 slot = IMPLEMENTATION_SLOT;
                    
                        assembly {
                          sstore(slot, newImplementation)
                        }
                      }
                    }
                    
                    // File: zos-lib/contracts/upgradeability/AdminUpgradeabilityProxy.sol
                    
                    /**
                     * @title AdminUpgradeabilityProxy
                     * @dev This contract combines an upgradeability proxy with an authorization
                     * mechanism for administrative tasks.
                     * All external functions in this contract must be guarded by the
                     * `ifAdmin` modifier. See ethereum/solidity#3864 for a Solidity
                     * feature proposal that would enable this to be done automatically.
                     */
                    contract AdminUpgradeabilityProxy is UpgradeabilityProxy {
                      /**
                       * @dev Emitted when the administration has been transferred.
                       * @param previousAdmin Address of the previous admin.
                       * @param newAdmin Address of the new admin.
                       */
                      event AdminChanged(address previousAdmin, address newAdmin);
                    
                      /**
                       * @dev Storage slot with the admin of the contract.
                       * This is the keccak-256 hash of "org.zeppelinos.proxy.admin", and is
                       * validated in the constructor.
                       */
                      bytes32 private constant ADMIN_SLOT = 0x10d6a54a4754c8869d6886b5f5d7fbfa5b4522237ea5c60d11bc4e7a1ff9390b;
                    
                      /**
                       * @dev Modifier to check whether the `msg.sender` is the admin.
                       * If it is, it will run the function. Otherwise, it will delegate the call
                       * to the implementation.
                       */
                      modifier ifAdmin() {
                        if (msg.sender == _admin()) {
                          _;
                        } else {
                          _fallback();
                        }
                      }
                    
                      /**
                       * Contract constructor.
                       * It sets the `msg.sender` as the proxy administrator.
                       * @param _implementation address of the initial implementation.
                       */
                      constructor(address _implementation) UpgradeabilityProxy(_implementation) public {
                        assert(ADMIN_SLOT == keccak256("org.zeppelinos.proxy.admin"));
                    
                        _setAdmin(msg.sender);
                      }
                    
                      /**
                       * @return The address of the proxy admin.
                       */
                      function admin() external view ifAdmin returns (address) {
                        return _admin();
                      }
                    
                      /**
                       * @return The address of the implementation.
                       */
                      function implementation() external view ifAdmin returns (address) {
                        return _implementation();
                      }
                    
                      /**
                       * @dev Changes the admin of the proxy.
                       * Only the current admin can call this function.
                       * @param newAdmin Address to transfer proxy administration to.
                       */
                      function changeAdmin(address newAdmin) external ifAdmin {
                        require(newAdmin != address(0), "Cannot change the admin of a proxy to the zero address");
                        emit AdminChanged(_admin(), newAdmin);
                        _setAdmin(newAdmin);
                      }
                    
                      /**
                       * @dev Upgrade the backing implementation of the proxy.
                       * Only the admin can call this function.
                       * @param newImplementation Address of the new implementation.
                       */
                      function upgradeTo(address newImplementation) external ifAdmin {
                        _upgradeTo(newImplementation);
                      }
                    
                      /**
                       * @dev Upgrade the backing implementation of the proxy and call a function
                       * on the new implementation.
                       * This is useful to initialize the proxied contract.
                       * @param newImplementation Address of the new implementation.
                       * @param data Data to send as msg.data in the low level call.
                       * It should include the signature and the parameters of the function to be
                       * called, as described in
                       * https://solidity.readthedocs.io/en/develop/abi-spec.html#function-selector-and-argument-encoding.
                       */
                      function upgradeToAndCall(address newImplementation, bytes data) payable external ifAdmin {
                        _upgradeTo(newImplementation);
                        require(address(this).call.value(msg.value)(data));
                      }
                    
                      /**
                       * @return The admin slot.
                       */
                      function _admin() internal view returns (address adm) {
                        bytes32 slot = ADMIN_SLOT;
                        assembly {
                          adm := sload(slot)
                        }
                      }
                    
                      /**
                       * @dev Sets the address of the proxy admin.
                       * @param newAdmin Address of the new proxy admin.
                       */
                      function _setAdmin(address newAdmin) internal {
                        bytes32 slot = ADMIN_SLOT;
                    
                        assembly {
                          sstore(slot, newAdmin)
                        }
                      }
                    
                      /**
                       * @dev Only fall back when the sender is not the admin.
                       */
                      function _willFallback() internal {
                        require(msg.sender != _admin(), "Cannot call fallback function from the proxy admin");
                        super._willFallback();
                      }
                    }
                    
                    // File: contracts/FiatTokenProxy.sol
                    
                    /**
                    * Copyright CENTRE SECZ 2018
                    *
                    * Permission is hereby granted, free of charge, to any person obtaining a copy 
                    * of this software and associated documentation files (the "Software"), to deal 
                    * in the Software without restriction, including without limitation the rights 
                    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
                    * copies of the Software, and to permit persons to whom the Software is furnished to 
                    * do so, subject to the following conditions:
                    *
                    * The above copyright notice and this permission notice shall be included in all 
                    * copies or substantial portions of the Software.
                    *
                    * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
                    * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
                    * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
                    * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
                    * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
                    * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
                    */
                    
                    pragma solidity ^0.4.24;
                    
                    
                    /**
                     * @title FiatTokenProxy
                     * @dev This contract proxies FiatToken calls and enables FiatToken upgrades
                    */ 
                    contract FiatTokenProxy is AdminUpgradeabilityProxy {
                        constructor(address _implementation) public AdminUpgradeabilityProxy(_implementation) {
                        }
                    }

                    File 3 of 7: Spender
                    {"Constants.84ef19f8.sol":{"content":"// SPDX-License-Identifier: MIT\r\n\r\npragma solidity ^0.6.0;\r\n\r\nlibrary Constants {\r\n    address internal constant ETH = 0x0000000000000000000000000000000000000000;\r\n}\r\n"},"Spender.3372a096.sol":{"content":"// SPDX-License-Identifier: MIT\r\n\r\npragma solidity ^0.6.0;\r\n\r\nimport \"./Constants.84ef19f8.sol\";\r\n\r\ncontract Spender {\r\n    address public immutable metaswap;\r\n\r\n    constructor() public {\r\n        metaswap = msg.sender;\r\n    }\r\n\r\n    /// @dev Receives ether from swaps\r\n    fallback() external payable {}\r\n\r\n    function swap(address adapter, bytes calldata data) external payable {\r\n        require(msg.sender == metaswap, \"FORBIDDEN\");\r\n        require(adapter != address(0), \"ADAPTER_NOT_PROVIDED\");\r\n        _delegate(adapter, data, \"ADAPTER_DELEGATECALL_FAILED\");\r\n    }\r\n\r\n    /**\r\n     * @dev Performs a delegatecall and bubbles up the errors, adapted from\r\n     * https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol\r\n     * @param target Address of the contract to delegatecall\r\n     * @param data Data passed in the delegatecall\r\n     * @param errorMessage Fallback revert reason\r\n     */\r\n    function _delegate(\r\n        address target,\r\n        bytes memory data,\r\n        string memory errorMessage\r\n    ) private returns (bytes memory) {\r\n        // solhint-disable-next-line avoid-low-level-calls\r\n        (bool success, bytes memory returndata) = target.delegatecall(data);\r\n        if (success) {\r\n            return returndata;\r\n        } else {\r\n            // Look for revert reason and bubble it up if present\r\n            if (returndata.length \u003e 0) {\r\n                // The easiest way to bubble the revert reason is using memory via assembly\r\n\r\n                // solhint-disable-next-line no-inline-assembly\r\n                assembly {\r\n                    let returndata_size := mload(returndata)\r\n                    revert(add(32, returndata), returndata_size)\r\n                }\r\n            } else {\r\n                revert(errorMessage);\r\n            }\r\n        }\r\n    }\r\n}\r\n"}}

                    File 4 of 7: TetherToken
                    pragma solidity ^0.4.17;
                    
                    /**
                     * @title SafeMath
                     * @dev Math operations with safety checks that throw on error
                     */
                    library SafeMath {
                        function mul(uint256 a, uint256 b) internal pure returns (uint256) {
                            if (a == 0) {
                                return 0;
                            }
                            uint256 c = a * b;
                            assert(c / a == b);
                            return c;
                        }
                    
                        function div(uint256 a, uint256 b) internal pure returns (uint256) {
                            // assert(b > 0); // Solidity automatically throws when dividing by 0
                            uint256 c = a / b;
                            // assert(a == b * c + a % b); // There is no case in which this doesn't hold
                            return c;
                        }
                    
                        function sub(uint256 a, uint256 b) internal pure returns (uint256) {
                            assert(b <= a);
                            return a - b;
                        }
                    
                        function add(uint256 a, uint256 b) internal pure returns (uint256) {
                            uint256 c = a + b;
                            assert(c >= a);
                            return c;
                        }
                    }
                    
                    /**
                     * @title Ownable
                     * @dev The Ownable contract has an owner address, and provides basic authorization control
                     * functions, this simplifies the implementation of "user permissions".
                     */
                    contract Ownable {
                        address public owner;
                    
                        /**
                          * @dev The Ownable constructor sets the original `owner` of the contract to the sender
                          * account.
                          */
                        function Ownable() public {
                            owner = msg.sender;
                        }
                    
                        /**
                          * @dev Throws if called by any account other than the owner.
                          */
                        modifier onlyOwner() {
                            require(msg.sender == owner);
                            _;
                        }
                    
                        /**
                        * @dev Allows the current owner to transfer control of the contract to a newOwner.
                        * @param newOwner The address to transfer ownership to.
                        */
                        function transferOwnership(address newOwner) public onlyOwner {
                            if (newOwner != address(0)) {
                                owner = newOwner;
                            }
                        }
                    
                    }
                    
                    /**
                     * @title ERC20Basic
                     * @dev Simpler version of ERC20 interface
                     * @dev see https://github.com/ethereum/EIPs/issues/20
                     */
                    contract ERC20Basic {
                        uint public _totalSupply;
                        function totalSupply() public constant returns (uint);
                        function balanceOf(address who) public constant returns (uint);
                        function transfer(address to, uint value) public;
                        event Transfer(address indexed from, address indexed to, uint value);
                    }
                    
                    /**
                     * @title ERC20 interface
                     * @dev see https://github.com/ethereum/EIPs/issues/20
                     */
                    contract ERC20 is ERC20Basic {
                        function allowance(address owner, address spender) public constant returns (uint);
                        function transferFrom(address from, address to, uint value) public;
                        function approve(address spender, uint value) public;
                        event Approval(address indexed owner, address indexed spender, uint value);
                    }
                    
                    /**
                     * @title Basic token
                     * @dev Basic version of StandardToken, with no allowances.
                     */
                    contract BasicToken is Ownable, ERC20Basic {
                        using SafeMath for uint;
                    
                        mapping(address => uint) public balances;
                    
                        // additional variables for use if transaction fees ever became necessary
                        uint public basisPointsRate = 0;
                        uint public maximumFee = 0;
                    
                        /**
                        * @dev Fix for the ERC20 short address attack.
                        */
                        modifier onlyPayloadSize(uint size) {
                            require(!(msg.data.length < size + 4));
                            _;
                        }
                    
                        /**
                        * @dev transfer token for a specified address
                        * @param _to The address to transfer to.
                        * @param _value The amount to be transferred.
                        */
                        function transfer(address _to, uint _value) public onlyPayloadSize(2 * 32) {
                            uint fee = (_value.mul(basisPointsRate)).div(10000);
                            if (fee > maximumFee) {
                                fee = maximumFee;
                            }
                            uint sendAmount = _value.sub(fee);
                            balances[msg.sender] = balances[msg.sender].sub(_value);
                            balances[_to] = balances[_to].add(sendAmount);
                            if (fee > 0) {
                                balances[owner] = balances[owner].add(fee);
                                Transfer(msg.sender, owner, fee);
                            }
                            Transfer(msg.sender, _to, sendAmount);
                        }
                    
                        /**
                        * @dev Gets the balance of the specified address.
                        * @param _owner The address to query the the balance of.
                        * @return An uint representing the amount owned by the passed address.
                        */
                        function balanceOf(address _owner) public constant returns (uint balance) {
                            return balances[_owner];
                        }
                    
                    }
                    
                    /**
                     * @title Standard ERC20 token
                     *
                     * @dev Implementation of the basic standard token.
                     * @dev https://github.com/ethereum/EIPs/issues/20
                     * @dev Based oncode by FirstBlood: https://github.com/Firstbloodio/token/blob/master/smart_contract/FirstBloodToken.sol
                     */
                    contract StandardToken is BasicToken, ERC20 {
                    
                        mapping (address => mapping (address => uint)) public allowed;
                    
                        uint public constant MAX_UINT = 2**256 - 1;
                    
                        /**
                        * @dev Transfer tokens from one address to another
                        * @param _from address The address which you want to send tokens from
                        * @param _to address The address which you want to transfer to
                        * @param _value uint the amount of tokens to be transferred
                        */
                        function transferFrom(address _from, address _to, uint _value) public onlyPayloadSize(3 * 32) {
                            var _allowance = allowed[_from][msg.sender];
                    
                            // Check is not needed because sub(_allowance, _value) will already throw if this condition is not met
                            // if (_value > _allowance) throw;
                    
                            uint fee = (_value.mul(basisPointsRate)).div(10000);
                            if (fee > maximumFee) {
                                fee = maximumFee;
                            }
                            if (_allowance < MAX_UINT) {
                                allowed[_from][msg.sender] = _allowance.sub(_value);
                            }
                            uint sendAmount = _value.sub(fee);
                            balances[_from] = balances[_from].sub(_value);
                            balances[_to] = balances[_to].add(sendAmount);
                            if (fee > 0) {
                                balances[owner] = balances[owner].add(fee);
                                Transfer(_from, owner, fee);
                            }
                            Transfer(_from, _to, sendAmount);
                        }
                    
                        /**
                        * @dev Approve the passed address to spend the specified amount of tokens on behalf of msg.sender.
                        * @param _spender The address which will spend the funds.
                        * @param _value The amount of tokens to be spent.
                        */
                        function approve(address _spender, uint _value) public onlyPayloadSize(2 * 32) {
                    
                            // To change the approve amount you first have to reduce the addresses`
                            //  allowance to zero by calling `approve(_spender, 0)` if it is not
                            //  already 0 to mitigate the race condition described here:
                            //  https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
                            require(!((_value != 0) && (allowed[msg.sender][_spender] != 0)));
                    
                            allowed[msg.sender][_spender] = _value;
                            Approval(msg.sender, _spender, _value);
                        }
                    
                        /**
                        * @dev Function to check the amount of tokens than an owner allowed to a spender.
                        * @param _owner address The address which owns the funds.
                        * @param _spender address The address which will spend the funds.
                        * @return A uint specifying the amount of tokens still available for the spender.
                        */
                        function allowance(address _owner, address _spender) public constant returns (uint remaining) {
                            return allowed[_owner][_spender];
                        }
                    
                    }
                    
                    
                    /**
                     * @title Pausable
                     * @dev Base contract which allows children to implement an emergency stop mechanism.
                     */
                    contract Pausable is Ownable {
                      event Pause();
                      event Unpause();
                    
                      bool public paused = false;
                    
                    
                      /**
                       * @dev Modifier to make a function callable only when the contract is not paused.
                       */
                      modifier whenNotPaused() {
                        require(!paused);
                        _;
                      }
                    
                      /**
                       * @dev Modifier to make a function callable only when the contract is paused.
                       */
                      modifier whenPaused() {
                        require(paused);
                        _;
                      }
                    
                      /**
                       * @dev called by the owner to pause, triggers stopped state
                       */
                      function pause() onlyOwner whenNotPaused public {
                        paused = true;
                        Pause();
                      }
                    
                      /**
                       * @dev called by the owner to unpause, returns to normal state
                       */
                      function unpause() onlyOwner whenPaused public {
                        paused = false;
                        Unpause();
                      }
                    }
                    
                    contract BlackList is Ownable, BasicToken {
                    
                        /////// Getters to allow the same blacklist to be used also by other contracts (including upgraded Tether) ///////
                        function getBlackListStatus(address _maker) external constant returns (bool) {
                            return isBlackListed[_maker];
                        }
                    
                        function getOwner() external constant returns (address) {
                            return owner;
                        }
                    
                        mapping (address => bool) public isBlackListed;
                        
                        function addBlackList (address _evilUser) public onlyOwner {
                            isBlackListed[_evilUser] = true;
                            AddedBlackList(_evilUser);
                        }
                    
                        function removeBlackList (address _clearedUser) public onlyOwner {
                            isBlackListed[_clearedUser] = false;
                            RemovedBlackList(_clearedUser);
                        }
                    
                        function destroyBlackFunds (address _blackListedUser) public onlyOwner {
                            require(isBlackListed[_blackListedUser]);
                            uint dirtyFunds = balanceOf(_blackListedUser);
                            balances[_blackListedUser] = 0;
                            _totalSupply -= dirtyFunds;
                            DestroyedBlackFunds(_blackListedUser, dirtyFunds);
                        }
                    
                        event DestroyedBlackFunds(address _blackListedUser, uint _balance);
                    
                        event AddedBlackList(address _user);
                    
                        event RemovedBlackList(address _user);
                    
                    }
                    
                    contract UpgradedStandardToken is StandardToken{
                        // those methods are called by the legacy contract
                        // and they must ensure msg.sender to be the contract address
                        function transferByLegacy(address from, address to, uint value) public;
                        function transferFromByLegacy(address sender, address from, address spender, uint value) public;
                        function approveByLegacy(address from, address spender, uint value) public;
                    }
                    
                    contract TetherToken is Pausable, StandardToken, BlackList {
                    
                        string public name;
                        string public symbol;
                        uint public decimals;
                        address public upgradedAddress;
                        bool public deprecated;
                    
                        //  The contract can be initialized with a number of tokens
                        //  All the tokens are deposited to the owner address
                        //
                        // @param _balance Initial supply of the contract
                        // @param _name Token Name
                        // @param _symbol Token symbol
                        // @param _decimals Token decimals
                        function TetherToken(uint _initialSupply, string _name, string _symbol, uint _decimals) public {
                            _totalSupply = _initialSupply;
                            name = _name;
                            symbol = _symbol;
                            decimals = _decimals;
                            balances[owner] = _initialSupply;
                            deprecated = false;
                        }
                    
                        // Forward ERC20 methods to upgraded contract if this one is deprecated
                        function transfer(address _to, uint _value) public whenNotPaused {
                            require(!isBlackListed[msg.sender]);
                            if (deprecated) {
                                return UpgradedStandardToken(upgradedAddress).transferByLegacy(msg.sender, _to, _value);
                            } else {
                                return super.transfer(_to, _value);
                            }
                        }
                    
                        // Forward ERC20 methods to upgraded contract if this one is deprecated
                        function transferFrom(address _from, address _to, uint _value) public whenNotPaused {
                            require(!isBlackListed[_from]);
                            if (deprecated) {
                                return UpgradedStandardToken(upgradedAddress).transferFromByLegacy(msg.sender, _from, _to, _value);
                            } else {
                                return super.transferFrom(_from, _to, _value);
                            }
                        }
                    
                        // Forward ERC20 methods to upgraded contract if this one is deprecated
                        function balanceOf(address who) public constant returns (uint) {
                            if (deprecated) {
                                return UpgradedStandardToken(upgradedAddress).balanceOf(who);
                            } else {
                                return super.balanceOf(who);
                            }
                        }
                    
                        // Forward ERC20 methods to upgraded contract if this one is deprecated
                        function approve(address _spender, uint _value) public onlyPayloadSize(2 * 32) {
                            if (deprecated) {
                                return UpgradedStandardToken(upgradedAddress).approveByLegacy(msg.sender, _spender, _value);
                            } else {
                                return super.approve(_spender, _value);
                            }
                        }
                    
                        // Forward ERC20 methods to upgraded contract if this one is deprecated
                        function allowance(address _owner, address _spender) public constant returns (uint remaining) {
                            if (deprecated) {
                                return StandardToken(upgradedAddress).allowance(_owner, _spender);
                            } else {
                                return super.allowance(_owner, _spender);
                            }
                        }
                    
                        // deprecate current contract in favour of a new one
                        function deprecate(address _upgradedAddress) public onlyOwner {
                            deprecated = true;
                            upgradedAddress = _upgradedAddress;
                            Deprecate(_upgradedAddress);
                        }
                    
                        // deprecate current contract if favour of a new one
                        function totalSupply() public constant returns (uint) {
                            if (deprecated) {
                                return StandardToken(upgradedAddress).totalSupply();
                            } else {
                                return _totalSupply;
                            }
                        }
                    
                        // Issue a new amount of tokens
                        // these tokens are deposited into the owner address
                        //
                        // @param _amount Number of tokens to be issued
                        function issue(uint amount) public onlyOwner {
                            require(_totalSupply + amount > _totalSupply);
                            require(balances[owner] + amount > balances[owner]);
                    
                            balances[owner] += amount;
                            _totalSupply += amount;
                            Issue(amount);
                        }
                    
                        // Redeem tokens.
                        // These tokens are withdrawn from the owner address
                        // if the balance must be enough to cover the redeem
                        // or the call will fail.
                        // @param _amount Number of tokens to be issued
                        function redeem(uint amount) public onlyOwner {
                            require(_totalSupply >= amount);
                            require(balances[owner] >= amount);
                    
                            _totalSupply -= amount;
                            balances[owner] -= amount;
                            Redeem(amount);
                        }
                    
                        function setParams(uint newBasisPoints, uint newMaxFee) public onlyOwner {
                            // Ensure transparency by hardcoding limit beyond which fees can never be added
                            require(newBasisPoints < 20);
                            require(newMaxFee < 50);
                    
                            basisPointsRate = newBasisPoints;
                            maximumFee = newMaxFee.mul(10**decimals);
                    
                            Params(basisPointsRate, maximumFee);
                        }
                    
                        // Called when new token are issued
                        event Issue(uint amount);
                    
                        // Called when tokens are redeemed
                        event Redeem(uint amount);
                    
                        // Called when contract is deprecated
                        event Deprecate(address newAddress);
                    
                        // Called if contract ever adds fees
                        event Params(uint feeBasisPoints, uint maxFee);
                    }

                    File 5 of 7: SplitWallet
                    // SPDX-License-Identifier: GPL-3.0-or-later
                    pragma solidity 0.8.4;
                    import {ISplitMain} from './interfaces/ISplitMain.sol';
                    import {ERC20} from '@rari-capital/solmate/src/tokens/ERC20.sol';
                    import {SafeTransferLib} from '@rari-capital/solmate/src/utils/SafeTransferLib.sol';
                    /**
                     * ERRORS
                     */
                    /// @notice Unauthorized sender
                    error Unauthorized();
                    /**
                     * @title SplitWallet
                     * @author 0xSplits <[email protected]>
                     * @notice The implementation logic for `SplitProxy`.
                     * @dev `SplitProxy` handles `receive()` itself to avoid the gas cost with `DELEGATECALL`.
                     */
                    contract SplitWallet {
                      using SafeTransferLib for address;
                      using SafeTransferLib for ERC20;
                      /**
                       * EVENTS
                       */
                      /** @notice emitted after each successful ETH transfer to proxy
                       *  @param split Address of the split that received ETH
                       *  @param amount Amount of ETH received
                       */
                      event ReceiveETH(address indexed split, uint256 amount);
                      /**
                       * STORAGE
                       */
                      /**
                       * STORAGE - CONSTANTS & IMMUTABLES
                       */
                      /// @notice address of SplitMain for split distributions & EOA/SC withdrawals
                      ISplitMain public immutable splitMain;
                      /**
                       * MODIFIERS
                       */
                      /// @notice Reverts if the sender isn't SplitMain
                      modifier onlySplitMain() {
                        if (msg.sender != address(splitMain)) revert Unauthorized();
                        _;
                      }
                      /**
                       * CONSTRUCTOR
                       */
                      constructor() {
                        splitMain = ISplitMain(msg.sender);
                      }
                      /**
                       * FUNCTIONS - PUBLIC & EXTERNAL
                       */
                      /** @notice Sends amount `amount` of ETH in proxy to SplitMain
                       *  @dev payable reduces gas cost; no vulnerability to accidentally lock
                       *  ETH introduced since fn call is restricted to SplitMain
                       *  @param amount Amount to send
                       */
                      function sendETHToMain(uint256 amount) external payable onlySplitMain() {
                        address(splitMain).safeTransferETH(amount);
                      }
                      /** @notice Sends amount `amount` of ERC20 `token` in proxy to SplitMain
                       *  @dev payable reduces gas cost; no vulnerability to accidentally lock
                       *  ETH introduced since fn call is restricted to SplitMain
                       *  @param token Token to send
                       *  @param amount Amount to send
                       */
                      function sendERC20ToMain(ERC20 token, uint256 amount)
                        external
                        payable
                        onlySplitMain()
                      {
                        token.safeTransfer(address(splitMain), amount);
                      }
                    }
                    // SPDX-License-Identifier: GPL-3.0-or-later
                    pragma solidity 0.8.4;
                    import {ERC20} from '@rari-capital/solmate/src/tokens/ERC20.sol';
                    /**
                     * @title ISplitMain
                     * @author 0xSplits <[email protected]>
                     */
                    interface ISplitMain {
                      /**
                       * FUNCTIONS
                       */
                      function walletImplementation() external returns (address);
                      function createSplit(
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee,
                        address controller
                      ) external returns (address);
                      function predictImmutableSplitAddress(
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee
                      ) external view returns (address);
                      function updateSplit(
                        address split,
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee
                      ) external;
                      function transferControl(address split, address newController) external;
                      function cancelControlTransfer(address split) external;
                      function acceptControl(address split) external;
                      function makeSplitImmutable(address split) external;
                      function distributeETH(
                        address split,
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee,
                        address distributorAddress
                      ) external;
                      function updateAndDistributeETH(
                        address split,
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee,
                        address distributorAddress
                      ) external;
                      function distributeERC20(
                        address split,
                        ERC20 token,
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee,
                        address distributorAddress
                      ) external;
                      function updateAndDistributeERC20(
                        address split,
                        ERC20 token,
                        address[] calldata accounts,
                        uint32[] calldata percentAllocations,
                        uint32 distributorFee,
                        address distributorAddress
                      ) external;
                      function withdraw(
                        address account,
                        uint256 withdrawETH,
                        ERC20[] calldata tokens
                      ) external;
                      /**
                       * EVENTS
                       */
                      /** @notice emitted after each successful split creation
                       *  @param split Address of the created split
                       */
                      event CreateSplit(address indexed split);
                      /** @notice emitted after each successful split update
                       *  @param split Address of the updated split
                       */
                      event UpdateSplit(address indexed split);
                      /** @notice emitted after each initiated split control transfer
                       *  @param split Address of the split control transfer was initiated for
                       *  @param newPotentialController Address of the split's new potential controller
                       */
                      event InitiateControlTransfer(
                        address indexed split,
                        address indexed newPotentialController
                      );
                      /** @notice emitted after each canceled split control transfer
                       *  @param split Address of the split control transfer was canceled for
                       */
                      event CancelControlTransfer(address indexed split);
                      /** @notice emitted after each successful split control transfer
                       *  @param split Address of the split control was transferred for
                       *  @param previousController Address of the split's previous controller
                       *  @param newController Address of the split's new controller
                       */
                      event ControlTransfer(
                        address indexed split,
                        address indexed previousController,
                        address indexed newController
                      );
                      /** @notice emitted after each successful ETH balance split
                       *  @param split Address of the split that distributed its balance
                       *  @param amount Amount of ETH distributed
                       *  @param distributorAddress Address to credit distributor fee to
                       */
                      event DistributeETH(
                        address indexed split,
                        uint256 amount,
                        address indexed distributorAddress
                      );
                      /** @notice emitted after each successful ERC20 balance split
                       *  @param split Address of the split that distributed its balance
                       *  @param token Address of ERC20 distributed
                       *  @param amount Amount of ERC20 distributed
                       *  @param distributorAddress Address to credit distributor fee to
                       */
                      event DistributeERC20(
                        address indexed split,
                        ERC20 indexed token,
                        uint256 amount,
                        address indexed distributorAddress
                      );
                      /** @notice emitted after each successful withdrawal
                       *  @param account Address that funds were withdrawn to
                       *  @param ethAmount Amount of ETH withdrawn
                       *  @param tokens Addresses of ERC20s withdrawn
                       *  @param tokenAmounts Amounts of corresponding ERC20s withdrawn
                       */
                      event Withdrawal(
                        address indexed account,
                        uint256 ethAmount,
                        ERC20[] tokens,
                        uint256[] tokenAmounts
                      );
                    }
                    // SPDX-License-Identifier: AGPL-3.0-only
                    pragma solidity >=0.8.0;
                    /// @notice Modern and gas efficient ERC20 + EIP-2612 implementation.
                    /// @author Solmate (https://github.com/Rari-Capital/solmate/blob/main/src/tokens/ERC20.sol)
                    /// @author Modified from Uniswap (https://github.com/Uniswap/uniswap-v2-core/blob/master/contracts/UniswapV2ERC20.sol)
                    /// @dev Do not manually set balances without updating totalSupply, as the sum of all user balances must not exceed it.
                    abstract contract ERC20 {
                        /*///////////////////////////////////////////////////////////////
                                                      EVENTS
                        //////////////////////////////////////////////////////////////*/
                        event Transfer(address indexed from, address indexed to, uint256 amount);
                        event Approval(address indexed owner, address indexed spender, uint256 amount);
                        /*///////////////////////////////////////////////////////////////
                                                 METADATA STORAGE
                        //////////////////////////////////////////////////////////////*/
                        string public name;
                        string public symbol;
                        uint8 public immutable decimals;
                        /*///////////////////////////////////////////////////////////////
                                                  ERC20 STORAGE
                        //////////////////////////////////////////////////////////////*/
                        uint256 public totalSupply;
                        mapping(address => uint256) public balanceOf;
                        mapping(address => mapping(address => uint256)) public allowance;
                        /*///////////////////////////////////////////////////////////////
                                                 EIP-2612 STORAGE
                        //////////////////////////////////////////////////////////////*/
                        bytes32 public constant PERMIT_TYPEHASH =
                            keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
                        uint256 internal immutable INITIAL_CHAIN_ID;
                        bytes32 internal immutable INITIAL_DOMAIN_SEPARATOR;
                        mapping(address => uint256) public nonces;
                        /*///////////////////////////////////////////////////////////////
                                                   CONSTRUCTOR
                        //////////////////////////////////////////////////////////////*/
                        constructor(
                            string memory _name,
                            string memory _symbol,
                            uint8 _decimals
                        ) {
                            name = _name;
                            symbol = _symbol;
                            decimals = _decimals;
                            INITIAL_CHAIN_ID = block.chainid;
                            INITIAL_DOMAIN_SEPARATOR = computeDomainSeparator();
                        }
                        /*///////////////////////////////////////////////////////////////
                                                  ERC20 LOGIC
                        //////////////////////////////////////////////////////////////*/
                        function approve(address spender, uint256 amount) public virtual returns (bool) {
                            allowance[msg.sender][spender] = amount;
                            emit Approval(msg.sender, spender, amount);
                            return true;
                        }
                        function transfer(address to, uint256 amount) public virtual returns (bool) {
                            balanceOf[msg.sender] -= amount;
                            // Cannot overflow because the sum of all user
                            // balances can't exceed the max uint256 value.
                            unchecked {
                                balanceOf[to] += amount;
                            }
                            emit Transfer(msg.sender, to, amount);
                            return true;
                        }
                        function transferFrom(
                            address from,
                            address to,
                            uint256 amount
                        ) public virtual returns (bool) {
                            uint256 allowed = allowance[from][msg.sender]; // Saves gas for limited approvals.
                            if (allowed != type(uint256).max) allowance[from][msg.sender] = allowed - amount;
                            balanceOf[from] -= amount;
                            // Cannot overflow because the sum of all user
                            // balances can't exceed the max uint256 value.
                            unchecked {
                                balanceOf[to] += amount;
                            }
                            emit Transfer(from, to, amount);
                            return true;
                        }
                        /*///////////////////////////////////////////////////////////////
                                                  EIP-2612 LOGIC
                        //////////////////////////////////////////////////////////////*/
                        function permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) public virtual {
                            require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");
                            // Unchecked because the only math done is incrementing
                            // the owner's nonce which cannot realistically overflow.
                            unchecked {
                                bytes32 digest = keccak256(
                                    abi.encodePacked(
                                        "\\x19\\x01",
                                        DOMAIN_SEPARATOR(),
                                        keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline))
                                    )
                                );
                                address recoveredAddress = ecrecover(digest, v, r, s);
                                require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");
                                allowance[recoveredAddress][spender] = value;
                            }
                            emit Approval(owner, spender, value);
                        }
                        function DOMAIN_SEPARATOR() public view virtual returns (bytes32) {
                            return block.chainid == INITIAL_CHAIN_ID ? INITIAL_DOMAIN_SEPARATOR : computeDomainSeparator();
                        }
                        function computeDomainSeparator() internal view virtual returns (bytes32) {
                            return
                                keccak256(
                                    abi.encode(
                                        keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"),
                                        keccak256(bytes(name)),
                                        keccak256("1"),
                                        block.chainid,
                                        address(this)
                                    )
                                );
                        }
                        /*///////////////////////////////////////////////////////////////
                                           INTERNAL MINT/BURN LOGIC
                        //////////////////////////////////////////////////////////////*/
                        function _mint(address to, uint256 amount) internal virtual {
                            totalSupply += amount;
                            // Cannot overflow because the sum of all user
                            // balances can't exceed the max uint256 value.
                            unchecked {
                                balanceOf[to] += amount;
                            }
                            emit Transfer(address(0), to, amount);
                        }
                        function _burn(address from, uint256 amount) internal virtual {
                            balanceOf[from] -= amount;
                            // Cannot underflow because a user's balance
                            // will never be larger than the total supply.
                            unchecked {
                                totalSupply -= amount;
                            }
                            emit Transfer(from, address(0), amount);
                        }
                    }
                    // SPDX-License-Identifier: AGPL-3.0-only
                    pragma solidity >=0.8.0;
                    import {ERC20} from "../tokens/ERC20.sol";
                    /// @notice Safe ETH and ERC20 transfer library that gracefully handles missing return values.
                    /// @author Solmate (https://github.com/Rari-Capital/solmate/blob/main/src/utils/SafeTransferLib.sol)
                    /// @author Modified from Gnosis (https://github.com/gnosis/gp-v2-contracts/blob/main/src/contracts/libraries/GPv2SafeERC20.sol)
                    /// @dev Use with caution! Some functions in this library knowingly create dirty bits at the destination of the free memory pointer.
                    library SafeTransferLib {
                        /*///////////////////////////////////////////////////////////////
                                                ETH OPERATIONS
                        //////////////////////////////////////////////////////////////*/
                        function safeTransferETH(address to, uint256 amount) internal {
                            bool callStatus;
                            assembly {
                                // Transfer the ETH and store if it succeeded or not.
                                callStatus := call(gas(), to, amount, 0, 0, 0, 0)
                            }
                            require(callStatus, "ETH_TRANSFER_FAILED");
                        }
                        /*///////////////////////////////////////////////////////////////
                                               ERC20 OPERATIONS
                        //////////////////////////////////////////////////////////////*/
                        function safeTransferFrom(
                            ERC20 token,
                            address from,
                            address to,
                            uint256 amount
                        ) internal {
                            bool callStatus;
                            assembly {
                                // Get a pointer to some free memory.
                                let freeMemoryPointer := mload(0x40)
                                // Write the abi-encoded calldata to memory piece by piece:
                                mstore(freeMemoryPointer, 0x23b872dd00000000000000000000000000000000000000000000000000000000) // Begin with the function selector.
                                mstore(add(freeMemoryPointer, 4), and(from, 0xffffffffffffffffffffffffffffffffffffffff)) // Mask and append the "from" argument.
                                mstore(add(freeMemoryPointer, 36), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Mask and append the "to" argument.
                                mstore(add(freeMemoryPointer, 68), amount) // Finally append the "amount" argument. No mask as it's a full 32 byte value.
                                // Call the token and store if it succeeded or not.
                                // We use 100 because the calldata length is 4 + 32 * 3.
                                callStatus := call(gas(), token, 0, freeMemoryPointer, 100, 0, 0)
                            }
                            require(didLastOptionalReturnCallSucceed(callStatus), "TRANSFER_FROM_FAILED");
                        }
                        function safeTransfer(
                            ERC20 token,
                            address to,
                            uint256 amount
                        ) internal {
                            bool callStatus;
                            assembly {
                                // Get a pointer to some free memory.
                                let freeMemoryPointer := mload(0x40)
                                // Write the abi-encoded calldata to memory piece by piece:
                                mstore(freeMemoryPointer, 0xa9059cbb00000000000000000000000000000000000000000000000000000000) // Begin with the function selector.
                                mstore(add(freeMemoryPointer, 4), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Mask and append the "to" argument.
                                mstore(add(freeMemoryPointer, 36), amount) // Finally append the "amount" argument. No mask as it's a full 32 byte value.
                                // Call the token and store if it succeeded or not.
                                // We use 68 because the calldata length is 4 + 32 * 2.
                                callStatus := call(gas(), token, 0, freeMemoryPointer, 68, 0, 0)
                            }
                            require(didLastOptionalReturnCallSucceed(callStatus), "TRANSFER_FAILED");
                        }
                        function safeApprove(
                            ERC20 token,
                            address to,
                            uint256 amount
                        ) internal {
                            bool callStatus;
                            assembly {
                                // Get a pointer to some free memory.
                                let freeMemoryPointer := mload(0x40)
                                // Write the abi-encoded calldata to memory piece by piece:
                                mstore(freeMemoryPointer, 0x095ea7b300000000000000000000000000000000000000000000000000000000) // Begin with the function selector.
                                mstore(add(freeMemoryPointer, 4), and(to, 0xffffffffffffffffffffffffffffffffffffffff)) // Mask and append the "to" argument.
                                mstore(add(freeMemoryPointer, 36), amount) // Finally append the "amount" argument. No mask as it's a full 32 byte value.
                                // Call the token and store if it succeeded or not.
                                // We use 68 because the calldata length is 4 + 32 * 2.
                                callStatus := call(gas(), token, 0, freeMemoryPointer, 68, 0, 0)
                            }
                            require(didLastOptionalReturnCallSucceed(callStatus), "APPROVE_FAILED");
                        }
                        /*///////////////////////////////////////////////////////////////
                                             INTERNAL HELPER LOGIC
                        //////////////////////////////////////////////////////////////*/
                        function didLastOptionalReturnCallSucceed(bool callStatus) private pure returns (bool success) {
                            assembly {
                                // Get how many bytes the call returned.
                                let returnDataSize := returndatasize()
                                // If the call reverted:
                                if iszero(callStatus) {
                                    // Copy the revert message into memory.
                                    returndatacopy(0, 0, returnDataSize)
                                    // Revert with the same message.
                                    revert(0, returnDataSize)
                                }
                                switch returnDataSize
                                case 32 {
                                    // Copy the return data into memory.
                                    returndatacopy(0, 0, returnDataSize)
                                    // Set success to whether it returned true.
                                    success := iszero(iszero(mload(0)))
                                }
                                case 0 {
                                    // There was no return data.
                                    success := 1
                                }
                                default {
                                    // It returned some malformed input.
                                    success := 0
                                }
                            }
                        }
                    }
                    

                    File 6 of 7: SwapERC20
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
                    pragma solidity ^0.8.0;
                    import "../utils/Context.sol";
                    /**
                     * @dev Contract module which provides a basic access control mechanism, where
                     * there is an account (an owner) that can be granted exclusive access to
                     * specific functions.
                     *
                     * By default, the owner account will be the one that deploys the contract. This
                     * can later be changed with {transferOwnership}.
                     *
                     * This module is used through inheritance. It will make available the modifier
                     * `onlyOwner`, which can be applied to your functions to restrict their use to
                     * the owner.
                     */
                    abstract contract Ownable is Context {
                        address private _owner;
                        event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
                        /**
                         * @dev Initializes the contract setting the deployer as the initial owner.
                         */
                        constructor() {
                            _transferOwnership(_msgSender());
                        }
                        /**
                         * @dev Throws if called by any account other than the owner.
                         */
                        modifier onlyOwner() {
                            _checkOwner();
                            _;
                        }
                        /**
                         * @dev Returns the address of the current owner.
                         */
                        function owner() public view virtual returns (address) {
                            return _owner;
                        }
                        /**
                         * @dev Throws if the sender is not the owner.
                         */
                        function _checkOwner() internal view virtual {
                            require(owner() == _msgSender(), "Ownable: caller is not the owner");
                        }
                        /**
                         * @dev Leaves the contract without owner. It will not be possible to call
                         * `onlyOwner` functions anymore. Can only be called by the current owner.
                         *
                         * NOTE: Renouncing ownership will leave the contract without an owner,
                         * thereby removing any functionality that is only available to the owner.
                         */
                        function renounceOwnership() public virtual onlyOwner {
                            _transferOwnership(address(0));
                        }
                        /**
                         * @dev Transfers ownership of the contract to a new account (`newOwner`).
                         * Can only be called by the current owner.
                         */
                        function transferOwnership(address newOwner) public virtual onlyOwner {
                            require(newOwner != address(0), "Ownable: new owner is the zero address");
                            _transferOwnership(newOwner);
                        }
                        /**
                         * @dev Transfers ownership of the contract to a new account (`newOwner`).
                         * Internal function without access restriction.
                         */
                        function _transferOwnership(address newOwner) internal virtual {
                            address oldOwner = _owner;
                            _owner = newOwner;
                            emit OwnershipTransferred(oldOwner, newOwner);
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (access/Ownable2Step.sol)
                    pragma solidity ^0.8.0;
                    import "./Ownable.sol";
                    /**
                     * @dev Contract module which provides access control mechanism, where
                     * there is an account (an owner) that can be granted exclusive access to
                     * specific functions.
                     *
                     * By default, the owner account will be the one that deploys the contract. This
                     * can later be changed with {transferOwnership} and {acceptOwnership}.
                     *
                     * This module is used through inheritance. It will make available all functions
                     * from parent (Ownable).
                     */
                    abstract contract Ownable2Step is Ownable {
                        address private _pendingOwner;
                        event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
                        /**
                         * @dev Returns the address of the pending owner.
                         */
                        function pendingOwner() public view virtual returns (address) {
                            return _pendingOwner;
                        }
                        /**
                         * @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
                         * Can only be called by the current owner.
                         */
                        function transferOwnership(address newOwner) public virtual override onlyOwner {
                            _pendingOwner = newOwner;
                            emit OwnershipTransferStarted(owner(), newOwner);
                        }
                        /**
                         * @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
                         * Internal function without access restriction.
                         */
                        function _transferOwnership(address newOwner) internal virtual override {
                            delete _pendingOwner;
                            super._transferOwnership(newOwner);
                        }
                        /**
                         * @dev The new owner accepts the ownership transfer.
                         */
                        function acceptOwnership() external {
                            address sender = _msgSender();
                            require(pendingOwner() == sender, "Ownable2Step: caller is not the new owner");
                            _transferOwnership(sender);
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
                    pragma solidity ^0.8.0;
                    /**
                     * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
                     * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
                     *
                     * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
                     * presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
                     * need to send a transaction, and thus is not required to hold Ether at all.
                     */
                    interface IERC20Permit {
                        /**
                         * @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
                         * given ``owner``'s signed approval.
                         *
                         * IMPORTANT: The same issues {IERC20-approve} has related to transaction
                         * ordering also apply here.
                         *
                         * Emits an {Approval} event.
                         *
                         * Requirements:
                         *
                         * - `spender` cannot be the zero address.
                         * - `deadline` must be a timestamp in the future.
                         * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
                         * over the EIP712-formatted function arguments.
                         * - the signature must use ``owner``'s current nonce (see {nonces}).
                         *
                         * For more information on the signature format, see the
                         * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
                         * section].
                         */
                        function permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) external;
                        /**
                         * @dev Returns the current nonce for `owner`. This value must be
                         * included whenever a signature is generated for {permit}.
                         *
                         * Every successful call to {permit} increases ``owner``'s nonce by one. This
                         * prevents a signature from being used multiple times.
                         */
                        function nonces(address owner) external view returns (uint256);
                        /**
                         * @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
                         */
                        // solhint-disable-next-line func-name-mixedcase
                        function DOMAIN_SEPARATOR() external view returns (bytes32);
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
                    pragma solidity ^0.8.0;
                    /**
                     * @dev Interface of the ERC20 standard as defined in the EIP.
                     */
                    interface IERC20 {
                        /**
                         * @dev Emitted when `value` tokens are moved from one account (`from`) to
                         * another (`to`).
                         *
                         * Note that `value` may be zero.
                         */
                        event Transfer(address indexed from, address indexed to, uint256 value);
                        /**
                         * @dev Emitted when the allowance of a `spender` for an `owner` is set by
                         * a call to {approve}. `value` is the new allowance.
                         */
                        event Approval(address indexed owner, address indexed spender, uint256 value);
                        /**
                         * @dev Returns the amount of tokens in existence.
                         */
                        function totalSupply() external view returns (uint256);
                        /**
                         * @dev Returns the amount of tokens owned by `account`.
                         */
                        function balanceOf(address account) external view returns (uint256);
                        /**
                         * @dev Moves `amount` tokens from the caller's account to `to`.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transfer(address to, uint256 amount) external returns (bool);
                        /**
                         * @dev Returns the remaining number of tokens that `spender` will be
                         * allowed to spend on behalf of `owner` through {transferFrom}. This is
                         * zero by default.
                         *
                         * This value changes when {approve} or {transferFrom} are called.
                         */
                        function allowance(address owner, address spender) external view returns (uint256);
                        /**
                         * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * IMPORTANT: Beware that changing an allowance with this method brings the risk
                         * that someone may use both the old and the new allowance by unfortunate
                         * transaction ordering. One possible solution to mitigate this race
                         * condition is to first reduce the spender's allowance to 0 and set the
                         * desired value afterwards:
                         * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
                         *
                         * Emits an {Approval} event.
                         */
                        function approve(address spender, uint256 amount) external returns (bool);
                        /**
                         * @dev Moves `amount` tokens from `from` to `to` using the
                         * allowance mechanism. `amount` is then deducted from the caller's
                         * allowance.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transferFrom(
                            address from,
                            address to,
                            uint256 amount
                        ) external returns (bool);
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
                    pragma solidity ^0.8.0;
                    import "../IERC20.sol";
                    import "../extensions/draft-IERC20Permit.sol";
                    import "../../../utils/Address.sol";
                    /**
                     * @title SafeERC20
                     * @dev Wrappers around ERC20 operations that throw on failure (when the token
                     * contract returns false). Tokens that return no value (and instead revert or
                     * throw on failure) are also supported, non-reverting calls are assumed to be
                     * successful.
                     * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
                     * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
                     */
                    library SafeERC20 {
                        using Address for address;
                        function safeTransfer(
                            IERC20 token,
                            address to,
                            uint256 value
                        ) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
                        }
                        function safeTransferFrom(
                            IERC20 token,
                            address from,
                            address to,
                            uint256 value
                        ) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
                        }
                        /**
                         * @dev Deprecated. This function has issues similar to the ones found in
                         * {IERC20-approve}, and its usage is discouraged.
                         *
                         * Whenever possible, use {safeIncreaseAllowance} and
                         * {safeDecreaseAllowance} instead.
                         */
                        function safeApprove(
                            IERC20 token,
                            address spender,
                            uint256 value
                        ) internal {
                            // safeApprove should only be called when setting an initial allowance,
                            // or when resetting it to zero. To increase and decrease it, use
                            // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
                            require(
                                (value == 0) || (token.allowance(address(this), spender) == 0),
                                "SafeERC20: approve from non-zero to non-zero allowance"
                            );
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
                        }
                        function safeIncreaseAllowance(
                            IERC20 token,
                            address spender,
                            uint256 value
                        ) internal {
                            uint256 newAllowance = token.allowance(address(this), spender) + value;
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                        }
                        function safeDecreaseAllowance(
                            IERC20 token,
                            address spender,
                            uint256 value
                        ) internal {
                            unchecked {
                                uint256 oldAllowance = token.allowance(address(this), spender);
                                require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
                                uint256 newAllowance = oldAllowance - value;
                                _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                            }
                        }
                        function safePermit(
                            IERC20Permit token,
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal {
                            uint256 nonceBefore = token.nonces(owner);
                            token.permit(owner, spender, value, deadline, v, r, s);
                            uint256 nonceAfter = token.nonces(owner);
                            require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
                        }
                        /**
                         * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
                         * on the return value: the return value is optional (but if data is returned, it must not be false).
                         * @param token The token targeted by the call.
                         * @param data The call data (encoded using abi.encode or one of its variants).
                         */
                        function _callOptionalReturn(IERC20 token, bytes memory data) private {
                            // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
                            // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
                            // the target address contains contract code and also asserts for success in the low-level call.
                            bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
                            if (returndata.length > 0) {
                                // Return data is optional
                                require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
                    pragma solidity ^0.8.1;
                    /**
                     * @dev Collection of functions related to the address type
                     */
                    library Address {
                        /**
                         * @dev Returns true if `account` is a contract.
                         *
                         * [IMPORTANT]
                         * ====
                         * It is unsafe to assume that an address for which this function returns
                         * false is an externally-owned account (EOA) and not a contract.
                         *
                         * Among others, `isContract` will return false for the following
                         * types of addresses:
                         *
                         *  - an externally-owned account
                         *  - a contract in construction
                         *  - an address where a contract will be created
                         *  - an address where a contract lived, but was destroyed
                         * ====
                         *
                         * [IMPORTANT]
                         * ====
                         * You shouldn't rely on `isContract` to protect against flash loan attacks!
                         *
                         * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
                         * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
                         * constructor.
                         * ====
                         */
                        function isContract(address account) internal view returns (bool) {
                            // This method relies on extcodesize/address.code.length, which returns 0
                            // for contracts in construction, since the code is only stored at the end
                            // of the constructor execution.
                            return account.code.length > 0;
                        }
                        /**
                         * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
                         * `recipient`, forwarding all available gas and reverting on errors.
                         *
                         * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
                         * of certain opcodes, possibly making contracts go over the 2300 gas limit
                         * imposed by `transfer`, making them unable to receive funds via
                         * `transfer`. {sendValue} removes this limitation.
                         *
                         * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
                         *
                         * IMPORTANT: because control is transferred to `recipient`, care must be
                         * taken to not create reentrancy vulnerabilities. Consider using
                         * {ReentrancyGuard} or the
                         * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
                         */
                        function sendValue(address payable recipient, uint256 amount) internal {
                            require(address(this).balance >= amount, "Address: insufficient balance");
                            (bool success, ) = recipient.call{value: amount}("");
                            require(success, "Address: unable to send value, recipient may have reverted");
                        }
                        /**
                         * @dev Performs a Solidity function call using a low level `call`. A
                         * plain `call` is an unsafe replacement for a function call: use this
                         * function instead.
                         *
                         * If `target` reverts with a revert reason, it is bubbled up by this
                         * function (like regular Solidity function calls).
                         *
                         * Returns the raw returned data. To convert to the expected return value,
                         * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
                         *
                         * Requirements:
                         *
                         * - `target` must be a contract.
                         * - calling `target` with `data` must not revert.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(address target, bytes memory data) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, 0, "Address: low-level call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
                         * `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(
                            address target,
                            bytes memory data,
                            string memory errorMessage
                        ) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, 0, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but also transferring `value` wei to `target`.
                         *
                         * Requirements:
                         *
                         * - the calling contract must have an ETH balance of at least `value`.
                         * - the called Solidity function must be `payable`.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(
                            address target,
                            bytes memory data,
                            uint256 value
                        ) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
                         * with `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(
                            address target,
                            bytes memory data,
                            uint256 value,
                            string memory errorMessage
                        ) internal returns (bytes memory) {
                            require(address(this).balance >= value, "Address: insufficient balance for call");
                            (bool success, bytes memory returndata) = target.call{value: value}(data);
                            return verifyCallResultFromTarget(target, success, returndata, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but performing a static call.
                         *
                         * _Available since v3.3._
                         */
                        function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
                            return functionStaticCall(target, data, "Address: low-level static call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
                         * but performing a static call.
                         *
                         * _Available since v3.3._
                         */
                        function functionStaticCall(
                            address target,
                            bytes memory data,
                            string memory errorMessage
                        ) internal view returns (bytes memory) {
                            (bool success, bytes memory returndata) = target.staticcall(data);
                            return verifyCallResultFromTarget(target, success, returndata, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but performing a delegate call.
                         *
                         * _Available since v3.4._
                         */
                        function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
                            return functionDelegateCall(target, data, "Address: low-level delegate call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
                         * but performing a delegate call.
                         *
                         * _Available since v3.4._
                         */
                        function functionDelegateCall(
                            address target,
                            bytes memory data,
                            string memory errorMessage
                        ) internal returns (bytes memory) {
                            (bool success, bytes memory returndata) = target.delegatecall(data);
                            return verifyCallResultFromTarget(target, success, returndata, errorMessage);
                        }
                        /**
                         * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
                         * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
                         *
                         * _Available since v4.8._
                         */
                        function verifyCallResultFromTarget(
                            address target,
                            bool success,
                            bytes memory returndata,
                            string memory errorMessage
                        ) internal view returns (bytes memory) {
                            if (success) {
                                if (returndata.length == 0) {
                                    // only check isContract if the call was successful and the return data is empty
                                    // otherwise we already know that it was a contract
                                    require(isContract(target), "Address: call to non-contract");
                                }
                                return returndata;
                            } else {
                                _revert(returndata, errorMessage);
                            }
                        }
                        /**
                         * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
                         * revert reason or using the provided one.
                         *
                         * _Available since v4.3._
                         */
                        function verifyCallResult(
                            bool success,
                            bytes memory returndata,
                            string memory errorMessage
                        ) internal pure returns (bytes memory) {
                            if (success) {
                                return returndata;
                            } else {
                                _revert(returndata, errorMessage);
                            }
                        }
                        function _revert(bytes memory returndata, string memory errorMessage) private pure {
                            // Look for revert reason and bubble it up if present
                            if (returndata.length > 0) {
                                // The easiest way to bubble the revert reason is using memory via assembly
                                /// @solidity memory-safe-assembly
                                assembly {
                                    let returndata_size := mload(returndata)
                                    revert(add(32, returndata), returndata_size)
                                }
                            } else {
                                revert(errorMessage);
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
                    pragma solidity ^0.8.0;
                    /**
                     * @dev Provides information about the current execution context, including the
                     * sender of the transaction and its data. While these are generally available
                     * via msg.sender and msg.data, they should not be accessed in such a direct
                     * manner, since when dealing with meta-transactions the account sending and
                     * paying for execution may not be the actual sender (as far as an application
                     * is concerned).
                     *
                     * This contract is only required for intermediate, library-like contracts.
                     */
                    abstract contract Context {
                        function _msgSender() internal view virtual returns (address) {
                            return msg.sender;
                        }
                        function _msgData() internal view virtual returns (bytes calldata) {
                            return msg.data;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol)
                    pragma solidity ^0.8.0;
                    import "../Strings.sol";
                    /**
                     * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
                     *
                     * These functions can be used to verify that a message was signed by the holder
                     * of the private keys of a given address.
                     */
                    library ECDSA {
                        enum RecoverError {
                            NoError,
                            InvalidSignature,
                            InvalidSignatureLength,
                            InvalidSignatureS,
                            InvalidSignatureV // Deprecated in v4.8
                        }
                        function _throwError(RecoverError error) private pure {
                            if (error == RecoverError.NoError) {
                                return; // no error: do nothing
                            } else if (error == RecoverError.InvalidSignature) {
                                revert("ECDSA: invalid signature");
                            } else if (error == RecoverError.InvalidSignatureLength) {
                                revert("ECDSA: invalid signature length");
                            } else if (error == RecoverError.InvalidSignatureS) {
                                revert("ECDSA: invalid signature 's' value");
                            }
                        }
                        /**
                         * @dev Returns the address that signed a hashed message (`hash`) with
                         * `signature` or error string. This address can then be used for verification purposes.
                         *
                         * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
                         * this function rejects them by requiring the `s` value to be in the lower
                         * half order, and the `v` value to be either 27 or 28.
                         *
                         * IMPORTANT: `hash` _must_ be the result of a hash operation for the
                         * verification to be secure: it is possible to craft signatures that
                         * recover to arbitrary addresses for non-hashed data. A safe way to ensure
                         * this is by receiving a hash of the original message (which may otherwise
                         * be too long), and then calling {toEthSignedMessageHash} on it.
                         *
                         * Documentation for signature generation:
                         * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
                         * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
                         *
                         * _Available since v4.3._
                         */
                        function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
                            if (signature.length == 65) {
                                bytes32 r;
                                bytes32 s;
                                uint8 v;
                                // ecrecover takes the signature parameters, and the only way to get them
                                // currently is to use assembly.
                                /// @solidity memory-safe-assembly
                                assembly {
                                    r := mload(add(signature, 0x20))
                                    s := mload(add(signature, 0x40))
                                    v := byte(0, mload(add(signature, 0x60)))
                                }
                                return tryRecover(hash, v, r, s);
                            } else {
                                return (address(0), RecoverError.InvalidSignatureLength);
                            }
                        }
                        /**
                         * @dev Returns the address that signed a hashed message (`hash`) with
                         * `signature`. This address can then be used for verification purposes.
                         *
                         * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
                         * this function rejects them by requiring the `s` value to be in the lower
                         * half order, and the `v` value to be either 27 or 28.
                         *
                         * IMPORTANT: `hash` _must_ be the result of a hash operation for the
                         * verification to be secure: it is possible to craft signatures that
                         * recover to arbitrary addresses for non-hashed data. A safe way to ensure
                         * this is by receiving a hash of the original message (which may otherwise
                         * be too long), and then calling {toEthSignedMessageHash} on it.
                         */
                        function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
                            (address recovered, RecoverError error) = tryRecover(hash, signature);
                            _throwError(error);
                            return recovered;
                        }
                        /**
                         * @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
                         *
                         * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
                         *
                         * _Available since v4.3._
                         */
                        function tryRecover(
                            bytes32 hash,
                            bytes32 r,
                            bytes32 vs
                        ) internal pure returns (address, RecoverError) {
                            bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
                            uint8 v = uint8((uint256(vs) >> 255) + 27);
                            return tryRecover(hash, v, r, s);
                        }
                        /**
                         * @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
                         *
                         * _Available since v4.2._
                         */
                        function recover(
                            bytes32 hash,
                            bytes32 r,
                            bytes32 vs
                        ) internal pure returns (address) {
                            (address recovered, RecoverError error) = tryRecover(hash, r, vs);
                            _throwError(error);
                            return recovered;
                        }
                        /**
                         * @dev Overload of {ECDSA-tryRecover} that receives the `v`,
                         * `r` and `s` signature fields separately.
                         *
                         * _Available since v4.3._
                         */
                        function tryRecover(
                            bytes32 hash,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal pure returns (address, RecoverError) {
                            // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
                            // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
                            // the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
                            // signatures from current libraries generate a unique signature with an s-value in the lower half order.
                            //
                            // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
                            // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
                            // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
                            // these malleable signatures as well.
                            if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
                                return (address(0), RecoverError.InvalidSignatureS);
                            }
                            // If the signature is valid (and not malleable), return the signer address
                            address signer = ecrecover(hash, v, r, s);
                            if (signer == address(0)) {
                                return (address(0), RecoverError.InvalidSignature);
                            }
                            return (signer, RecoverError.NoError);
                        }
                        /**
                         * @dev Overload of {ECDSA-recover} that receives the `v`,
                         * `r` and `s` signature fields separately.
                         */
                        function recover(
                            bytes32 hash,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal pure returns (address) {
                            (address recovered, RecoverError error) = tryRecover(hash, v, r, s);
                            _throwError(error);
                            return recovered;
                        }
                        /**
                         * @dev Returns an Ethereum Signed Message, created from a `hash`. This
                         * produces hash corresponding to the one signed with the
                         * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
                         * JSON-RPC method as part of EIP-191.
                         *
                         * See {recover}.
                         */
                        function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
                            // 32 is the length in bytes of hash,
                            // enforced by the type signature above
                            return keccak256(abi.encodePacked("\\x19Ethereum Signed Message:\
                    32", hash));
                        }
                        /**
                         * @dev Returns an Ethereum Signed Message, created from `s`. This
                         * produces hash corresponding to the one signed with the
                         * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
                         * JSON-RPC method as part of EIP-191.
                         *
                         * See {recover}.
                         */
                        function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
                            return keccak256(abi.encodePacked("\\x19Ethereum Signed Message:\
                    ", Strings.toString(s.length), s));
                        }
                        /**
                         * @dev Returns an Ethereum Signed Typed Data, created from a
                         * `domainSeparator` and a `structHash`. This produces hash corresponding
                         * to the one signed with the
                         * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
                         * JSON-RPC method as part of EIP-712.
                         *
                         * See {recover}.
                         */
                        function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
                            return keccak256(abi.encodePacked("\\x19\\x01", domainSeparator, structHash));
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/EIP712.sol)
                    pragma solidity ^0.8.0;
                    import "./ECDSA.sol";
                    /**
                     * @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
                     *
                     * The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
                     * thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
                     * they need in their contracts using a combination of `abi.encode` and `keccak256`.
                     *
                     * This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
                     * scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
                     * ({_hashTypedDataV4}).
                     *
                     * The implementation of the domain separator was designed to be as efficient as possible while still properly updating
                     * the chain id to protect against replay attacks on an eventual fork of the chain.
                     *
                     * NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
                     * https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
                     *
                     * _Available since v3.4._
                     */
                    abstract contract EIP712 {
                        /* solhint-disable var-name-mixedcase */
                        // Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
                        // invalidate the cached domain separator if the chain id changes.
                        bytes32 private immutable _CACHED_DOMAIN_SEPARATOR;
                        uint256 private immutable _CACHED_CHAIN_ID;
                        address private immutable _CACHED_THIS;
                        bytes32 private immutable _HASHED_NAME;
                        bytes32 private immutable _HASHED_VERSION;
                        bytes32 private immutable _TYPE_HASH;
                        /* solhint-enable var-name-mixedcase */
                        /**
                         * @dev Initializes the domain separator and parameter caches.
                         *
                         * The meaning of `name` and `version` is specified in
                         * https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
                         *
                         * - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
                         * - `version`: the current major version of the signing domain.
                         *
                         * NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
                         * contract upgrade].
                         */
                        constructor(string memory name, string memory version) {
                            bytes32 hashedName = keccak256(bytes(name));
                            bytes32 hashedVersion = keccak256(bytes(version));
                            bytes32 typeHash = keccak256(
                                "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
                            );
                            _HASHED_NAME = hashedName;
                            _HASHED_VERSION = hashedVersion;
                            _CACHED_CHAIN_ID = block.chainid;
                            _CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(typeHash, hashedName, hashedVersion);
                            _CACHED_THIS = address(this);
                            _TYPE_HASH = typeHash;
                        }
                        /**
                         * @dev Returns the domain separator for the current chain.
                         */
                        function _domainSeparatorV4() internal view returns (bytes32) {
                            if (address(this) == _CACHED_THIS && block.chainid == _CACHED_CHAIN_ID) {
                                return _CACHED_DOMAIN_SEPARATOR;
                            } else {
                                return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
                            }
                        }
                        function _buildDomainSeparator(
                            bytes32 typeHash,
                            bytes32 nameHash,
                            bytes32 versionHash
                        ) private view returns (bytes32) {
                            return keccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this)));
                        }
                        /**
                         * @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
                         * function returns the hash of the fully encoded EIP712 message for this domain.
                         *
                         * This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
                         *
                         * ```solidity
                         * bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
                         *     keccak256("Mail(address to,string contents)"),
                         *     mailTo,
                         *     keccak256(bytes(mailContents))
                         * )));
                         * address signer = ECDSA.recover(digest, signature);
                         * ```
                         */
                        function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
                            return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)
                    pragma solidity ^0.8.0;
                    /**
                     * @dev Standard math utilities missing in the Solidity language.
                     */
                    library Math {
                        enum Rounding {
                            Down, // Toward negative infinity
                            Up, // Toward infinity
                            Zero // Toward zero
                        }
                        /**
                         * @dev Returns the largest of two numbers.
                         */
                        function max(uint256 a, uint256 b) internal pure returns (uint256) {
                            return a > b ? a : b;
                        }
                        /**
                         * @dev Returns the smallest of two numbers.
                         */
                        function min(uint256 a, uint256 b) internal pure returns (uint256) {
                            return a < b ? a : b;
                        }
                        /**
                         * @dev Returns the average of two numbers. The result is rounded towards
                         * zero.
                         */
                        function average(uint256 a, uint256 b) internal pure returns (uint256) {
                            // (a + b) / 2 can overflow.
                            return (a & b) + (a ^ b) / 2;
                        }
                        /**
                         * @dev Returns the ceiling of the division of two numbers.
                         *
                         * This differs from standard division with `/` in that it rounds up instead
                         * of rounding down.
                         */
                        function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
                            // (a + b - 1) / b can overflow on addition, so we distribute.
                            return a == 0 ? 0 : (a - 1) / b + 1;
                        }
                        /**
                         * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
                         * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
                         * with further edits by Uniswap Labs also under MIT license.
                         */
                        function mulDiv(
                            uint256 x,
                            uint256 y,
                            uint256 denominator
                        ) internal pure returns (uint256 result) {
                            unchecked {
                                // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
                                // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
                                // variables such that product = prod1 * 2^256 + prod0.
                                uint256 prod0; // Least significant 256 bits of the product
                                uint256 prod1; // Most significant 256 bits of the product
                                assembly {
                                    let mm := mulmod(x, y, not(0))
                                    prod0 := mul(x, y)
                                    prod1 := sub(sub(mm, prod0), lt(mm, prod0))
                                }
                                // Handle non-overflow cases, 256 by 256 division.
                                if (prod1 == 0) {
                                    return prod0 / denominator;
                                }
                                // Make sure the result is less than 2^256. Also prevents denominator == 0.
                                require(denominator > prod1);
                                ///////////////////////////////////////////////
                                // 512 by 256 division.
                                ///////////////////////////////////////////////
                                // Make division exact by subtracting the remainder from [prod1 prod0].
                                uint256 remainder;
                                assembly {
                                    // Compute remainder using mulmod.
                                    remainder := mulmod(x, y, denominator)
                                    // Subtract 256 bit number from 512 bit number.
                                    prod1 := sub(prod1, gt(remainder, prod0))
                                    prod0 := sub(prod0, remainder)
                                }
                                // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
                                // See https://cs.stackexchange.com/q/138556/92363.
                                // Does not overflow because the denominator cannot be zero at this stage in the function.
                                uint256 twos = denominator & (~denominator + 1);
                                assembly {
                                    // Divide denominator by twos.
                                    denominator := div(denominator, twos)
                                    // Divide [prod1 prod0] by twos.
                                    prod0 := div(prod0, twos)
                                    // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
                                    twos := add(div(sub(0, twos), twos), 1)
                                }
                                // Shift in bits from prod1 into prod0.
                                prod0 |= prod1 * twos;
                                // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
                                // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
                                // four bits. That is, denominator * inv = 1 mod 2^4.
                                uint256 inverse = (3 * denominator) ^ 2;
                                // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
                                // in modular arithmetic, doubling the correct bits in each step.
                                inverse *= 2 - denominator * inverse; // inverse mod 2^8
                                inverse *= 2 - denominator * inverse; // inverse mod 2^16
                                inverse *= 2 - denominator * inverse; // inverse mod 2^32
                                inverse *= 2 - denominator * inverse; // inverse mod 2^64
                                inverse *= 2 - denominator * inverse; // inverse mod 2^128
                                inverse *= 2 - denominator * inverse; // inverse mod 2^256
                                // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
                                // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
                                // less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
                                // is no longer required.
                                result = prod0 * inverse;
                                return result;
                            }
                        }
                        /**
                         * @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
                         */
                        function mulDiv(
                            uint256 x,
                            uint256 y,
                            uint256 denominator,
                            Rounding rounding
                        ) internal pure returns (uint256) {
                            uint256 result = mulDiv(x, y, denominator);
                            if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
                                result += 1;
                            }
                            return result;
                        }
                        /**
                         * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
                         *
                         * Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
                         */
                        function sqrt(uint256 a) internal pure returns (uint256) {
                            if (a == 0) {
                                return 0;
                            }
                            // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
                            //
                            // We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
                            // `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
                            //
                            // This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
                            // → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
                            // → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
                            //
                            // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
                            uint256 result = 1 << (log2(a) >> 1);
                            // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
                            // since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
                            // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
                            // into the expected uint128 result.
                            unchecked {
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                result = (result + a / result) >> 1;
                                return min(result, a / result);
                            }
                        }
                        /**
                         * @notice Calculates sqrt(a), following the selected rounding direction.
                         */
                        function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
                            unchecked {
                                uint256 result = sqrt(a);
                                return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
                            }
                        }
                        /**
                         * @dev Return the log in base 2, rounded down, of a positive value.
                         * Returns 0 if given 0.
                         */
                        function log2(uint256 value) internal pure returns (uint256) {
                            uint256 result = 0;
                            unchecked {
                                if (value >> 128 > 0) {
                                    value >>= 128;
                                    result += 128;
                                }
                                if (value >> 64 > 0) {
                                    value >>= 64;
                                    result += 64;
                                }
                                if (value >> 32 > 0) {
                                    value >>= 32;
                                    result += 32;
                                }
                                if (value >> 16 > 0) {
                                    value >>= 16;
                                    result += 16;
                                }
                                if (value >> 8 > 0) {
                                    value >>= 8;
                                    result += 8;
                                }
                                if (value >> 4 > 0) {
                                    value >>= 4;
                                    result += 4;
                                }
                                if (value >> 2 > 0) {
                                    value >>= 2;
                                    result += 2;
                                }
                                if (value >> 1 > 0) {
                                    result += 1;
                                }
                            }
                            return result;
                        }
                        /**
                         * @dev Return the log in base 2, following the selected rounding direction, of a positive value.
                         * Returns 0 if given 0.
                         */
                        function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
                            unchecked {
                                uint256 result = log2(value);
                                return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
                            }
                        }
                        /**
                         * @dev Return the log in base 10, rounded down, of a positive value.
                         * Returns 0 if given 0.
                         */
                        function log10(uint256 value) internal pure returns (uint256) {
                            uint256 result = 0;
                            unchecked {
                                if (value >= 10**64) {
                                    value /= 10**64;
                                    result += 64;
                                }
                                if (value >= 10**32) {
                                    value /= 10**32;
                                    result += 32;
                                }
                                if (value >= 10**16) {
                                    value /= 10**16;
                                    result += 16;
                                }
                                if (value >= 10**8) {
                                    value /= 10**8;
                                    result += 8;
                                }
                                if (value >= 10**4) {
                                    value /= 10**4;
                                    result += 4;
                                }
                                if (value >= 10**2) {
                                    value /= 10**2;
                                    result += 2;
                                }
                                if (value >= 10**1) {
                                    result += 1;
                                }
                            }
                            return result;
                        }
                        /**
                         * @dev Return the log in base 10, following the selected rounding direction, of a positive value.
                         * Returns 0 if given 0.
                         */
                        function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
                            unchecked {
                                uint256 result = log10(value);
                                return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
                            }
                        }
                        /**
                         * @dev Return the log in base 256, rounded down, of a positive value.
                         * Returns 0 if given 0.
                         *
                         * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
                         */
                        function log256(uint256 value) internal pure returns (uint256) {
                            uint256 result = 0;
                            unchecked {
                                if (value >> 128 > 0) {
                                    value >>= 128;
                                    result += 16;
                                }
                                if (value >> 64 > 0) {
                                    value >>= 64;
                                    result += 8;
                                }
                                if (value >> 32 > 0) {
                                    value >>= 32;
                                    result += 4;
                                }
                                if (value >> 16 > 0) {
                                    value >>= 16;
                                    result += 2;
                                }
                                if (value >> 8 > 0) {
                                    result += 1;
                                }
                            }
                            return result;
                        }
                        /**
                         * @dev Return the log in base 10, following the selected rounding direction, of a positive value.
                         * Returns 0 if given 0.
                         */
                        function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
                            unchecked {
                                uint256 result = log256(value);
                                return result + (rounding == Rounding.Up && 1 << (result * 8) < value ? 1 : 0);
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    // OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol)
                    pragma solidity ^0.8.0;
                    import "./math/Math.sol";
                    /**
                     * @dev String operations.
                     */
                    library Strings {
                        bytes16 private constant _SYMBOLS = "0123456789abcdef";
                        uint8 private constant _ADDRESS_LENGTH = 20;
                        /**
                         * @dev Converts a `uint256` to its ASCII `string` decimal representation.
                         */
                        function toString(uint256 value) internal pure returns (string memory) {
                            unchecked {
                                uint256 length = Math.log10(value) + 1;
                                string memory buffer = new string(length);
                                uint256 ptr;
                                /// @solidity memory-safe-assembly
                                assembly {
                                    ptr := add(buffer, add(32, length))
                                }
                                while (true) {
                                    ptr--;
                                    /// @solidity memory-safe-assembly
                                    assembly {
                                        mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
                                    }
                                    value /= 10;
                                    if (value == 0) break;
                                }
                                return buffer;
                            }
                        }
                        /**
                         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
                         */
                        function toHexString(uint256 value) internal pure returns (string memory) {
                            unchecked {
                                return toHexString(value, Math.log256(value) + 1);
                            }
                        }
                        /**
                         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
                         */
                        function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
                            bytes memory buffer = new bytes(2 * length + 2);
                            buffer[0] = "0";
                            buffer[1] = "x";
                            for (uint256 i = 2 * length + 1; i > 1; --i) {
                                buffer[i] = _SYMBOLS[value & 0xf];
                                value >>= 4;
                            }
                            require(value == 0, "Strings: hex length insufficient");
                            return string(buffer);
                        }
                        /**
                         * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
                         */
                        function toHexString(address addr) internal pure returns (string memory) {
                            return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity 0.8.17;
                    interface ISwapERC20 {
                      struct OrderERC20 {
                        uint256 nonce; // Unique number per signatory per order
                        uint256 expiry; // Expiry time (seconds since unix epoch)
                        address signerWallet; // Party to the swap that sets terms
                        address signerToken; // ERC20 token address transferred from signer
                        uint256 signerAmount; // Amount of tokens transferred from signer
                        address senderWallet; // Party to the swap that accepts terms
                        address senderToken; // ERC20 token address transferred from sender
                        uint256 senderAmount; // Amount of tokens transferred from sender
                        uint8 v; // ECDSA
                        bytes32 r;
                        bytes32 s;
                      }
                      event SwapERC20(
                        uint256 indexed nonce,
                        address indexed signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        uint256 protocolFee,
                        address indexed senderWallet,
                        address senderToken,
                        uint256 senderAmount
                      );
                      event Cancel(uint256 indexed nonce, address indexed signerWallet);
                      event Authorize(address indexed signer, address indexed signerWallet);
                      event Revoke(address indexed signer, address indexed signerWallet);
                      event SetProtocolFee(uint256 protocolFee);
                      event SetProtocolFeeLight(uint256 protocolFeeLight);
                      event SetProtocolFeeWallet(address indexed feeWallet);
                      event SetRebateScale(uint256 rebateScale);
                      event SetRebateMax(uint256 rebateMax);
                      event SetStaking(address indexed staking);
                      error ChainIdChanged();
                      error InvalidFee();
                      error InvalidFeeLight();
                      error InvalidFeeWallet();
                      error InvalidStaking();
                      error OrderExpired();
                      error MaxTooHigh();
                      error NonceAlreadyUsed(uint256);
                      error ScaleTooHigh();
                      error SignatureInvalid();
                      error SignatoryInvalid();
                      error SignatoryUnauthorized();
                      error Unauthorized();
                      function swap(
                        address recipient,
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external;
                      function swapAnySender(
                        address recipient,
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external;
                      function swapLight(
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external;
                      function authorize(address sender) external;
                      function revoke() external;
                      function cancel(uint256[] calldata nonces) external;
                      function nonceUsed(address, uint256) external view returns (bool);
                      function authorized(address) external view returns (address);
                      function calculateProtocolFee(
                        address,
                        uint256
                      ) external view returns (uint256);
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity 0.8.17;
                    import "@openzeppelin/contracts/access/Ownable2Step.sol";
                    import "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
                    import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
                    import "./interfaces/ISwapERC20.sol";
                    /**
                     * @title AirSwap: Atomic ERC20 Token Swap
                     * @notice https://www.airswap.io/
                     */
                    contract SwapERC20 is ISwapERC20, Ownable2Step, EIP712 {
                      using SafeERC20 for IERC20;
                      bytes32 public constant ORDER_TYPEHASH =
                        keccak256(
                          abi.encodePacked(
                            "OrderERC20(uint256 nonce,uint256 expiry,address signerWallet,address signerToken,uint256 signerAmount,",
                            "uint256 protocolFee,address senderWallet,address senderToken,uint256 senderAmount)"
                          )
                        );
                      // Domain name and version for use in EIP712 signatures
                      string public constant DOMAIN_NAME = "SWAP_ERC20";
                      string public constant DOMAIN_VERSION = "4";
                      uint256 public immutable DOMAIN_CHAIN_ID;
                      bytes32 public immutable DOMAIN_SEPARATOR;
                      uint256 public constant FEE_DIVISOR = 10000;
                      uint256 internal constant MAX_PERCENTAGE = 100;
                      uint256 internal constant MAX_SCALE = 77;
                      uint256 internal constant MAX_ERROR_COUNT = 9;
                      /**
                       * @notice Double mapping of signers to nonce groups to nonce states
                       * @dev The nonce group is computed as nonce / 256, so each group of 256 sequential nonces uses the same key
                       * @dev The nonce states are encoded as 256 bits, for each nonce in the group 0 means available and 1 means used
                       */
                      mapping(address => mapping(uint256 => uint256)) internal _nonceGroups;
                      // Mapping of signer to authorized signatory
                      mapping(address => address) public override authorized;
                      uint256 public protocolFee;
                      uint256 public protocolFeeLight;
                      address public protocolFeeWallet;
                      uint256 public rebateScale;
                      uint256 public rebateMax;
                      address public staking;
                      /**
                       * @notice Constructor
                       * @dev Sets domain and version for EIP712 signatures
                       * @param _protocolFee uin256 fee to be assessed on swaps
                       * @param _protocolFeeWallet address destination for fees
                       * @param _rebateScale uin256 scale factor for rebate
                       * @param _rebateMax uint256 max rebate percentage
                       * @param _staking address staking contract address
                       */
                      constructor(
                        uint256 _protocolFee,
                        uint256 _protocolFeeLight,
                        address _protocolFeeWallet,
                        uint256 _rebateScale,
                        uint256 _rebateMax,
                        address _staking
                      ) EIP712(DOMAIN_NAME, DOMAIN_VERSION) {
                        if (_protocolFee >= FEE_DIVISOR) revert InvalidFee();
                        if (_protocolFeeLight >= FEE_DIVISOR) revert InvalidFeeLight();
                        if (_protocolFeeWallet == address(0)) revert InvalidFeeWallet();
                        if (_rebateScale > MAX_SCALE) revert ScaleTooHigh();
                        if (_rebateMax > MAX_PERCENTAGE) revert MaxTooHigh();
                        if (_staking == address(0)) revert InvalidStaking();
                        DOMAIN_CHAIN_ID = block.chainid;
                        DOMAIN_SEPARATOR = _domainSeparatorV4();
                        protocolFee = _protocolFee;
                        protocolFeeLight = _protocolFeeLight;
                        protocolFeeWallet = _protocolFeeWallet;
                        rebateScale = _rebateScale;
                        rebateMax = _rebateMax;
                        staking = _staking;
                      }
                      /**
                       * @notice Atomic ERC20 Swap
                       * @param recipient address Wallet to receive sender proceeds
                       * @param nonce uint256 Unique and should be sequential
                       * @param expiry uint256 Expiry in seconds since 1 January 1970
                       * @param signerWallet address Wallet of the signer
                       * @param signerToken address ERC20 token transferred from the signer
                       * @param signerAmount uint256 Amount transferred from the signer
                       * @param senderToken address ERC20 token transferred from the sender
                       * @param senderAmount uint256 Amount transferred from the sender
                       * @param v uint8 "v" value of the ECDSA signature
                       * @param r bytes32 "r" value of the ECDSA signature
                       * @param s bytes32 "s" value of the ECDSA signature
                       */
                      function swap(
                        address recipient,
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external override {
                        // Ensure the order is valid for signer and sender
                        _check(
                          nonce,
                          expiry,
                          signerWallet,
                          signerToken,
                          signerAmount,
                          msg.sender,
                          senderToken,
                          senderAmount,
                          v,
                          r,
                          s
                        );
                        // Transfer token from sender to signer
                        IERC20(senderToken).safeTransferFrom(
                          msg.sender,
                          signerWallet,
                          senderAmount
                        );
                        // Transfer token from signer to recipient
                        IERC20(signerToken).safeTransferFrom(signerWallet, recipient, signerAmount);
                        // Calculate and transfer protocol fee and any rebate
                        _transferProtocolFee(signerToken, signerWallet, signerAmount);
                        // Emit a Swap event
                        emit SwapERC20(
                          nonce,
                          signerWallet,
                          signerToken,
                          signerAmount,
                          protocolFee,
                          msg.sender,
                          senderToken,
                          senderAmount
                        );
                      }
                      /**
                       * @notice Atomic ERC20 Swap for Any Sender
                       * @param recipient address Wallet to receive sender proceeds
                       * @param nonce uint256 Unique and should be sequential
                       * @param expiry uint256 Expiry in seconds since 1 January 1970
                       * @param signerWallet address Wallet of the signer
                       * @param signerToken address ERC20 token transferred from the signer
                       * @param signerAmount uint256 Amount transferred from the signer
                       * @param senderToken address ERC20 token transferred from the sender
                       * @param senderAmount uint256 Amount transferred from the sender
                       * @param v uint8 "v" value of the ECDSA signature
                       * @param r bytes32 "r" value of the ECDSA signature
                       * @param s bytes32 "s" value of the ECDSA signature
                       */
                      function swapAnySender(
                        address recipient,
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external override {
                        // Ensure the order is valid
                        _check(
                          nonce,
                          expiry,
                          signerWallet,
                          signerToken,
                          signerAmount,
                          address(0),
                          senderToken,
                          senderAmount,
                          v,
                          r,
                          s
                        );
                        // Transfer token from sender to signer
                        IERC20(senderToken).safeTransferFrom(
                          msg.sender,
                          signerWallet,
                          senderAmount
                        );
                        // Transfer token from signer to recipient
                        IERC20(signerToken).safeTransferFrom(signerWallet, recipient, signerAmount);
                        // Calculate and transfer protocol fee and any rebate
                        _transferProtocolFee(signerToken, signerWallet, signerAmount);
                        // Emit a Swap event
                        emit SwapERC20(
                          nonce,
                          signerWallet,
                          signerToken,
                          signerAmount,
                          protocolFee,
                          msg.sender,
                          senderToken,
                          senderAmount
                        );
                      }
                      /**
                       * @notice Swap Atomic ERC20 Swap (Low Gas Usage)
                       * @param nonce uint256 Unique and should be sequential
                       * @param expiry uint256 Expiry in seconds since 1 January 1970
                       * @param signerWallet address Wallet of the signer
                       * @param signerToken address ERC20 token transferred from the signer
                       * @param signerAmount uint256 Amount transferred from the signer
                       * @param senderToken address ERC20 token transferred from the sender
                       * @param senderAmount uint256 Amount transferred from the sender
                       * @param v uint8 "v" value of the ECDSA signature
                       * @param r bytes32 "r" value of the ECDSA signature
                       * @param s bytes32 "s" value of the ECDSA signature
                       */
                      function swapLight(
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) external override {
                        if (DOMAIN_CHAIN_ID != block.chainid) revert ChainIdChanged();
                        // Ensure the expiry is not passed
                        if (expiry <= block.timestamp) revert OrderExpired();
                        // Recover the signatory from the hash and signature
                        (address signatory, ) = ECDSA.tryRecover(
                          keccak256(
                            abi.encodePacked(
                              "\\x19\\x01", // EIP191: Indicates EIP712
                              DOMAIN_SEPARATOR,
                              keccak256(
                                abi.encode(
                                  ORDER_TYPEHASH,
                                  nonce,
                                  expiry,
                                  signerWallet,
                                  signerToken,
                                  signerAmount,
                                  protocolFeeLight,
                                  msg.sender,
                                  senderToken,
                                  senderAmount
                                )
                              )
                            )
                          ),
                          v,
                          r,
                          s
                        );
                        // Ensure the signatory is not null
                        if (signatory == address(0)) revert SignatureInvalid();
                        // Ensure the nonce is not yet used and if not mark it used
                        if (!_markNonceAsUsed(signatory, nonce)) revert NonceAlreadyUsed(nonce);
                        // Ensure signatory is authorized to sign
                        if (authorized[signerWallet] != address(0)) {
                          // If one is set by signer wallet, signatory must be authorized
                          if (signatory != authorized[signerWallet]) revert SignatoryUnauthorized();
                        } else {
                          // Otherwise, signatory must be signer wallet
                          if (signatory != signerWallet) revert Unauthorized();
                        }
                        // Transfer token from sender to signer
                        IERC20(senderToken).safeTransferFrom(
                          msg.sender,
                          signerWallet,
                          senderAmount
                        );
                        // Transfer token from signer to recipient
                        IERC20(signerToken).safeTransferFrom(
                          signerWallet,
                          msg.sender,
                          signerAmount
                        );
                        // Transfer fee from signer to feeWallet
                        IERC20(signerToken).safeTransferFrom(
                          signerWallet,
                          protocolFeeWallet,
                          (signerAmount * protocolFeeLight) / FEE_DIVISOR
                        );
                        // Emit a Swap event
                        emit SwapERC20(
                          nonce,
                          signerWallet,
                          signerToken,
                          signerAmount,
                          protocolFeeLight,
                          msg.sender,
                          senderToken,
                          senderAmount
                        );
                      }
                      /**
                       * @notice Set the fee
                       * @param _protocolFee uint256 Value of the fee in basis points
                       */
                      function setProtocolFee(uint256 _protocolFee) external onlyOwner {
                        // Ensure the fee is less than divisor
                        if (_protocolFee >= FEE_DIVISOR) revert InvalidFee();
                        protocolFee = _protocolFee;
                        emit SetProtocolFee(_protocolFee);
                      }
                      /**
                       * @notice Set the light fee
                       * @param _protocolFeeLight uint256 Value of the fee in basis points
                       */
                      function setProtocolFeeLight(uint256 _protocolFeeLight) external onlyOwner {
                        // Ensure the fee is less than divisor
                        if (_protocolFeeLight >= FEE_DIVISOR) revert InvalidFeeLight();
                        protocolFeeLight = _protocolFeeLight;
                        emit SetProtocolFeeLight(_protocolFeeLight);
                      }
                      /**
                       * @notice Set the fee wallet
                       * @param _protocolFeeWallet address Wallet to transfer fee to
                       */
                      function setProtocolFeeWallet(address _protocolFeeWallet) external onlyOwner {
                        // Ensure the new fee wallet is not null
                        if (_protocolFeeWallet == address(0)) revert InvalidFeeWallet();
                        protocolFeeWallet = _protocolFeeWallet;
                        emit SetProtocolFeeWallet(_protocolFeeWallet);
                      }
                      /**
                       * @notice Set scale
                       * @dev Only owner
                       * @param _rebateScale uint256
                       */
                      function setRebateScale(uint256 _rebateScale) external onlyOwner {
                        if (_rebateScale > MAX_SCALE) revert ScaleTooHigh();
                        rebateScale = _rebateScale;
                        emit SetRebateScale(_rebateScale);
                      }
                      /**
                       * @notice Set max
                       * @dev Only owner
                       * @param _rebateMax uint256
                       */
                      function setRebateMax(uint256 _rebateMax) external onlyOwner {
                        if (_rebateMax > MAX_PERCENTAGE) revert MaxTooHigh();
                        rebateMax = _rebateMax;
                        emit SetRebateMax(_rebateMax);
                      }
                      /**
                       * @notice Set the staking token
                       * @param newstaking address Token to check balances on
                       */
                      function setStaking(address newstaking) external onlyOwner {
                        // Ensure the new staking token is not null
                        if (newstaking == address(0)) revert InvalidStaking();
                        staking = newstaking;
                        emit SetStaking(newstaking);
                      }
                      /**
                       * @notice Authorize a signatory
                       * @param signatory address Wallet of the signatory to authorize
                       * @dev Emits an Authorize event
                       */
                      function authorize(address signatory) external override {
                        if (signatory == address(0)) revert SignatoryInvalid();
                        authorized[msg.sender] = signatory;
                        emit Authorize(signatory, msg.sender);
                      }
                      /**
                       * @notice Revoke the signatory
                       * @dev Emits a Revoke event
                       */
                      function revoke() external override {
                        address tmp = authorized[msg.sender];
                        delete authorized[msg.sender];
                        emit Revoke(tmp, msg.sender);
                      }
                      /**
                       * @notice Cancel one or more nonces
                       * @dev Cancelled nonces are marked as used
                       * @dev Emits a Cancel event
                       * @dev Out of gas may occur in arrays of length > 400
                       * @param nonces uint256[] List of nonces to cancel
                       */
                      function cancel(uint256[] calldata nonces) external override {
                        for (uint256 i = 0; i < nonces.length; i++) {
                          uint256 nonce = nonces[i];
                          if (_markNonceAsUsed(msg.sender, nonce)) {
                            emit Cancel(nonce, msg.sender);
                          }
                        }
                      }
                      /**
                       * @notice Checks order and returns list of errors
                       * @param senderWallet address Wallet that would send the order
                       * @param nonce uint256 Unique and should be sequential
                       * @param expiry uint256 Expiry in seconds since 1 January 1970
                       * @param signerWallet address Wallet of the signer
                       * @param signerToken address ERC20 token transferred from the signer
                       * @param signerAmount uint256 Amount transferred from the signer
                       * @param senderToken address ERC20 token transferred from the sender
                       * @param senderAmount uint256 Amount transferred from the sender
                       * @param v uint8 "v" value of the ECDSA signature
                       * @param r bytes32 "r" value of the ECDSA signature
                       * @param s bytes32 "s" value of the ECDSA signature
                       * @return tuple of error count and bytes32[] memory array of error messages
                       */
                      function check(
                        address senderWallet,
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) public view returns (uint256, bytes32[] memory) {
                        bytes32[] memory errors = new bytes32[](MAX_ERROR_COUNT);
                        OrderERC20 memory order;
                        uint256 errCount;
                        order.nonce = nonce;
                        order.expiry = expiry;
                        order.signerWallet = signerWallet;
                        order.signerToken = signerToken;
                        order.signerAmount = signerAmount;
                        order.senderToken = senderToken;
                        order.senderAmount = senderAmount;
                        order.v = v;
                        order.r = r;
                        order.s = s;
                        order.senderWallet = senderWallet;
                        address signatory = ecrecover(
                          _getOrderHash(
                            order.nonce,
                            order.expiry,
                            order.signerWallet,
                            order.signerToken,
                            order.signerAmount,
                            order.senderWallet,
                            order.senderToken,
                            order.senderAmount
                          ),
                          order.v,
                          order.r,
                          order.s
                        );
                        if (signatory == address(0)) {
                          errors[errCount] = "SignatureInvalid";
                          errCount++;
                        } else {
                          if (
                            authorized[order.signerWallet] != address(0) &&
                            signatory != authorized[order.signerWallet]
                          ) {
                            errors[errCount] = "SignatoryUnauthorized";
                            errCount++;
                          } else if (
                            authorized[order.signerWallet] == address(0) &&
                            signatory != order.signerWallet
                          ) {
                            errors[errCount] = "Unauthorized";
                            errCount++;
                          } else if (nonceUsed(signatory, order.nonce)) {
                            errors[errCount] = "NonceAlreadyUsed";
                            errCount++;
                          }
                        }
                        if (order.expiry < block.timestamp) {
                          errors[errCount] = "OrderExpired";
                          errCount++;
                        }
                        if (order.senderWallet != address(0)) {
                          uint256 senderBalance = IERC20(order.senderToken).balanceOf(
                            order.senderWallet
                          );
                          uint256 senderAllowance = IERC20(order.senderToken).allowance(
                            order.senderWallet,
                            address(this)
                          );
                          if (senderAllowance < order.senderAmount) {
                            errors[errCount] = "SenderAllowanceLow";
                            errCount++;
                          }
                          if (senderBalance < order.senderAmount) {
                            errors[errCount] = "SenderBalanceLow";
                            errCount++;
                          }
                        }
                        uint256 signerBalance = IERC20(order.signerToken).balanceOf(
                          order.signerWallet
                        );
                        uint256 signerAllowance = IERC20(order.signerToken).allowance(
                          order.signerWallet,
                          address(this)
                        );
                        uint256 signerFeeAmount = (order.signerAmount * protocolFee) / FEE_DIVISOR;
                        if (signerAllowance < order.signerAmount + signerFeeAmount) {
                          errors[errCount] = "SignerAllowanceLow";
                          errCount++;
                        }
                        if (signerBalance < order.signerAmount + signerFeeAmount) {
                          errors[errCount] = "SignerBalanceLow";
                          errCount++;
                        }
                        return (errCount, errors);
                      }
                      /**
                       * @notice Calculate output amount for an input score
                       * @param stakingBalance uint256
                       * @param feeAmount uint256
                       */
                      function calculateDiscount(
                        uint256 stakingBalance,
                        uint256 feeAmount
                      ) public view returns (uint256) {
                        uint256 divisor = (uint256(10) ** rebateScale) + stakingBalance;
                        return (rebateMax * stakingBalance * feeAmount) / divisor / 100;
                      }
                      /**
                       * @notice Calculates and refers fee amount
                       * @param wallet address
                       * @param amount uint256
                       */
                      function calculateProtocolFee(
                        address wallet,
                        uint256 amount
                      ) public view override returns (uint256) {
                        // Transfer fee from signer to feeWallet
                        uint256 feeAmount = (amount * protocolFee) / FEE_DIVISOR;
                        if (feeAmount > 0) {
                          uint256 discountAmount = calculateDiscount(
                            IERC20(staking).balanceOf(wallet),
                            feeAmount
                          );
                          return feeAmount - discountAmount;
                        }
                        return feeAmount;
                      }
                      /**
                       * @notice Returns true if the nonce has been used
                       * @param signer address Address of the signer
                       * @param nonce uint256 Nonce being checked
                       */
                      function nonceUsed(
                        address signer,
                        uint256 nonce
                      ) public view override returns (bool) {
                        uint256 groupKey = nonce / 256;
                        uint256 indexInGroup = nonce % 256;
                        return (_nonceGroups[signer][groupKey] >> indexInGroup) & 1 == 1;
                      }
                      /**
                       * @notice Marks a nonce as used for the given signer
                       * @param signer address Address of the signer for which to mark the nonce as used
                       * @param nonce uint256 Nonce to be marked as used
                       * @return bool True if the nonce was not marked as used already
                       */
                      function _markNonceAsUsed(
                        address signer,
                        uint256 nonce
                      ) internal returns (bool) {
                        uint256 groupKey = nonce / 256;
                        uint256 indexInGroup = nonce % 256;
                        uint256 group = _nonceGroups[signer][groupKey];
                        // If it is already used, return false
                        if ((group >> indexInGroup) & 1 == 1) {
                          return false;
                        }
                        _nonceGroups[signer][groupKey] = group | (uint256(1) << indexInGroup);
                        return true;
                      }
                      /**
                       * @notice Checks order and reverts on error
                       * @param nonce uint256 Unique and should be sequential
                       * @param expiry uint256 Expiry in seconds since 1 January 1970
                       * @param signerWallet address Wallet of the signer
                       * @param signerToken address ERC20 token transferred from the signer
                       * @param signerAmount uint256 Amount transferred from the signer
                       * @param senderToken address ERC20 token transferred from the sender
                       * @param senderAmount uint256 Amount transferred from the sender
                       * @param v uint8 "v" value of the ECDSA signature
                       * @param r bytes32 "r" value of the ECDSA signature
                       * @param s bytes32 "s" value of the ECDSA signature
                       */
                      function _check(
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderWallet,
                        address senderToken,
                        uint256 senderAmount,
                        uint8 v,
                        bytes32 r,
                        bytes32 s
                      ) internal {
                        // Ensure execution on the intended chain
                        if (DOMAIN_CHAIN_ID != block.chainid) revert ChainIdChanged();
                        // Ensure the expiry is not passed
                        if (expiry <= block.timestamp) revert OrderExpired();
                        // Recover the signatory from the hash and signature
                        (address signatory, ) = ECDSA.tryRecover(
                          _getOrderHash(
                            nonce,
                            expiry,
                            signerWallet,
                            signerToken,
                            signerAmount,
                            senderWallet,
                            senderToken,
                            senderAmount
                          ),
                          v,
                          r,
                          s
                        );
                        // Ensure the signatory is not null
                        if (signatory == address(0)) revert SignatureInvalid();
                        // Ensure signatory is authorized to sign
                        if (authorized[signerWallet] != address(0)) {
                          // If one is set by signer wallet, signatory must be authorized
                          if (signatory != authorized[signerWallet]) revert SignatoryUnauthorized();
                        } else {
                          // Otherwise, signatory must be signer wallet
                          if (signatory != signerWallet) revert Unauthorized();
                        }
                        // Ensure the nonce is not yet used and if not mark it used
                        if (!_markNonceAsUsed(signatory, nonce)) revert NonceAlreadyUsed(nonce);
                      }
                      /**
                       * @notice Hash order parameters
                       * @param nonce uint256
                       * @param expiry uint256
                       * @param signerWallet address
                       * @param signerToken address
                       * @param signerAmount uint256
                       * @param senderToken address
                       * @param senderAmount uint256
                       * @return bytes32
                       */
                      function _getOrderHash(
                        uint256 nonce,
                        uint256 expiry,
                        address signerWallet,
                        address signerToken,
                        uint256 signerAmount,
                        address senderWallet,
                        address senderToken,
                        uint256 senderAmount
                      ) internal view returns (bytes32) {
                        return
                          keccak256(
                            abi.encodePacked(
                              "\\x19\\x01", // EIP191: Indicates EIP712
                              DOMAIN_SEPARATOR,
                              keccak256(
                                abi.encode(
                                  ORDER_TYPEHASH,
                                  nonce,
                                  expiry,
                                  signerWallet,
                                  signerToken,
                                  signerAmount,
                                  protocolFee,
                                  senderWallet,
                                  senderToken,
                                  senderAmount
                                )
                              )
                            )
                          );
                      }
                      /**
                       * @notice Calculates and transfers protocol fee and rebate
                       * @param sourceToken address
                       * @param sourceWallet address
                       * @param amount uint256
                       */
                      function _transferProtocolFee(
                        address sourceToken,
                        address sourceWallet,
                        uint256 amount
                      ) internal {
                        // Transfer fee from signer to feeWallet
                        uint256 feeAmount = (amount * protocolFee) / FEE_DIVISOR;
                        if (feeAmount > 0) {
                          uint256 discountAmount = calculateDiscount(
                            IERC20(staking).balanceOf(msg.sender),
                            feeAmount
                          );
                          if (discountAmount > 0) {
                            // Transfer fee from signer to sender
                            IERC20(sourceToken).safeTransferFrom(
                              sourceWallet,
                              msg.sender,
                              discountAmount
                            );
                            // Transfer fee from signer to feeWallet
                            IERC20(sourceToken).safeTransferFrom(
                              sourceWallet,
                              protocolFeeWallet,
                              feeAmount - discountAmount
                            );
                          } else {
                            IERC20(sourceToken).safeTransferFrom(
                              sourceWallet,
                              protocolFeeWallet,
                              feeAmount
                            );
                          }
                        }
                      }
                    }
                    

                    File 7 of 7: FiatTokenV2_2
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { EIP712Domain } from "./EIP712Domain.sol"; // solhint-disable-line no-unused-import
                    import { Blacklistable } from "../v1/Blacklistable.sol"; // solhint-disable-line no-unused-import
                    import { FiatTokenV1 } from "../v1/FiatTokenV1.sol"; // solhint-disable-line no-unused-import
                    import { FiatTokenV2 } from "./FiatTokenV2.sol"; // solhint-disable-line no-unused-import
                    import { FiatTokenV2_1 } from "./FiatTokenV2_1.sol";
                    import { EIP712 } from "../util/EIP712.sol";
                    // solhint-disable func-name-mixedcase
                    /**
                     * @title FiatToken V2.2
                     * @notice ERC20 Token backed by fiat reserves, version 2.2
                     */
                    contract FiatTokenV2_2 is FiatTokenV2_1 {
                        /**
                         * @notice Initialize v2.2
                         * @param accountsToBlacklist   A list of accounts to migrate from the old blacklist
                         * @param newSymbol             New token symbol
                         * data structure to the new blacklist data structure.
                         */
                        function initializeV2_2(
                            address[] calldata accountsToBlacklist,
                            string calldata newSymbol
                        ) external {
                            // solhint-disable-next-line reason-string
                            require(_initializedVersion == 2);
                            // Update fiat token symbol
                            symbol = newSymbol;
                            // Add previously blacklisted accounts to the new blacklist data structure
                            // and remove them from the old blacklist data structure.
                            for (uint256 i = 0; i < accountsToBlacklist.length; i++) {
                                require(
                                    _deprecatedBlacklisted[accountsToBlacklist[i]],
                                    "FiatTokenV2_2: Blacklisting previously unblacklisted account!"
                                );
                                _blacklist(accountsToBlacklist[i]);
                                delete _deprecatedBlacklisted[accountsToBlacklist[i]];
                            }
                            _blacklist(address(this));
                            delete _deprecatedBlacklisted[address(this)];
                            _initializedVersion = 3;
                        }
                        /**
                         * @dev Internal function to get the current chain id.
                         * @return The current chain id.
                         */
                        function _chainId() internal virtual view returns (uint256) {
                            uint256 chainId;
                            assembly {
                                chainId := chainid()
                            }
                            return chainId;
                        }
                        /**
                         * @inheritdoc EIP712Domain
                         */
                        function _domainSeparator() internal override view returns (bytes32) {
                            return EIP712.makeDomainSeparator(name, "2", _chainId());
                        }
                        /**
                         * @notice Update allowance with a signed permit
                         * @dev EOA wallet signatures should be packed in the order of r, s, v.
                         * @param owner       Token owner's address (Authorizer)
                         * @param spender     Spender's address
                         * @param value       Amount of allowance
                         * @param deadline    The time at which the signature expires (unix time), or max uint256 value to signal no expiration
                         * @param signature   Signature bytes signed by an EOA wallet or a contract wallet
                         */
                        function permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            bytes memory signature
                        ) external whenNotPaused {
                            _permit(owner, spender, value, deadline, signature);
                        }
                        /**
                         * @notice Execute a transfer with a signed authorization
                         * @dev EOA wallet signatures should be packed in the order of r, s, v.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param signature     Signature bytes signed by an EOA wallet or a contract wallet
                         */
                        function transferWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            bytes memory signature
                        ) external whenNotPaused notBlacklisted(from) notBlacklisted(to) {
                            _transferWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                signature
                            );
                        }
                        /**
                         * @notice Receive a transfer with a signed authorization from the payer
                         * @dev This has an additional check to ensure that the payee's address
                         * matches the caller of this function to prevent front-running attacks.
                         * EOA wallet signatures should be packed in the order of r, s, v.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param signature     Signature bytes signed by an EOA wallet or a contract wallet
                         */
                        function receiveWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            bytes memory signature
                        ) external whenNotPaused notBlacklisted(from) notBlacklisted(to) {
                            _receiveWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                signature
                            );
                        }
                        /**
                         * @notice Attempt to cancel an authorization
                         * @dev Works only if the authorization is not yet used.
                         * EOA wallet signatures should be packed in the order of r, s, v.
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @param signature     Signature bytes signed by an EOA wallet or a contract wallet
                         */
                        function cancelAuthorization(
                            address authorizer,
                            bytes32 nonce,
                            bytes memory signature
                        ) external whenNotPaused {
                            _cancelAuthorization(authorizer, nonce, signature);
                        }
                        /**
                         * @dev Helper method that sets the blacklist state of an account on balanceAndBlacklistStates.
                         * If _shouldBlacklist is true, we apply a (1 << 255) bitmask with an OR operation on the
                         * account's balanceAndBlacklistState. This flips the high bit for the account to 1,
                         * indicating that the account is blacklisted.
                         *
                         * If _shouldBlacklist if false, we reset the account's balanceAndBlacklistStates to their
                         * balances. This clears the high bit for the account, indicating that the account is unblacklisted.
                         * @param _account         The address of the account.
                         * @param _shouldBlacklist True if the account should be blacklisted, false if the account should be unblacklisted.
                         */
                        function _setBlacklistState(address _account, bool _shouldBlacklist)
                            internal
                            override
                        {
                            balanceAndBlacklistStates[_account] = _shouldBlacklist
                                ? balanceAndBlacklistStates[_account] | (1 << 255)
                                : _balanceOf(_account);
                        }
                        /**
                         * @dev Helper method that sets the balance of an account on balanceAndBlacklistStates.
                         * Since balances are stored in the last 255 bits of the balanceAndBlacklistStates value,
                         * we need to ensure that the updated balance does not exceed (2^255 - 1).
                         * Since blacklisted accounts' balances cannot be updated, the method will also
                         * revert if the account is blacklisted
                         * @param _account The address of the account.
                         * @param _balance The new fiat token balance of the account (max: (2^255 - 1)).
                         */
                        function _setBalance(address _account, uint256 _balance) internal override {
                            require(
                                _balance <= ((1 << 255) - 1),
                                "FiatTokenV2_2: Balance exceeds (2^255 - 1)"
                            );
                            require(
                                !_isBlacklisted(_account),
                                "FiatTokenV2_2: Account is blacklisted"
                            );
                            balanceAndBlacklistStates[_account] = _balance;
                        }
                        /**
                         * @inheritdoc Blacklistable
                         */
                        function _isBlacklisted(address _account)
                            internal
                            override
                            view
                            returns (bool)
                        {
                            return balanceAndBlacklistStates[_account] >> 255 == 1;
                        }
                        /**
                         * @dev Helper method to obtain the balance of an account. Since balances
                         * are stored in the last 255 bits of the balanceAndBlacklistStates value,
                         * we apply a ((1 << 255) - 1) bit bitmask with an AND operation on the
                         * balanceAndBlacklistState to obtain the balance.
                         * @param _account  The address of the account.
                         * @return          The fiat token balance of the account.
                         */
                        function _balanceOf(address _account)
                            internal
                            override
                            view
                            returns (uint256)
                        {
                            return balanceAndBlacklistStates[_account] & ((1 << 255) - 1);
                        }
                        /**
                         * @inheritdoc FiatTokenV1
                         */
                        function approve(address spender, uint256 value)
                            external
                            override
                            whenNotPaused
                            returns (bool)
                        {
                            _approve(msg.sender, spender, value);
                            return true;
                        }
                        /**
                         * @inheritdoc FiatTokenV2
                         */
                        function permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) external override whenNotPaused {
                            _permit(owner, spender, value, deadline, v, r, s);
                        }
                        /**
                         * @inheritdoc FiatTokenV2
                         */
                        function increaseAllowance(address spender, uint256 increment)
                            external
                            override
                            whenNotPaused
                            returns (bool)
                        {
                            _increaseAllowance(msg.sender, spender, increment);
                            return true;
                        }
                        /**
                         * @inheritdoc FiatTokenV2
                         */
                        function decreaseAllowance(address spender, uint256 decrement)
                            external
                            override
                            whenNotPaused
                            returns (bool)
                        {
                            _decreaseAllowance(msg.sender, spender, decrement);
                            return true;
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity >=0.6.2 <0.8.0;
                    /**
                     * @dev Collection of functions related to the address type
                     */
                    library Address {
                        /**
                         * @dev Returns true if `account` is a contract.
                         *
                         * [IMPORTANT]
                         * ====
                         * It is unsafe to assume that an address for which this function returns
                         * false is an externally-owned account (EOA) and not a contract.
                         *
                         * Among others, `isContract` will return false for the following
                         * types of addresses:
                         *
                         *  - an externally-owned account
                         *  - a contract in construction
                         *  - an address where a contract will be created
                         *  - an address where a contract lived, but was destroyed
                         * ====
                         */
                        function isContract(address account) internal view returns (bool) {
                            // This method relies on extcodesize, which returns 0 for contracts in
                            // construction, since the code is only stored at the end of the
                            // constructor execution.
                            uint256 size;
                            // solhint-disable-next-line no-inline-assembly
                            assembly { size := extcodesize(account) }
                            return size > 0;
                        }
                        /**
                         * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
                         * `recipient`, forwarding all available gas and reverting on errors.
                         *
                         * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
                         * of certain opcodes, possibly making contracts go over the 2300 gas limit
                         * imposed by `transfer`, making them unable to receive funds via
                         * `transfer`. {sendValue} removes this limitation.
                         *
                         * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
                         *
                         * IMPORTANT: because control is transferred to `recipient`, care must be
                         * taken to not create reentrancy vulnerabilities. Consider using
                         * {ReentrancyGuard} or the
                         * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
                         */
                        function sendValue(address payable recipient, uint256 amount) internal {
                            require(address(this).balance >= amount, "Address: insufficient balance");
                            // solhint-disable-next-line avoid-low-level-calls, avoid-call-value
                            (bool success, ) = recipient.call{ value: amount }("");
                            require(success, "Address: unable to send value, recipient may have reverted");
                        }
                        /**
                         * @dev Performs a Solidity function call using a low level `call`. A
                         * plain`call` is an unsafe replacement for a function call: use this
                         * function instead.
                         *
                         * If `target` reverts with a revert reason, it is bubbled up by this
                         * function (like regular Solidity function calls).
                         *
                         * Returns the raw returned data. To convert to the expected return value,
                         * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
                         *
                         * Requirements:
                         *
                         * - `target` must be a contract.
                         * - calling `target` with `data` must not revert.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(address target, bytes memory data) internal returns (bytes memory) {
                          return functionCall(target, data, "Address: low-level call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
                         * `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, 0, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but also transferring `value` wei to `target`.
                         *
                         * Requirements:
                         *
                         * - the calling contract must have an ETH balance of at least `value`.
                         * - the called Solidity function must be `payable`.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
                            return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
                         * with `errorMessage` as a fallback revert reason when `target` reverts.
                         *
                         * _Available since v3.1._
                         */
                        function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
                            require(address(this).balance >= value, "Address: insufficient balance for call");
                            require(isContract(target), "Address: call to non-contract");
                            // solhint-disable-next-line avoid-low-level-calls
                            (bool success, bytes memory returndata) = target.call{ value: value }(data);
                            return _verifyCallResult(success, returndata, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but performing a static call.
                         *
                         * _Available since v3.3._
                         */
                        function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
                            return functionStaticCall(target, data, "Address: low-level static call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
                         * but performing a static call.
                         *
                         * _Available since v3.3._
                         */
                        function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
                            require(isContract(target), "Address: static call to non-contract");
                            // solhint-disable-next-line avoid-low-level-calls
                            (bool success, bytes memory returndata) = target.staticcall(data);
                            return _verifyCallResult(success, returndata, errorMessage);
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
                         * but performing a delegate call.
                         *
                         * _Available since v3.4._
                         */
                        function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
                            return functionDelegateCall(target, data, "Address: low-level delegate call failed");
                        }
                        /**
                         * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
                         * but performing a delegate call.
                         *
                         * _Available since v3.4._
                         */
                        function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
                            require(isContract(target), "Address: delegate call to non-contract");
                            // solhint-disable-next-line avoid-low-level-calls
                            (bool success, bytes memory returndata) = target.delegatecall(data);
                            return _verifyCallResult(success, returndata, errorMessage);
                        }
                        function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
                            if (success) {
                                return returndata;
                            } else {
                                // Look for revert reason and bubble it up if present
                                if (returndata.length > 0) {
                                    // The easiest way to bubble the revert reason is using memory via assembly
                                    // solhint-disable-next-line no-inline-assembly
                                    assembly {
                                        let returndata_size := mload(returndata)
                                        revert(add(32, returndata), returndata_size)
                                    }
                                } else {
                                    revert(errorMessage);
                                }
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity >=0.6.0 <0.8.0;
                    import "./IERC20.sol";
                    import "../../math/SafeMath.sol";
                    import "../../utils/Address.sol";
                    /**
                     * @title SafeERC20
                     * @dev Wrappers around ERC20 operations that throw on failure (when the token
                     * contract returns false). Tokens that return no value (and instead revert or
                     * throw on failure) are also supported, non-reverting calls are assumed to be
                     * successful.
                     * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
                     * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
                     */
                    library SafeERC20 {
                        using SafeMath for uint256;
                        using Address for address;
                        function safeTransfer(IERC20 token, address to, uint256 value) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
                        }
                        function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
                            _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
                        }
                        /**
                         * @dev Deprecated. This function has issues similar to the ones found in
                         * {IERC20-approve}, and its usage is discouraged.
                         *
                         * Whenever possible, use {safeIncreaseAllowance} and
                         * {safeDecreaseAllowance} instead.
                         */
                        function safeApprove(IERC20 token, address spender, uint256 value) internal {
                            // safeApprove should only be called when setting an initial allowance,
                            // or when resetting it to zero. To increase and decrease it, use
                            // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
                            // solhint-disable-next-line max-line-length
                            require((value == 0) || (token.allowance(address(this), spender) == 0),
                                "SafeERC20: approve from non-zero to non-zero allowance"
                            );
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
                        }
                        function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
                            uint256 newAllowance = token.allowance(address(this), spender).add(value);
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                        }
                        function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
                            uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
                            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
                        }
                        /**
                         * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
                         * on the return value: the return value is optional (but if data is returned, it must not be false).
                         * @param token The token targeted by the call.
                         * @param data The call data (encoded using abi.encode or one of its variants).
                         */
                        function _callOptionalReturn(IERC20 token, bytes memory data) private {
                            // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
                            // we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
                            // the target address contains contract code and also asserts for success in the low-level call.
                            bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
                            if (returndata.length > 0) { // Return data is optional
                                // solhint-disable-next-line max-line-length
                                require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
                            }
                        }
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity >=0.6.0 <0.8.0;
                    /**
                     * @dev Interface of the ERC20 standard as defined in the EIP.
                     */
                    interface IERC20 {
                        /**
                         * @dev Returns the amount of tokens in existence.
                         */
                        function totalSupply() external view returns (uint256);
                        /**
                         * @dev Returns the amount of tokens owned by `account`.
                         */
                        function balanceOf(address account) external view returns (uint256);
                        /**
                         * @dev Moves `amount` tokens from the caller's account to `recipient`.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transfer(address recipient, uint256 amount) external returns (bool);
                        /**
                         * @dev Returns the remaining number of tokens that `spender` will be
                         * allowed to spend on behalf of `owner` through {transferFrom}. This is
                         * zero by default.
                         *
                         * This value changes when {approve} or {transferFrom} are called.
                         */
                        function allowance(address owner, address spender) external view returns (uint256);
                        /**
                         * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * IMPORTANT: Beware that changing an allowance with this method brings the risk
                         * that someone may use both the old and the new allowance by unfortunate
                         * transaction ordering. One possible solution to mitigate this race
                         * condition is to first reduce the spender's allowance to 0 and set the
                         * desired value afterwards:
                         * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
                         *
                         * Emits an {Approval} event.
                         */
                        function approve(address spender, uint256 amount) external returns (bool);
                        /**
                         * @dev Moves `amount` tokens from `sender` to `recipient` using the
                         * allowance mechanism. `amount` is then deducted from the caller's
                         * allowance.
                         *
                         * Returns a boolean value indicating whether the operation succeeded.
                         *
                         * Emits a {Transfer} event.
                         */
                        function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
                        /**
                         * @dev Emitted when `value` tokens are moved from one account (`from`) to
                         * another (`to`).
                         *
                         * Note that `value` may be zero.
                         */
                        event Transfer(address indexed from, address indexed to, uint256 value);
                        /**
                         * @dev Emitted when the allowance of a `spender` for an `owner` is set by
                         * a call to {approve}. `value` is the new allowance.
                         */
                        event Approval(address indexed owner, address indexed spender, uint256 value);
                    }
                    // SPDX-License-Identifier: MIT
                    pragma solidity >=0.6.0 <0.8.0;
                    /**
                     * @dev Wrappers over Solidity's arithmetic operations with added overflow
                     * checks.
                     *
                     * Arithmetic operations in Solidity wrap on overflow. This can easily result
                     * in bugs, because programmers usually assume that an overflow raises an
                     * error, which is the standard behavior in high level programming languages.
                     * `SafeMath` restores this intuition by reverting the transaction when an
                     * operation overflows.
                     *
                     * Using this library instead of the unchecked operations eliminates an entire
                     * class of bugs, so it's recommended to use it always.
                     */
                    library SafeMath {
                        /**
                         * @dev Returns the addition of two unsigned integers, with an overflow flag.
                         *
                         * _Available since v3.4._
                         */
                        function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
                            uint256 c = a + b;
                            if (c < a) return (false, 0);
                            return (true, c);
                        }
                        /**
                         * @dev Returns the substraction of two unsigned integers, with an overflow flag.
                         *
                         * _Available since v3.4._
                         */
                        function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
                            if (b > a) return (false, 0);
                            return (true, a - b);
                        }
                        /**
                         * @dev Returns the multiplication of two unsigned integers, with an overflow flag.
                         *
                         * _Available since v3.4._
                         */
                        function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
                            // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
                            // benefit is lost if 'b' is also tested.
                            // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
                            if (a == 0) return (true, 0);
                            uint256 c = a * b;
                            if (c / a != b) return (false, 0);
                            return (true, c);
                        }
                        /**
                         * @dev Returns the division of two unsigned integers, with a division by zero flag.
                         *
                         * _Available since v3.4._
                         */
                        function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
                            if (b == 0) return (false, 0);
                            return (true, a / b);
                        }
                        /**
                         * @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
                         *
                         * _Available since v3.4._
                         */
                        function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
                            if (b == 0) return (false, 0);
                            return (true, a % b);
                        }
                        /**
                         * @dev Returns the addition of two unsigned integers, reverting on
                         * overflow.
                         *
                         * Counterpart to Solidity's `+` operator.
                         *
                         * Requirements:
                         *
                         * - Addition cannot overflow.
                         */
                        function add(uint256 a, uint256 b) internal pure returns (uint256) {
                            uint256 c = a + b;
                            require(c >= a, "SafeMath: addition overflow");
                            return c;
                        }
                        /**
                         * @dev Returns the subtraction of two unsigned integers, reverting on
                         * overflow (when the result is negative).
                         *
                         * Counterpart to Solidity's `-` operator.
                         *
                         * Requirements:
                         *
                         * - Subtraction cannot overflow.
                         */
                        function sub(uint256 a, uint256 b) internal pure returns (uint256) {
                            require(b <= a, "SafeMath: subtraction overflow");
                            return a - b;
                        }
                        /**
                         * @dev Returns the multiplication of two unsigned integers, reverting on
                         * overflow.
                         *
                         * Counterpart to Solidity's `*` operator.
                         *
                         * Requirements:
                         *
                         * - Multiplication cannot overflow.
                         */
                        function mul(uint256 a, uint256 b) internal pure returns (uint256) {
                            if (a == 0) return 0;
                            uint256 c = a * b;
                            require(c / a == b, "SafeMath: multiplication overflow");
                            return c;
                        }
                        /**
                         * @dev Returns the integer division of two unsigned integers, reverting on
                         * division by zero. The result is rounded towards zero.
                         *
                         * Counterpart to Solidity's `/` operator. Note: this function uses a
                         * `revert` opcode (which leaves remaining gas untouched) while Solidity
                         * uses an invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function div(uint256 a, uint256 b) internal pure returns (uint256) {
                            require(b > 0, "SafeMath: division by zero");
                            return a / b;
                        }
                        /**
                         * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
                         * reverting when dividing by zero.
                         *
                         * Counterpart to Solidity's `%` operator. This function uses a `revert`
                         * opcode (which leaves remaining gas untouched) while Solidity uses an
                         * invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function mod(uint256 a, uint256 b) internal pure returns (uint256) {
                            require(b > 0, "SafeMath: modulo by zero");
                            return a % b;
                        }
                        /**
                         * @dev Returns the subtraction of two unsigned integers, reverting with custom message on
                         * overflow (when the result is negative).
                         *
                         * CAUTION: This function is deprecated because it requires allocating memory for the error
                         * message unnecessarily. For custom revert reasons use {trySub}.
                         *
                         * Counterpart to Solidity's `-` operator.
                         *
                         * Requirements:
                         *
                         * - Subtraction cannot overflow.
                         */
                        function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b <= a, errorMessage);
                            return a - b;
                        }
                        /**
                         * @dev Returns the integer division of two unsigned integers, reverting with custom message on
                         * division by zero. The result is rounded towards zero.
                         *
                         * CAUTION: This function is deprecated because it requires allocating memory for the error
                         * message unnecessarily. For custom revert reasons use {tryDiv}.
                         *
                         * Counterpart to Solidity's `/` operator. Note: this function uses a
                         * `revert` opcode (which leaves remaining gas untouched) while Solidity
                         * uses an invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b > 0, errorMessage);
                            return a / b;
                        }
                        /**
                         * @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
                         * reverting with custom message when dividing by zero.
                         *
                         * CAUTION: This function is deprecated because it requires allocating memory for the error
                         * message unnecessarily. For custom revert reasons use {tryMod}.
                         *
                         * Counterpart to Solidity's `%` operator. This function uses a `revert`
                         * opcode (which leaves remaining gas untouched) while Solidity uses an
                         * invalid opcode to revert (consuming all remaining gas).
                         *
                         * Requirements:
                         *
                         * - The divisor cannot be zero.
                         */
                        function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
                            require(b > 0, errorMessage);
                            return a % b;
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { FiatTokenV2 } from "./FiatTokenV2.sol";
                    // solhint-disable func-name-mixedcase
                    /**
                     * @title FiatToken V2.1
                     * @notice ERC20 Token backed by fiat reserves, version 2.1
                     */
                    contract FiatTokenV2_1 is FiatTokenV2 {
                        /**
                         * @notice Initialize v2.1
                         * @param lostAndFound  The address to which the locked funds are sent
                         */
                        function initializeV2_1(address lostAndFound) external {
                            // solhint-disable-next-line reason-string
                            require(_initializedVersion == 1);
                            uint256 lockedAmount = _balanceOf(address(this));
                            if (lockedAmount > 0) {
                                _transfer(address(this), lostAndFound, lockedAmount);
                            }
                            _blacklist(address(this));
                            _initializedVersion = 2;
                        }
                        /**
                         * @notice Version string for the EIP712 domain separator
                         * @return Version string
                         */
                        function version() external pure returns (string memory) {
                            return "2";
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { FiatTokenV1_1 } from "../v1.1/FiatTokenV1_1.sol";
                    import { EIP712 } from "../util/EIP712.sol";
                    import { EIP3009 } from "./EIP3009.sol";
                    import { EIP2612 } from "./EIP2612.sol";
                    /**
                     * @title FiatToken V2
                     * @notice ERC20 Token backed by fiat reserves, version 2
                     */
                    contract FiatTokenV2 is FiatTokenV1_1, EIP3009, EIP2612 {
                        uint8 internal _initializedVersion;
                        /**
                         * @notice Initialize v2
                         * @param newName   New token name
                         */
                        function initializeV2(string calldata newName) external {
                            // solhint-disable-next-line reason-string
                            require(initialized && _initializedVersion == 0);
                            name = newName;
                            _DEPRECATED_CACHED_DOMAIN_SEPARATOR = EIP712.makeDomainSeparator(
                                newName,
                                "2"
                            );
                            _initializedVersion = 1;
                        }
                        /**
                         * @notice Increase the allowance by a given increment
                         * @param spender   Spender's address
                         * @param increment Amount of increase in allowance
                         * @return True if successful
                         */
                        function increaseAllowance(address spender, uint256 increment)
                            external
                            virtual
                            whenNotPaused
                            notBlacklisted(msg.sender)
                            notBlacklisted(spender)
                            returns (bool)
                        {
                            _increaseAllowance(msg.sender, spender, increment);
                            return true;
                        }
                        /**
                         * @notice Decrease the allowance by a given decrement
                         * @param spender   Spender's address
                         * @param decrement Amount of decrease in allowance
                         * @return True if successful
                         */
                        function decreaseAllowance(address spender, uint256 decrement)
                            external
                            virtual
                            whenNotPaused
                            notBlacklisted(msg.sender)
                            notBlacklisted(spender)
                            returns (bool)
                        {
                            _decreaseAllowance(msg.sender, spender, decrement);
                            return true;
                        }
                        /**
                         * @notice Execute a transfer with a signed authorization
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function transferWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) external whenNotPaused notBlacklisted(from) notBlacklisted(to) {
                            _transferWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                v,
                                r,
                                s
                            );
                        }
                        /**
                         * @notice Receive a transfer with a signed authorization from the payer
                         * @dev This has an additional check to ensure that the payee's address
                         * matches the caller of this function to prevent front-running attacks.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function receiveWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) external whenNotPaused notBlacklisted(from) notBlacklisted(to) {
                            _receiveWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                v,
                                r,
                                s
                            );
                        }
                        /**
                         * @notice Attempt to cancel an authorization
                         * @dev Works only if the authorization is not yet used.
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function cancelAuthorization(
                            address authorizer,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) external whenNotPaused {
                            _cancelAuthorization(authorizer, nonce, v, r, s);
                        }
                        /**
                         * @notice Update allowance with a signed permit
                         * @param owner       Token owner's address (Authorizer)
                         * @param spender     Spender's address
                         * @param value       Amount of allowance
                         * @param deadline    The time at which the signature expires (unix time), or max uint256 value to signal no expiration
                         * @param v           v of the signature
                         * @param r           r of the signature
                         * @param s           s of the signature
                         */
                        function permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        )
                            external
                            virtual
                            whenNotPaused
                            notBlacklisted(owner)
                            notBlacklisted(spender)
                        {
                            _permit(owner, spender, value, deadline, v, r, s);
                        }
                        /**
                         * @dev Internal function to increase the allowance by a given increment
                         * @param owner     Token owner's address
                         * @param spender   Spender's address
                         * @param increment Amount of increase
                         */
                        function _increaseAllowance(
                            address owner,
                            address spender,
                            uint256 increment
                        ) internal override {
                            _approve(owner, spender, allowed[owner][spender].add(increment));
                        }
                        /**
                         * @dev Internal function to decrease the allowance by a given decrement
                         * @param owner     Token owner's address
                         * @param spender   Spender's address
                         * @param decrement Amount of decrease
                         */
                        function _decreaseAllowance(
                            address owner,
                            address spender,
                            uint256 decrement
                        ) internal override {
                            _approve(
                                owner,
                                spender,
                                allowed[owner][spender].sub(
                                    decrement,
                                    "ERC20: decreased allowance below zero"
                                )
                            );
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    // solhint-disable func-name-mixedcase
                    /**
                     * @title EIP712 Domain
                     */
                    contract EIP712Domain {
                        // was originally DOMAIN_SEPARATOR
                        // but that has been moved to a method so we can override it in V2_2+
                        bytes32 internal _DEPRECATED_CACHED_DOMAIN_SEPARATOR;
                        /**
                         * @notice Get the EIP712 Domain Separator.
                         * @return The bytes32 EIP712 domain separator.
                         */
                        function DOMAIN_SEPARATOR() external view returns (bytes32) {
                            return _domainSeparator();
                        }
                        /**
                         * @dev Internal method to get the EIP712 Domain Separator.
                         * @return The bytes32 EIP712 domain separator.
                         */
                        function _domainSeparator() internal virtual view returns (bytes32) {
                            return _DEPRECATED_CACHED_DOMAIN_SEPARATOR;
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { AbstractFiatTokenV2 } from "./AbstractFiatTokenV2.sol";
                    import { EIP712Domain } from "./EIP712Domain.sol";
                    import { SignatureChecker } from "../util/SignatureChecker.sol";
                    import { MessageHashUtils } from "../util/MessageHashUtils.sol";
                    /**
                     * @title EIP-3009
                     * @notice Provide internal implementation for gas-abstracted transfers
                     * @dev Contracts that inherit from this must wrap these with publicly
                     * accessible functions, optionally adding modifiers where necessary
                     */
                    abstract contract EIP3009 is AbstractFiatTokenV2, EIP712Domain {
                        // keccak256("TransferWithAuthorization(address from,address to,uint256 value,uint256 validAfter,uint256 validBefore,bytes32 nonce)")
                        bytes32
                            public constant TRANSFER_WITH_AUTHORIZATION_TYPEHASH = 0x7c7c6cdb67a18743f49ec6fa9b35f50d52ed05cbed4cc592e13b44501c1a2267;
                        // keccak256("ReceiveWithAuthorization(address from,address to,uint256 value,uint256 validAfter,uint256 validBefore,bytes32 nonce)")
                        bytes32
                            public constant RECEIVE_WITH_AUTHORIZATION_TYPEHASH = 0xd099cc98ef71107a616c4f0f941f04c322d8e254fe26b3c6668db87aae413de8;
                        // keccak256("CancelAuthorization(address authorizer,bytes32 nonce)")
                        bytes32
                            public constant CANCEL_AUTHORIZATION_TYPEHASH = 0x158b0a9edf7a828aad02f63cd515c68ef2f50ba807396f6d12842833a1597429;
                        /**
                         * @dev authorizer address => nonce => bool (true if nonce is used)
                         */
                        mapping(address => mapping(bytes32 => bool)) private _authorizationStates;
                        event AuthorizationUsed(address indexed authorizer, bytes32 indexed nonce);
                        event AuthorizationCanceled(
                            address indexed authorizer,
                            bytes32 indexed nonce
                        );
                        /**
                         * @notice Returns the state of an authorization
                         * @dev Nonces are randomly generated 32-byte data unique to the
                         * authorizer's address
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @return True if the nonce is used
                         */
                        function authorizationState(address authorizer, bytes32 nonce)
                            external
                            view
                            returns (bool)
                        {
                            return _authorizationStates[authorizer][nonce];
                        }
                        /**
                         * @notice Execute a transfer with a signed authorization
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function _transferWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal {
                            _transferWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                abi.encodePacked(r, s, v)
                            );
                        }
                        /**
                         * @notice Execute a transfer with a signed authorization
                         * @dev EOA wallet signatures should be packed in the order of r, s, v.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param signature     Signature byte array produced by an EOA wallet or a contract wallet
                         */
                        function _transferWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            bytes memory signature
                        ) internal {
                            _requireValidAuthorization(from, nonce, validAfter, validBefore);
                            _requireValidSignature(
                                from,
                                keccak256(
                                    abi.encode(
                                        TRANSFER_WITH_AUTHORIZATION_TYPEHASH,
                                        from,
                                        to,
                                        value,
                                        validAfter,
                                        validBefore,
                                        nonce
                                    )
                                ),
                                signature
                            );
                            _markAuthorizationAsUsed(from, nonce);
                            _transfer(from, to, value);
                        }
                        /**
                         * @notice Receive a transfer with a signed authorization from the payer
                         * @dev This has an additional check to ensure that the payee's address
                         * matches the caller of this function to prevent front-running attacks.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function _receiveWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal {
                            _receiveWithAuthorization(
                                from,
                                to,
                                value,
                                validAfter,
                                validBefore,
                                nonce,
                                abi.encodePacked(r, s, v)
                            );
                        }
                        /**
                         * @notice Receive a transfer with a signed authorization from the payer
                         * @dev This has an additional check to ensure that the payee's address
                         * matches the caller of this function to prevent front-running attacks.
                         * EOA wallet signatures should be packed in the order of r, s, v.
                         * @param from          Payer's address (Authorizer)
                         * @param to            Payee's address
                         * @param value         Amount to be transferred
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         * @param nonce         Unique nonce
                         * @param signature     Signature byte array produced by an EOA wallet or a contract wallet
                         */
                        function _receiveWithAuthorization(
                            address from,
                            address to,
                            uint256 value,
                            uint256 validAfter,
                            uint256 validBefore,
                            bytes32 nonce,
                            bytes memory signature
                        ) internal {
                            require(to == msg.sender, "FiatTokenV2: caller must be the payee");
                            _requireValidAuthorization(from, nonce, validAfter, validBefore);
                            _requireValidSignature(
                                from,
                                keccak256(
                                    abi.encode(
                                        RECEIVE_WITH_AUTHORIZATION_TYPEHASH,
                                        from,
                                        to,
                                        value,
                                        validAfter,
                                        validBefore,
                                        nonce
                                    )
                                ),
                                signature
                            );
                            _markAuthorizationAsUsed(from, nonce);
                            _transfer(from, to, value);
                        }
                        /**
                         * @notice Attempt to cancel an authorization
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @param v             v of the signature
                         * @param r             r of the signature
                         * @param s             s of the signature
                         */
                        function _cancelAuthorization(
                            address authorizer,
                            bytes32 nonce,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal {
                            _cancelAuthorization(authorizer, nonce, abi.encodePacked(r, s, v));
                        }
                        /**
                         * @notice Attempt to cancel an authorization
                         * @dev EOA wallet signatures should be packed in the order of r, s, v.
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @param signature     Signature byte array produced by an EOA wallet or a contract wallet
                         */
                        function _cancelAuthorization(
                            address authorizer,
                            bytes32 nonce,
                            bytes memory signature
                        ) internal {
                            _requireUnusedAuthorization(authorizer, nonce);
                            _requireValidSignature(
                                authorizer,
                                keccak256(
                                    abi.encode(CANCEL_AUTHORIZATION_TYPEHASH, authorizer, nonce)
                                ),
                                signature
                            );
                            _authorizationStates[authorizer][nonce] = true;
                            emit AuthorizationCanceled(authorizer, nonce);
                        }
                        /**
                         * @notice Validates that signature against input data struct
                         * @param signer        Signer's address
                         * @param dataHash      Hash of encoded data struct
                         * @param signature     Signature byte array produced by an EOA wallet or a contract wallet
                         */
                        function _requireValidSignature(
                            address signer,
                            bytes32 dataHash,
                            bytes memory signature
                        ) private view {
                            require(
                                SignatureChecker.isValidSignatureNow(
                                    signer,
                                    MessageHashUtils.toTypedDataHash(_domainSeparator(), dataHash),
                                    signature
                                ),
                                "FiatTokenV2: invalid signature"
                            );
                        }
                        /**
                         * @notice Check that an authorization is unused
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         */
                        function _requireUnusedAuthorization(address authorizer, bytes32 nonce)
                            private
                            view
                        {
                            require(
                                !_authorizationStates[authorizer][nonce],
                                "FiatTokenV2: authorization is used or canceled"
                            );
                        }
                        /**
                         * @notice Check that authorization is valid
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         * @param validAfter    The time after which this is valid (unix time)
                         * @param validBefore   The time before which this is valid (unix time)
                         */
                        function _requireValidAuthorization(
                            address authorizer,
                            bytes32 nonce,
                            uint256 validAfter,
                            uint256 validBefore
                        ) private view {
                            require(
                                now > validAfter,
                                "FiatTokenV2: authorization is not yet valid"
                            );
                            require(now < validBefore, "FiatTokenV2: authorization is expired");
                            _requireUnusedAuthorization(authorizer, nonce);
                        }
                        /**
                         * @notice Mark an authorization as used
                         * @param authorizer    Authorizer's address
                         * @param nonce         Nonce of the authorization
                         */
                        function _markAuthorizationAsUsed(address authorizer, bytes32 nonce)
                            private
                        {
                            _authorizationStates[authorizer][nonce] = true;
                            emit AuthorizationUsed(authorizer, nonce);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { AbstractFiatTokenV2 } from "./AbstractFiatTokenV2.sol";
                    import { EIP712Domain } from "./EIP712Domain.sol";
                    import { MessageHashUtils } from "../util/MessageHashUtils.sol";
                    import { SignatureChecker } from "../util/SignatureChecker.sol";
                    /**
                     * @title EIP-2612
                     * @notice Provide internal implementation for gas-abstracted approvals
                     */
                    abstract contract EIP2612 is AbstractFiatTokenV2, EIP712Domain {
                        // keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)")
                        bytes32
                            public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
                        mapping(address => uint256) private _permitNonces;
                        /**
                         * @notice Nonces for permit
                         * @param owner Token owner's address (Authorizer)
                         * @return Next nonce
                         */
                        function nonces(address owner) external view returns (uint256) {
                            return _permitNonces[owner];
                        }
                        /**
                         * @notice Verify a signed approval permit and execute if valid
                         * @param owner     Token owner's address (Authorizer)
                         * @param spender   Spender's address
                         * @param value     Amount of allowance
                         * @param deadline  The time at which the signature expires (unix time), or max uint256 value to signal no expiration
                         * @param v         v of the signature
                         * @param r         r of the signature
                         * @param s         s of the signature
                         */
                        function _permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal {
                            _permit(owner, spender, value, deadline, abi.encodePacked(r, s, v));
                        }
                        /**
                         * @notice Verify a signed approval permit and execute if valid
                         * @dev EOA wallet signatures should be packed in the order of r, s, v.
                         * @param owner      Token owner's address (Authorizer)
                         * @param spender    Spender's address
                         * @param value      Amount of allowance
                         * @param deadline   The time at which the signature expires (unix time), or max uint256 value to signal no expiration
                         * @param signature  Signature byte array signed by an EOA wallet or a contract wallet
                         */
                        function _permit(
                            address owner,
                            address spender,
                            uint256 value,
                            uint256 deadline,
                            bytes memory signature
                        ) internal {
                            require(
                                deadline == type(uint256).max || deadline >= now,
                                "FiatTokenV2: permit is expired"
                            );
                            bytes32 typedDataHash = MessageHashUtils.toTypedDataHash(
                                _domainSeparator(),
                                keccak256(
                                    abi.encode(
                                        PERMIT_TYPEHASH,
                                        owner,
                                        spender,
                                        value,
                                        _permitNonces[owner]++,
                                        deadline
                                    )
                                )
                            );
                            require(
                                SignatureChecker.isValidSignatureNow(
                                    owner,
                                    typedDataHash,
                                    signature
                                ),
                                "EIP2612: invalid signature"
                            );
                            _approve(owner, spender, value);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { AbstractFiatTokenV1 } from "../v1/AbstractFiatTokenV1.sol";
                    abstract contract AbstractFiatTokenV2 is AbstractFiatTokenV1 {
                        function _increaseAllowance(
                            address owner,
                            address spender,
                            uint256 increment
                        ) internal virtual;
                        function _decreaseAllowance(
                            address owner,
                            address spender,
                            uint256 decrement
                        ) internal virtual;
                    }
                    /**
                     * SPDX-License-Identifier: MIT
                     *
                     * Copyright (c) 2016 Smart Contract Solutions, Inc.
                     * Copyright (c) 2018-2020 CENTRE SECZ
                     *
                     * Permission is hereby granted, free of charge, to any person obtaining a copy
                     * of this software and associated documentation files (the "Software"), to deal
                     * in the Software without restriction, including without limitation the rights
                     * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
                     * copies of the Software, and to permit persons to whom the Software is
                     * furnished to do so, subject to the following conditions:
                     *
                     * The above copyright notice and this permission notice shall be included in
                     * copies or substantial portions of the Software.
                     *
                     * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
                     * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
                     * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
                     * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
                     * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
                     * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
                     * SOFTWARE.
                     */
                    pragma solidity 0.6.12;
                    import { Ownable } from "./Ownable.sol";
                    /**
                     * @notice Base contract which allows children to implement an emergency stop
                     * mechanism
                     * @dev Forked from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/feb665136c0dae9912e08397c1a21c4af3651ef3/contracts/lifecycle/Pausable.sol
                     * Modifications:
                     * 1. Added pauser role, switched pause/unpause to be onlyPauser (6/14/2018)
                     * 2. Removed whenNotPause/whenPaused from pause/unpause (6/14/2018)
                     * 3. Removed whenPaused (6/14/2018)
                     * 4. Switches ownable library to use ZeppelinOS (7/12/18)
                     * 5. Remove constructor (7/13/18)
                     * 6. Reformat, conform to Solidity 0.6 syntax and add error messages (5/13/20)
                     * 7. Make public functions external (5/27/20)
                     */
                    contract Pausable is Ownable {
                        event Pause();
                        event Unpause();
                        event PauserChanged(address indexed newAddress);
                        address public pauser;
                        bool public paused = false;
                        /**
                         * @dev Modifier to make a function callable only when the contract is not paused.
                         */
                        modifier whenNotPaused() {
                            require(!paused, "Pausable: paused");
                            _;
                        }
                        /**
                         * @dev throws if called by any account other than the pauser
                         */
                        modifier onlyPauser() {
                            require(msg.sender == pauser, "Pausable: caller is not the pauser");
                            _;
                        }
                        /**
                         * @dev called by the owner to pause, triggers stopped state
                         */
                        function pause() external onlyPauser {
                            paused = true;
                            emit Pause();
                        }
                        /**
                         * @dev called by the owner to unpause, returns to normal state
                         */
                        function unpause() external onlyPauser {
                            paused = false;
                            emit Unpause();
                        }
                        /**
                         * @notice Updates the pauser address.
                         * @param _newPauser The address of the new pauser.
                         */
                        function updatePauser(address _newPauser) external onlyOwner {
                            require(
                                _newPauser != address(0),
                                "Pausable: new pauser is the zero address"
                            );
                            pauser = _newPauser;
                            emit PauserChanged(pauser);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: MIT
                     *
                     * Copyright (c) 2018 zOS Global Limited.
                     * Copyright (c) 2018-2020 CENTRE SECZ
                     *
                     * Permission is hereby granted, free of charge, to any person obtaining a copy
                     * of this software and associated documentation files (the "Software"), to deal
                     * in the Software without restriction, including without limitation the rights
                     * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
                     * copies of the Software, and to permit persons to whom the Software is
                     * furnished to do so, subject to the following conditions:
                     *
                     * The above copyright notice and this permission notice shall be included in
                     * copies or substantial portions of the Software.
                     *
                     * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
                     * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
                     * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
                     * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
                     * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
                     * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
                     * SOFTWARE.
                     */
                    pragma solidity 0.6.12;
                    /**
                     * @notice The Ownable contract has an owner address, and provides basic
                     * authorization control functions
                     * @dev Forked from https://github.com/OpenZeppelin/openzeppelin-labs/blob/3887ab77b8adafba4a26ace002f3a684c1a3388b/upgradeability_ownership/contracts/ownership/Ownable.sol
                     * Modifications:
                     * 1. Consolidate OwnableStorage into this contract (7/13/18)
                     * 2. Reformat, conform to Solidity 0.6 syntax, and add error messages (5/13/20)
                     * 3. Make public functions external (5/27/20)
                     */
                    contract Ownable {
                        // Owner of the contract
                        address private _owner;
                        /**
                         * @dev Event to show ownership has been transferred
                         * @param previousOwner representing the address of the previous owner
                         * @param newOwner representing the address of the new owner
                         */
                        event OwnershipTransferred(address previousOwner, address newOwner);
                        /**
                         * @dev The constructor sets the original owner of the contract to the sender account.
                         */
                        constructor() public {
                            setOwner(msg.sender);
                        }
                        /**
                         * @dev Tells the address of the owner
                         * @return the address of the owner
                         */
                        function owner() external view returns (address) {
                            return _owner;
                        }
                        /**
                         * @dev Sets a new owner address
                         */
                        function setOwner(address newOwner) internal {
                            _owner = newOwner;
                        }
                        /**
                         * @dev Throws if called by any account other than the owner.
                         */
                        modifier onlyOwner() {
                            require(msg.sender == _owner, "Ownable: caller is not the owner");
                            _;
                        }
                        /**
                         * @dev Allows the current owner to transfer control of the contract to a newOwner.
                         * @param newOwner The address to transfer ownership to.
                         */
                        function transferOwnership(address newOwner) external onlyOwner {
                            require(
                                newOwner != address(0),
                                "Ownable: new owner is the zero address"
                            );
                            emit OwnershipTransferred(_owner, newOwner);
                            setOwner(newOwner);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { SafeMath } from "@openzeppelin/contracts/math/SafeMath.sol";
                    import { AbstractFiatTokenV1 } from "./AbstractFiatTokenV1.sol";
                    import { Ownable } from "./Ownable.sol";
                    import { Pausable } from "./Pausable.sol";
                    import { Blacklistable } from "./Blacklistable.sol";
                    /**
                     * @title FiatToken
                     * @dev ERC20 Token backed by fiat reserves
                     */
                    contract FiatTokenV1 is AbstractFiatTokenV1, Ownable, Pausable, Blacklistable {
                        using SafeMath for uint256;
                        string public name;
                        string public symbol;
                        uint8 public decimals;
                        string public currency;
                        address public masterMinter;
                        bool internal initialized;
                        /// @dev A mapping that stores the balance and blacklist states for a given address.
                        /// The first bit defines whether the address is blacklisted (1 if blacklisted, 0 otherwise).
                        /// The last 255 bits define the balance for the address.
                        mapping(address => uint256) internal balanceAndBlacklistStates;
                        mapping(address => mapping(address => uint256)) internal allowed;
                        uint256 internal totalSupply_ = 0;
                        mapping(address => bool) internal minters;
                        mapping(address => uint256) internal minterAllowed;
                        event Mint(address indexed minter, address indexed to, uint256 amount);
                        event Burn(address indexed burner, uint256 amount);
                        event MinterConfigured(address indexed minter, uint256 minterAllowedAmount);
                        event MinterRemoved(address indexed oldMinter);
                        event MasterMinterChanged(address indexed newMasterMinter);
                        /**
                         * @notice Initializes the fiat token contract.
                         * @param tokenName       The name of the fiat token.
                         * @param tokenSymbol     The symbol of the fiat token.
                         * @param tokenCurrency   The fiat currency that the token represents.
                         * @param tokenDecimals   The number of decimals that the token uses.
                         * @param newMasterMinter The masterMinter address for the fiat token.
                         * @param newPauser       The pauser address for the fiat token.
                         * @param newBlacklister  The blacklister address for the fiat token.
                         * @param newOwner        The owner of the fiat token.
                         */
                        function initialize(
                            string memory tokenName,
                            string memory tokenSymbol,
                            string memory tokenCurrency,
                            uint8 tokenDecimals,
                            address newMasterMinter,
                            address newPauser,
                            address newBlacklister,
                            address newOwner
                        ) public {
                            require(!initialized, "FiatToken: contract is already initialized");
                            require(
                                newMasterMinter != address(0),
                                "FiatToken: new masterMinter is the zero address"
                            );
                            require(
                                newPauser != address(0),
                                "FiatToken: new pauser is the zero address"
                            );
                            require(
                                newBlacklister != address(0),
                                "FiatToken: new blacklister is the zero address"
                            );
                            require(
                                newOwner != address(0),
                                "FiatToken: new owner is the zero address"
                            );
                            name = tokenName;
                            symbol = tokenSymbol;
                            currency = tokenCurrency;
                            decimals = tokenDecimals;
                            masterMinter = newMasterMinter;
                            pauser = newPauser;
                            blacklister = newBlacklister;
                            setOwner(newOwner);
                            initialized = true;
                        }
                        /**
                         * @dev Throws if called by any account other than a minter.
                         */
                        modifier onlyMinters() {
                            require(minters[msg.sender], "FiatToken: caller is not a minter");
                            _;
                        }
                        /**
                         * @notice Mints fiat tokens to an address.
                         * @param _to The address that will receive the minted tokens.
                         * @param _amount The amount of tokens to mint. Must be less than or equal
                         * to the minterAllowance of the caller.
                         * @return True if the operation was successful.
                         */
                        function mint(address _to, uint256 _amount)
                            external
                            whenNotPaused
                            onlyMinters
                            notBlacklisted(msg.sender)
                            notBlacklisted(_to)
                            returns (bool)
                        {
                            require(_to != address(0), "FiatToken: mint to the zero address");
                            require(_amount > 0, "FiatToken: mint amount not greater than 0");
                            uint256 mintingAllowedAmount = minterAllowed[msg.sender];
                            require(
                                _amount <= mintingAllowedAmount,
                                "FiatToken: mint amount exceeds minterAllowance"
                            );
                            totalSupply_ = totalSupply_.add(_amount);
                            _setBalance(_to, _balanceOf(_to).add(_amount));
                            minterAllowed[msg.sender] = mintingAllowedAmount.sub(_amount);
                            emit Mint(msg.sender, _to, _amount);
                            emit Transfer(address(0), _to, _amount);
                            return true;
                        }
                        /**
                         * @dev Throws if called by any account other than the masterMinter
                         */
                        modifier onlyMasterMinter() {
                            require(
                                msg.sender == masterMinter,
                                "FiatToken: caller is not the masterMinter"
                            );
                            _;
                        }
                        /**
                         * @notice Gets the minter allowance for an account.
                         * @param minter The address to check.
                         * @return The remaining minter allowance for the account.
                         */
                        function minterAllowance(address minter) external view returns (uint256) {
                            return minterAllowed[minter];
                        }
                        /**
                         * @notice Checks if an account is a minter.
                         * @param account The address to check.
                         * @return True if the account is a minter, false if the account is not a minter.
                         */
                        function isMinter(address account) external view returns (bool) {
                            return minters[account];
                        }
                        /**
                         * @notice Gets the remaining amount of fiat tokens a spender is allowed to transfer on
                         * behalf of the token owner.
                         * @param owner   The token owner's address.
                         * @param spender The spender's address.
                         * @return The remaining allowance.
                         */
                        function allowance(address owner, address spender)
                            external
                            override
                            view
                            returns (uint256)
                        {
                            return allowed[owner][spender];
                        }
                        /**
                         * @notice Gets the totalSupply of the fiat token.
                         * @return The totalSupply of the fiat token.
                         */
                        function totalSupply() external override view returns (uint256) {
                            return totalSupply_;
                        }
                        /**
                         * @notice Gets the fiat token balance of an account.
                         * @param account  The address to check.
                         * @return balance The fiat token balance of the account.
                         */
                        function balanceOf(address account)
                            external
                            override
                            view
                            returns (uint256)
                        {
                            return _balanceOf(account);
                        }
                        /**
                         * @notice Sets a fiat token allowance for a spender to spend on behalf of the caller.
                         * @param spender The spender's address.
                         * @param value   The allowance amount.
                         * @return True if the operation was successful.
                         */
                        function approve(address spender, uint256 value)
                            external
                            virtual
                            override
                            whenNotPaused
                            notBlacklisted(msg.sender)
                            notBlacklisted(spender)
                            returns (bool)
                        {
                            _approve(msg.sender, spender, value);
                            return true;
                        }
                        /**
                         * @dev Internal function to set allowance.
                         * @param owner     Token owner's address.
                         * @param spender   Spender's address.
                         * @param value     Allowance amount.
                         */
                        function _approve(
                            address owner,
                            address spender,
                            uint256 value
                        ) internal override {
                            require(owner != address(0), "ERC20: approve from the zero address");
                            require(spender != address(0), "ERC20: approve to the zero address");
                            allowed[owner][spender] = value;
                            emit Approval(owner, spender, value);
                        }
                        /**
                         * @notice Transfers tokens from an address to another by spending the caller's allowance.
                         * @dev The caller must have some fiat token allowance on the payer's tokens.
                         * @param from  Payer's address.
                         * @param to    Payee's address.
                         * @param value Transfer amount.
                         * @return True if the operation was successful.
                         */
                        function transferFrom(
                            address from,
                            address to,
                            uint256 value
                        )
                            external
                            override
                            whenNotPaused
                            notBlacklisted(msg.sender)
                            notBlacklisted(from)
                            notBlacklisted(to)
                            returns (bool)
                        {
                            require(
                                value <= allowed[from][msg.sender],
                                "ERC20: transfer amount exceeds allowance"
                            );
                            _transfer(from, to, value);
                            allowed[from][msg.sender] = allowed[from][msg.sender].sub(value);
                            return true;
                        }
                        /**
                         * @notice Transfers tokens from the caller.
                         * @param to    Payee's address.
                         * @param value Transfer amount.
                         * @return True if the operation was successful.
                         */
                        function transfer(address to, uint256 value)
                            external
                            override
                            whenNotPaused
                            notBlacklisted(msg.sender)
                            notBlacklisted(to)
                            returns (bool)
                        {
                            _transfer(msg.sender, to, value);
                            return true;
                        }
                        /**
                         * @dev Internal function to process transfers.
                         * @param from  Payer's address.
                         * @param to    Payee's address.
                         * @param value Transfer amount.
                         */
                        function _transfer(
                            address from,
                            address to,
                            uint256 value
                        ) internal override {
                            require(from != address(0), "ERC20: transfer from the zero address");
                            require(to != address(0), "ERC20: transfer to the zero address");
                            require(
                                value <= _balanceOf(from),
                                "ERC20: transfer amount exceeds balance"
                            );
                            _setBalance(from, _balanceOf(from).sub(value));
                            _setBalance(to, _balanceOf(to).add(value));
                            emit Transfer(from, to, value);
                        }
                        /**
                         * @notice Adds or updates a new minter with a mint allowance.
                         * @param minter The address of the minter.
                         * @param minterAllowedAmount The minting amount allowed for the minter.
                         * @return True if the operation was successful.
                         */
                        function configureMinter(address minter, uint256 minterAllowedAmount)
                            external
                            whenNotPaused
                            onlyMasterMinter
                            returns (bool)
                        {
                            minters[minter] = true;
                            minterAllowed[minter] = minterAllowedAmount;
                            emit MinterConfigured(minter, minterAllowedAmount);
                            return true;
                        }
                        /**
                         * @notice Removes a minter.
                         * @param minter The address of the minter to remove.
                         * @return True if the operation was successful.
                         */
                        function removeMinter(address minter)
                            external
                            onlyMasterMinter
                            returns (bool)
                        {
                            minters[minter] = false;
                            minterAllowed[minter] = 0;
                            emit MinterRemoved(minter);
                            return true;
                        }
                        /**
                         * @notice Allows a minter to burn some of its own tokens.
                         * @dev The caller must be a minter, must not be blacklisted, and the amount to burn
                         * should be less than or equal to the account's balance.
                         * @param _amount the amount of tokens to be burned.
                         */
                        function burn(uint256 _amount)
                            external
                            whenNotPaused
                            onlyMinters
                            notBlacklisted(msg.sender)
                        {
                            uint256 balance = _balanceOf(msg.sender);
                            require(_amount > 0, "FiatToken: burn amount not greater than 0");
                            require(balance >= _amount, "FiatToken: burn amount exceeds balance");
                            totalSupply_ = totalSupply_.sub(_amount);
                            _setBalance(msg.sender, balance.sub(_amount));
                            emit Burn(msg.sender, _amount);
                            emit Transfer(msg.sender, address(0), _amount);
                        }
                        /**
                         * @notice Updates the master minter address.
                         * @param _newMasterMinter The address of the new master minter.
                         */
                        function updateMasterMinter(address _newMasterMinter) external onlyOwner {
                            require(
                                _newMasterMinter != address(0),
                                "FiatToken: new masterMinter is the zero address"
                            );
                            masterMinter = _newMasterMinter;
                            emit MasterMinterChanged(masterMinter);
                        }
                        /**
                         * @inheritdoc Blacklistable
                         */
                        function _blacklist(address _account) internal override {
                            _setBlacklistState(_account, true);
                        }
                        /**
                         * @inheritdoc Blacklistable
                         */
                        function _unBlacklist(address _account) internal override {
                            _setBlacklistState(_account, false);
                        }
                        /**
                         * @dev Helper method that sets the blacklist state of an account.
                         * @param _account         The address of the account.
                         * @param _shouldBlacklist True if the account should be blacklisted, false if the account should be unblacklisted.
                         */
                        function _setBlacklistState(address _account, bool _shouldBlacklist)
                            internal
                            virtual
                        {
                            _deprecatedBlacklisted[_account] = _shouldBlacklist;
                        }
                        /**
                         * @dev Helper method that sets the balance of an account.
                         * @param _account The address of the account.
                         * @param _balance The new fiat token balance of the account.
                         */
                        function _setBalance(address _account, uint256 _balance) internal virtual {
                            balanceAndBlacklistStates[_account] = _balance;
                        }
                        /**
                         * @inheritdoc Blacklistable
                         */
                        function _isBlacklisted(address _account)
                            internal
                            virtual
                            override
                            view
                            returns (bool)
                        {
                            return _deprecatedBlacklisted[_account];
                        }
                        /**
                         * @dev Helper method to obtain the balance of an account.
                         * @param _account  The address of the account.
                         * @return          The fiat token balance of the account.
                         */
                        function _balanceOf(address _account)
                            internal
                            virtual
                            view
                            returns (uint256)
                        {
                            return balanceAndBlacklistStates[_account];
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { Ownable } from "./Ownable.sol";
                    /**
                     * @title Blacklistable Token
                     * @dev Allows accounts to be blacklisted by a "blacklister" role
                     */
                    abstract contract Blacklistable is Ownable {
                        address public blacklister;
                        mapping(address => bool) internal _deprecatedBlacklisted;
                        event Blacklisted(address indexed _account);
                        event UnBlacklisted(address indexed _account);
                        event BlacklisterChanged(address indexed newBlacklister);
                        /**
                         * @dev Throws if called by any account other than the blacklister.
                         */
                        modifier onlyBlacklister() {
                            require(
                                msg.sender == blacklister,
                                "Blacklistable: caller is not the blacklister"
                            );
                            _;
                        }
                        /**
                         * @dev Throws if argument account is blacklisted.
                         * @param _account The address to check.
                         */
                        modifier notBlacklisted(address _account) {
                            require(
                                !_isBlacklisted(_account),
                                "Blacklistable: account is blacklisted"
                            );
                            _;
                        }
                        /**
                         * @notice Checks if account is blacklisted.
                         * @param _account The address to check.
                         * @return True if the account is blacklisted, false if the account is not blacklisted.
                         */
                        function isBlacklisted(address _account) external view returns (bool) {
                            return _isBlacklisted(_account);
                        }
                        /**
                         * @notice Adds account to blacklist.
                         * @param _account The address to blacklist.
                         */
                        function blacklist(address _account) external onlyBlacklister {
                            _blacklist(_account);
                            emit Blacklisted(_account);
                        }
                        /**
                         * @notice Removes account from blacklist.
                         * @param _account The address to remove from the blacklist.
                         */
                        function unBlacklist(address _account) external onlyBlacklister {
                            _unBlacklist(_account);
                            emit UnBlacklisted(_account);
                        }
                        /**
                         * @notice Updates the blacklister address.
                         * @param _newBlacklister The address of the new blacklister.
                         */
                        function updateBlacklister(address _newBlacklister) external onlyOwner {
                            require(
                                _newBlacklister != address(0),
                                "Blacklistable: new blacklister is the zero address"
                            );
                            blacklister = _newBlacklister;
                            emit BlacklisterChanged(blacklister);
                        }
                        /**
                         * @dev Checks if account is blacklisted.
                         * @param _account The address to check.
                         * @return true if the account is blacklisted, false otherwise.
                         */
                        function _isBlacklisted(address _account)
                            internal
                            virtual
                            view
                            returns (bool);
                        /**
                         * @dev Helper method that blacklists an account.
                         * @param _account The address to blacklist.
                         */
                        function _blacklist(address _account) internal virtual;
                        /**
                         * @dev Helper method that unblacklists an account.
                         * @param _account The address to unblacklist.
                         */
                        function _unBlacklist(address _account) internal virtual;
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    abstract contract AbstractFiatTokenV1 is IERC20 {
                        function _approve(
                            address owner,
                            address spender,
                            uint256 value
                        ) internal virtual;
                        function _transfer(
                            address from,
                            address to,
                            uint256 value
                        ) internal virtual;
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { Ownable } from "../v1/Ownable.sol";
                    import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
                    import { SafeERC20 } from "@openzeppelin/contracts/token/ERC20/SafeERC20.sol";
                    contract Rescuable is Ownable {
                        using SafeERC20 for IERC20;
                        address private _rescuer;
                        event RescuerChanged(address indexed newRescuer);
                        /**
                         * @notice Returns current rescuer
                         * @return Rescuer's address
                         */
                        function rescuer() external view returns (address) {
                            return _rescuer;
                        }
                        /**
                         * @notice Revert if called by any account other than the rescuer.
                         */
                        modifier onlyRescuer() {
                            require(msg.sender == _rescuer, "Rescuable: caller is not the rescuer");
                            _;
                        }
                        /**
                         * @notice Rescue ERC20 tokens locked up in this contract.
                         * @param tokenContract ERC20 token contract address
                         * @param to        Recipient address
                         * @param amount    Amount to withdraw
                         */
                        function rescueERC20(
                            IERC20 tokenContract,
                            address to,
                            uint256 amount
                        ) external onlyRescuer {
                            tokenContract.safeTransfer(to, amount);
                        }
                        /**
                         * @notice Updates the rescuer address.
                         * @param newRescuer The address of the new rescuer.
                         */
                        function updateRescuer(address newRescuer) external onlyOwner {
                            require(
                                newRescuer != address(0),
                                "Rescuable: new rescuer is the zero address"
                            );
                            _rescuer = newRescuer;
                            emit RescuerChanged(newRescuer);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { FiatTokenV1 } from "../v1/FiatTokenV1.sol";
                    import { Rescuable } from "./Rescuable.sol";
                    /**
                     * @title FiatTokenV1_1
                     * @dev ERC20 Token backed by fiat reserves
                     */
                    contract FiatTokenV1_1 is FiatTokenV1, Rescuable {
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    import { ECRecover } from "./ECRecover.sol";
                    import { IERC1271 } from "../interface/IERC1271.sol";
                    /**
                     * @dev Signature verification helper that can be used instead of `ECRecover.recover` to seamlessly support both ECDSA
                     * signatures from externally owned accounts (EOAs) as well as ERC1271 signatures from smart contract wallets.
                     *
                     * Adapted from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/21bb89ef5bfc789b9333eb05e3ba2b7b284ac77c/contracts/utils/cryptography/SignatureChecker.sol
                     */
                    library SignatureChecker {
                        /**
                         * @dev Checks if a signature is valid for a given signer and data hash. If the signer is a smart contract, the
                         * signature is validated against that smart contract using ERC1271, otherwise it's validated using `ECRecover.recover`.
                         * @param signer        Address of the claimed signer
                         * @param digest        Keccak-256 hash digest of the signed message
                         * @param signature     Signature byte array associated with hash
                         */
                        function isValidSignatureNow(
                            address signer,
                            bytes32 digest,
                            bytes memory signature
                        ) external view returns (bool) {
                            if (!isContract(signer)) {
                                return ECRecover.recover(digest, signature) == signer;
                            }
                            return isValidERC1271SignatureNow(signer, digest, signature);
                        }
                        /**
                         * @dev Checks if a signature is valid for a given signer and data hash. The signature is validated
                         * against the signer smart contract using ERC1271.
                         * @param signer        Address of the claimed signer
                         * @param digest        Keccak-256 hash digest of the signed message
                         * @param signature     Signature byte array associated with hash
                         *
                         * NOTE: Unlike ECDSA signatures, contract signatures are revocable, and the outcome of this function can thus
                         * change through time. It could return true at block N and false at block N+1 (or the opposite).
                         */
                        function isValidERC1271SignatureNow(
                            address signer,
                            bytes32 digest,
                            bytes memory signature
                        ) internal view returns (bool) {
                            (bool success, bytes memory result) = signer.staticcall(
                                abi.encodeWithSelector(
                                    IERC1271.isValidSignature.selector,
                                    digest,
                                    signature
                                )
                            );
                            return (success &&
                                result.length >= 32 &&
                                abi.decode(result, (bytes32)) ==
                                bytes32(IERC1271.isValidSignature.selector));
                        }
                        /**
                         * @dev Checks if the input address is a smart contract.
                         */
                        function isContract(address addr) internal view returns (bool) {
                            uint256 size;
                            assembly {
                                size := extcodesize(addr)
                            }
                            return size > 0;
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    /**
                     * @dev Signature message hash utilities for producing digests to be consumed by {ECDSA} recovery or signing.
                     *
                     * The library provides methods for generating a hash of a message that conforms to the
                     * https://eips.ethereum.org/EIPS/eip-191[EIP 191] and https://eips.ethereum.org/EIPS/eip-712[EIP 712]
                     * specifications.
                     */
                    library MessageHashUtils {
                        /**
                         * @dev Returns the keccak256 digest of an EIP-712 typed data (EIP-191 version `0x01`).
                         * Adapted from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/21bb89ef5bfc789b9333eb05e3ba2b7b284ac77c/contracts/utils/cryptography/MessageHashUtils.sol
                         *
                         * The digest is calculated from a `domainSeparator` and a `structHash`, by prefixing them with
                         * `\\x19\\x01` and hashing the result. It corresponds to the hash signed by the
                         * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`] JSON-RPC method as part of EIP-712.
                         *
                         * @param domainSeparator    Domain separator
                         * @param structHash         Hashed EIP-712 data struct
                         * @return digest            The keccak256 digest of an EIP-712 typed data
                         */
                        function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash)
                            internal
                            pure
                            returns (bytes32 digest)
                        {
                            assembly {
                                let ptr := mload(0x40)
                                mstore(ptr, "\\x19\\x01")
                                mstore(add(ptr, 0x02), domainSeparator)
                                mstore(add(ptr, 0x22), structHash)
                                digest := keccak256(ptr, 0x42)
                            }
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    /**
                     * @title EIP712
                     * @notice A library that provides EIP712 helper functions
                     */
                    library EIP712 {
                        /**
                         * @notice Make EIP712 domain separator
                         * @param name      Contract name
                         * @param version   Contract version
                         * @param chainId   Blockchain ID
                         * @return Domain separator
                         */
                        function makeDomainSeparator(
                            string memory name,
                            string memory version,
                            uint256 chainId
                        ) internal view returns (bytes32) {
                            return
                                keccak256(
                                    abi.encode(
                                        // keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)")
                                        0x8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f,
                                        keccak256(bytes(name)),
                                        keccak256(bytes(version)),
                                        chainId,
                                        address(this)
                                    )
                                );
                        }
                        /**
                         * @notice Make EIP712 domain separator
                         * @param name      Contract name
                         * @param version   Contract version
                         * @return Domain separator
                         */
                        function makeDomainSeparator(string memory name, string memory version)
                            internal
                            view
                            returns (bytes32)
                        {
                            uint256 chainId;
                            assembly {
                                chainId := chainid()
                            }
                            return makeDomainSeparator(name, version, chainId);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    /**
                     * @title ECRecover
                     * @notice A library that provides a safe ECDSA recovery function
                     */
                    library ECRecover {
                        /**
                         * @notice Recover signer's address from a signed message
                         * @dev Adapted from: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/65e4ffde586ec89af3b7e9140bdc9235d1254853/contracts/cryptography/ECDSA.sol
                         * Modifications: Accept v, r, and s as separate arguments
                         * @param digest    Keccak-256 hash digest of the signed message
                         * @param v         v of the signature
                         * @param r         r of the signature
                         * @param s         s of the signature
                         * @return Signer address
                         */
                        function recover(
                            bytes32 digest,
                            uint8 v,
                            bytes32 r,
                            bytes32 s
                        ) internal pure returns (address) {
                            // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
                            // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
                            // the valid range for s in (281): 0 < s < secp256k1n ÷ 2 + 1, and for v in (282): v ∈ {27, 28}. Most
                            // signatures from current libraries generate a unique signature with an s-value in the lower half order.
                            //
                            // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
                            // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
                            // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
                            // these malleable signatures as well.
                            if (
                                uint256(s) >
                                0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0
                            ) {
                                revert("ECRecover: invalid signature 's' value");
                            }
                            if (v != 27 && v != 28) {
                                revert("ECRecover: invalid signature 'v' value");
                            }
                            // If the signature is valid (and not malleable), return the signer address
                            address signer = ecrecover(digest, v, r, s);
                            require(signer != address(0), "ECRecover: invalid signature");
                            return signer;
                        }
                        /**
                         * @notice Recover signer's address from a signed message
                         * @dev Adapted from: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/0053ee040a7ff1dbc39691c9e67a69f564930a88/contracts/utils/cryptography/ECDSA.sol
                         * @param digest    Keccak-256 hash digest of the signed message
                         * @param signature Signature byte array associated with hash
                         * @return Signer address
                         */
                        function recover(bytes32 digest, bytes memory signature)
                            internal
                            pure
                            returns (address)
                        {
                            require(signature.length == 65, "ECRecover: invalid signature length");
                            bytes32 r;
                            bytes32 s;
                            uint8 v;
                            // ecrecover takes the signature parameters, and the only way to get them
                            // currently is to use assembly.
                            /// @solidity memory-safe-assembly
                            assembly {
                                r := mload(add(signature, 0x20))
                                s := mload(add(signature, 0x40))
                                v := byte(0, mload(add(signature, 0x60)))
                            }
                            return recover(digest, v, r, s);
                        }
                    }
                    /**
                     * SPDX-License-Identifier: Apache-2.0
                     *
                     * Copyright (c) 2023, Circle Internet Financial, LLC.
                     *
                     * Licensed under the Apache License, Version 2.0 (the "License");
                     * you may not use this file except in compliance with the License.
                     * You may obtain a copy of the License at
                     *
                     * http://www.apache.org/licenses/LICENSE-2.0
                     *
                     * Unless required by applicable law or agreed to in writing, software
                     * distributed under the License is distributed on an "AS IS" BASIS,
                     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
                     * See the License for the specific language governing permissions and
                     * limitations under the License.
                     */
                    pragma solidity 0.6.12;
                    /**
                     * @dev Interface of the ERC1271 standard signature validation method for
                     * contracts as defined in https://eips.ethereum.org/EIPS/eip-1271[ERC-1271].
                     */
                    interface IERC1271 {
                        /**
                         * @dev Should return whether the signature provided is valid for the provided data
                         * @param hash          Hash of the data to be signed
                         * @param signature     Signature byte array associated with the provided data hash
                         * @return magicValue   bytes4 magic value 0x1626ba7e when function passes
                         */
                        function isValidSignature(bytes32 hash, bytes memory signature)
                            external
                            view
                            returns (bytes4 magicValue);
                    }