Contract 0x90a9da3d9342dd52bbb606c8144e2a15c9e2dba4

Txn Hash Method
Block
From
To
Value [Txn Fee]
0xb48b586252cddd6074f2d67223ce42bdd2259a0907b7b7f6ccccd224ba811c570x61014060255302992022-12-19 16:19:40465 days 21 hrs agoSismo: Deployer IN  Create: HydraS1AccountboundAttester0 xDAI0.0984305166
[ Download CSV Export 
View more zero value Internal Transactions in Advanced View mode
Index Block
Loading

Contract Source Code Verified (Exact Match)

Contract Name:
HydraS1AccountboundAttester

Compiler Version
v0.8.14+commit.80d49f37

Optimization Enabled:
Yes with 200 runs

Other Settings:
default evmVersion, MIT license
File 1 of 22 : Ownable.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)

pragma solidity ^0.8.0;

import "../utils/Context.sol";

/**
 * @dev Contract module which provides a basic access control mechanism, where
 * there is an account (an owner) that can be granted exclusive access to
 * specific functions.
 *
 * By default, the owner account will be the one that deploys the contract. This
 * can later be changed with {transferOwnership}.
 *
 * This module is used through inheritance. It will make available the modifier
 * `onlyOwner`, which can be applied to your functions to restrict their use to
 * the owner.
 */
abstract contract Ownable is Context {
    address private _owner;

    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);

    /**
     * @dev Initializes the contract setting the deployer as the initial owner.
     */
    constructor() {
        _transferOwnership(_msgSender());
    }

    /**
     * @dev Throws if called by any account other than the owner.
     */
    modifier onlyOwner() {
        _checkOwner();
        _;
    }

    /**
     * @dev Returns the address of the current owner.
     */
    function owner() public view virtual returns (address) {
        return _owner;
    }

    /**
     * @dev Throws if the sender is not the owner.
     */
    function _checkOwner() internal view virtual {
        require(owner() == _msgSender(), "Ownable: caller is not the owner");
    }

    /**
     * @dev Leaves the contract without owner. It will not be possible to call
     * `onlyOwner` functions anymore. Can only be called by the current owner.
     *
     * NOTE: Renouncing ownership will leave the contract without an owner,
     * thereby removing any functionality that is only available to the owner.
     */
    function renounceOwnership() public virtual onlyOwner {
        _transferOwnership(address(0));
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Can only be called by the current owner.
     */
    function transferOwnership(address newOwner) public virtual onlyOwner {
        require(newOwner != address(0), "Ownable: new owner is the zero address");
        _transferOwnership(newOwner);
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Internal function without access restriction.
     */
    function _transferOwnership(address newOwner) internal virtual {
        address oldOwner = _owner;
        _owner = newOwner;
        emit OwnershipTransferred(oldOwner, newOwner);
    }
}

File 2 of 22 : Initializable.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (proxy/utils/Initializable.sol)

pragma solidity ^0.8.2;

import "../../utils/Address.sol";

/**
 * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
 * behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
 * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
 * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
 *
 * The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
 * reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
 * case an upgrade adds a module that needs to be initialized.
 *
 * For example:
 *
 * [.hljs-theme-light.nopadding]
 * ```
 * contract MyToken is ERC20Upgradeable {
 *     function initialize() initializer public {
 *         __ERC20_init("MyToken", "MTK");
 *     }
 * }
 * contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
 *     function initializeV2() reinitializer(2) public {
 *         __ERC20Permit_init("MyToken");
 *     }
 * }
 * ```
 *
 * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
 * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
 *
 * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
 * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
 *
 * [CAUTION]
 * ====
 * Avoid leaving a contract uninitialized.
 *
 * An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
 * contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
 * the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
 *
 * [.hljs-theme-light.nopadding]
 * ```
 * /// @custom:oz-upgrades-unsafe-allow constructor
 * constructor() {
 *     _disableInitializers();
 * }
 * ```
 * ====
 */
abstract contract Initializable {
    /**
     * @dev Indicates that the contract has been initialized.
     * @custom:oz-retyped-from bool
     */
    uint8 private _initialized;

    /**
     * @dev Indicates that the contract is in the process of being initialized.
     */
    bool private _initializing;

    /**
     * @dev Triggered when the contract has been initialized or reinitialized.
     */
    event Initialized(uint8 version);

    /**
     * @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
     * `onlyInitializing` functions can be used to initialize parent contracts.
     *
     * Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
     * constructor.
     *
     * Emits an {Initialized} event.
     */
    modifier initializer() {
        bool isTopLevelCall = !_initializing;
        require(
            (isTopLevelCall && _initialized < 1) || (!Address.isContract(address(this)) && _initialized == 1),
            "Initializable: contract is already initialized"
        );
        _initialized = 1;
        if (isTopLevelCall) {
            _initializing = true;
        }
        _;
        if (isTopLevelCall) {
            _initializing = false;
            emit Initialized(1);
        }
    }

    /**
     * @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
     * contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
     * used to initialize parent contracts.
     *
     * A reinitializer may be used after the original initialization step. This is essential to configure modules that
     * are added through upgrades and that require initialization.
     *
     * When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
     * cannot be nested. If one is invoked in the context of another, execution will revert.
     *
     * Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
     * a contract, executing them in the right order is up to the developer or operator.
     *
     * WARNING: setting the version to 255 will prevent any future reinitialization.
     *
     * Emits an {Initialized} event.
     */
    modifier reinitializer(uint8 version) {
        require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
        _initialized = version;
        _initializing = true;
        _;
        _initializing = false;
        emit Initialized(version);
    }

    /**
     * @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
     * {initializer} and {reinitializer} modifiers, directly or indirectly.
     */
    modifier onlyInitializing() {
        require(_initializing, "Initializable: contract is not initializing");
        _;
    }

    /**
     * @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
     * Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
     * to any version. It is recommended to use this to lock implementation contracts that are designed to be called
     * through proxies.
     *
     * Emits an {Initialized} event the first time it is successfully executed.
     */
    function _disableInitializers() internal virtual {
        require(!_initializing, "Initializable: contract is initializing");
        if (_initialized < type(uint8).max) {
            _initialized = type(uint8).max;
            emit Initialized(type(uint8).max);
        }
    }

    /**
     * @dev Internal function that returns the initialized version. Returns `_initialized`
     */
    function _getInitializedVersion() internal view returns (uint8) {
        return _initialized;
    }

    /**
     * @dev Internal function that returns the initialized version. Returns `_initializing`
     */
    function _isInitializing() internal view returns (bool) {
        return _initializing;
    }
}

File 3 of 22 : Address.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)

pragma solidity ^0.8.1;

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     * ====
     *
     * [IMPORTANT]
     * ====
     * You shouldn't rely on `isContract` to protect against flash loan attacks!
     *
     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
     * constructor.
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize/address.code.length, which returns 0
        // for contracts in construction, since the code is only stored at the end
        // of the constructor execution.

        return account.code.length > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        (bool success, ) = recipient.call{value: amount}("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value,
        string memory errorMessage
    ) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionDelegateCall(target, data, "Address: low-level delegate call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
     *
     * _Available since v4.8._
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        if (success) {
            if (returndata.length == 0) {
                // only check isContract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                require(isContract(target), "Address: call to non-contract");
            }
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
     * revert reason or using the provided one.
     *
     * _Available since v4.3._
     */
    function verifyCallResult(
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal pure returns (bytes memory) {
        if (success) {
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    function _revert(bytes memory returndata, string memory errorMessage) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            /// @solidity memory-safe-assembly
            assembly {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert(errorMessage);
        }
    }
}

File 4 of 22 : Context.sol
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)

pragma solidity ^0.8.0;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }
}

File 5 of 22 : HydraS1Verifier.sol
//
// Copyright 2017 Christian Reitwiessner
// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// 2019 OKIMS
//      ported to solidity 0.6
//      fixed linter warnings
//      added requiere error messages
//
//
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.0;
library Pairing {
    struct G1Point {
        uint X;
        uint Y;
    }
    // Encoding of field elements is: X[0] * z + X[1]
    struct G2Point {
        uint[2] X;
        uint[2] Y;
    }
    /// @return the generator of G1
    function P1() internal pure returns (G1Point memory) {
        return G1Point(1, 2);
    }
    /// @return the generator of G2
    function P2() internal pure returns (G2Point memory) {
        // Original code point
        return G2Point(
            [11559732032986387107991004021392285783925812861821192530917403151452391805634,
             10857046999023057135944570762232829481370756359578518086990519993285655852781],
            [4082367875863433681332203403145435568316851327593401208105741076214120093531,
             8495653923123431417604973247489272438418190587263600148770280649306958101930]
        );

/*
        // Changed by Jordi point
        return G2Point(
            [10857046999023057135944570762232829481370756359578518086990519993285655852781,
             11559732032986387107991004021392285783925812861821192530917403151452391805634],
            [8495653923123431417604973247489272438418190587263600148770280649306958101930,
             4082367875863433681332203403145435568316851327593401208105741076214120093531]
        );
*/
    }
    /// @return r the negation of p, i.e. p.addition(p.negate()) should be zero.
    function negate(G1Point memory p) internal pure returns (G1Point memory r) {
        // The prime q in the base field F_q for G1
        uint q = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
        if (p.X == 0 && p.Y == 0)
            return G1Point(0, 0);
        return G1Point(p.X, q - (p.Y % q));
    }
    /// @return r the sum of two points of G1
    function addition(G1Point memory p1, G1Point memory p2) internal view returns (G1Point memory r) {
        uint[4] memory input;
        input[0] = p1.X;
        input[1] = p1.Y;
        input[2] = p2.X;
        input[3] = p2.Y;
        bool success;
        // solium-disable-next-line security/no-inline-assembly
        assembly {
            success := staticcall(sub(gas(), 2000), 6, input, 0xc0, r, 0x60)
            // Use "invalid" to make gas estimation work
            switch success case 0 { invalid() }
        }
        require(success,"pairing-add-failed");
    }
    /// @return r the product of a point on G1 and a scalar, i.e.
    /// p == p.scalar_mul(1) and p.addition(p) == p.scalar_mul(2) for all points p.
    function scalar_mul(G1Point memory p, uint s) internal view returns (G1Point memory r) {
        uint[3] memory input;
        input[0] = p.X;
        input[1] = p.Y;
        input[2] = s;
        bool success;
        // solium-disable-next-line security/no-inline-assembly
        assembly {
            success := staticcall(sub(gas(), 2000), 7, input, 0x80, r, 0x60)
            // Use "invalid" to make gas estimation work
            switch success case 0 { invalid() }
        }
        require (success,"pairing-mul-failed");
    }
    /// @return the result of computing the pairing check
    /// e(p1[0], p2[0]) *  .... * e(p1[n], p2[n]) == 1
    /// For example pairing([P1(), P1().negate()], [P2(), P2()]) should
    /// return true.
    function pairing(G1Point[] memory p1, G2Point[] memory p2) internal view returns (bool) {
        require(p1.length == p2.length,"pairing-lengths-failed");
        uint elements = p1.length;
        uint inputSize = elements * 6;
        uint[] memory input = new uint[](inputSize);
        for (uint i = 0; i < elements; i++)
        {
            input[i * 6 + 0] = p1[i].X;
            input[i * 6 + 1] = p1[i].Y;
            input[i * 6 + 2] = p2[i].X[0];
            input[i * 6 + 3] = p2[i].X[1];
            input[i * 6 + 4] = p2[i].Y[0];
            input[i * 6 + 5] = p2[i].Y[1];
        }
        uint[1] memory out;
        bool success;
        // solium-disable-next-line security/no-inline-assembly
        assembly {
            success := staticcall(sub(gas(), 2000), 8, add(input, 0x20), mul(inputSize, 0x20), out, 0x20)
            // Use "invalid" to make gas estimation work
            switch success case 0 { invalid() }
        }
        require(success,"pairing-opcode-failed");
        return out[0] != 0;
    }
    /// Convenience method for a pairing check for two pairs.
    function pairingProd2(G1Point memory a1, G2Point memory a2, G1Point memory b1, G2Point memory b2) internal view returns (bool) {
        G1Point[] memory p1 = new G1Point[](2);
        G2Point[] memory p2 = new G2Point[](2);
        p1[0] = a1;
        p1[1] = b1;
        p2[0] = a2;
        p2[1] = b2;
        return pairing(p1, p2);
    }
    /// Convenience method for a pairing check for three pairs.
    function pairingProd3(
            G1Point memory a1, G2Point memory a2,
            G1Point memory b1, G2Point memory b2,
            G1Point memory c1, G2Point memory c2
    ) internal view returns (bool) {
        G1Point[] memory p1 = new G1Point[](3);
        G2Point[] memory p2 = new G2Point[](3);
        p1[0] = a1;
        p1[1] = b1;
        p1[2] = c1;
        p2[0] = a2;
        p2[1] = b2;
        p2[2] = c2;
        return pairing(p1, p2);
    }
    /// Convenience method for a pairing check for four pairs.
    function pairingProd4(
            G1Point memory a1, G2Point memory a2,
            G1Point memory b1, G2Point memory b2,
            G1Point memory c1, G2Point memory c2,
            G1Point memory d1, G2Point memory d2
    ) internal view returns (bool) {
        G1Point[] memory p1 = new G1Point[](4);
        G2Point[] memory p2 = new G2Point[](4);
        p1[0] = a1;
        p1[1] = b1;
        p1[2] = c1;
        p1[3] = d1;
        p2[0] = a2;
        p2[1] = b2;
        p2[2] = c2;
        p2[3] = d2;
        return pairing(p1, p2);
    }
}
contract HydraS1Verifier {
    using Pairing for *;
    struct VerifyingKey {
        Pairing.G1Point alfa1;
        Pairing.G2Point beta2;
        Pairing.G2Point gamma2;
        Pairing.G2Point delta2;
        Pairing.G1Point[] IC;
    }
    struct Proof {
        Pairing.G1Point A;
        Pairing.G2Point B;
        Pairing.G1Point C;
    }
    function verifyingKey() internal pure returns (VerifyingKey memory vk) {
        vk.alfa1 = Pairing.G1Point(
            20491192805390485299153009773594534940189261866228447918068658471970481763042,
            9383485363053290200918347156157836566562967994039712273449902621266178545958
        );

        vk.beta2 = Pairing.G2Point(
            [4252822878758300859123897981450591353533073413197771768651442665752259397132,
             6375614351688725206403948262868962793625744043794305715222011528459656738731],
            [21847035105528745403288232691147584728191162732299865338377159692350059136679,
             10505242626370262277552901082094356697409835680220590971873171140371331206856]
        );
        vk.gamma2 = Pairing.G2Point(
            [11559732032986387107991004021392285783925812861821192530917403151452391805634,
             10857046999023057135944570762232829481370756359578518086990519993285655852781],
            [4082367875863433681332203403145435568316851327593401208105741076214120093531,
             8495653923123431417604973247489272438418190587263600148770280649306958101930]
        );
        vk.delta2 = Pairing.G2Point(
            [8609986746108439658545470593166889256314951959466775818870246174320018498804,
             6848251127850009101372611262053374737897586140140607384018397707035108265914],
            [21367916863936594568281095443965096905143705300114190558130516981138584550504,
             13327705762185115653848159709412003423932761899188342359583872691135383932883]
        );
        vk.IC = new Pairing.G1Point[](11);
        
        vk.IC[0] = Pairing.G1Point( 
            19965766170734310004645394427613286415565755728797065894668054116047682895204,
            6952067612339183672227137101423582097916038093373585908267153974352032944482
        );                                      
        
        vk.IC[1] = Pairing.G1Point( 
            3754737654948662562435613969155994959132173506784418442817218316697091994043,
            16520141448541154153981919757383608282199583682574061862571018786569723115048
        );                                      
        
        vk.IC[2] = Pairing.G1Point( 
            14734466460881491794568175288621656907425457509621292263456156896685122952305,
            18495564446073110430251898491840031389094613665866187171071741938161262650771
        );                                      
        
        vk.IC[3] = Pairing.G1Point( 
            13987716160490730015463796942940452666334097189904948795214986996497499925899,
            5336810094802209074340875836312868429276540870324469349093948627126061524544
        );                                      
        
        vk.IC[4] = Pairing.G1Point( 
            14931593253473978964215343699995811275378324235306358485461293343370969283966,
            564306919152089917957316877787764763278299990971316475606280877961553231205
        );                                      
        
        vk.IC[5] = Pairing.G1Point( 
            11591267743733991434114686002448165336885445656808796470854638278338319268343,
            11495219763417990955889652410266075210402006084183208750635660647824890013350
        );                                      
        
        vk.IC[6] = Pairing.G1Point( 
            8183184532870222270700473518157259944911700429689031755853536692005688965081,
            9121077094104828462137861111631978599019724423614716723152060153405564278301
        );                                      
        
        vk.IC[7] = Pairing.G1Point( 
            4314095526093128699362232919686741372014146055311239687202926853002748112330,
            11665330391505820654128458332883010598817535082070674418723503440883598640597
        );                                      
        
        vk.IC[8] = Pairing.G1Point( 
            19602244162575575785636531633124796303002902053486919698240132790672698216585,
            181057165072599074288983745076121344893296348827576905983079816835912241514
        );                                      
        
        vk.IC[9] = Pairing.G1Point( 
            18925967077785550270509493111690046951994174908254476036944536825999614778001,
            4990629719417206796668074534812314525340851981015724652256935997545282642849
        );                                      
        
        vk.IC[10] = Pairing.G1Point( 
            7320700433668244102684846027945878190869912696586803178638351868907615350377,
            2941840530209756385349015075958743796933501451265755778001586753024906675441
        );                                      
        
    }
    function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
        uint256 snark_scalar_field = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
        VerifyingKey memory vk = verifyingKey();
        require(input.length + 1 == vk.IC.length,"verifier-bad-input");
        // Compute the linear combination vk_x
        Pairing.G1Point memory vk_x = Pairing.G1Point(0, 0);
        for (uint i = 0; i < input.length; i++) {
            require(input[i] < snark_scalar_field,"verifier-gte-snark-scalar-field");
            vk_x = Pairing.addition(vk_x, Pairing.scalar_mul(vk.IC[i + 1], input[i]));
        }
        vk_x = Pairing.addition(vk_x, vk.IC[0]);
        if (!Pairing.pairingProd4(
            Pairing.negate(proof.A), proof.B,
            vk.alfa1, vk.beta2,
            vk_x, vk.gamma2,
            proof.C, vk.delta2
        )) return 1;
        return 0;
    }
    /// @return r  bool true if proof is valid
    function verifyProof(
            uint[2] memory a,
            uint[2][2] memory b,
            uint[2] memory c,
            uint[10] memory input
        ) public view returns (bool r) {
        Proof memory proof;
        proof.A = Pairing.G1Point(a[0], a[1]);
        proof.B = Pairing.G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
        proof.C = Pairing.G1Point(c[0], c[1]);
        uint[] memory inputValues = new uint[](input.length);
        for(uint i = 0; i < input.length; i++){
            inputValues[i] = input[i];
        }
        if (verify(inputValues, proof) == 0) {
            return true;
        } else {
            return false;
        }
    }
}

File 6 of 22 : HydraS1AccountboundAttester.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {Ownable} from '@openzeppelin/contracts/access/Ownable.sol';

import {IHydraS1AccountboundAttester} from './interfaces/IHydraS1AccountboundAttester.sol';

// Core protocol Protocol imports
import {Request, Attestation, Claim} from '../../core/libs/Structs.sol';

// Imports related to Hydra-S1
import {HydraS1SimpleAttester, IAttester, HydraS1Lib, HydraS1ProofData, HydraS1Claim} from './HydraS1SimpleAttester.sol';

/**
 * @title  Hydra-S1 Accountbound Attester
 * @author Sismo
 * @notice This attester is part of the family of the Hydra-S1 Attesters.
 * Hydra-S1 attesters enable users to prove they have an account in a group in a privacy preserving way.
 * The Hydra-S1 Simple Attester contract is inherited and holds the complex Hydra S1 verification logic.
 * Request verification alongside proof verification is already implemented in the inherited HydraS1SimpleAttester, along with the buildAttestations logic.
 * However, we override the buildAttestations function to encode the nullifier and its burn count in the user attestation.
 * The _beforeRecordAttestations is also overriden to fit the Accountbound logic.
 * We invite readers to refer to:
 *    - https://hydra-s1.docs.sismo.io for a full guide through the Hydra-S1 ZK Attestations
 *    - https://hydra-s1-circuits.docs.sismo.io for circuits, prover and verifiers of Hydra-S1

 * This specific attester has the following characteristics:

 * - Zero Knowledge
 *   One cannot deduct from an attestation what source account was used to generate the underlying proof

 * - Non Strict (scores)
 *   If a user can generate an attestation of max value 100, they can also generate any attestation with value < 100.
 *   This attester generate attestations of scores

 * - Nullified
 *   Each source account gets one nullifier per claim (i.e only one attestation per source account per claim)
 *   While semaphore/ tornado cash are using the following notations: nullifierHash = hash(IdNullifier, externalNullifier)
 *   We prefered to use the naming 'nullifier' instead of 'nullifierHash' in our contracts and documentation.
 *   We also renamed 'IdNullifier' in 'sourceSecret' (the secret tied to a source account) and we kept the 'externalNullifier' notation.
 *   Finally, here is our notations at Sismo: nullifier = hash(sourceSecret, externalNullifier)

 * - Accountbound (opt-in, with cooldown period)
 *   The owner of this attester can set a cooldown duration for a specific group, activating the accountbound feature for this group.
 *   Users can update their attestation's destination by providing a new Hydra-S1 ZK proof 
 *   It means the attestation is bound to the source account, stored on an updatable destination account.
 *   When deleting/ sending to a new destination, the nullifier will enter a cooldown period, so it remains occasional.
 *   A group that has its cooldown duration set to 0 means it has been configured to not feature accountbound attestations, attestations can not be transferred
 *   One can however know that the former and the new destinations were created using the same nullifier, thus creating a link between those two destinations.
 
 * - Renewable
 *   A nullifier can actually be reused as long as the destination of the attestation remains the same
 *   It enables users to renew or update their attestations
 **/

contract HydraS1AccountboundAttester is
  IHydraS1AccountboundAttester,
  HydraS1SimpleAttester,
  Ownable
{
  using HydraS1Lib for HydraS1ProofData;
  using HydraS1Lib for bytes;
  using HydraS1Lib for Request;

  uint8 public constant IMPLEMENTATION_VERSION = 4;

  /*******************************************************
    Storage layout:
    20 slots between HydraS1SimpleAttester and HydraS1AccountboundAttester
      1 currently used by Ownable
      19 place holders
    2O for config
      1 currently used
      19 place holders
    20 for logic
      2 currently used
      18 place holders
  *******************************************************/

  // keeping some space for future config logics
  uint256[19] private _placeHolderBeforeHydraS1Accountbound;

  // cooldown durations for each groupIndex
  mapping(uint256 => uint32) internal _cooldownDurations;

  // keeping some space for future config logics
  uint256[19] private _placeHoldersHydraS1AccountboundConfig;

  mapping(uint256 => uint32) internal _nullifiersCooldownStart;
  mapping(uint256 => uint16) internal _nullifiersBurnCount;

  // keeping some space for future config logics
  uint256[18] private _placeHoldersHydraS1AccountboundLogic;

  /*******************************************************
    INITIALIZATION FUNCTIONS                           
  *******************************************************/
  /**
   * @dev Constructor. Initializes the contract
   * @param attestationsRegistryAddress Attestations Registry contract on which the attester will write attestations
   * @param hydraS1VerifierAddress ZK Snark Hydra-S1 Verifier contract
   * @param availableRootsRegistryAddress Registry storing the available groups for this attester (e.g roots of registry merkle trees)
   * @param commitmentMapperAddress commitment mapper's public key registry
   * @param collectionIdFirst Id of the first attestation collection in which the attester is supposed to record
   * @param collectionIdLast Id of the last attestation collection in which the attester is supposed to record
   * @param owner Address of attester's owner
   */
  constructor(
    address attestationsRegistryAddress,
    address hydraS1VerifierAddress,
    address availableRootsRegistryAddress,
    address commitmentMapperAddress,
    uint256 collectionIdFirst,
    uint256 collectionIdLast,
    address owner
  )
    HydraS1SimpleAttester(
      attestationsRegistryAddress,
      hydraS1VerifierAddress,
      availableRootsRegistryAddress,
      commitmentMapperAddress,
      collectionIdFirst,
      collectionIdLast
    )
  {
    initialize(owner);
  }

  /**
   * @dev Initialize function, to be called by the proxy delegating calls to this implementation
   * @param ownerAddress Owner of the contract, has the right to authorize/unauthorize attestations issuers
   * @notice The reinitializer modifier is needed to configure modules that are added through upgrades and that require initialization.
   */
  function initialize(address ownerAddress) public reinitializer(IMPLEMENTATION_VERSION) {
    // if proxy did not setup owner yet or if called by constructor (for implem setup)
    if (owner() == address(0) || address(this).code.length == 0) {
      _transferOwnership(ownerAddress);
    }
  }

  /*******************************************************
    MANDATORY FUNCTIONS TO OVERRIDE FROM ATTESTER.SOL
  *******************************************************/

  /**
   * @dev Returns the actual attestations constructed from the user request
   * @param request users request. Claim of having an account part of a group of accounts
   * @param proofData snark public input as well as snark proof
   */
  function buildAttestations(
    Request calldata request,
    bytes calldata proofData
  ) public view virtual override(IAttester, HydraS1SimpleAttester) returns (Attestation[] memory) {
    Attestation[] memory attestations = super.buildAttestations(request, proofData);

    uint256 nullifier = proofData._getNullifier();
    attestations[0].extraData = abi.encode(
      attestations[0].extraData, // nullifier, from HydraS1 Simple
      _getNextBurnCount(nullifier, attestations[0].owner) // BurnCount
    );

    return (attestations);
  }

  /*******************************************************
    OPTIONAL HOOK VIRTUAL FUNCTIONS FROM ATTESTER.SOL
  *******************************************************/
  /**
   * @dev Hook run before recording the attestation.
   * Throws if nullifier already used, not a renewal, and nullifier on cooldown.
   * @param request users request. Claim of having an account part of a group of accounts
   * @param proofData provided to back the request. snark input and snark proof
   */
  function _beforeRecordAttestations(
    Request calldata request,
    bytes calldata proofData
  ) internal virtual override {
    uint256 nullifier = proofData._getNullifier();
    address previousNullifierDestination = _getDestinationOfNullifier(nullifier);

    HydraS1Claim memory claim = request._claim();

    // check if the nullifier has already been used previously, if so it may be on cooldown
    if (
      previousNullifierDestination != address(0) &&
      previousNullifierDestination != claim.destination
    ) {
      uint32 cooldownDuration = _getCooldownDurationForGroupIndex(claim.groupProperties.groupIndex);
      if (cooldownDuration == 0) {
        revert CooldownDurationNotSetForGroupIndex(claim.groupProperties.groupIndex);
      }
      if (_isOnCooldown(nullifier, cooldownDuration)) {
        uint16 burnCount = _getNullifierBurnCount(nullifier);
        revert NullifierOnCooldown(
          nullifier,
          previousNullifierDestination,
          burnCount,
          cooldownDuration
        );
      }

      // Delete the old Attestation linked to the nullifier before recording the new one (accountbound feature)
      _deletePreviousAttestation(claim, previousNullifierDestination);

      _setNullifierOnCooldownAndIncrementBurnCount(nullifier);
    }
    _setDestinationForNullifier(nullifier, request.destination);
  }

  /*******************************************************
    LOGIC FUNCTIONS RELATED TO ACCOUNTBOUND FEATURE
  *******************************************************/

  /**
   * @dev Getter, returns the burnCount of a nullifier
   * @param nullifier nullifier used
   **/
  function getNullifierBurnCount(uint256 nullifier) external view returns (uint16) {
    return _getNullifierBurnCount(nullifier);
  }

  /**
   * @dev Getter, returns the cooldown start of a nullifier
   * @param nullifier nullifier used
   **/
  function getNullifierCooldownStart(uint256 nullifier) external view returns (uint32) {
    return _getNullifierCooldownStart(nullifier);
  }

  /**
   * @dev returns the nullifier for a given extraData
   * @param extraData bytes where the nullifier is encoded
   */
  function getNullifierFromExtraData(
    bytes memory extraData
  ) external pure override(HydraS1SimpleAttester, IHydraS1AccountboundAttester) returns (uint256) {
    (uint256 nullifier, ) = abi.decode(extraData, (uint256, uint16));

    return nullifier;
  }

  /**
   * @dev Returns the burn count for a given extraData
   * @param extraData bytes where the burnCount is encoded
   */
  function getBurnCountFromExtraData(bytes memory extraData) external pure returns (uint16) {
    (, uint16 burnCount) = abi.decode(extraData, (uint256, uint16));

    return burnCount;
  }

  /**
   * @dev Checks if a nullifier is on cooldown
   * @param nullifier user nullifier
   * @param cooldownDuration waiting time before the user can change its badge destination
   */
  function _isOnCooldown(uint256 nullifier, uint32 cooldownDuration) internal view returns (bool) {
    return _getNullifierCooldownStart(nullifier) + cooldownDuration > block.timestamp;
  }

  /**
   * @dev Delete the previous attestation created with this nullifier
   * @param claim user claim
   * @param previousNullifierDestination previous destination chosen for this user nullifier
   */
  function _deletePreviousAttestation(
    HydraS1Claim memory claim,
    address previousNullifierDestination
  ) internal {
    address[] memory attestationOwners = new address[](1);
    uint256[] memory attestationCollectionIds = new uint256[](1);

    attestationOwners[0] = previousNullifierDestination;
    attestationCollectionIds[0] = AUTHORIZED_COLLECTION_ID_FIRST + claim.groupProperties.groupIndex;

    ATTESTATIONS_REGISTRY.deleteAttestations(attestationOwners, attestationCollectionIds);
  }

  function _setNullifierOnCooldownAndIncrementBurnCount(uint256 nullifier) internal {
    _nullifiersCooldownStart[nullifier] = uint32(block.timestamp);
    _nullifiersBurnCount[nullifier] += 1;
    emit NullifierSetOnCooldown(nullifier, _nullifiersBurnCount[nullifier]);
  }

  function _getNullifierCooldownStart(uint256 nullifier) internal view returns (uint32) {
    return _nullifiersCooldownStart[nullifier];
  }

  function _getNullifierBurnCount(uint256 nullifier) internal view returns (uint16) {
    return _nullifiersBurnCount[nullifier];
  }

  /**
   * @dev returns burn count or burn count + 1 if new burn will happen
   * @param nullifier user nullifier
   * @param claimDestination destination referenced in the user claim
   */
  function _getNextBurnCount(
    uint256 nullifier,
    address claimDestination
  ) public view virtual returns (uint16) {
    address previousNullifierDestination = _getDestinationOfNullifier(nullifier);
    uint16 burnCount = _getNullifierBurnCount(nullifier);
    // If the attestation is minted on a new destination address
    // the burnCount that will be encoded in the extraData of the Attestation should be incremented
    if (
      previousNullifierDestination != address(0) && previousNullifierDestination != claimDestination
    ) {
      burnCount += 1;
    }
    return burnCount;
  }

  /*******************************************************
    GROUP CONFIGURATION LOGIC
  *******************************************************/

  /**
   * @dev Setter, sets the cooldown duration of a groupIndex
   * @notice set to 0 to deactivate the accountbound feature for this group
   * @param groupIndex internal collection id
   * @param cooldownDuration cooldown duration we want to set for the groupIndex
   **/
  function setCooldownDurationForGroupIndex(
    uint256 groupIndex,
    uint32 cooldownDuration
  ) external onlyOwner {
    _cooldownDurations[groupIndex] = cooldownDuration;
    emit CooldownDurationSetForGroupIndex(groupIndex, cooldownDuration);
  }

  /**
   * @dev Getter, get the cooldown duration of a groupIndex
   * @notice returns 0 when the accountbound feature is deactivated for this group
   * @param groupIndex internal collection id
   **/
  function getCooldownDurationForGroupIndex(uint256 groupIndex) external view returns (uint32) {
    return _getCooldownDurationForGroupIndex(groupIndex);
  }

  // = 0 means that the accountbound feature is deactivated for this group
  function _getCooldownDurationForGroupIndex(uint256 groupIndex) internal view returns (uint32) {
    return _cooldownDurations[groupIndex];
  }
}

File 7 of 22 : HydraS1SimpleAttester.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {IHydraS1SimpleAttester} from './interfaces/IHydraS1SimpleAttester.sol';
import {IHydraS1Base} from './base/IHydraS1Base.sol';

// Core protocol Protocol imports
import {Request, Attestation, Claim} from './../../core/libs/Structs.sol';
import {Attester, IAttester, IAttestationsRegistry} from './../../core/Attester.sol';

// Imports related to HydraS1 Proving Scheme
import {HydraS1Base, HydraS1Lib, HydraS1ProofData, HydraS1ProofInput, HydraS1Claim} from './base/HydraS1Base.sol';

/**
 * @title  Hydra-S1 Simple Attester
 * @author Sismo
 * @notice This attester is part of the family of the Hydra-S1 Attesters.
 * Hydra-S1 attesters enable users to prove they have an account in a group in a privacy preserving way.
 * The Hydra-S1 Base abstract contract is inherited and holds the complex Hydra S1 verification logic.
 * We invite readers to refer to:
 *    - https://hydra-s1.docs.sismo.io for a full guide through the Hydra-S1 ZK Attestations
 *    - https://hydra-s1-circuits.docs.sismo.io for circuits, prover and verifiers of Hydra-S1

 * This specific attester has the following characteristics:

 * - Zero Knowledge
 *   One cannot deduct from an attestation what source account was used to generate the underlying proof

 * - Non Strict (scores)
 *   If a user can generate an attestation of max value 100, they can also generate any attestation with value < 100.
 *   This attester generate attestations of scores

 * - Nullified
 *   Each source account gets one nullifier per claim (i.e only one attestation per source account per claim)
 *   For people used to semaphore/ tornado cash people:
 *   nullifier = hash(sourceSecret, externalNullifier) <=> nullifierHash = hash(IdNullifier, externalNullifier)
 
 * - Renewable
 *   A nullifier can actually be reused as long as the destination of the attestation remains the same
 *   It enables users to renew their attestations
 **/

contract HydraS1SimpleAttester is IHydraS1SimpleAttester, HydraS1Base {
  using HydraS1Lib for HydraS1ProofData;
  using HydraS1Lib for bytes;
  using HydraS1Lib for Request;

  // The deployed contract will need to be authorized to write into the Attestation registry
  // It should get write access on attestation collections from AUTHORIZED_COLLECTION_ID_FIRST to AUTHORIZED_COLLECTION_ID_LAST.
  uint256 public immutable AUTHORIZED_COLLECTION_ID_FIRST;
  uint256 public immutable AUTHORIZED_COLLECTION_ID_LAST;

  /*******************************************************
    Storage layout:
      20 slots for HydraS1
        1 slot used
        19 place holders
  *******************************************************/

  mapping(uint256 => address) internal _nullifiersDestinations;

  // keeping some space for future
  uint256[19] private _placeHoldersHydraS1Simple;

  /*******************************************************
    INITIALIZATION FUNCTIONS                           
  *******************************************************/
  /**
   * @dev Constructor. Initializes the contract
   * @param attestationsRegistryAddress Attestations Registry contract on which the attester will write attestations
   * @param hydraS1VerifierAddress ZK Snark Hydra-S1 Verifier contract
   * @param availableRootsRegistryAddress Registry storing the available groups for this attester (e.g roots of registry merkle trees)
   * @param commitmentMapperAddress commitment mapper's public key registry
   * @param collectionIdFirst Id of the first collection in which the attester is supposed to record
   * @param collectionIdLast Id of the last collection in which the attester is supposed to record
   */
  constructor(
    address attestationsRegistryAddress,
    address hydraS1VerifierAddress,
    address availableRootsRegistryAddress,
    address commitmentMapperAddress,
    uint256 collectionIdFirst,
    uint256 collectionIdLast
  )
    Attester(attestationsRegistryAddress)
    HydraS1Base(hydraS1VerifierAddress, availableRootsRegistryAddress, commitmentMapperAddress)
  {
    AUTHORIZED_COLLECTION_ID_FIRST = collectionIdFirst;
    AUTHORIZED_COLLECTION_ID_LAST = collectionIdLast;
  }

  /*******************************************************
    MANDATORY FUNCTIONS TO OVERRIDE FROM ATTESTER.SOL
  *******************************************************/

  /**
   * @dev Throws if user request is invalid when verified against
   * Look into HydraS1Base for more details
   * @param request users request. Claim of having an account part of a group of accounts
   * @param proofData provided to back the request. snark input and snark proof
   */
  function _verifyRequest(
    Request calldata request,
    bytes calldata proofData
  ) internal virtual override {
    HydraS1ProofData memory snarkProof = abi.decode(proofData, (HydraS1ProofData));
    HydraS1ProofInput memory snarkInput = snarkProof._input();
    HydraS1Claim memory claim = request._claim();

    // verifies that the proof corresponds to the claim
    _validateInput(claim, snarkInput);
    // verifies the proof validity
    _verifyProof(snarkProof);
  }

  /**
   * @dev Returns attestations that will be recorded, constructed from the user request
   * @param request users request. Claim of having an account part of a group of accounts
   */
  function buildAttestations(
    Request calldata request,
    bytes calldata proofData
  ) public view virtual override(IAttester, Attester) returns (Attestation[] memory) {
    HydraS1Claim memory claim = request._claim();

    Attestation[] memory attestations = new Attestation[](1);

    uint256 attestationCollectionId = AUTHORIZED_COLLECTION_ID_FIRST +
      claim.groupProperties.groupIndex;

    if (attestationCollectionId > AUTHORIZED_COLLECTION_ID_LAST)
      revert CollectionIdOutOfBound(attestationCollectionId);

    address issuer = address(this);

    uint256 nullifier = proofData._getNullifier();

    attestations[0] = Attestation(
      attestationCollectionId,
      claim.destination,
      issuer,
      claim.claimedValue,
      claim.groupProperties.generationTimestamp,
      abi.encode(nullifier)
    );
    return (attestations);
  }

  /*******************************************************
    OPTIONAL HOOK VIRTUAL FUNCTIONS FROM ATTESTER.SOL
  *******************************************************/

  /**
   * @dev Hook run before recording the attestation.
   * Throws if nullifier already used and not a renewal (e.g destination different that last)
   * @param request users request. Claim of having an account part of a group of accounts
   * @param proofData provided to back the request. snark input and snark proof
   */
  function _beforeRecordAttestations(
    Request calldata request,
    bytes calldata proofData
  ) internal virtual override {
    // we get the nullifier used from the snark input in the data provided
    uint256 nullifier = proofData._getNullifier();
    address currentDestination = _getDestinationOfNullifier(nullifier);

    if (currentDestination != address(0) && currentDestination != request.destination) {
      revert NullifierUsed(nullifier);
    }

    _setDestinationForNullifier(nullifier, request.destination);
  }

  /*******************************************************
    Hydra-S1 MANDATORY FUNCTIONS FROM Hydra-S1 Base Attester
  *******************************************************/

  /**
   * @dev Returns the external nullifier from a user claim
   * @param claim user Hydra-S1 claim = have an account with a specific value in a specific group
   * nullifier = hash(sourceSecretHash, externalNullifier), which is verified inside the snark
   * users bring sourceSecretHash as private input in snark which guarantees privacy
   
   * Here we chose externalNullifier = hash(attesterAddress, claim.GroupId)
   * Creates one nullifier per group, per user and makes sure no collision with other attester's nullifiers
  **/
  function _getExternalNullifierOfClaim(
    HydraS1Claim memory claim
  ) internal view override returns (uint256) {
    uint256 externalNullifier = _encodeInSnarkField(
      address(this),
      claim.groupProperties.groupIndex
    );
    return externalNullifier;
  }

  /**
   * @dev returns the nullifier for a given extraData
   * @param extraData bytes where the nullifier is encoded
   */
  function getNullifierFromExtraData(
    bytes memory extraData
  ) external pure virtual override(IHydraS1Base, HydraS1Base) returns (uint256) {
    return abi.decode(extraData, (uint256));
  }

  /*******************************************************
    Hydra-S1 Attester Specific Functions
  *******************************************************/

  /**
   * @dev Getter, returns the last attestation destination of a nullifier
   * @param nullifier nullifier used
   **/
  function getDestinationOfNullifier(uint256 nullifier) external view override returns (address) {
    return _getDestinationOfNullifier(nullifier);
  }

  function _setDestinationForNullifier(uint256 nullifier, address destination) internal virtual {
    _nullifiersDestinations[nullifier] = destination;
    emit NullifierDestinationUpdated(nullifier, destination);
  }

  function _getDestinationOfNullifier(uint256 nullifier) internal view returns (address) {
    return _nullifiersDestinations[nullifier];
  }

  function _encodeInSnarkField(address addr, uint256 nb) internal pure returns (uint256) {
    return uint256(keccak256(abi.encode(addr, nb))) % HydraS1Lib.SNARK_FIELD;
  }
}

File 8 of 22 : HydraS1Base.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {IHydraS1Base} from './IHydraS1Base.sol';
import {Attester} from '../../../core/Attester.sol';
import {Initializable} from '@openzeppelin/contracts/proxy/utils/Initializable.sol';

// Protocol imports
import {Request, Attestation, Claim} from '../../../core/libs/Structs.sol';

// Imports related to Hydra S1 ZK Proving Scheme
import {HydraS1Verifier, HydraS1Lib, HydraS1Claim, HydraS1ProofData, HydraS1ProofInput, HydraS1GroupProperties} from '../libs/HydraS1Lib.sol';
import {ICommitmentMapperRegistry} from '../../../periphery/utils/CommitmentMapperRegistry.sol';
import {IAvailableRootsRegistry} from '../../../periphery/utils/AvailableRootsRegistry.sol';

/**
 * @title Hydra-S1 Base Attester
 * @author Sismo
 * @notice Abstract contract that facilitates the use of the Hydra-S1 ZK Proving Scheme.
 * Hydra-S1 is single source, single group: it allows users to verify they are part of one and only one group at a time
 * It is inherited by the family of Hydra-S1 attesters.
 * It contains the user input checking and the ZK-SNARK proof verification.
 * We invite readers to refer to the following:
 *    - https://hydra-s1.docs.sismo.io for a full guide through the Hydra-S1 ZK Attestations
 *    - https://hydra-s1-circuits.docs.sismo.io for circuits, prover and verifiers of Hydra-S1
 *
 */
abstract contract HydraS1Base is IHydraS1Base, Attester, Initializable {
  using HydraS1Lib for HydraS1ProofData;

  // ZK-SNARK Verifier
  HydraS1Verifier immutable VERIFIER;
  // Registry storing the Commitment Mapper EdDSA Public key
  ICommitmentMapperRegistry immutable COMMITMENT_MAPPER_REGISTRY;
  // Registry storing the Registry Tree Roots of the Attester's available ClaimData
  IAvailableRootsRegistry immutable AVAILABLE_ROOTS_REGISTRY;

  /*******************************************************
    INITIALIZATION FUNCTIONS
  *******************************************************/

  /**
   * @dev Constructor. Initializes the contract
   * @param hydraS1VerifierAddress ZK Snark Verifier contract
   * @param availableRootsRegistryAddress Registry where is the Available Data (Registry Merkle Roots)
   * @param commitmentMapperAddress Commitment mapper's public key registry
   */
  constructor(
    address hydraS1VerifierAddress,
    address availableRootsRegistryAddress,
    address commitmentMapperAddress
  ) {
    VERIFIER = HydraS1Verifier(hydraS1VerifierAddress);
    AVAILABLE_ROOTS_REGISTRY = IAvailableRootsRegistry(availableRootsRegistryAddress);
    COMMITMENT_MAPPER_REGISTRY = ICommitmentMapperRegistry(commitmentMapperAddress);
  }

  /**
   * @dev Getter of Hydra-S1 Verifier contract
   */
  function getVerifier() external view returns (HydraS1Verifier) {
    return VERIFIER;
  }

  /**
   * @dev Getter of Commitment Mapper Registry contract
   */
  function getCommitmentMapperRegistry() external view returns (ICommitmentMapperRegistry) {
    return COMMITMENT_MAPPER_REGISTRY;
  }

  /**
   * @dev Getter of Roots Registry Contract
   */
  function getAvailableRootsRegistry() external view returns (IAvailableRootsRegistry) {
    return AVAILABLE_ROOTS_REGISTRY;
  }

  /*******************************************************
    Hydra-S1 SPECIFIC FUNCTIONS
  *******************************************************/

  /**
   * @dev MANDATORY: must be implemented to return the nullifier from an attestation extraData
   * @dev Getter of a nullifier encoded in extraData
   * @notice Must be implemented by the inheriting contracts
   * @param extraData extraData where nullifier can be encoded
   */
  function getNullifierFromExtraData(
    bytes memory extraData
  ) external view virtual returns (uint256);

  /**
   * @dev MANDATORY: must be implemented to return the external nullifier from a user request
   * so it can be checked against snark input
   * nullifier = hash(sourceSecretHash, externalNullifier), which is verified inside the snark
   * users bring sourceSecretHash as private input which guarantees privacy
   *
   * This function MUST be implemented by Hydra-S1 attesters.
   * This is the core function that implements the logic of external nullifiers
   *
   * Do they get one external nullifier per claim?
   * Do they get 2 external nullifiers per claim?
   * Do they get 1 external nullifier per claim, every month?
   * Take a look at Hydra-S1 Simple Attester for an example
   * @param claim user claim: part of a group of accounts, with a claimedValue for their account
   */
  function _getExternalNullifierOfClaim(
    HydraS1Claim memory claim
  ) internal view virtual returns (uint256);

  /**
   * @dev Checks whether the user claim and the snark public input are a match
   * @param claim user claim
   * @param input snark public input
   */
  function _validateInput(
    HydraS1Claim memory claim,
    HydraS1ProofInput memory input
  ) internal view virtual {
    if (input.accountsTreeValue != claim.groupId) {
      revert AccountsTreeValueMismatch(claim.groupId, input.accountsTreeValue);
    }

    if (input.isStrict == claim.groupProperties.isScore) {
      revert IsStrictMismatch(claim.groupProperties.isScore, input.isStrict);
    }

    if (input.destination != claim.destination) {
      revert DestinationMismatch(claim.destination, input.destination);
    }

    if (input.chainId != block.chainid) revert ChainIdMismatch(block.chainid, input.chainId);

    if (input.value != claim.claimedValue) revert ValueMismatch(claim.claimedValue, input.value);

    if (!AVAILABLE_ROOTS_REGISTRY.isRootAvailableForMe(input.registryRoot)) {
      revert RegistryRootMismatch(input.registryRoot);
    }

    uint256[2] memory commitmentMapperPubKey = COMMITMENT_MAPPER_REGISTRY.getEdDSAPubKey();
    if (
      input.commitmentMapperPubKey[0] != commitmentMapperPubKey[0] ||
      input.commitmentMapperPubKey[1] != commitmentMapperPubKey[1]
    ) {
      revert CommitmentMapperPubKeyMismatch(
        commitmentMapperPubKey[0],
        commitmentMapperPubKey[1],
        input.commitmentMapperPubKey[0],
        input.commitmentMapperPubKey[1]
      );
    }

    uint256 externalNullifier = _getExternalNullifierOfClaim(claim);

    if (input.externalNullifier != externalNullifier) {
      revert ExternalNullifierMismatch(externalNullifier, input.externalNullifier);
    }
  }

  /**
   * @dev verify the groth16 mathematical proof
   * @param proofData snark public input
   */
  function _verifyProof(HydraS1ProofData memory proofData) internal view virtual {
    try
      VERIFIER.verifyProof(proofData.proof.a, proofData.proof.b, proofData.proof.c, proofData.input)
    returns (bool success) {
      if (!success) revert InvalidGroth16Proof('');
    } catch Error(string memory reason) {
      revert InvalidGroth16Proof(reason);
    } catch Panic(uint256 /*errorCode*/) {
      revert InvalidGroth16Proof('');
    } catch (bytes memory /*lowLevelData*/) {
      revert InvalidGroth16Proof('');
    }
  }
}

File 9 of 22 : IHydraS1Base.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {IAttester} from '../../../core/interfaces/IAttester.sol';
import {HydraS1Verifier, HydraS1Lib, HydraS1ProofData} from '../libs/HydraS1Lib.sol';
import {ICommitmentMapperRegistry} from '../../../periphery/utils/CommitmentMapperRegistry.sol';
import {IAvailableRootsRegistry} from '../../../periphery/utils/AvailableRootsRegistry.sol';

/**
 * @title Hydra-S1 Base Interface
 * @author Sismo
 * @notice Interface that facilitates the use of the Hydra-S1 ZK Proving Scheme.
 * Hydra-S1 is single source, single group: it allows users to verify they are part of one and only one group at a time
 * It is inherited by the family of Hydra-S1 attesters.
 * It contains the errors and method specific of the Hydra-S1 attesters family and the Hydra-S1 ZK Proving Scheme
 * We invite readers to refer to the following:
 *    - https://hydra-s1.docs.sismo.io for a full guide through the Hydra-S1 ZK Attestations
 *    - https://hydra-s1-circuits.docs.sismo.io for circuits, prover and verifiers of Hydra-S1
 **/
interface IHydraS1Base is IAttester {
  error ClaimsLengthDifferentThanOne(uint256 claimLength);
  error RegistryRootMismatch(uint256 inputRoot);
  error DestinationMismatch(address expectedDestination, address inputDestination);
  error CommitmentMapperPubKeyMismatch(
    uint256 expectedX,
    uint256 expectedY,
    uint256 inputX,
    uint256 inputY
  );
  error ExternalNullifierMismatch(uint256 expectedExternalNullifier, uint256 externalNullifier);
  error IsStrictMismatch(bool expectedStrictness, bool strictNess);
  error ChainIdMismatch(uint256 expectedChainId, uint256 chainId);
  error ValueMismatch(uint256 expectedValue, uint256 inputValue);
  error AccountsTreeValueMismatch(
    uint256 expectedAccountsTreeValue,
    uint256 inputAccountsTreeValue
  );
  error InvalidGroth16Proof(string reason);

  function getNullifierFromExtraData(bytes memory extraData) external view returns (uint256);

  /**
   * @dev Getter of Hydra-S1 Verifier contract
   */
  function getVerifier() external view returns (HydraS1Verifier);

  /**
   * @dev Getter of Commitment Mapper Registry contract
   */
  function getCommitmentMapperRegistry() external view returns (ICommitmentMapperRegistry);

  /**
   * @dev Getter of Roots Registry Contract
   */
  function getAvailableRootsRegistry() external view returns (IAvailableRootsRegistry);
}

File 10 of 22 : IHydraS1AccountboundAttester.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {IHydraS1SimpleAttester} from '././IHydraS1SimpleAttester.sol';

/**
 * @title Hydra-S1 Accountbound Interface
 * @author Sismo
 * @notice Interface of the HydraS1AccountboundAttester contract which inherits from the errors, events and methods specific to the HydraS1SimpleAttester interface.
 **/
interface IHydraS1AccountboundAttester is IHydraS1SimpleAttester {
  /**
   * @dev Event emitted when the duration of the cooldown duration for a group index (internal collection id) has been set
   * @param groupIndex internal collection id
   * @param cooldownDuration the duration of the cooldown period
   **/
  event CooldownDurationSetForGroupIndex(uint256 indexed groupIndex, uint32 cooldownDuration);

  /**
   * @dev Event emitted when the nullifier has been set on cooldown. This happens when the
   * attestation destination of a nullifier has been changed
   * @param nullifier user nullifier
   * @param burnCount the number of times the attestation destination of a nullifier has been changed
   **/
  event NullifierSetOnCooldown(uint256 indexed nullifier, uint16 burnCount);

  /**
   * @dev Error when the nullifier is on cooldown. The user have to wait the cooldownDuration
   * before being able to change again the destination address.
   **/
  error NullifierOnCooldown(
    uint256 nullifier,
    address destination,
    uint16 burnCount,
    uint32 cooldownStart
  );

  /**
   * @dev Error when the cooldown duration for a given groupIndex is equal to zero.
   * The HydraS1AccountboundAttester behaves like the HydraS1SimpleAttester.
   **/
  error CooldownDurationNotSetForGroupIndex(uint256 groupIndex);

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param owner Owner of the contract, can update public key and address
   */
  function initialize(address owner) external;

  /**
   * @dev returns the nullifier for a given extraData
   * @param extraData bytes where the nullifier is encoded
   */
  function getNullifierFromExtraData(bytes memory extraData) external pure returns (uint256);

  /**
   * @dev Returns the burn count for a given extraData
   * @param extraData bytes where the burnCount is encoded
   */
  function getBurnCountFromExtraData(bytes memory extraData) external pure returns (uint16);

  /**
   * @dev Getter, returns the cooldown start of a nullifier
   * @param nullifier nullifier used
   **/
  function getNullifierCooldownStart(uint256 nullifier) external view returns (uint32);

  /**
   * @dev Getter, returns the burnCount of a nullifier
   * @param nullifier nullifier used
   **/
  function getNullifierBurnCount(uint256 nullifier) external view returns (uint16);

  /**
   * @dev Setter, sets the cooldown duration of a groupIndex
   * @param groupIndex internal collection id
   * @param cooldownDuration cooldown duration we want to set for the groupIndex
   **/
  function setCooldownDurationForGroupIndex(uint256 groupIndex, uint32 cooldownDuration) external;

  /*/**
   * @dev Getter, get the cooldown duration of a groupIndex
   * @notice returns 0 when the accountbound feature is deactivated for this group
   * @param groupIndex internal collection id
   **/
  function getCooldownDurationForGroupIndex(uint256 groupIndex) external view returns (uint32);
}

File 11 of 22 : IHydraS1SimpleAttester.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;
pragma experimental ABIEncoderV2;

import {Attestation} from '../../../core/libs/Structs.sol';
import {CommitmentMapperRegistry} from '../../../periphery/utils/CommitmentMapperRegistry.sol';
import {AvailableRootsRegistry} from '../../../periphery/utils/AvailableRootsRegistry.sol';
import {HydraS1Lib, HydraS1ProofData, HydraS1ProofInput} from './../libs/HydraS1Lib.sol';
import {IHydraS1Base} from './../base/IHydraS1Base.sol';

/**
 * @title Hydra-S1 Accountbound Interface
 * @author Sismo
 * @notice Interface with errors, events and methods specific to the HydraS1SimpleAttester.
 **/
interface IHydraS1SimpleAttester is IHydraS1Base {
  /**
   * @dev Error when the nullifier is already used for a destination address
   **/
  error NullifierUsed(uint256 nullifier);

  /**
   * @dev Error when the collectionId of an attestation overflow the AUTHORIZED_COLLECTION_ID_LAST
   **/
  error CollectionIdOutOfBound(uint256 collectionId);

  /**
   * @dev Event emitted when the nullifier is associated to a destination address.
   **/
  event NullifierDestinationUpdated(uint256 nullifier, address newOwner);

  /**
   * @dev Getter, returns the last attestation destination of a nullifier
   * @param nullifier nullifier used
   **/
  function getDestinationOfNullifier(uint256 nullifier) external view returns (address);

  /**
   * @dev Getter
   * returns of the first collection in which the attester is supposed to record
   **/
  function AUTHORIZED_COLLECTION_ID_FIRST() external view returns (uint256);

  /**
   * @dev Getter
   * returns of the last collection in which the attester is supposed to record
   **/
  function AUTHORIZED_COLLECTION_ID_LAST() external view returns (uint256);
}

File 12 of 22 : HydraS1Lib.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

import {Claim, Request} from '../../../core/libs/Structs.sol';
import {HydraS1Verifier} from '@sismo-core/hydra-s1/contracts/HydraS1Verifier.sol';

// user Hydra-S1 claim retrieved form his request
struct HydraS1Claim {
  uint256 groupId; // user claims to have an account in this group
  uint256 claimedValue; // user claims this value for its account in the group
  address destination; // user claims to own this destination[]
  HydraS1GroupProperties groupProperties; // user claims the group has the following properties
}

struct HydraS1GroupProperties {
  uint128 groupIndex;
  uint32 generationTimestamp;
  bool isScore;
}

struct HydraS1CircomSnarkProof {
  uint256[2] a;
  uint256[2][2] b;
  uint256[2] c;
}

struct HydraS1ProofData {
  HydraS1CircomSnarkProof proof;
  uint256[10] input;
  // destination
  // chainId
  // commitmentMapperPubKey.x
  // commitmentMapperPubKey.y
  // registryTreeRoot
  // externalNullifier
  // nullifier
  // claimedValue
  // accountsTreeValue
  // isStrict
}

struct HydraS1ProofInput {
  address destination;
  uint256 chainId;
  uint256 registryRoot;
  uint256 externalNullifier;
  uint256 nullifier;
  uint256 value;
  uint256 accountsTreeValue;
  bool isStrict;
  uint256[2] commitmentMapperPubKey;
}

library HydraS1Lib {
  uint256 constant SNARK_FIELD =
    21888242871839275222246405745257275088548364400416034343698204186575808495617;

  error GroupIdAndPropertiesMismatch(uint256 expectedGroupId, uint256 groupId);

  function _input(HydraS1ProofData memory self) internal pure returns (HydraS1ProofInput memory) {
    return
      HydraS1ProofInput(
        _getDestination(self),
        _getChainId(self),
        _getRegistryRoot(self),
        _getExpectedExternalNullifier(self),
        _getNullifier(self),
        _getValue(self),
        _getAccountsTreeValue(self),
        _getIsStrict(self),
        _getCommitmentMapperPubKey(self)
      );
  }

  function _claim(Request memory self) internal pure returns (HydraS1Claim memory) {
    Claim memory claim = self.claims[0];
    _validateClaim(claim);

    HydraS1GroupProperties memory groupProperties = abi.decode(
      claim.extraData,
      (HydraS1GroupProperties)
    );

    return (HydraS1Claim(claim.groupId, claim.claimedValue, self.destination, groupProperties));
  }

  function _toCircomFormat(
    HydraS1ProofData memory self
  )
    internal
    pure
    returns (uint256[2] memory, uint256[2][2] memory, uint256[2] memory, uint256[10] memory)
  {
    return (self.proof.a, self.proof.b, self.proof.c, self.input);
  }

  function _getDestination(HydraS1ProofData memory self) internal pure returns (address) {
    return address(uint160(self.input[0]));
  }

  function _getChainId(HydraS1ProofData memory self) internal pure returns (uint256) {
    return self.input[1];
  }

  function _getCommitmentMapperPubKey(
    HydraS1ProofData memory self
  ) internal pure returns (uint256[2] memory) {
    return [self.input[2], self.input[3]];
  }

  function _getRegistryRoot(HydraS1ProofData memory self) internal pure returns (uint256) {
    return self.input[4];
  }

  function _getExpectedExternalNullifier(
    HydraS1ProofData memory self
  ) internal pure returns (uint256) {
    return self.input[5];
  }

  function _getNullifier(HydraS1ProofData memory self) internal pure returns (uint256) {
    return self.input[6];
  }

  function _getValue(HydraS1ProofData memory self) internal pure returns (uint256) {
    return self.input[7];
  }

  function _getAccountsTreeValue(HydraS1ProofData memory self) internal pure returns (uint256) {
    return self.input[8];
  }

  function _getIsStrict(HydraS1ProofData memory self) internal pure returns (bool) {
    return self.input[9] == 1;
  }

  function _getNullifier(bytes calldata self) internal pure returns (uint256) {
    HydraS1ProofData memory snarkProofData = abi.decode(self, (HydraS1ProofData));
    uint256 nullifier = uint256(_getNullifier(snarkProofData));
    return nullifier;
  }

  function _generateGroupIdFromProperties(
    uint128 groupIndex,
    uint32 generationTimestamp,
    bool isScore
  ) internal pure returns (uint256) {
    return
      _generateGroupIdFromEncodedProperties(
        _encodeGroupProperties(groupIndex, generationTimestamp, isScore)
      );
  }

  function _generateGroupIdFromEncodedProperties(
    bytes memory encodedProperties
  ) internal pure returns (uint256) {
    return uint256(keccak256(encodedProperties)) % HydraS1Lib.SNARK_FIELD;
  }

  function _encodeGroupProperties(
    uint128 groupIndex,
    uint32 generationTimestamp,
    bool isScore
  ) internal pure returns (bytes memory) {
    return abi.encode(groupIndex, generationTimestamp, isScore);
  }

  function _validateClaim(Claim memory claim) internal pure {
    uint256 expectedGroupId = _generateGroupIdFromEncodedProperties(claim.extraData);
    if (claim.groupId != expectedGroupId)
      revert GroupIdAndPropertiesMismatch(expectedGroupId, claim.groupId);
  }
}

File 13 of 22 : Attester.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;
import {IAttester} from './interfaces/IAttester.sol';
import {IAttestationsRegistry} from './interfaces/IAttestationsRegistry.sol';
import {Request, Attestation, AttestationData} from './libs/Structs.sol';

/**
 * @title Attester Abstract Contract
 * @author Sismo
 * @notice Contract to be inherited by Attesters
 * All attesters that expect to be authorized in Sismo Protocol (i.e write access on the registry)
 * are recommended to implemented this abstract contract

 * Take a look at the HydraS1SimpleAttester.sol for example on how to implement this abstract contract
 *
 * This contracts is built around two main external standard functions.
 * They must NOT be override them, unless your really know what you are doing
 
 * - generateAttestations(request, proof) => will write attestations in the registry
 * 1. (MANDATORY) Implement the buildAttestations() view function which generate attestations from user request
 * 2. (MANDATORY) Implement teh _verifyRequest() internal function where to write checks
 * 3. (OPTIONAL)  Override _beforeRecordAttestations and _afterRecordAttestations hooks

 * - deleteAttestations(collectionId, owner, proof) => will delete attestations in the registry
 * 1. (DEFAULT)  By default this function throws (see _verifyAttestationsDeletionRequest)
 * 2. (OPTIONAL) Override the _verifyAttestationsDeletionRequest so it no longer throws
 * 3. (OPTIONAL) Override _beforeDeleteAttestations and _afterDeleteAttestations hooks

 * For more information: https://attesters.docs.sismo.io
 **/
abstract contract Attester is IAttester {
  // Registry where all attestations are stored
  IAttestationsRegistry internal immutable ATTESTATIONS_REGISTRY;

  /**
   * @dev Constructor
   * @param attestationsRegistryAddress The address of the AttestationsRegistry contract storing attestations
   */
  constructor(address attestationsRegistryAddress) {
    ATTESTATIONS_REGISTRY = IAttestationsRegistry(attestationsRegistryAddress);
  }

  /**
   * @dev Main external function. Allows to generate attestations by making a request and submitting proof
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   * @return attestations Attestations that has been recorded
   */
  function generateAttestations(
    Request calldata request,
    bytes calldata proofData
  ) external override returns (Attestation[] memory) {
    // Verify if request is valid by verifying against proof
    _verifyRequest(request, proofData);

    // Generate the actual attestations from user request
    Attestation[] memory attestations = buildAttestations(request, proofData);

    _beforeRecordAttestations(request, proofData);

    ATTESTATIONS_REGISTRY.recordAttestations(attestations);

    _afterRecordAttestations(attestations);

    for (uint256 i = 0; i < attestations.length; i++) {
      emit AttestationGenerated(attestations[i]);
    }

    return attestations;
  }

  /**
   * @dev External facing function. Allows to delete attestations by submitting proof
   * @param collectionIds Collection identifier of attestations to delete
   * @param attestationsOwner Owner of attestations to delete
   * @param proofData Data sent along the deletion request to prove its validity
   * @return attestations Attestations that were deleted
   */
  function deleteAttestations(
    uint256[] calldata collectionIds,
    address attestationsOwner,
    bytes calldata proofData
  ) external override returns (Attestation[] memory) {
    address[] memory attestationOwners = new address[](collectionIds.length);

    uint256[] memory attestationCollectionIds = new uint256[](collectionIds.length);

    Attestation[] memory attestations = new Attestation[](collectionIds.length);

    for (uint256 i = 0; i < collectionIds.length; i++) {
      // fetch attestations from the registry
      (
        address issuer,
        uint256 attestationValue,
        uint32 timestamp,
        bytes memory extraData
      ) = ATTESTATIONS_REGISTRY.getAttestationDataTuple(collectionIds[i], attestationsOwner);

      attestationOwners[i] = attestationsOwner;
      attestationCollectionIds[i] = collectionIds[i];

      attestations[i] = (
        Attestation(
          collectionIds[i],
          attestationsOwner,
          issuer,
          attestationValue,
          timestamp,
          extraData
        )
      );
    }

    _verifyAttestationsDeletionRequest(attestations, proofData);

    _beforeDeleteAttestations(attestations, proofData);

    ATTESTATIONS_REGISTRY.deleteAttestations(attestationOwners, attestationCollectionIds);

    _afterDeleteAttestations(attestations, proofData);

    for (uint256 i = 0; i < collectionIds.length; i++) {
      emit AttestationDeleted(attestations[i]);
    }
    return attestations;
  }

  /**
   * @dev MANDATORY: must be implemented in attesters
   * It should build attestations from the user request and the proof
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   * @return attestations Attestations that will be recorded
   */
  function buildAttestations(
    Request calldata request,
    bytes calldata proofData
  ) public view virtual returns (Attestation[] memory);

  /**
   * @dev Attestation registry getter
   * @return attestationRegistry
   */
  function getAttestationRegistry() external view override returns (IAttestationsRegistry) {
    return ATTESTATIONS_REGISTRY;
  }

  /**
   * @dev MANDATORY: must be implemented in attesters
   * It should verify the user request is valid
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   */
  function _verifyRequest(Request calldata request, bytes calldata proofData) internal virtual;

  /**
   * @dev Optional: must be overridden by attesters that want to feature attestations deletion
   * Default behavior: throws
   * It should verify attestations deletion request is valid
   * @param attestations Attestations that will be deleted
   * @param proofData Data sent along the request to prove its validity
   */
  function _verifyAttestationsDeletionRequest(
    Attestation[] memory attestations,
    bytes calldata proofData
  ) internal virtual {
    revert AttestationDeletionNotImplemented();
  }

  /**
   * @dev Optional: Hook, can be overridden in attesters
   * Will be called before recording attestations in the registry
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   */
  function _beforeRecordAttestations(
    Request calldata request,
    bytes calldata proofData
  ) internal virtual {}

  /**
   * @dev (Optional) Can be overridden in attesters inheriting this contract
   * Will be called after recording an attestation
   * @param attestations Recorded attestations
   */
  function _afterRecordAttestations(Attestation[] memory attestations) internal virtual {}

  /**
   * @dev Optional: Hook, can be overridden in attesters
   * Will be called before deleting attestations from the registry
   * @param attestations Attestations to delete
   * @param proofData Data sent along the deletion request to prove its validity
   */
  function _beforeDeleteAttestations(
    Attestation[] memory attestations,
    bytes calldata proofData
  ) internal virtual {}

  /**
   * @dev Optional: Hook, can be overridden in attesters
   * Will be called after deleting attestations from the registry
   * @param attestations Attestations to delete
   * @param proofData Data sent along the deletion request to prove its validity
   */
  function _afterDeleteAttestations(
    Attestation[] memory attestations,
    bytes calldata proofData
  ) internal virtual {}
}

File 14 of 22 : IAttestationsRegistry.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

import {Attestation, AttestationData} from '../libs/Structs.sol';
import {IAttestationsRegistryConfigLogic} from './IAttestationsRegistryConfigLogic.sol';

/**
 * @title IAttestationsRegistry
 * @author Sismo
 * @notice This is the interface of the AttestationRegistry
 */
interface IAttestationsRegistry is IAttestationsRegistryConfigLogic {
  error IssuerNotAuthorized(address issuer, uint256 collectionId);
  error OwnersAndCollectionIdsLengthMismatch(address[] owners, uint256[] collectionIds);
  event AttestationRecorded(Attestation attestation);
  event AttestationDeleted(Attestation attestation);

  /**
   * @dev Main function to be called by authorized issuers
   * @param attestations Attestations to be recorded (creates a new one or overrides an existing one)
   */
  function recordAttestations(Attestation[] calldata attestations) external;

  /**
   * @dev Delete function to be called by authorized issuers
   * @param owners The owners of the attestations to be deleted
   * @param collectionIds The collection ids of the attestations to be deleted
   */
  function deleteAttestations(address[] calldata owners, uint256[] calldata collectionIds) external;

  /**
   * @dev Returns whether a user has an attestation from a collection
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function hasAttestation(uint256 collectionId, address owner) external returns (bool);

  /**
   * @dev Getter of the data of a specific attestation
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationData(
    uint256 collectionId,
    address owner
  ) external view returns (AttestationData memory);

  /**
   * @dev Getter of the value of a specific attestation
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationValue(uint256 collectionId, address owner) external view returns (uint256);

  /**
   * @dev Getter of the data of a specific attestation as tuple
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationDataTuple(
    uint256 collectionId,
    address owner
  ) external view returns (address, uint256, uint32, bytes memory);

  /**
   * @dev Getter of the extraData of a specific attestation
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationExtraData(
    uint256 collectionId,
    address owner
  ) external view returns (bytes memory);

  /**
   * @dev Getter of the issuer of a specific attestation
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationIssuer(
    uint256 collectionId,
    address owner
  ) external view returns (address);

  /**
   * @dev Getter of the timestamp of a specific attestation
   * @param collectionId Collection identifier of the targeted attestation
   * @param owner Owner of the targeted attestation
   */
  function getAttestationTimestamp(
    uint256 collectionId,
    address owner
  ) external view returns (uint32);

  /**
   * @dev Getter of the data of specific attestations
   * @param collectionIds Collection identifiers of the targeted attestations
   * @param owners Owners of the targeted attestations
   */
  function getAttestationDataBatch(
    uint256[] memory collectionIds,
    address[] memory owners
  ) external view returns (AttestationData[] memory);

  /**
   * @dev Getter of the values of specific attestations
   * @param collectionIds Collection identifiers of the targeted attestations
   * @param owners Owners of the targeted attestations
   */
  function getAttestationValueBatch(
    uint256[] memory collectionIds,
    address[] memory owners
  ) external view returns (uint256[] memory);
}

File 15 of 22 : IAttestationsRegistryConfigLogic.sol
// SPDX-License-Identifier: MIT
// Forked from, removed storage, OpenZeppelin Contracts v4.4.1 (access/Ownable.sol)
// OpenZeppelin Contracts v4.4.1 (access/Ownable.sol)

pragma solidity ^0.8.14;

import {Range, RangeUtils} from '../libs/utils/RangeLib.sol';

interface IAttestationsRegistryConfigLogic {
  error AttesterNotFound(address issuer);
  error RangeIndexOutOfBounds(address issuer, uint256 expectedArrayLength, uint256 rangeIndex);
  error IdsMismatch(
    address issuer,
    uint256 rangeIndex,
    uint256 expectedFirstId,
    uint256 expectedLastId,
    uint256 FirstId,
    uint256 lastCollectionId
  );
  error AttributeDoesNotExist(uint8 attributeIndex);
  error AttributeAlreadyExists(uint8 attributeIndex);
  error ArgsLengthDoesNotMatch();

  event NewAttributeCreated(uint8 attributeIndex, bytes32 attributeName);
  event AttributeNameUpdated(
    uint8 attributeIndex,
    bytes32 newAttributeName,
    bytes32 previousAttributeName
  );
  event AttributeDeleted(uint8 attributeIndex, bytes32 deletedAttributeName);

  event AttestationsCollectionAttributeSet(
    uint256 collectionId,
    uint8 attributeIndex,
    uint8 attributeValue
  );

  event IssuerAuthorized(address issuer, uint256 firstCollectionId, uint256 lastCollectionId);
  event IssuerUnauthorized(address issuer, uint256 firstCollectionId, uint256 lastCollectionId);

  /**
   * @dev Returns whether an attestationsCollection has a specific attribute referenced by its index
   * @param collectionId Collection Id of the targeted attestationsCollection
   * @param index Index of the attribute. Can go from 0 to 63.
   */
  function attestationsCollectionHasAttribute(
    uint256 collectionId,
    uint8 index
  ) external view returns (bool);

  function attestationsCollectionHasAttributes(
    uint256 collectionId,
    uint8[] memory indices
  ) external view returns (bool);

  /**
   * @dev Returns the attribute's value (from 1 to 15) of an attestationsCollection
   * @param collectionId Collection Id of the targeted attestationsCollection
   * @param attributeIndex Index of the attribute. Can go from 0 to 63.
   */
  function getAttributeValueForAttestationsCollection(
    uint256 collectionId,
    uint8 attributeIndex
  ) external view returns (uint8);

  function getAttributesValuesForAttestationsCollection(
    uint256 collectionId,
    uint8[] memory indices
  ) external view returns (uint8[] memory);

  /**
   * @dev Set a value for an attribute of an attestationsCollection. The attribute should already be created.
   * @param collectionId Collection Id of the targeted attestationsCollection
   * @param index Index of the attribute (must be between 0 and 63)
   * @param value Value of the attribute we want to set for this attestationsCollection. Can take the value 0 to 15
   */
  function setAttributeValueForAttestationsCollection(
    uint256 collectionId,
    uint8 index,
    uint8 value
  ) external;

  function setAttributesValuesForAttestationsCollections(
    uint256[] memory collectionIds,
    uint8[] memory indices,
    uint8[] memory values
  ) external;

  /**
   * @dev Returns all the enabled attributes names and their values for a specific attestationsCollection
   * @param collectionId Collection Id of the targeted attestationsCollection
   */
  function getAttributesNamesAndValuesForAttestationsCollection(
    uint256 collectionId
  ) external view returns (bytes32[] memory, uint8[] memory);

  /**
   * @dev Authorize an issuer for a specific range
   * @param issuer Issuer that will be authorized
   * @param firstCollectionId First collection Id of the range for which the issuer will be authorized
   * @param lastCollectionId Last collection Id of the range for which the issuer will be authorized
   */
  function authorizeRange(
    address issuer,
    uint256 firstCollectionId,
    uint256 lastCollectionId
  ) external;

  /**
   * @dev Unauthorize an issuer for a specific range
   * @param issuer Issuer that will be unauthorized
   * @param rangeIndex Index of the range to be unauthorized
   * @param firstCollectionId First collection Id of the range for which the issuer will be unauthorized
   * @param lastCollectionId Last collection Id of the range for which the issuer will be unauthorized
   */
  function unauthorizeRange(
    address issuer,
    uint256 rangeIndex,
    uint256 firstCollectionId,
    uint256 lastCollectionId
  ) external;

  /**
   * @dev Authorize an issuer for specific ranges
   * @param issuer Issuer that will be authorized
   * @param ranges Ranges for which the issuer will be authorized
   */
  function authorizeRanges(address issuer, Range[] memory ranges) external;

  /**
   * @dev Unauthorize an issuer for specific ranges
   * @param issuer Issuer that will be unauthorized
   * @param ranges Ranges for which the issuer will be unauthorized
   */
  function unauthorizeRanges(
    address issuer,
    Range[] memory ranges,
    uint256[] memory rangeIndexes
  ) external;

  /**
   * @dev Returns whether a specific issuer is authorized or not to record in a specific attestations collection
   * @param issuer Issuer to be checked
   * @param collectionId Collection Id for which the issuer will be checked
   */
  function isAuthorized(address issuer, uint256 collectionId) external view returns (bool);

  /**
   * @dev Pauses the registry. Issuers can no longer record or delete attestations
   */
  function pause() external;

  /**
   * @dev Unpauses the registry
   */
  function unpause() external;

  /**
   * @dev Create a new attribute.
   * @param index Index of the attribute. Can go from 0 to 63.
   * @param name Name in bytes32 of the attribute
   */
  function createNewAttribute(uint8 index, bytes32 name) external;

  function createNewAttributes(uint8[] memory indices, bytes32[] memory names) external;

  /**
   * @dev Update the name of an existing attribute
   * @param index Index of the attribute. Can go from 0 to 63. The attribute must exist
   * @param newName new name in bytes32 of the attribute
   */
  function updateAttributeName(uint8 index, bytes32 newName) external;

  function updateAttributesName(uint8[] memory indices, bytes32[] memory names) external;

  /**
   * @dev Delete an existing attribute
   * @param index Index of the attribute. Can go from 0 to 63. The attribute must exist
   */
  function deleteAttribute(uint8 index) external;

  function deleteAttributes(uint8[] memory indices) external;
}

File 16 of 22 : IAttester.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

import {Request, Attestation} from '../libs/Structs.sol';
import {IAttestationsRegistry} from '../interfaces/IAttestationsRegistry.sol';

/**
 * @title IAttester
 * @author Sismo
 * @notice This is the interface for the attesters in Sismo Protocol
 */
interface IAttester {
  event AttestationGenerated(Attestation attestation);

  event AttestationDeleted(Attestation attestation);

  error AttestationDeletionNotImplemented();

  /**
   * @dev Main external function. Allows to generate attestations by making a request and submitting proof
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   * @return attestations Attestations that has been recorded
   */
  function generateAttestations(
    Request calldata request,
    bytes calldata proofData
  ) external returns (Attestation[] memory);

  /**
   * @dev External facing function. Allows to delete an attestation by submitting proof
   * @param collectionIds Collection identifier of attestations to delete
   * @param attestationsOwner Owner of attestations to delete
   * @param proofData Data sent along the deletion request to prove its validity
   * @return attestations Attestations that was deleted
   */
  function deleteAttestations(
    uint256[] calldata collectionIds,
    address attestationsOwner,
    bytes calldata proofData
  ) external returns (Attestation[] memory);

  /**
   * @dev MANDATORY: must be implemented in attesters
   * It should build attestations from the user request and the proof
   * @param request User request
   * @param proofData Data sent along the request to prove its validity
   * @return attestations Attestations that will be recorded
   */
  function buildAttestations(
    Request calldata request,
    bytes calldata proofData
  ) external view returns (Attestation[] memory);

  /**
   * @dev Attestation registry address getter
   * @return attestationRegistry Address of the registry
   */
  function getAttestationRegistry() external view returns (IAttestationsRegistry);
}

File 17 of 22 : Structs.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

/**
 * @title  Attestations Registry State
 * @author Sismo
 * @notice This contract holds all of the storage variables and data
 *         structures used by the AttestationsRegistry and parent
 *         contracts.
 */

// User Attestation Request, can be made by any user
// The context of an Attestation Request is a specific attester contract
// Each attester has groups of accounts in its available data
// eg: for a specific attester:
//     group 1 <=> accounts that sent txs on mainnet
//     group 2 <=> accounts that sent txs on polygon
// eg: for another attester:
//     group 1 <=> accounts that sent eth txs in 2022
//     group 2 <=> accounts sent eth txs in 2021
struct Request {
  // implicit address attester;
  // implicit uint256 chainId;
  Claim[] claims;
  address destination; // destination that will receive the end attestation
}

struct Claim {
  uint256 groupId; // user claims to have an account in this group
  uint256 claimedValue; // user claims this value for its account in the group
  bytes extraData; // arbitrary data, may be required by the attester to verify claims or generate a specific attestation
}

/**
 * @dev Attestation Struct. This is the struct receive as argument by the Attestation Registry.
 * @param collectionId Attestation collection
 * @param owner Attestation collection
 * @param issuer Attestation collection
 * @param value Attestation collection
 * @param timestamp Attestation collection
 * @param extraData Attestation collection
 */
struct Attestation {
  // implicit uint256 chainId;
  uint256 collectionId; // Id of the attestation collection (in the registry)
  address owner; // Owner of the attestation
  address issuer; // Contract that created or last updated the record.
  uint256 value; // Value of the attestation
  uint32 timestamp; // Timestamp chosen by the attester, should correspond to the effective date of the attestation
  // it is different from the recording timestamp (date when the attestation was recorded)
  // e.g a proof of NFT ownership may have be recorded today which is 2 month old data.
  bytes extraData; // arbitrary data that can be added by the attester
}

// Attestation Data, stored in the registry
// The context is a specific owner of a specific collection
struct AttestationData {
  // implicit uint256 chainId
  // implicit uint256 collectionId - from context
  // implicit owner
  address issuer; // Address of the contract that recorded the attestation
  uint256 value; // Value of the attestation
  uint32 timestamp; // Effective date of issuance of the attestation. (can be different from the recording timestamp)
  bytes extraData; // arbitrary data that can be added by the attester
}

File 18 of 22 : RangeLib.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

struct Range {
  uint256 min;
  uint256 max;
}

// Range [0;3] includees 0 and 3
library RangeUtils {
  function _includes(Range[] storage ranges, uint256 collectionId) internal view returns (bool) {
    for (uint256 i = 0; i < ranges.length; i++) {
      if (collectionId >= ranges[i].min && collectionId <= ranges[i].max) {
        return true;
      }
    }
    return false;
  }
}

File 19 of 22 : AvailableRootsRegistry.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

import {Ownable} from '@openzeppelin/contracts/access/Ownable.sol';
import {IAvailableRootsRegistry} from './interfaces/IAvailableRootsRegistry.sol';
import {Initializable} from '@openzeppelin/contracts/proxy/utils/Initializable.sol';

/**
 * @title Attesters Groups Registry
 * @author Sismo
 * @notice This contract stores that data required by attesters to be available so they can verify user claims
 * This contract is deployed behind a proxy and this implementation is focused on storing merkle roots
 * For more information: https://available-roots-registry.docs.sismo.io
 *
 **/
contract AvailableRootsRegistry is IAvailableRootsRegistry, Initializable, Ownable {
  uint8 public constant IMPLEMENTATION_VERSION = 2;

  mapping(address => mapping(uint256 => bool)) public _roots;

  /**
   * @dev Constructor
   * @param owner Owner of the contract, can register/ unregister roots
   */
  constructor(address owner) {
    initialize(owner);
  }

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param ownerAddress Owner of the contract, can update public key and address
   * @notice The reinitializer modifier is needed to configure modules that are added through upgrades and that require initialization.
   */
  function initialize(address ownerAddress) public reinitializer(IMPLEMENTATION_VERSION) {
    // if proxy did not setup owner yet or if called by constructor (for implem setup)
    if (owner() == address(0) || address(this).code.length == 0) {
      _transferOwnership(ownerAddress);
    }
  }

  /**
   * @dev Register a root available for an attester
   * @param attester Attester which will have the root available
   * @param root Root to register
   */
  function registerRootForAttester(address attester, uint256 root) external onlyOwner {
    if (attester == address(0)) revert CannotRegisterForZeroAddress();
    _registerRootForAttester(attester, root);
  }

  /**
   * @dev Unregister a root for an attester
   * @param attester Attester which will no longer have the root available
   * @param root Root to unregister
   */
  function unregisterRootForAttester(address attester, uint256 root) external onlyOwner {
    if (attester == address(0)) revert CannotUnregisterForZeroAddress();
    _unregisterRootForAttester(attester, root);
  }

  /**
   * @dev Registers a root, available for all contracts
   * @param root Root to register
   */
  function registerRootForAll(uint256 root) external onlyOwner {
    _registerRootForAttester(address(0), root);
  }

  /**
   * @dev Unregister a root, available for all contracts
   * @param root Root to unregister
   */
  function unregisterRootForAll(uint256 root) external onlyOwner {
    _unregisterRootForAttester(address(0), root);
  }

  /**
   * @dev returns whether a root is available for a caller (msg.sender)
   * @param root root to check whether it is registered for me or not
   */
  function isRootAvailableForMe(uint256 root) external view returns (bool) {
    return _roots[_msgSender()][root] || _roots[address(0)][root];
  }

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param attester Owner of the contract, can update public key and address
   * @param root Owner of the contract, can update public key and address
   */
  function isRootAvailableForAttester(address attester, uint256 root) external view returns (bool) {
    return _roots[attester][root] || _roots[address(0)][root];
  }

  function _registerRootForAttester(address attester, uint256 root) internal {
    _roots[attester][root] = true;
    if (attester == address(0)) {
      emit RegisteredRootForAll(root);
    } else {
      emit RegisteredRootForAttester(attester, root);
    }
  }

  function _unregisterRootForAttester(address attester, uint256 root) internal {
    _roots[attester][root] = false;
    if (attester == address(0)) {
      emit UnregisteredRootForAll(root);
    } else {
      emit UnregisteredRootForAttester(attester, root);
    }
  }
}

File 20 of 22 : CommitmentMapperRegistry.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

import {Ownable} from '@openzeppelin/contracts/access/Ownable.sol';
import {Initializable} from '@openzeppelin/contracts/proxy/utils/Initializable.sol';
import {ICommitmentMapperRegistry} from './interfaces/ICommitmentMapperRegistry.sol';

/**
 * @title Commitment Mapper Registry Contract
 * @author Sismo
 * @notice This contract stores information about the commitment mapper.
 * Its ethereum address and its EdDSA public key
 * For more information: https://commitment-mapper.docs.sismo.io
 *
 **/
contract CommitmentMapperRegistry is ICommitmentMapperRegistry, Initializable, Ownable {
  uint8 public constant IMPLEMENTATION_VERSION = 2;

  uint256[2] internal _commitmentMapperPubKey;
  address _commitmentMapperAddress;

  /**
   * @dev Constructor
   * @param owner Owner of the contract, can update public key and address
   * @param commitmentMapperEdDSAPubKey EdDSA public key of the commitment mapper
   * @param commitmentMapperAddress Address of the commitment mapper
   */
  constructor(
    address owner,
    uint256[2] memory commitmentMapperEdDSAPubKey,
    address commitmentMapperAddress
  ) {
    initialize(owner, commitmentMapperEdDSAPubKey, commitmentMapperAddress);
  }

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param ownerAddress Owner of the contract, can update public key and address
   * @param commitmentMapperEdDSAPubKey EdDSA public key of the commitment mapper
   * @param commitmentMapperAddress Address of the commitment mapper
   * @notice The reinitializer modifier is needed to configure modules that are added through upgrades and that require initialization.
   */
  function initialize(
    address ownerAddress,
    uint256[2] memory commitmentMapperEdDSAPubKey,
    address commitmentMapperAddress
  ) public reinitializer(IMPLEMENTATION_VERSION) {
    // if proxy did not setup owner yet or if called by constructor (for implem setup)
    if (owner() == address(0) || address(this).code.length == 0) {
      _transferOwnership(ownerAddress);
      _updateCommitmentMapperEdDSAPubKey(commitmentMapperEdDSAPubKey);
      _updateCommitmentMapperAddress(commitmentMapperAddress);
    }
  }

  /**
   * @dev Updates the EdDSA public key
   * @param newEdDSAPubKey new EdDSA pubic key
   */
  function updateCommitmentMapperEdDSAPubKey(uint256[2] memory newEdDSAPubKey) external onlyOwner {
    _updateCommitmentMapperEdDSAPubKey(newEdDSAPubKey);
  }

  /**
   * @dev Updates the address
   * @param newAddress new address
   */
  function updateCommitmentMapperAddress(address newAddress) external onlyOwner {
    _updateCommitmentMapperAddress(newAddress);
  }

  /**
   * @dev Getter of the EdDSA public key of the commitment mapper
   */
  function getEdDSAPubKey() external view override returns (uint256[2] memory) {
    return _commitmentMapperPubKey;
  }

  /**
   * @dev Getter of the address of the commitment mapper
   */
  function getAddress() external view override returns (address) {
    return _commitmentMapperAddress;
  }

  function _updateCommitmentMapperAddress(address newAddress) internal {
    _commitmentMapperAddress = newAddress;
    emit UpdatedCommitmentMapperAddress(newAddress);
  }

  function _updateCommitmentMapperEdDSAPubKey(uint256[2] memory pubKey) internal {
    _commitmentMapperPubKey = pubKey;
    emit UpdatedCommitmentMapperEdDSAPubKey(pubKey);
  }
}

File 21 of 22 : IAvailableRootsRegistry.sol
// SPDX-License-Identifier: MIT

pragma solidity ^0.8.14;

/**
 * @title IAvailableRootsRegistry
 * @author Sismo
 * @notice Interface for (Merkle) Roots Registry
 */
interface IAvailableRootsRegistry {
  event RegisteredRootForAttester(address attester, uint256 root);
  event RegisteredRootForAll(uint256 root);
  event UnregisteredRootForAttester(address attester, uint256 root);
  event UnregisteredRootForAll(uint256 root);

  error CannotRegisterForZeroAddress();
  error CannotUnregisterForZeroAddress();

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param owner Owner of the contract, can update public key and address
   * @notice The reinitializer modifier is needed to configure modules that are added through upgrades and that require initialization.
   */
  function initialize(address owner) external;

  /**
   * @dev Register a root available for an attester
   * @param attester Attester which will have the root available
   * @param root Root to register
   */
  function registerRootForAttester(address attester, uint256 root) external;

  /**
   * @dev Unregister a root for an attester
   * @param attester Attester which will no longer have the root available
   * @param root Root to unregister
   */
  function unregisterRootForAttester(address attester, uint256 root) external;

  /**
   * @dev Registers a root, available for all contracts
   * @param root Root to register
   */
  function registerRootForAll(uint256 root) external;

  /**
   * @dev Unregister a root, available for all contracts
   * @param root Root to unregister
   */
  function unregisterRootForAll(uint256 root) external;

  /**
   * @dev returns whether a root is available for a caller (msg.sender)
   * @param root root to check whether it is registered for me or not
   */
  function isRootAvailableForMe(uint256 root) external view returns (bool);

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param attester Owner of the contract, can update public key and address
   * @param root Owner of the contract, can update public key and address
   */
  function isRootAvailableForAttester(address attester, uint256 root) external view returns (bool);
}

File 22 of 22 : ICommitmentMapperRegistry.sol
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.14;

interface ICommitmentMapperRegistry {
  event UpdatedCommitmentMapperEdDSAPubKey(uint256[2] newEdDSAPubKey);
  event UpdatedCommitmentMapperAddress(address newAddress);
  error PubKeyNotValid(uint256[2] pubKey);

  /**
   * @dev Initializes the contract, to be called by the proxy delegating calls to this implementation
   * @param owner Owner of the contract, can update public key and address
   * @param commitmentMapperEdDSAPubKey EdDSA public key of the commitment mapper
   * @param commitmentMapperAddress Address of the commitment mapper
   * @notice The reinitializer modifier is needed to configure modules that are added through upgrades and that require initialization.
   */
  function initialize(
    address owner,
    uint256[2] memory commitmentMapperEdDSAPubKey,
    address commitmentMapperAddress
  ) external;

  /**
   * @dev Updates the EdDSA public key
   * @param newEdDSAPubKey new EdDSA pubic key
   */
  function updateCommitmentMapperEdDSAPubKey(uint256[2] memory newEdDSAPubKey) external;

  /**
   * @dev Updates the address
   * @param newAddress new address
   */
  function updateCommitmentMapperAddress(address newAddress) external;

  /**
   * @dev Getter of the address of the commitment mapper
   */
  function getEdDSAPubKey() external view returns (uint256[2] memory);

  /**
   * @dev Getter of the address of the commitment mapper
   */
  function getAddress() external view returns (address);
}

Settings
{
  "evmVersion": "london",
  "libraries": {},
  "metadata": {
    "bytecodeHash": "ipfs",
    "useLiteralContent": true
  },
  "optimizer": {
    "enabled": true,
    "runs": 200
  },
  "remappings": [],
  "outputSelection": {
    "*": {
      "*": [
        "evm.bytecode",
        "evm.deployedBytecode",
        "devdoc",
        "userdoc",
        "metadata",
        "abi"
      ]
    }
  }
}

Contract ABI

[{"inputs":[{"internalType":"address","name":"attestationsRegistryAddress","type":"address"},{"internalType":"address","name":"hydraS1VerifierAddress","type":"address"},{"internalType":"address","name":"availableRootsRegistryAddress","type":"address"},{"internalType":"address","name":"commitmentMapperAddress","type":"address"},{"internalType":"uint256","name":"collectionIdFirst","type":"uint256"},{"internalType":"uint256","name":"collectionIdLast","type":"uint256"},{"internalType":"address","name":"owner","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[{"internalType":"uint256","name":"expectedAccountsTreeValue","type":"uint256"},{"internalType":"uint256","name":"inputAccountsTreeValue","type":"uint256"}],"name":"AccountsTreeValueMismatch","type":"error"},{"inputs":[],"name":"AttestationDeletionNotImplemented","type":"error"},{"inputs":[{"internalType":"uint256","name":"expectedChainId","type":"uint256"},{"internalType":"uint256","name":"chainId","type":"uint256"}],"name":"ChainIdMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"claimLength","type":"uint256"}],"name":"ClaimsLengthDifferentThanOne","type":"error"},{"inputs":[{"internalType":"uint256","name":"collectionId","type":"uint256"}],"name":"CollectionIdOutOfBound","type":"error"},{"inputs":[{"internalType":"uint256","name":"expectedX","type":"uint256"},{"internalType":"uint256","name":"expectedY","type":"uint256"},{"internalType":"uint256","name":"inputX","type":"uint256"},{"internalType":"uint256","name":"inputY","type":"uint256"}],"name":"CommitmentMapperPubKeyMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"CooldownDurationNotSetForGroupIndex","type":"error"},{"inputs":[{"internalType":"address","name":"expectedDestination","type":"address"},{"internalType":"address","name":"inputDestination","type":"address"}],"name":"DestinationMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"expectedExternalNullifier","type":"uint256"},{"internalType":"uint256","name":"externalNullifier","type":"uint256"}],"name":"ExternalNullifierMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"expectedGroupId","type":"uint256"},{"internalType":"uint256","name":"groupId","type":"uint256"}],"name":"GroupIdAndPropertiesMismatch","type":"error"},{"inputs":[{"internalType":"string","name":"reason","type":"string"}],"name":"InvalidGroth16Proof","type":"error"},{"inputs":[{"internalType":"bool","name":"expectedStrictness","type":"bool"},{"internalType":"bool","name":"strictNess","type":"bool"}],"name":"IsStrictMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"},{"internalType":"address","name":"destination","type":"address"},{"internalType":"uint16","name":"burnCount","type":"uint16"},{"internalType":"uint32","name":"cooldownStart","type":"uint32"}],"name":"NullifierOnCooldown","type":"error"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"}],"name":"NullifierUsed","type":"error"},{"inputs":[{"internalType":"uint256","name":"inputRoot","type":"uint256"}],"name":"RegistryRootMismatch","type":"error"},{"inputs":[{"internalType":"uint256","name":"expectedValue","type":"uint256"},{"internalType":"uint256","name":"inputValue","type":"uint256"}],"name":"ValueMismatch","type":"error"},{"anonymous":false,"inputs":[{"components":[{"internalType":"uint256","name":"collectionId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"issuer","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"},{"internalType":"uint32","name":"timestamp","type":"uint32"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"indexed":false,"internalType":"struct Attestation","name":"attestation","type":"tuple"}],"name":"AttestationDeleted","type":"event"},{"anonymous":false,"inputs":[{"components":[{"internalType":"uint256","name":"collectionId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"issuer","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"},{"internalType":"uint32","name":"timestamp","type":"uint32"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"indexed":false,"internalType":"struct Attestation","name":"attestation","type":"tuple"}],"name":"AttestationGenerated","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"groupIndex","type":"uint256"},{"indexed":false,"internalType":"uint32","name":"cooldownDuration","type":"uint32"}],"name":"CooldownDurationSetForGroupIndex","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint8","name":"version","type":"uint8"}],"name":"Initialized","type":"event"},{"anonymous":false,"inputs":[{"indexed":false,"internalType":"uint256","name":"nullifier","type":"uint256"},{"indexed":false,"internalType":"address","name":"newOwner","type":"address"}],"name":"NullifierDestinationUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"nullifier","type":"uint256"},{"indexed":false,"internalType":"uint16","name":"burnCount","type":"uint16"}],"name":"NullifierSetOnCooldown","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"inputs":[],"name":"AUTHORIZED_COLLECTION_ID_FIRST","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"AUTHORIZED_COLLECTION_ID_LAST","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"IMPLEMENTATION_VERSION","outputs":[{"internalType":"uint8","name":"","type":"uint8"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"},{"internalType":"address","name":"claimDestination","type":"address"}],"name":"_getNextBurnCount","outputs":[{"internalType":"uint16","name":"","type":"uint16"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"components":[{"internalType":"uint256","name":"groupId","type":"uint256"},{"internalType":"uint256","name":"claimedValue","type":"uint256"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"internalType":"struct Claim[]","name":"claims","type":"tuple[]"},{"internalType":"address","name":"destination","type":"address"}],"internalType":"struct Request","name":"request","type":"tuple"},{"internalType":"bytes","name":"proofData","type":"bytes"}],"name":"buildAttestations","outputs":[{"components":[{"internalType":"uint256","name":"collectionId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"issuer","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"},{"internalType":"uint32","name":"timestamp","type":"uint32"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"internalType":"struct Attestation[]","name":"","type":"tuple[]"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256[]","name":"collectionIds","type":"uint256[]"},{"internalType":"address","name":"attestationsOwner","type":"address"},{"internalType":"bytes","name":"proofData","type":"bytes"}],"name":"deleteAttestations","outputs":[{"components":[{"internalType":"uint256","name":"collectionId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"issuer","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"},{"internalType":"uint32","name":"timestamp","type":"uint32"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"internalType":"struct Attestation[]","name":"","type":"tuple[]"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"components":[{"internalType":"uint256","name":"groupId","type":"uint256"},{"internalType":"uint256","name":"claimedValue","type":"uint256"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"internalType":"struct Claim[]","name":"claims","type":"tuple[]"},{"internalType":"address","name":"destination","type":"address"}],"internalType":"struct Request","name":"request","type":"tuple"},{"internalType":"bytes","name":"proofData","type":"bytes"}],"name":"generateAttestations","outputs":[{"components":[{"internalType":"uint256","name":"collectionId","type":"uint256"},{"internalType":"address","name":"owner","type":"address"},{"internalType":"address","name":"issuer","type":"address"},{"internalType":"uint256","name":"value","type":"uint256"},{"internalType":"uint32","name":"timestamp","type":"uint32"},{"internalType":"bytes","name":"extraData","type":"bytes"}],"internalType":"struct Attestation[]","name":"","type":"tuple[]"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"getAttestationRegistry","outputs":[{"internalType":"contract IAttestationsRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"getAvailableRootsRegistry","outputs":[{"internalType":"contract IAvailableRootsRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"extraData","type":"bytes"}],"name":"getBurnCountFromExtraData","outputs":[{"internalType":"uint16","name":"","type":"uint16"}],"stateMutability":"pure","type":"function"},{"inputs":[],"name":"getCommitmentMapperRegistry","outputs":[{"internalType":"contract ICommitmentMapperRegistry","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"}],"name":"getCooldownDurationForGroupIndex","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"}],"name":"getDestinationOfNullifier","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"}],"name":"getNullifierBurnCount","outputs":[{"internalType":"uint16","name":"","type":"uint16"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"nullifier","type":"uint256"}],"name":"getNullifierCooldownStart","outputs":[{"internalType":"uint32","name":"","type":"uint32"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"extraData","type":"bytes"}],"name":"getNullifierFromExtraData","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"pure","type":"function"},{"inputs":[],"name":"getVerifier","outputs":[{"internalType":"contract HydraS1Verifier","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"ownerAddress","type":"address"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"groupIndex","type":"uint256"},{"internalType":"uint32","name":"cooldownDuration","type":"uint32"}],"name":"setCooldownDurationForGroupIndex","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"}]

6101406040523480156200001257600080fd5b5060405162002b2738038062002b2783398101604081905262000035916200020f565b6001600160a01b0387811660805286811660a05285811660e052841660c0526101008390526101208290526200006b3362000083565b6200007681620000d5565b5050505050505062000292565b601580546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e090600090a35050565b600054600490610100900460ff16158015620000f8575060005460ff8083169116105b620001605760405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201526d191e481a5b9a5d1a585b1a5e995960921b606482015260840160405180910390fd5b6000805461ffff191660ff831617610100178155620001876015546001600160a01b031690565b6001600160a01b031614806200019c5750303b155b15620001ad57620001ad8262000083565b6000805461ff001916905560405160ff821681527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb38474024989060200160405180910390a15050565b80516001600160a01b03811681146200020a57600080fd5b919050565b600080600080600080600060e0888a0312156200022b57600080fd5b6200023688620001f2565b96506200024660208901620001f2565b95506200025660408901620001f2565b94506200026660608901620001f2565b93506080880151925060a088015191506200028460c08901620001f2565b905092959891949750929550565b60805160a05160c05160e05161010051610120516127ff620003286000396000818161025e0152610d9201526000818161023701528181610d6a01526117200152600081816102dd01526112fa01526000818161017901526113960152600081816101f901526114f7015260008181610323015281816107820152818161096301528181610ae8015261177901526127ff6000f3fe608060405234801561001057600080fd5b50600436106101425760003560e01c80638b159099116100b8578063c4d66de81161007c578063c4d66de814610347578063c776adde1461035a578063ca1cc6461461036d578063e60f999f14610380578063f2fde38b14610393578063f7e420b3146103a657600080fd5b80638b159099146102a25780638da5cb5b146102ca578063918447af146102db578063af411a3014610301578063bfa665851461032157600080fd5b806346657fe91161010a57806346657fe9146101f7578063524a32481461021d57806354846d7a146102325780637000b05114610259578063715018a614610280578063754b377c1461028857600080fd5b8063063599db146101475780632254f98e14610177578063345dd9891461019d5780633800a4b9146101be5780633c4a9854146101e4575b600080fd5b61015a610155366004611bbf565b6103b9565b6040516001600160a01b0390911681526020015b60405180910390f35b7f000000000000000000000000000000000000000000000000000000000000000061015a565b6101b06101ab366004611ce1565b6103d8565b60405190815260200161016e565b6101d16101cc366004611bbf565b6103f7565b60405161ffff909116815260200161016e565b6101d16101f2366004611ce1565b61040f565b7f000000000000000000000000000000000000000000000000000000000000000061015a565b61023061022b366004611d27565b61042e565b005b6101b07f000000000000000000000000000000000000000000000000000000000000000081565b6101b07f000000000000000000000000000000000000000000000000000000000000000081565b610230610494565b610290600481565b60405160ff909116815260200161016e565b6102b56102b0366004611bbf565b6104a8565b60405163ffffffff909116815260200161016e565b6015546001600160a01b031661015a565b7f000000000000000000000000000000000000000000000000000000000000000061015a565b61031461030f366004611d9f565b6104c2565b60405161016e9190611ec2565b7f000000000000000000000000000000000000000000000000000000000000000061015a565b610230610355366004611f49565b610573565b610314610368366004611f66565b61068b565b6101d161037b366004612017565b610a46565b61031461038e366004611d9f565b610aaa565b6102306103a1366004611f49565b610bc6565b6102b56103b4366004611bbf565b610c3f565b6000818152600160205260408120546001600160a01b03165b92915050565b600080828060200190518101906103ef919061203c565b509392505050565b6000818152603e602052604081205461ffff166103d2565b60008082806020019051810190610426919061203c565b949350505050565b610436610c59565b600082815260296020908152604091829020805463ffffffff191663ffffffff8516908117909155915191825283917f893e2a4c394b497c1a2b041d18acc02d05deb2cc7ae3ea0f85d001aa93dff48b910160405180910390a25050565b61049c610c59565b6104a66000610cb3565b565b60008181526029602052604081205463ffffffff166103d2565b606060006104d1858585610d05565b905060006104df8585610e84565b9050816000815181106104f4576104f4612068565b602002602001015160a00151610528828460008151811061051757610517612068565b602002602001015160200151610a46565b60405160200161053992919061207e565b6040516020818303038152906040528260008151811061055b5761055b612068565b602090810291909101015160a0015250949350505050565b600054600490610100900460ff16158015610595575060005460ff8083169116105b6105fd5760405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201526d191e481a5b9a5d1a585b1a5e995960921b60648201526084015b60405180910390fd5b6000805461ffff191660ff8316176101001781556106236015546001600160a01b031690565b6001600160a01b031614806106375750303b155b156106455761064582610cb3565b6000805461ff001916905560405160ff821681527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb3847402498906020015b60405180910390a15050565b60606000856001600160401b038111156106a7576106a7611bd8565b6040519080825280602002602001820160405280156106d0578160200160208202803683370190505b5090506000866001600160401b038111156106ed576106ed611bd8565b604051908082528060200260200182016040528015610716578160200160208202803683370190505b5090506000876001600160401b0381111561073357610733611bd8565b60405190808252806020026020018201604052801561076c57816020015b610759611a9d565b8152602001906001900390816107515790505b50905060005b88811015610940576000806000807f00000000000000000000000000000000000000000000000000000000000000006001600160a01b0316633be1ced78f8f888181106107c1576107c1612068565b905060200201358e6040518363ffffffff1660e01b81526004016107f89291909182526001600160a01b0316602082015260400190565b600060405180830381865afa158015610815573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f1916820160405261083d91908101906120a4565b93509350935093508b88868151811061085857610858612068565b60200260200101906001600160a01b031690816001600160a01b0316815250508d8d8681811061088a5761088a612068565b905060200201358786815181106108a3576108a3612068565b6020026020010181815250506040518060c001604052808f8f888181106108cc576108cc612068565b9050602002013581526020018d6001600160a01b03168152602001856001600160a01b031681526020018481526020018363ffffffff1681526020018281525086868151811061091e5761091e612068565b60200260200101819052505050505080806109389061216c565b915050610772565b5061094c818787610ea0565b60405163811a6af760e01b81526001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000169063811a6af79061099a9086908690600401612185565b600060405180830381600087803b1580156109b457600080fd5b505af11580156109c8573d6000803e3d6000fd5b5050505060005b88811015610a39577f01cba57fa881d11e8be5640b6abefb9709f2dd45f776051b2cf5cb8ea23fa56b828281518110610a0a57610a0a612068565b6020026020010151604051610a1f9190612209565b60405180910390a180610a318161216c565b9150506109cf565b5098975050505050505050565b600082815260016020908152604080832054603e9092528220546001600160a01b039091169061ffff168115801590610a915750836001600160a01b0316826001600160a01b031614155b1561042657610aa160018261221c565b95945050505050565b6060610ab7848484610eb9565b6000610ac48585856104c2565b9050610ad1858585610f01565b60405163ebc5c09360e01b81526001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000169063ebc5c09390610b1d908490600401611ec2565b600060405180830381600087803b158015610b3757600080fd5b505af1158015610b4b573d6000803e3d6000fd5b5050505060005b8151811015610bbd577f336e708b72b2b4a27a0c25e8cce7f97512e7f1e8dcaf800b100075e62c1eb1fc828281518110610b8e57610b8e612068565b6020026020010151604051610ba39190612209565b60405180910390a180610bb58161216c565b915050610b52565b50949350505050565b610bce610c59565b6001600160a01b038116610c335760405162461bcd60e51b815260206004820152602660248201527f4f776e61626c653a206e6577206f776e657220697320746865207a65726f206160448201526564647265737360d01b60648201526084016105f4565b610c3c81610cb3565b50565b6000818152603d602052604081205463ffffffff166103d2565b6015546001600160a01b031633146104a65760405162461bcd60e51b815260206004820181905260248201527f4f776e61626c653a2063616c6c6572206973206e6f7420746865206f776e657260448201526064016105f4565b601580546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e090600090a35050565b60606000610d1a610d1586612242565b611057565b60408051600180825281830190925291925060009190816020015b610d3d611a9d565b815260200190600190039081610d35575050606083015151909150600090610d8e906001600160801b03167f000000000000000000000000000000000000000000000000000000000000000061236b565b90507f0000000000000000000000000000000000000000000000000000000000000000811115610dd457604051637bbf29e360e01b8152600481018290526024016105f4565b306000610de18888610e84565b90506040518060c0016040528084815260200186604001516001600160a01b03168152602001836001600160a01b031681526020018660200151815260200186606001516020015163ffffffff16815260200182604051602001610e4791815260200190565b60405160208183030381529060405281525084600081518110610e6c57610e6c612068565b60209081029190910101525091979650505050505050565b600080610e9383850185612439565b90506000610aa1826110dc565b604051630d5cd8d960e11b815260040160405180910390fd5b6000610ec782840184612439565b90506000610ed4826110f2565b90506000610ee4610d1587612242565b9050610ef0818361119c565b610ef9836114cd565b505050505050565b6000610f0d8383610e84565b6000818152600160205260408120549192506001600160a01b0390911690610f37610d1587612242565b90506001600160a01b03821615801590610f67575080604001516001600160a01b0316826001600160a01b031614155b1561103e576060810151516001600160801b031660009081526029602052604081205463ffffffff1690819003610fc35760608201515160405163065ef5f360e01b81526001600160801b0390911660048201526024016105f4565b610fcd848261166a565b15611029576000848152603e602052604081205461ffff16604051630d16862d60e11b8152600481018790526001600160a01b038616602482015261ffff8216604482015263ffffffff841660648201529091506084016105f4565b611033828461169a565b61103c846117e8565b505b610ef9836110526040890160208a01611f49565b61188f565b61105f611aeb565b6000826000015160008151811061107857611078612068565b6020026020010151905061108b816118ee565b600081604001518060200190518101906110a5919061251a565b60408051608081018252845181526020948501518582015295909301516001600160a01b0316928501929092525060608301525090565b602081015160009060065b602002015192915050565b6110fa611b4e565b60405180610120016040528061110f8461192e565b6001600160a01b031681526020016111268461193c565b81526020016111348461194b565b81526020016111428461195a565b8152602001611150846110dc565b815260200161115e84611969565b815260200161116c84611978565b81526020016111848460200151610120015160011490565b1515815260200161119484611987565b905292915050565b815160c0820151146111d157815160c082015160405163fe405c7760e01b8152600481019290925260248201526044016105f4565b81606001516040015115158160e0015115150361121c57606082015160409081015160e08301519151634629f1b560e11b8152901515600482015290151560248201526044016105f4565b81604001516001600160a01b031681600001516001600160a01b03161461127057604082810151825191516370a8d99b60e11b81526001600160a01b039182166004820152911660248201526044016105f4565b468160200151146112a3576020810151604051630432cec160e31b815246600482015260248101919091526044016105f4565b81602001518160a00151146112de57602082015160a0820151604051630626ade360e41b8152600481019290925260248201526044016105f4565b604081810151905163072f23bd60e51b815260048101919091527f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03169063e5e477a090602401602060405180830381865afa158015611349573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061136d9190612595565b61139257806040015160405163cbfe7bc360e01b81526004016105f491815260200190565b60007f00000000000000000000000000000000000000000000000000000000000000006001600160a01b03166359a80d0d6040518163ffffffff1660e01b81526004016040805180830381865afa1580156113f1573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061141591906125b0565b80516101008401515191925014158061143c57506020808201516101008401519091015114155b15611486578051602080830151610100850151805192015160405163318d812b60e01b815260048101949094526024840191909152604483019190915260648201526084016105f4565b6000611491846119df565b9050808360600151146114c7576060830151604051630e6efbdd60e21b81526105f4918391600401918252602082015260400190565b50505050565b805180516020808301516040938401519185015193516379ddb87b60e11b81526001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000169463f3bb70f6946115309490939290919060040161262c565b602060405180830381865afa925050508015611569575060408051601f3d908101601f1916820190925261156691810190612595565b60015b61163f576115756126b0565b806308c379a0036115ae57506115896126cc565b8061159457506115ed565b8060405162dd577760e81b81526004016105f49190612755565b634e487b71036115ed576115c0612768565b906115cb57506115ed565b60405162dd577760e81b815260206004820152600060248201526044016105f4565b3d808015611617576040519150601f19603f3d011682016040523d82523d6000602084013e61161c565b606091505b5060405162dd577760e81b815260206004820152600060248201526044016105f4565b806116665760405162dd577760e81b815260206004820152600060248201526044016105f4565b5050565b6000828152603d6020526040812054429061168c90849063ffffffff16612788565b63ffffffff16119392505050565b60408051600180825281830190925260009160208083019080368337505060408051600180825281830190925292935060009291506020808301908036833701905050905082826000815181106116f3576116f3612068565b6001600160a01b0390921660209283029190910190910152606084015151611744906001600160801b03167f000000000000000000000000000000000000000000000000000000000000000061236b565b8160008151811061175757611757612068565b602090810291909101015260405163811a6af760e01b81526001600160a01b037f0000000000000000000000000000000000000000000000000000000000000000169063811a6af7906117b09085908590600401612185565b600060405180830381600087803b1580156117ca57600080fd5b505af11580156117de573d6000803e3d6000fd5b5050505050505050565b6000818152603d60209081526040808320805463ffffffff19164263ffffffff16179055603e909152812080546001929061182890849061ffff1661221c565b82546101009290920a61ffff8181021990931691831602179091556000838152603e60209081526040918290205491519190921681528392507f85183f8abad8891335fb845d2e6b4f84a9c7f7409f242f4e5ec138a84abffacf910160405180910390a250565b60008281526001602090815260409182902080546001600160a01b0319166001600160a01b0385169081179091558251858152918201527f0c5a122814a29e22d1363dacdd6f7c95345b70890f97e65eacb5565da28116ac910161067f565b60006118fd8260400151611a04565b825190915081146116665781516040516337e3d1ab60e01b81526105f4918391600401918252602082015260400190565b6020810151600090816110e7565b602081015160009060016110e7565b602081015160009060046110e7565b602081015160009060056110e7565b602081015160009060076110e7565b602081015160009060086110e7565b61198f611ba1565b604051806040016040528083602001516002600a81106119b1576119b1612068565b6020020151815260200183602001516003600a81106119d2576119d2612068565b6020020151905292915050565b6000806119fd308460600151600001516001600160801b0316611a39565b9392505050565b805160208201206000906103d2907f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001906127a7565b604080516001600160a01b03841660208201529081018290526000907f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001906060016040516020818303038152906040528051906020012060001c6119fd91906127a7565b6040518060c001604052806000815260200160006001600160a01b0316815260200160006001600160a01b0316815260200160008152602001600063ffffffff168152602001606081525090565b6040518060800160405280600081526020016000815260200160006001600160a01b03168152602001611b49604051806060016040528060006001600160801b03168152602001600063ffffffff1681526020016000151581525090565b905290565b60405180610120016040528060006001600160a01b03168152602001600081526020016000815260200160008152602001600081526020016000815260200160008152602001600015158152602001611b495b60405180604001604052806002906020820280368337509192915050565b600060208284031215611bd157600080fd5b5035919050565b634e487b7160e01b600052604160045260246000fd5b604081018181106001600160401b0382111715611c0d57611c0d611bd8565b60405250565b606081018181106001600160401b0382111715611c0d57611c0d611bd8565b601f8201601f191681016001600160401b0381118282101715611c5757611c57611bd8565b6040525050565b60006001600160401b03821115611c7757611c77611bd8565b50601f01601f191660200190565b600082601f830112611c9657600080fd5b8135611ca181611c5e565b604051611cae8282611c32565b828152856020848701011115611cc357600080fd5b82602086016020830137600092810160200192909252509392505050565b600060208284031215611cf357600080fd5b81356001600160401b03811115611d0957600080fd5b61042684828501611c85565b63ffffffff81168114610c3c57600080fd5b60008060408385031215611d3a57600080fd5b823591506020830135611d4c81611d15565b809150509250929050565b60008083601f840112611d6957600080fd5b5081356001600160401b03811115611d8057600080fd5b602083019150836020828501011115611d9857600080fd5b9250929050565b600080600060408486031215611db457600080fd5b83356001600160401b0380821115611dcb57600080fd5b9085019060408288031215611ddf57600080fd5b90935060208501359080821115611df557600080fd5b50611e0286828701611d57565b9497909650939450505050565b60005b83811015611e2a578181015183820152602001611e12565b838111156114c75750506000910152565b60008151808452611e53816020860160208601611e0f565b601f01601f19169290920160200192915050565b805182526000602082015160018060a01b03808216602086015280604085015116604086015250506060820151606084015263ffffffff608083015116608084015260a082015160c060a085015261042660c0850182611e3b565b6000602080830181845280855180835260408601915060408160051b870101925083870160005b82811015611f1757603f19888603018452611f05858351611e67565b94509285019290850190600101611ee9565b5092979650505050505050565b6001600160a01b0381168114610c3c57600080fd5b8035611f4481611f24565b919050565b600060208284031215611f5b57600080fd5b81356119fd81611f24565b600080600080600060608688031215611f7e57600080fd5b85356001600160401b0380821115611f9557600080fd5b818801915088601f830112611fa957600080fd5b813581811115611fb857600080fd5b8960208260051b8501011115611fcd57600080fd5b60208301975080965050611fe360208901611f39565b94506040880135915080821115611ff957600080fd5b5061200688828901611d57565b969995985093965092949392505050565b6000806040838503121561202a57600080fd5b823591506020830135611d4c81611f24565b6000806040838503121561204f57600080fd5b82519150602083015161ffff81168114611d4c57600080fd5b634e487b7160e01b600052603260045260246000fd5b6040815260006120916040830185611e3b565b905061ffff831660208301529392505050565b600080600080608085870312156120ba57600080fd5b84516120c581611f24565b6020860151604087015191955093506120dd81611d15565b60608601519092506001600160401b038111156120f957600080fd5b8501601f8101871361210a57600080fd5b805161211581611c5e565b6040516121228282611c32565b82815289602084860101111561213757600080fd5b612148836020830160208701611e0f565b969995985093965050505050565b634e487b7160e01b600052601160045260246000fd5b60006001820161217e5761217e612156565b5060010190565b604080825283519082018190526000906020906060840190828701845b828110156121c75781516001600160a01b0316845292840192908401906001016121a2565b5050508381038285015284518082528583019183019060005b818110156121fc578351835292840192918401916001016121e0565b5090979650505050505050565b6020815260006119fd6020830184611e67565b600061ffff80831681851680830382111561223957612239612156565b01949350505050565b6000604080833603121561225557600080fd5b805161226081611bee565b83356001600160401b038082111561227757600080fd5b9085019036601f83011261228a57600080fd5b813560208282111561229e5761229e611bd8565b8160051b86516122b083830182611c32565b928352848101820192828101368511156122c957600080fd5b83870192505b8483101561234d578235868111156122e75760008081fd5b8701606036829003601f19018113156123005760008081fd5b8a5161230b81611c13565b8287013581528b8301358188015290820135908882111561232c5760008081fd5b61233a368884860101611c85565b818d0152835250509183019183016122cf565b5086525061235c888201611f39565b90850152509195945050505050565b6000821982111561237e5761237e612156565b500190565b600082601f83011261239457600080fd5b6040516123a081611bee565b8060408401858111156123b257600080fd5b845b818110156123cc5780358352602092830192016123b4565b509195945050505050565b600082601f8301126123e857600080fd5b6040516101408082018281106001600160401b038211171561240c5761240c611bd8565b6040528301818582111561241f57600080fd5b845b828110156123cc578035825260209182019101612421565b600081830361024081121561244d57600080fd5b6040805161245a81611bee565b6101008084121561246a57600080fd5b8251935061247784611c13565b6124818787612383565b845286605f87011261249257600080fd5b825161249d81611bee565b8060c08801898111156124af57600080fd5b8589015b818110156124d4576124c58b82612383565b835260209092019186016124b3565b508260208801526124e58a82612383565b868801525050508382526124fb878288016123d7565b60208301525095945050505050565b80518015158114611f4457600080fd5b60006060828403121561252c57600080fd5b604051606081018181106001600160401b038211171561254e5761254e611bd8565b60405282516001600160801b038116811461256857600080fd5b8152602083015161257881611d15565b60208201526125896040840161250a565b60408201529392505050565b6000602082840312156125a757600080fd5b6119fd8261250a565b6000604082840312156125c257600080fd5b82601f8301126125d157600080fd5b6040516125dd81611bee565b8060408401858111156125ef57600080fd5b845b818110156123cc5780518352602092830192016125f1565b8060005b60028110156114c757815184526020938401939091019060010161260d565b610240810161263b8287612609565b60408083018660005b600281101561266b57612658838351612609565b9183019160209190910190600101612644565b5050505061267c60c0830185612609565b61010082018360005b600a8110156126a4578151835260209283019290910190600101612685565b50505095945050505050565b600060033d11156126c95760046000803e5060005160e01c5b90565b600060443d10156126da5790565b6040516003193d81016004833e81513d6001600160401b03816024840111818411171561270957505050505090565b82850191508151818111156127215750505050505090565b843d870101602082850101111561273b5750505050505090565b61274a60208286010187611c32565b509095945050505050565b6020815260006119fd6020830184611e3b565b60008060233d1115612784576020600460003e50506000516001905b9091565b600063ffffffff80831681851680830382111561223957612239612156565b6000826127c457634e487b7160e01b600052601260045260246000fd5b50069056fea2646970667358221220202a9a70b259c56940b27ba667618cafc46cd9a9f1eb7ea03e8803b68fee4b3964736f6c634300080e0033000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8000000000000000000000000f219a3a016dd785332a2305bf52544ee189fe233000000000000000000000000453bf14103cc941a96721de9a32d5e3d3095e049000000000000000000000000e205fb31b656791850ac65f0623937bf6170a5da00000000000000000000000000000000000000000000000000000000009896810000000000000000000000000000000000000000000000000000000001312d000000000000000000000000002d11715220786490c8da6cac15444f250e838eff

Deployed Bytecode

0x608060405234801561001057600080fd5b50600436106101425760003560e01c80638b159099116100b8578063c4d66de81161007c578063c4d66de814610347578063c776adde1461035a578063ca1cc6461461036d578063e60f999f14610380578063f2fde38b14610393578063f7e420b3146103a657600080fd5b80638b159099146102a25780638da5cb5b146102ca578063918447af146102db578063af411a3014610301578063bfa665851461032157600080fd5b806346657fe91161010a57806346657fe9146101f7578063524a32481461021d57806354846d7a146102325780637000b05114610259578063715018a614610280578063754b377c1461028857600080fd5b8063063599db146101475780632254f98e14610177578063345dd9891461019d5780633800a4b9146101be5780633c4a9854146101e4575b600080fd5b61015a610155366004611bbf565b6103b9565b6040516001600160a01b0390911681526020015b60405180910390f35b7f000000000000000000000000e205fb31b656791850ac65f0623937bf6170a5da61015a565b6101b06101ab366004611ce1565b6103d8565b60405190815260200161016e565b6101d16101cc366004611bbf565b6103f7565b60405161ffff909116815260200161016e565b6101d16101f2366004611ce1565b61040f565b7f000000000000000000000000f219a3a016dd785332a2305bf52544ee189fe23361015a565b61023061022b366004611d27565b61042e565b005b6101b07f000000000000000000000000000000000000000000000000000000000098968181565b6101b07f0000000000000000000000000000000000000000000000000000000001312d0081565b610230610494565b610290600481565b60405160ff909116815260200161016e565b6102b56102b0366004611bbf565b6104a8565b60405163ffffffff909116815260200161016e565b6015546001600160a01b031661015a565b7f000000000000000000000000453bf14103cc941a96721de9a32d5e3d3095e04961015a565b61031461030f366004611d9f565b6104c2565b60405161016e9190611ec2565b7f000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a861015a565b610230610355366004611f49565b610573565b610314610368366004611f66565b61068b565b6101d161037b366004612017565b610a46565b61031461038e366004611d9f565b610aaa565b6102306103a1366004611f49565b610bc6565b6102b56103b4366004611bbf565b610c3f565b6000818152600160205260408120546001600160a01b03165b92915050565b600080828060200190518101906103ef919061203c565b509392505050565b6000818152603e602052604081205461ffff166103d2565b60008082806020019051810190610426919061203c565b949350505050565b610436610c59565b600082815260296020908152604091829020805463ffffffff191663ffffffff8516908117909155915191825283917f893e2a4c394b497c1a2b041d18acc02d05deb2cc7ae3ea0f85d001aa93dff48b910160405180910390a25050565b61049c610c59565b6104a66000610cb3565b565b60008181526029602052604081205463ffffffff166103d2565b606060006104d1858585610d05565b905060006104df8585610e84565b9050816000815181106104f4576104f4612068565b602002602001015160a00151610528828460008151811061051757610517612068565b602002602001015160200151610a46565b60405160200161053992919061207e565b6040516020818303038152906040528260008151811061055b5761055b612068565b602090810291909101015160a0015250949350505050565b600054600490610100900460ff16158015610595575060005460ff8083169116105b6105fd5760405162461bcd60e51b815260206004820152602e60248201527f496e697469616c697a61626c653a20636f6e747261637420697320616c72656160448201526d191e481a5b9a5d1a585b1a5e995960921b60648201526084015b60405180910390fd5b6000805461ffff191660ff8316176101001781556106236015546001600160a01b031690565b6001600160a01b031614806106375750303b155b156106455761064582610cb3565b6000805461ff001916905560405160ff821681527f7f26b83ff96e1f2b6a682f133852f6798a09c465da95921460cefb3847402498906020015b60405180910390a15050565b60606000856001600160401b038111156106a7576106a7611bd8565b6040519080825280602002602001820160405280156106d0578160200160208202803683370190505b5090506000866001600160401b038111156106ed576106ed611bd8565b604051908082528060200260200182016040528015610716578160200160208202803683370190505b5090506000876001600160401b0381111561073357610733611bd8565b60405190808252806020026020018201604052801561076c57816020015b610759611a9d565b8152602001906001900390816107515790505b50905060005b88811015610940576000806000807f000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a86001600160a01b0316633be1ced78f8f888181106107c1576107c1612068565b905060200201358e6040518363ffffffff1660e01b81526004016107f89291909182526001600160a01b0316602082015260400190565b600060405180830381865afa158015610815573d6000803e3d6000fd5b505050506040513d6000823e601f3d908101601f1916820160405261083d91908101906120a4565b93509350935093508b88868151811061085857610858612068565b60200260200101906001600160a01b031690816001600160a01b0316815250508d8d8681811061088a5761088a612068565b905060200201358786815181106108a3576108a3612068565b6020026020010181815250506040518060c001604052808f8f888181106108cc576108cc612068565b9050602002013581526020018d6001600160a01b03168152602001856001600160a01b031681526020018481526020018363ffffffff1681526020018281525086868151811061091e5761091e612068565b60200260200101819052505050505080806109389061216c565b915050610772565b5061094c818787610ea0565b60405163811a6af760e01b81526001600160a01b037f000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8169063811a6af79061099a9086908690600401612185565b600060405180830381600087803b1580156109b457600080fd5b505af11580156109c8573d6000803e3d6000fd5b5050505060005b88811015610a39577f01cba57fa881d11e8be5640b6abefb9709f2dd45f776051b2cf5cb8ea23fa56b828281518110610a0a57610a0a612068565b6020026020010151604051610a1f9190612209565b60405180910390a180610a318161216c565b9150506109cf565b5098975050505050505050565b600082815260016020908152604080832054603e9092528220546001600160a01b039091169061ffff168115801590610a915750836001600160a01b0316826001600160a01b031614155b1561042657610aa160018261221c565b95945050505050565b6060610ab7848484610eb9565b6000610ac48585856104c2565b9050610ad1858585610f01565b60405163ebc5c09360e01b81526001600160a01b037f000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8169063ebc5c09390610b1d908490600401611ec2565b600060405180830381600087803b158015610b3757600080fd5b505af1158015610b4b573d6000803e3d6000fd5b5050505060005b8151811015610bbd577f336e708b72b2b4a27a0c25e8cce7f97512e7f1e8dcaf800b100075e62c1eb1fc828281518110610b8e57610b8e612068565b6020026020010151604051610ba39190612209565b60405180910390a180610bb58161216c565b915050610b52565b50949350505050565b610bce610c59565b6001600160a01b038116610c335760405162461bcd60e51b815260206004820152602660248201527f4f776e61626c653a206e6577206f776e657220697320746865207a65726f206160448201526564647265737360d01b60648201526084016105f4565b610c3c81610cb3565b50565b6000818152603d602052604081205463ffffffff166103d2565b6015546001600160a01b031633146104a65760405162461bcd60e51b815260206004820181905260248201527f4f776e61626c653a2063616c6c6572206973206e6f7420746865206f776e657260448201526064016105f4565b601580546001600160a01b038381166001600160a01b0319831681179093556040519116919082907f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e090600090a35050565b60606000610d1a610d1586612242565b611057565b60408051600180825281830190925291925060009190816020015b610d3d611a9d565b815260200190600190039081610d35575050606083015151909150600090610d8e906001600160801b03167f000000000000000000000000000000000000000000000000000000000098968161236b565b90507f0000000000000000000000000000000000000000000000000000000001312d00811115610dd457604051637bbf29e360e01b8152600481018290526024016105f4565b306000610de18888610e84565b90506040518060c0016040528084815260200186604001516001600160a01b03168152602001836001600160a01b031681526020018660200151815260200186606001516020015163ffffffff16815260200182604051602001610e4791815260200190565b60405160208183030381529060405281525084600081518110610e6c57610e6c612068565b60209081029190910101525091979650505050505050565b600080610e9383850185612439565b90506000610aa1826110dc565b604051630d5cd8d960e11b815260040160405180910390fd5b6000610ec782840184612439565b90506000610ed4826110f2565b90506000610ee4610d1587612242565b9050610ef0818361119c565b610ef9836114cd565b505050505050565b6000610f0d8383610e84565b6000818152600160205260408120549192506001600160a01b0390911690610f37610d1587612242565b90506001600160a01b03821615801590610f67575080604001516001600160a01b0316826001600160a01b031614155b1561103e576060810151516001600160801b031660009081526029602052604081205463ffffffff1690819003610fc35760608201515160405163065ef5f360e01b81526001600160801b0390911660048201526024016105f4565b610fcd848261166a565b15611029576000848152603e602052604081205461ffff16604051630d16862d60e11b8152600481018790526001600160a01b038616602482015261ffff8216604482015263ffffffff841660648201529091506084016105f4565b611033828461169a565b61103c846117e8565b505b610ef9836110526040890160208a01611f49565b61188f565b61105f611aeb565b6000826000015160008151811061107857611078612068565b6020026020010151905061108b816118ee565b600081604001518060200190518101906110a5919061251a565b60408051608081018252845181526020948501518582015295909301516001600160a01b0316928501929092525060608301525090565b602081015160009060065b602002015192915050565b6110fa611b4e565b60405180610120016040528061110f8461192e565b6001600160a01b031681526020016111268461193c565b81526020016111348461194b565b81526020016111428461195a565b8152602001611150846110dc565b815260200161115e84611969565b815260200161116c84611978565b81526020016111848460200151610120015160011490565b1515815260200161119484611987565b905292915050565b815160c0820151146111d157815160c082015160405163fe405c7760e01b8152600481019290925260248201526044016105f4565b81606001516040015115158160e0015115150361121c57606082015160409081015160e08301519151634629f1b560e11b8152901515600482015290151560248201526044016105f4565b81604001516001600160a01b031681600001516001600160a01b03161461127057604082810151825191516370a8d99b60e11b81526001600160a01b039182166004820152911660248201526044016105f4565b468160200151146112a3576020810151604051630432cec160e31b815246600482015260248101919091526044016105f4565b81602001518160a00151146112de57602082015160a0820151604051630626ade360e41b8152600481019290925260248201526044016105f4565b604081810151905163072f23bd60e51b815260048101919091527f000000000000000000000000453bf14103cc941a96721de9a32d5e3d3095e0496001600160a01b03169063e5e477a090602401602060405180830381865afa158015611349573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061136d9190612595565b61139257806040015160405163cbfe7bc360e01b81526004016105f491815260200190565b60007f000000000000000000000000e205fb31b656791850ac65f0623937bf6170a5da6001600160a01b03166359a80d0d6040518163ffffffff1660e01b81526004016040805180830381865afa1580156113f1573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061141591906125b0565b80516101008401515191925014158061143c57506020808201516101008401519091015114155b15611486578051602080830151610100850151805192015160405163318d812b60e01b815260048101949094526024840191909152604483019190915260648201526084016105f4565b6000611491846119df565b9050808360600151146114c7576060830151604051630e6efbdd60e21b81526105f4918391600401918252602082015260400190565b50505050565b805180516020808301516040938401519185015193516379ddb87b60e11b81526001600160a01b037f000000000000000000000000f219a3a016dd785332a2305bf52544ee189fe233169463f3bb70f6946115309490939290919060040161262c565b602060405180830381865afa925050508015611569575060408051601f3d908101601f1916820190925261156691810190612595565b60015b61163f576115756126b0565b806308c379a0036115ae57506115896126cc565b8061159457506115ed565b8060405162dd577760e81b81526004016105f49190612755565b634e487b71036115ed576115c0612768565b906115cb57506115ed565b60405162dd577760e81b815260206004820152600060248201526044016105f4565b3d808015611617576040519150601f19603f3d011682016040523d82523d6000602084013e61161c565b606091505b5060405162dd577760e81b815260206004820152600060248201526044016105f4565b806116665760405162dd577760e81b815260206004820152600060248201526044016105f4565b5050565b6000828152603d6020526040812054429061168c90849063ffffffff16612788565b63ffffffff16119392505050565b60408051600180825281830190925260009160208083019080368337505060408051600180825281830190925292935060009291506020808301908036833701905050905082826000815181106116f3576116f3612068565b6001600160a01b0390921660209283029190910190910152606084015151611744906001600160801b03167f000000000000000000000000000000000000000000000000000000000098968161236b565b8160008151811061175757611757612068565b602090810291909101015260405163811a6af760e01b81526001600160a01b037f000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8169063811a6af7906117b09085908590600401612185565b600060405180830381600087803b1580156117ca57600080fd5b505af11580156117de573d6000803e3d6000fd5b5050505050505050565b6000818152603d60209081526040808320805463ffffffff19164263ffffffff16179055603e909152812080546001929061182890849061ffff1661221c565b82546101009290920a61ffff8181021990931691831602179091556000838152603e60209081526040918290205491519190921681528392507f85183f8abad8891335fb845d2e6b4f84a9c7f7409f242f4e5ec138a84abffacf910160405180910390a250565b60008281526001602090815260409182902080546001600160a01b0319166001600160a01b0385169081179091558251858152918201527f0c5a122814a29e22d1363dacdd6f7c95345b70890f97e65eacb5565da28116ac910161067f565b60006118fd8260400151611a04565b825190915081146116665781516040516337e3d1ab60e01b81526105f4918391600401918252602082015260400190565b6020810151600090816110e7565b602081015160009060016110e7565b602081015160009060046110e7565b602081015160009060056110e7565b602081015160009060076110e7565b602081015160009060086110e7565b61198f611ba1565b604051806040016040528083602001516002600a81106119b1576119b1612068565b6020020151815260200183602001516003600a81106119d2576119d2612068565b6020020151905292915050565b6000806119fd308460600151600001516001600160801b0316611a39565b9392505050565b805160208201206000906103d2907f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001906127a7565b604080516001600160a01b03841660208201529081018290526000907f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001906060016040516020818303038152906040528051906020012060001c6119fd91906127a7565b6040518060c001604052806000815260200160006001600160a01b0316815260200160006001600160a01b0316815260200160008152602001600063ffffffff168152602001606081525090565b6040518060800160405280600081526020016000815260200160006001600160a01b03168152602001611b49604051806060016040528060006001600160801b03168152602001600063ffffffff1681526020016000151581525090565b905290565b60405180610120016040528060006001600160a01b03168152602001600081526020016000815260200160008152602001600081526020016000815260200160008152602001600015158152602001611b495b60405180604001604052806002906020820280368337509192915050565b600060208284031215611bd157600080fd5b5035919050565b634e487b7160e01b600052604160045260246000fd5b604081018181106001600160401b0382111715611c0d57611c0d611bd8565b60405250565b606081018181106001600160401b0382111715611c0d57611c0d611bd8565b601f8201601f191681016001600160401b0381118282101715611c5757611c57611bd8565b6040525050565b60006001600160401b03821115611c7757611c77611bd8565b50601f01601f191660200190565b600082601f830112611c9657600080fd5b8135611ca181611c5e565b604051611cae8282611c32565b828152856020848701011115611cc357600080fd5b82602086016020830137600092810160200192909252509392505050565b600060208284031215611cf357600080fd5b81356001600160401b03811115611d0957600080fd5b61042684828501611c85565b63ffffffff81168114610c3c57600080fd5b60008060408385031215611d3a57600080fd5b823591506020830135611d4c81611d15565b809150509250929050565b60008083601f840112611d6957600080fd5b5081356001600160401b03811115611d8057600080fd5b602083019150836020828501011115611d9857600080fd5b9250929050565b600080600060408486031215611db457600080fd5b83356001600160401b0380821115611dcb57600080fd5b9085019060408288031215611ddf57600080fd5b90935060208501359080821115611df557600080fd5b50611e0286828701611d57565b9497909650939450505050565b60005b83811015611e2a578181015183820152602001611e12565b838111156114c75750506000910152565b60008151808452611e53816020860160208601611e0f565b601f01601f19169290920160200192915050565b805182526000602082015160018060a01b03808216602086015280604085015116604086015250506060820151606084015263ffffffff608083015116608084015260a082015160c060a085015261042660c0850182611e3b565b6000602080830181845280855180835260408601915060408160051b870101925083870160005b82811015611f1757603f19888603018452611f05858351611e67565b94509285019290850190600101611ee9565b5092979650505050505050565b6001600160a01b0381168114610c3c57600080fd5b8035611f4481611f24565b919050565b600060208284031215611f5b57600080fd5b81356119fd81611f24565b600080600080600060608688031215611f7e57600080fd5b85356001600160401b0380821115611f9557600080fd5b818801915088601f830112611fa957600080fd5b813581811115611fb857600080fd5b8960208260051b8501011115611fcd57600080fd5b60208301975080965050611fe360208901611f39565b94506040880135915080821115611ff957600080fd5b5061200688828901611d57565b969995985093965092949392505050565b6000806040838503121561202a57600080fd5b823591506020830135611d4c81611f24565b6000806040838503121561204f57600080fd5b82519150602083015161ffff81168114611d4c57600080fd5b634e487b7160e01b600052603260045260246000fd5b6040815260006120916040830185611e3b565b905061ffff831660208301529392505050565b600080600080608085870312156120ba57600080fd5b84516120c581611f24565b6020860151604087015191955093506120dd81611d15565b60608601519092506001600160401b038111156120f957600080fd5b8501601f8101871361210a57600080fd5b805161211581611c5e565b6040516121228282611c32565b82815289602084860101111561213757600080fd5b612148836020830160208701611e0f565b969995985093965050505050565b634e487b7160e01b600052601160045260246000fd5b60006001820161217e5761217e612156565b5060010190565b604080825283519082018190526000906020906060840190828701845b828110156121c75781516001600160a01b0316845292840192908401906001016121a2565b5050508381038285015284518082528583019183019060005b818110156121fc578351835292840192918401916001016121e0565b5090979650505050505050565b6020815260006119fd6020830184611e67565b600061ffff80831681851680830382111561223957612239612156565b01949350505050565b6000604080833603121561225557600080fd5b805161226081611bee565b83356001600160401b038082111561227757600080fd5b9085019036601f83011261228a57600080fd5b813560208282111561229e5761229e611bd8565b8160051b86516122b083830182611c32565b928352848101820192828101368511156122c957600080fd5b83870192505b8483101561234d578235868111156122e75760008081fd5b8701606036829003601f19018113156123005760008081fd5b8a5161230b81611c13565b8287013581528b8301358188015290820135908882111561232c5760008081fd5b61233a368884860101611c85565b818d0152835250509183019183016122cf565b5086525061235c888201611f39565b90850152509195945050505050565b6000821982111561237e5761237e612156565b500190565b600082601f83011261239457600080fd5b6040516123a081611bee565b8060408401858111156123b257600080fd5b845b818110156123cc5780358352602092830192016123b4565b509195945050505050565b600082601f8301126123e857600080fd5b6040516101408082018281106001600160401b038211171561240c5761240c611bd8565b6040528301818582111561241f57600080fd5b845b828110156123cc578035825260209182019101612421565b600081830361024081121561244d57600080fd5b6040805161245a81611bee565b6101008084121561246a57600080fd5b8251935061247784611c13565b6124818787612383565b845286605f87011261249257600080fd5b825161249d81611bee565b8060c08801898111156124af57600080fd5b8589015b818110156124d4576124c58b82612383565b835260209092019186016124b3565b508260208801526124e58a82612383565b868801525050508382526124fb878288016123d7565b60208301525095945050505050565b80518015158114611f4457600080fd5b60006060828403121561252c57600080fd5b604051606081018181106001600160401b038211171561254e5761254e611bd8565b60405282516001600160801b038116811461256857600080fd5b8152602083015161257881611d15565b60208201526125896040840161250a565b60408201529392505050565b6000602082840312156125a757600080fd5b6119fd8261250a565b6000604082840312156125c257600080fd5b82601f8301126125d157600080fd5b6040516125dd81611bee565b8060408401858111156125ef57600080fd5b845b818110156123cc5780518352602092830192016125f1565b8060005b60028110156114c757815184526020938401939091019060010161260d565b610240810161263b8287612609565b60408083018660005b600281101561266b57612658838351612609565b9183019160209190910190600101612644565b5050505061267c60c0830185612609565b61010082018360005b600a8110156126a4578151835260209283019290910190600101612685565b50505095945050505050565b600060033d11156126c95760046000803e5060005160e01c5b90565b600060443d10156126da5790565b6040516003193d81016004833e81513d6001600160401b03816024840111818411171561270957505050505090565b82850191508151818111156127215750505050505090565b843d870101602082850101111561273b5750505050505090565b61274a60208286010187611c32565b509095945050505050565b6020815260006119fd6020830184611e3b565b60008060233d1115612784576020600460003e50506000516001905b9091565b600063ffffffff80831681851680830382111561223957612239612156565b6000826127c457634e487b7160e01b600052601260045260246000fd5b50069056fea2646970667358221220202a9a70b259c56940b27ba667618cafc46cd9a9f1eb7ea03e8803b68fee4b3964736f6c634300080e0033

Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)

000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8000000000000000000000000f219a3a016dd785332a2305bf52544ee189fe233000000000000000000000000453bf14103cc941a96721de9a32d5e3d3095e049000000000000000000000000e205fb31b656791850ac65f0623937bf6170a5da00000000000000000000000000000000000000000000000000000000009896810000000000000000000000000000000000000000000000000000000001312d000000000000000000000000002d11715220786490c8da6cac15444f250e838eff

-----Decoded View---------------
Arg [0] : attestationsRegistryAddress (address): 0xd0c551da71b2c3da65f0ba0500fa4251d26179a8
Arg [1] : hydraS1VerifierAddress (address): 0xf219a3a016dd785332a2305bf52544ee189fe233
Arg [2] : availableRootsRegistryAddress (address): 0x453bf14103cc941a96721de9a32d5e3d3095e049
Arg [3] : commitmentMapperAddress (address): 0xe205fb31b656791850ac65f0623937bf6170a5da
Arg [4] : collectionIdFirst (uint256): 10000001
Arg [5] : collectionIdLast (uint256): 20000000
Arg [6] : owner (address): 0x2d11715220786490c8da6cac15444f250e838eff

-----Encoded View---------------
7 Constructor Arguments found :
Arg [0] : 000000000000000000000000d0c551da71b2c3da65f0ba0500fa4251d26179a8
Arg [1] : 000000000000000000000000f219a3a016dd785332a2305bf52544ee189fe233
Arg [2] : 000000000000000000000000453bf14103cc941a96721de9a32d5e3d3095e049
Arg [3] : 000000000000000000000000e205fb31b656791850ac65f0623937bf6170a5da
Arg [4] : 0000000000000000000000000000000000000000000000000000000000989681
Arg [5] : 0000000000000000000000000000000000000000000000000000000001312d00
Arg [6] : 0000000000000000000000002d11715220786490c8da6cac15444f250e838eff


Block Transaction Gas Used Reward
Age Block Fee Address BC Fee Address Voting Power Jailed Incoming
Block Uncle Number Difficulty Gas Used Reward
Loading
Loading
Make sure to use the "Vote Down" button for any spammy posts, and the "Vote Up" for interesting conversations.