diff --git a/artifacts/FreshCryptoLib/FCL_Webauthn.sol/FCL_WebAuthn.dbg.json b/artifacts/FreshCryptoLib/FCL_Webauthn.sol/FCL_WebAuthn.dbg.json index 4ec563a..fd31369 100644 --- a/artifacts/FreshCryptoLib/FCL_Webauthn.sol/FCL_WebAuthn.dbg.json +++ b/artifacts/FreshCryptoLib/FCL_Webauthn.sol/FCL_WebAuthn.dbg.json @@ -1,4 +1,4 @@ { "_format": "hh-sol-dbg-1", - "buildInfo": "../../build-info/8090c592d47f7920e2577cbef109eb65.json" + "buildInfo": "../../build-info/fd068d5ca84930c6ffb69a4def64cf81.json" } diff --git a/artifacts/FreshCryptoLib/FCL_elliptic.sol/FCL_Elliptic_ZZ.dbg.json b/artifacts/FreshCryptoLib/FCL_elliptic.sol/FCL_Elliptic_ZZ.dbg.json index 4ec563a..fd31369 100644 --- a/artifacts/FreshCryptoLib/FCL_elliptic.sol/FCL_Elliptic_ZZ.dbg.json +++ b/artifacts/FreshCryptoLib/FCL_elliptic.sol/FCL_Elliptic_ZZ.dbg.json @@ -1,4 +1,4 @@ { "_format": "hh-sol-dbg-1", - "buildInfo": "../../build-info/8090c592d47f7920e2577cbef109eb65.json" + "buildInfo": "../../build-info/fd068d5ca84930c6ffb69a4def64cf81.json" } diff --git a/artifacts/FreshCryptoLib/utils/Base64Url.sol/Base64Url.dbg.json b/artifacts/FreshCryptoLib/utils/Base64Url.sol/Base64Url.dbg.json index 2f13ac2..d05dd2b 100644 --- a/artifacts/FreshCryptoLib/utils/Base64Url.sol/Base64Url.dbg.json +++ b/artifacts/FreshCryptoLib/utils/Base64Url.sol/Base64Url.dbg.json @@ -1,4 +1,4 @@ { "_format": "hh-sol-dbg-1", - "buildInfo": "../../../build-info/8090c592d47f7920e2577cbef109eb65.json" + "buildInfo": "../../../build-info/fd068d5ca84930c6ffb69a4def64cf81.json" } diff --git a/artifacts/build-info/8090c592d47f7920e2577cbef109eb65.json b/artifacts/build-info/8090c592d47f7920e2577cbef109eb65.json deleted file mode 100644 index 78aef41..0000000 --- a/artifacts/build-info/8090c592d47f7920e2577cbef109eb65.json +++ /dev/null @@ -1 +0,0 @@ -{"id":"8090c592d47f7920e2577cbef109eb65","_format":"hh-sol-build-info-1","solcVersion":"0.8.20","solcLongVersion":"0.8.20+commit.a1b79de6","input":{"language":"Solidity","sources":{"contracts/FCL/WrapperFCLWebAuthn.sol":{"content":"pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the library is not compatible with\n/// memory and only works with calldata.\ncontract WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}"},"contracts/P256Signer.sol":{"content":"pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n // The address of the FCLWebAuthn contract\n WrapperFCLWebAuthn public immutable FCLWebAuthn;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor(address FCLWebAuthn_) {\n initialized = true;\n FCLWebAuthn = WrapperFCLWebAuthn(FCLWebAuthn_);\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = FCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n"},"contracts/P256SignerFactory.sol":{"content":"pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n"},"FreshCryptoLib/FCL_elliptic.sol":{"content":"//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n"},"FreshCryptoLib/FCL_Webauthn.sol":{"content":"//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n"},"FreshCryptoLib/utils/Base64Url.sol":{"content":"// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n"},"solady/src/utils/LibClone.sol":{"content":"// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n"}},"settings":{"optimizer":{"enabled":true,"runs":1000000},"evmVersion":"paris","outputSelection":{"*":{"*":["abi","evm.bytecode","evm.deployedBytecode","evm.methodIdentifiers","metadata","devdoc","userdoc","storageLayout","evm.gasEstimates"],"":["ast"]}},"metadata":{"useLiteralContent":true}}},"output":{"errors":[{"component":"general","errorCode":"1878","formattedMessage":"Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.\n--> contracts/FCL/WrapperFCLWebAuthn.sol\n\n","message":"SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.","severity":"warning","sourceLocation":{"end":-1,"file":"contracts/FCL/WrapperFCLWebAuthn.sol","start":-1},"type":"Warning"},{"component":"general","errorCode":"1878","formattedMessage":"Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.\n--> contracts/P256Signer.sol\n\n","message":"SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.","severity":"warning","sourceLocation":{"end":-1,"file":"contracts/P256Signer.sol","start":-1},"type":"Warning"},{"component":"general","errorCode":"1878","formattedMessage":"Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.\n--> contracts/P256SignerFactory.sol\n\n","message":"SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing \"SPDX-License-Identifier: \" to each source file. Use \"SPDX-License-Identifier: UNLICENSED\" for non-open-source code. Please see https://spdx.org for more information.","severity":"warning","sourceLocation":{"end":-1,"file":"contracts/P256SignerFactory.sol","start":-1},"type":"Warning"}],"sources":{"FreshCryptoLib/FCL_Webauthn.sol":{"ast":{"absolutePath":"FreshCryptoLib/FCL_Webauthn.sol","exportedSymbols":{"Base64Url":[1932],"FCL_Elliptic_ZZ":[1886],"FCL_WebAuthn":[247]},"id":248,"license":"MIT","nodeType":"SourceUnit","nodes":[{"id":1,"literals":["solidity","^","0.8",".20"],"nodeType":"PragmaDirective","src":"1228:24:0"},{"absolutePath":"FreshCryptoLib/utils/Base64Url.sol","file":"./utils/Base64Url.sol","id":3,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":248,"sourceUnit":1933,"src":"1254:48:0","symbolAliases":[{"foreign":{"id":2,"name":"Base64Url","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1932,"src":"1262:9:0","typeDescriptions":{}},"nameLocation":"-1:-1:-1"}],"unitAlias":""},{"absolutePath":"FreshCryptoLib/FCL_elliptic.sol","file":"./FCL_elliptic.sol","id":5,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":248,"sourceUnit":1887,"src":"1303:51:0","symbolAliases":[{"foreign":{"id":4,"name":"FCL_Elliptic_ZZ","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1886,"src":"1311:15:0","typeDescriptions":{}},"nameLocation":"-1:-1:-1"}],"unitAlias":""},{"abstract":false,"baseContracts":[],"canonicalName":"FCL_WebAuthn","contractDependencies":[],"contractKind":"library","fullyImplemented":true,"id":247,"linearizedBaseContracts":[247],"name":"FCL_WebAuthn","nameLocation":"1364:12:0","nodeType":"ContractDefinition","nodes":[{"errorSelector":"fc934792","id":7,"name":"InvalidAuthenticatorData","nameLocation":"1389:24:0","nodeType":"ErrorDefinition","parameters":{"id":6,"nodeType":"ParameterList","parameters":[],"src":"1413:2:0"},"src":"1383:33:0"},{"errorSelector":"ebab5d29","id":9,"name":"InvalidClientData","nameLocation":"1427:17:0","nodeType":"ErrorDefinition","parameters":{"id":8,"nodeType":"ParameterList","parameters":[],"src":"1444:2:0"},"src":"1421:26:0"},{"errorSelector":"8baa579f","id":11,"name":"InvalidSignature","nameLocation":"1458:16:0","nodeType":"ErrorDefinition","parameters":{"id":10,"nodeType":"ParameterList","parameters":[],"src":"1474:2:0"},"src":"1452:25:0"},{"body":{"id":108,"nodeType":"Block","src":"1783:1781:0","statements":[{"id":85,"nodeType":"Block","src":"1885:1178:0","statements":[{"condition":{"commonType":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"id":37,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"id":34,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"baseExpression":{"id":30,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":13,"src":"1904:17:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},"id":32,"indexExpression":{"hexValue":"3332","id":31,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1922:2:0","typeDescriptions":{"typeIdentifier":"t_rational_32_by_1","typeString":"int_const 32"},"value":"32"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"1904:21:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"id":33,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":15,"src":"1928:25:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"src":"1904:49:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}}],"id":35,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"1903:51:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"nodeType":"BinaryOperation","operator":"!=","rightExpression":{"id":36,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":15,"src":"1958:25:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"src":"1903:80:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":42,"nodeType":"IfStatement","src":"1899:152:0","trueBody":{"id":41,"nodeType":"Block","src":"1985:66:0","statements":[{"errorCall":{"arguments":[],"expression":{"argumentTypes":[],"id":38,"name":"InvalidAuthenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":7,"src":"2010:24:0","typeDescriptions":{"typeIdentifier":"t_function_error_pure$__$returns$__$","typeString":"function () pure"}},"id":39,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2010:26:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":40,"nodeType":"RevertStatement","src":"2003:33:0"}]}},{"assignments":[44],"declarations":[{"constant":false,"id":44,"mutability":"mutable","name":"challengeEncoded","nameLocation":"2262:16:0","nodeType":"VariableDeclaration","scope":85,"src":"2248:30:0","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string"},"typeName":{"id":43,"name":"string","nodeType":"ElementaryTypeName","src":"2248:6:0","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}},"visibility":"internal"}],"id":52,"initialValue":{"arguments":[{"arguments":[{"id":49,"name":"clientChallenge","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":19,"src":"2315:15:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"expression":{"id":47,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"2298:3:0","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":48,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"2302:12:0","memberName":"encodePacked","nodeType":"MemberAccess","src":"2298:16:0","typeDescriptions":{"typeIdentifier":"t_function_abiencodepacked_pure$__$returns$_t_bytes_memory_ptr_$","typeString":"function () pure returns (bytes memory)"}},"id":50,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2298:33:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"expression":{"id":45,"name":"Base64Url","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1932,"src":"2281:9:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_Base64Url_$1932_$","typeString":"type(library Base64Url)"}},"id":46,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"2291:6:0","memberName":"encode","nodeType":"MemberAccess","referencedDeclaration":1931,"src":"2281:16:0","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes_memory_ptr_$returns$_t_string_memory_ptr_$","typeString":"function (bytes memory) pure returns (string memory)"}},"id":51,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2281:51:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}},"nodeType":"VariableDeclarationStatement","src":"2248:84:0"},{"assignments":[54],"declarations":[{"constant":false,"id":54,"mutability":"mutable","name":"challengeExtracted","nameLocation":"2359:18:0","nodeType":"VariableDeclaration","scope":85,"src":"2346:31:0","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":53,"name":"bytes","nodeType":"ElementaryTypeName","src":"2346:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"id":63,"initialValue":{"arguments":[{"expression":{"arguments":[{"id":59,"name":"challengeEncoded","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":44,"src":"2409:16:0","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}],"id":58,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2403:5:0","typeDescriptions":{"typeIdentifier":"t_type$_t_bytes_storage_ptr_$","typeString":"type(bytes storage pointer)"},"typeName":{"id":57,"name":"bytes","nodeType":"ElementaryTypeName","src":"2403:5:0","typeDescriptions":{}}},"id":60,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2403:23:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},"id":61,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"2427:6:0","memberName":"length","nodeType":"MemberAccess","src":"2403:30:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":56,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"NewExpression","src":"2380:9:0","typeDescriptions":{"typeIdentifier":"t_function_objectcreation_pure$_t_uint256_$returns$_t_bytes_memory_ptr_$","typeString":"function (uint256) pure returns (bytes memory)"},"typeName":{"id":55,"name":"bytes","nodeType":"ElementaryTypeName","src":"2384:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}}},"id":62,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2380:63:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},"nodeType":"VariableDeclarationStatement","src":"2346:97:0"},{"AST":{"nodeType":"YulBlock","src":"2467:229:0","statements":[{"expression":{"arguments":[{"arguments":[{"name":"challengeExtracted","nodeType":"YulIdentifier","src":"2523:18:0"},{"kind":"number","nodeType":"YulLiteral","src":"2543:2:0","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2519:3:0"},"nodeType":"YulFunctionCall","src":"2519:27:0"},{"arguments":[{"name":"clientData.offset","nodeType":"YulIdentifier","src":"2572:17:0"},{"name":"clientChallengeDataOffset","nodeType":"YulIdentifier","src":"2591:25:0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2568:3:0"},"nodeType":"YulFunctionCall","src":"2568:49:0"},{"arguments":[{"name":"challengeExtracted","nodeType":"YulIdentifier","src":"2645:18:0"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"2639:5:0"},"nodeType":"YulFunctionCall","src":"2639:25:0"}],"functionName":{"name":"calldatacopy","nodeType":"YulIdentifier","src":"2485:12:0"},"nodeType":"YulFunctionCall","src":"2485:197:0"},"nodeType":"YulExpressionStatement","src":"2485:197:0"}]},"evmVersion":"paris","externalReferences":[{"declaration":54,"isOffset":false,"isSlot":false,"src":"2523:18:0","valueSize":1},{"declaration":54,"isOffset":false,"isSlot":false,"src":"2645:18:0","valueSize":1},{"declaration":21,"isOffset":false,"isSlot":false,"src":"2591:25:0","valueSize":1},{"declaration":17,"isOffset":true,"isSlot":false,"src":"2572:17:0","suffix":"offset","valueSize":1}],"id":64,"nodeType":"InlineAssembly","src":"2458:238:0"},{"assignments":[66],"declarations":[{"constant":false,"id":66,"mutability":"mutable","name":"moreData","nameLocation":"2718:8:0","nodeType":"VariableDeclaration","scope":85,"src":"2710:16:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":65,"name":"bytes32","nodeType":"ElementaryTypeName","src":"2710:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":67,"nodeType":"VariableDeclarationStatement","src":"2710:16:0"},{"AST":{"nodeType":"YulBlock","src":"2801:109:0","statements":[{"nodeType":"YulAssignment","src":"2819:77:0","value":{"arguments":[{"arguments":[{"name":"challengeExtracted","nodeType":"YulIdentifier","src":"2845:18:0"},{"kind":"number","nodeType":"YulLiteral","src":"2865:2:0","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2841:3:0"},"nodeType":"YulFunctionCall","src":"2841:27:0"},{"arguments":[{"name":"challengeExtracted","nodeType":"YulIdentifier","src":"2876:18:0"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"2870:5:0"},"nodeType":"YulFunctionCall","src":"2870:25:0"}],"functionName":{"name":"keccak256","nodeType":"YulIdentifier","src":"2831:9:0"},"nodeType":"YulFunctionCall","src":"2831:65:0"},"variableNames":[{"name":"moreData","nodeType":"YulIdentifier","src":"2819:8:0"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":54,"isOffset":false,"isSlot":false,"src":"2845:18:0","valueSize":1},{"declaration":54,"isOffset":false,"isSlot":false,"src":"2876:18:0","valueSize":1},{"declaration":66,"isOffset":false,"isSlot":false,"src":"2819:8:0","valueSize":1}],"id":68,"nodeType":"InlineAssembly","src":"2792:118:0"},{"condition":{"commonType":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"id":79,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"arguments":[{"arguments":[{"arguments":[{"id":74,"name":"challengeEncoded","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":44,"src":"2961:16:0","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}],"id":73,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2955:5:0","typeDescriptions":{"typeIdentifier":"t_type$_t_bytes_storage_ptr_$","typeString":"type(bytes storage pointer)"},"typeName":{"id":72,"name":"bytes","nodeType":"ElementaryTypeName","src":"2955:5:0","typeDescriptions":{}}},"id":75,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2955:23:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"expression":{"id":70,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"2938:3:0","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":71,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"2942:12:0","memberName":"encodePacked","nodeType":"MemberAccess","src":"2938:16:0","typeDescriptions":{"typeIdentifier":"t_function_abiencodepacked_pure$__$returns$_t_bytes_memory_ptr_$","typeString":"function () pure returns (bytes memory)"}},"id":76,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2938:41:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":69,"name":"keccak256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-8,"src":"2928:9:0","typeDescriptions":{"typeIdentifier":"t_function_keccak256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":77,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2928:52:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"BinaryOperation","operator":"!=","rightExpression":{"id":78,"name":"moreData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":66,"src":"2984:8:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"src":"2928:64:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":84,"nodeType":"IfStatement","src":"2924:129:0","trueBody":{"id":83,"nodeType":"Block","src":"2994:59:0","statements":[{"errorCall":{"arguments":[],"expression":{"argumentTypes":[],"id":80,"name":"InvalidClientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":9,"src":"3019:17:0","typeDescriptions":{"typeIdentifier":"t_function_error_pure$__$returns$__$","typeString":"function () pure"}},"id":81,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"3019:19:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":82,"nodeType":"RevertStatement","src":"3012:26:0"}]}}]},{"assignments":[87],"declarations":[{"constant":false,"id":87,"mutability":"mutable","name":"verifyData","nameLocation":"3190:10:0","nodeType":"VariableDeclaration","scope":108,"src":"3177:23:0","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":86,"name":"bytes","nodeType":"ElementaryTypeName","src":"3177:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"id":95,"initialValue":{"arguments":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":93,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"expression":{"id":90,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":13,"src":"3213:17:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},"id":91,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"3231:6:0","memberName":"length","nodeType":"MemberAccess","src":"3213:24:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"hexValue":"3332","id":92,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"3240:2:0","typeDescriptions":{"typeIdentifier":"t_rational_32_by_1","typeString":"int_const 32"},"value":"32"},"src":"3213:29:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":89,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"NewExpression","src":"3203:9:0","typeDescriptions":{"typeIdentifier":"t_function_objectcreation_pure$_t_uint256_$returns$_t_bytes_memory_ptr_$","typeString":"function (uint256) pure returns (bytes memory)"},"typeName":{"id":88,"name":"bytes","nodeType":"ElementaryTypeName","src":"3207:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}}},"id":94,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"3203:40:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},"nodeType":"VariableDeclarationStatement","src":"3177:66:0"},{"AST":{"nodeType":"YulBlock","src":"3263:109:0","statements":[{"expression":{"arguments":[{"arguments":[{"name":"verifyData","nodeType":"YulIdentifier","src":"3294:10:0"},{"kind":"number","nodeType":"YulLiteral","src":"3306:2:0","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3290:3:0"},"nodeType":"YulFunctionCall","src":"3290:19:0"},{"name":"authenticatorData.offset","nodeType":"YulIdentifier","src":"3311:24:0"},{"name":"authenticatorData.length","nodeType":"YulIdentifier","src":"3337:24:0"}],"functionName":{"name":"calldatacopy","nodeType":"YulIdentifier","src":"3277:12:0"},"nodeType":"YulFunctionCall","src":"3277:85:0"},"nodeType":"YulExpressionStatement","src":"3277:85:0"}]},"evmVersion":"paris","externalReferences":[{"declaration":13,"isOffset":false,"isSlot":false,"src":"3337:24:0","suffix":"length","valueSize":1},{"declaration":13,"isOffset":true,"isSlot":false,"src":"3311:24:0","suffix":"offset","valueSize":1},{"declaration":87,"isOffset":false,"isSlot":false,"src":"3294:10:0","valueSize":1}],"id":96,"nodeType":"InlineAssembly","src":"3254:118:0"},{"assignments":[98],"declarations":[{"constant":false,"id":98,"mutability":"mutable","name":"more","nameLocation":"3390:4:0","nodeType":"VariableDeclaration","scope":108,"src":"3382:12:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":97,"name":"bytes32","nodeType":"ElementaryTypeName","src":"3382:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":102,"initialValue":{"arguments":[{"id":100,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":17,"src":"3404:10:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}],"id":99,"name":"sha256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-22,"src":"3397:6:0","typeDescriptions":{"typeIdentifier":"t_function_sha256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":101,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"3397:18:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"3382:33:0"},{"AST":{"nodeType":"YulBlock","src":"3434:88:0","statements":[{"expression":{"arguments":[{"arguments":[{"name":"verifyData","nodeType":"YulIdentifier","src":"3459:10:0"},{"arguments":[{"name":"authenticatorData.length","nodeType":"YulIdentifier","src":"3475:24:0"},{"kind":"number","nodeType":"YulLiteral","src":"3501:2:0","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3471:3:0"},"nodeType":"YulFunctionCall","src":"3471:33:0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3455:3:0"},"nodeType":"YulFunctionCall","src":"3455:50:0"},{"name":"more","nodeType":"YulIdentifier","src":"3507:4:0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3448:6:0"},"nodeType":"YulFunctionCall","src":"3448:64:0"},"nodeType":"YulExpressionStatement","src":"3448:64:0"}]},"evmVersion":"paris","externalReferences":[{"declaration":13,"isOffset":false,"isSlot":false,"src":"3475:24:0","suffix":"length","valueSize":1},{"declaration":98,"isOffset":false,"isSlot":false,"src":"3507:4:0","valueSize":1},{"declaration":87,"isOffset":false,"isSlot":false,"src":"3459:10:0","valueSize":1}],"id":103,"nodeType":"InlineAssembly","src":"3425:97:0"},{"expression":{"arguments":[{"id":105,"name":"verifyData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":87,"src":"3546:10:0","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":104,"name":"sha256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-22,"src":"3539:6:0","typeDescriptions":{"typeIdentifier":"t_function_sha256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":106,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"3539:18:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"functionReturnParameters":29,"id":107,"nodeType":"Return","src":"3532:25:0"}]},"id":109,"implemented":true,"kind":"function","modifiers":[],"name":"WebAuthn_format","nameLocation":"1492:15:0","nodeType":"FunctionDefinition","parameters":{"id":26,"nodeType":"ParameterList","parameters":[{"constant":false,"id":13,"mutability":"mutable","name":"authenticatorData","nameLocation":"1532:17:0","nodeType":"VariableDeclaration","scope":109,"src":"1517:32:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":12,"name":"bytes","nodeType":"ElementaryTypeName","src":"1517:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":15,"mutability":"mutable","name":"authenticatorDataFlagMask","nameLocation":"1566:25:0","nodeType":"VariableDeclaration","scope":109,"src":"1559:32:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"typeName":{"id":14,"name":"bytes1","nodeType":"ElementaryTypeName","src":"1559:6:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"visibility":"internal"},{"constant":false,"id":17,"mutability":"mutable","name":"clientData","nameLocation":"1616:10:0","nodeType":"VariableDeclaration","scope":109,"src":"1601:25:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":16,"name":"bytes","nodeType":"ElementaryTypeName","src":"1601:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":19,"mutability":"mutable","name":"clientChallenge","nameLocation":"1644:15:0","nodeType":"VariableDeclaration","scope":109,"src":"1636:23:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":18,"name":"bytes32","nodeType":"ElementaryTypeName","src":"1636:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":21,"mutability":"mutable","name":"clientChallengeDataOffset","nameLocation":"1677:25:0","nodeType":"VariableDeclaration","scope":109,"src":"1669:33:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":20,"name":"uint256","nodeType":"ElementaryTypeName","src":"1669:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":25,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":109,"src":"1712:19:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":22,"name":"uint256","nodeType":"ElementaryTypeName","src":"1712:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":24,"length":{"hexValue":"32","id":23,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1720:1:0","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"1712:10:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"src":"1507:236:0"},"returnParameters":{"id":29,"nodeType":"ParameterList","parameters":[{"constant":false,"id":28,"mutability":"mutable","name":"result","nameLocation":"1775:6:0","nodeType":"VariableDeclaration","scope":109,"src":"1767:14:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":27,"name":"bytes32","nodeType":"ElementaryTypeName","src":"1767:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"1766:16:0"},"scope":247,"src":"1483:2081:0","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":155,"nodeType":"Block","src":"3889:377:0","statements":[{"assignments":[133],"declarations":[{"constant":false,"id":133,"mutability":"mutable","name":"message","nameLocation":"4000:7:0","nodeType":"VariableDeclaration","scope":155,"src":"3992:15:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":132,"name":"bytes32","nodeType":"ElementaryTypeName","src":"3992:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":143,"initialValue":{"arguments":[{"id":136,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":111,"src":"4052:17:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":137,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":113,"src":"4071:25:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},{"id":138,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":115,"src":"4098:10:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":139,"name":"clientChallenge","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":117,"src":"4110:15:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":140,"name":"clientChallengeDataOffset","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":119,"src":"4127:25:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":141,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":123,"src":"4154:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes1","typeString":"bytes1"},{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}],"expression":{"id":134,"name":"FCL_WebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":247,"src":"4010:12:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_WebAuthn_$247_$","typeString":"type(library FCL_WebAuthn)"}},"id":135,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"4023:15:0","memberName":"WebAuthn_format","nodeType":"MemberAccess","referencedDeclaration":109,"src":"4010:28:0","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes_calldata_ptr_$_t_bytes1_$_t_bytes_calldata_ptr_$_t_bytes32_$_t_uint256_$_t_array$_t_uint256_$2_calldata_ptr_$returns$_t_bytes32_$","typeString":"function (bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata) pure returns (bytes32)"}},"id":142,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"4010:156:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"3992:174:0"},{"assignments":[145],"declarations":[{"constant":false,"id":145,"mutability":"mutable","name":"result","nameLocation":"4182:6:0","nodeType":"VariableDeclaration","scope":155,"src":"4177:11:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":144,"name":"bool","nodeType":"ElementaryTypeName","src":"4177:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"id":152,"initialValue":{"arguments":[{"id":148,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":133,"src":"4220:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":149,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":123,"src":"4229:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},{"id":150,"name":"Q","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":127,"src":"4233:1:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}],"expression":{"id":146,"name":"FCL_Elliptic_ZZ","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1886,"src":"4191:15:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_Elliptic_ZZ_$1886_$","typeString":"type(library FCL_Elliptic_ZZ)"}},"id":147,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"4207:12:0","memberName":"ecdsa_verify","nodeType":"MemberAccess","referencedDeclaration":1556,"src":"4191:28:0","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes32_$_t_array$_t_uint256_$2_calldata_ptr_$_t_array$_t_uint256_$2_calldata_ptr_$returns$_t_bool_$","typeString":"function (bytes32,uint256[2] calldata,uint256[2] calldata) view returns (bool)"}},"id":151,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"4191:44:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"VariableDeclarationStatement","src":"4177:58:0"},{"expression":{"id":153,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":145,"src":"4253:6:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":131,"id":154,"nodeType":"Return","src":"4246:13:0"}]},"id":156,"implemented":true,"kind":"function","modifiers":[],"name":"checkSignature","nameLocation":"3580:14:0","nodeType":"FunctionDefinition","parameters":{"id":128,"nodeType":"ParameterList","parameters":[{"constant":false,"id":111,"mutability":"mutable","name":"authenticatorData","nameLocation":"3620:17:0","nodeType":"VariableDeclaration","scope":156,"src":"3605:32:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":110,"name":"bytes","nodeType":"ElementaryTypeName","src":"3605:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":113,"mutability":"mutable","name":"authenticatorDataFlagMask","nameLocation":"3654:25:0","nodeType":"VariableDeclaration","scope":156,"src":"3647:32:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"typeName":{"id":112,"name":"bytes1","nodeType":"ElementaryTypeName","src":"3647:6:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"visibility":"internal"},{"constant":false,"id":115,"mutability":"mutable","name":"clientData","nameLocation":"3704:10:0","nodeType":"VariableDeclaration","scope":156,"src":"3689:25:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":114,"name":"bytes","nodeType":"ElementaryTypeName","src":"3689:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":117,"mutability":"mutable","name":"clientChallenge","nameLocation":"3732:15:0","nodeType":"VariableDeclaration","scope":156,"src":"3724:23:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":116,"name":"bytes32","nodeType":"ElementaryTypeName","src":"3724:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":119,"mutability":"mutable","name":"clientChallengeDataOffset","nameLocation":"3765:25:0","nodeType":"VariableDeclaration","scope":156,"src":"3757:33:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":118,"name":"uint256","nodeType":"ElementaryTypeName","src":"3757:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":123,"mutability":"mutable","name":"rs","nameLocation":"3820:2:0","nodeType":"VariableDeclaration","scope":156,"src":"3800:22:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":120,"name":"uint256","nodeType":"ElementaryTypeName","src":"3800:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":122,"length":{"hexValue":"32","id":121,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"3808:1:0","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"3800:10:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":127,"mutability":"mutable","name":"Q","nameLocation":"3852:1:0","nodeType":"VariableDeclaration","scope":156,"src":"3832:21:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":124,"name":"uint256","nodeType":"ElementaryTypeName","src":"3832:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":126,"length":{"hexValue":"32","id":125,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"3840:1:0","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"3832:10:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"src":"3595:264:0"},"returnParameters":{"id":131,"nodeType":"ParameterList","parameters":[{"constant":false,"id":130,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":156,"src":"3883:4:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":129,"name":"bool","nodeType":"ElementaryTypeName","src":"3883:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"3882:6:0"},"scope":247,"src":"3570:696:0","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":200,"nodeType":"Block","src":"4592:399:0","statements":[{"assignments":[178],"declarations":[{"constant":false,"id":178,"mutability":"mutable","name":"message","nameLocation":"4703:7:0","nodeType":"VariableDeclaration","scope":200,"src":"4695:15:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":177,"name":"bytes32","nodeType":"ElementaryTypeName","src":"4695:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":188,"initialValue":{"arguments":[{"id":181,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":158,"src":"4755:17:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":182,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":160,"src":"4774:25:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},{"id":183,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":162,"src":"4801:10:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":184,"name":"clientChallenge","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":164,"src":"4813:15:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":185,"name":"clientChallengeDataOffset","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":166,"src":"4830:25:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":186,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":170,"src":"4857:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes1","typeString":"bytes1"},{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}],"expression":{"id":179,"name":"FCL_WebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":247,"src":"4713:12:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_WebAuthn_$247_$","typeString":"type(library FCL_WebAuthn)"}},"id":180,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"4726:15:0","memberName":"WebAuthn_format","nodeType":"MemberAccess","referencedDeclaration":109,"src":"4713:28:0","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes_calldata_ptr_$_t_bytes1_$_t_bytes_calldata_ptr_$_t_bytes32_$_t_uint256_$_t_array$_t_uint256_$2_calldata_ptr_$returns$_t_bytes32_$","typeString":"function (bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata) pure returns (bytes32)"}},"id":187,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"4713:156:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"4695:174:0"},{"assignments":[190],"declarations":[{"constant":false,"id":190,"mutability":"mutable","name":"result","nameLocation":"4885:6:0","nodeType":"VariableDeclaration","scope":200,"src":"4880:11:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":189,"name":"bool","nodeType":"ElementaryTypeName","src":"4880:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"id":197,"initialValue":{"arguments":[{"id":193,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":178,"src":"4935:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":194,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":170,"src":"4944:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},{"id":195,"name":"dataPointer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":172,"src":"4948:11:0","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"},{"typeIdentifier":"t_address","typeString":"address"}],"expression":{"id":191,"name":"FCL_Elliptic_ZZ","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1886,"src":"4894:15:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_Elliptic_ZZ_$1886_$","typeString":"type(library FCL_Elliptic_ZZ)"}},"id":192,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"4910:24:0","memberName":"ecdsa_precomputed_verify","nodeType":"MemberAccess","referencedDeclaration":1635,"src":"4894:40:0","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes32_$_t_array$_t_uint256_$2_calldata_ptr_$_t_address_$returns$_t_bool_$","typeString":"function (bytes32,uint256[2] calldata,address) view returns (bool)"}},"id":196,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"4894:66:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"VariableDeclarationStatement","src":"4880:80:0"},{"expression":{"id":198,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":190,"src":"4978:6:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":176,"id":199,"nodeType":"Return","src":"4971:13:0"}]},"id":201,"implemented":true,"kind":"function","modifiers":[],"name":"checkSignature_prec","nameLocation":"4281:19:0","nodeType":"FunctionDefinition","parameters":{"id":173,"nodeType":"ParameterList","parameters":[{"constant":false,"id":158,"mutability":"mutable","name":"authenticatorData","nameLocation":"4325:17:0","nodeType":"VariableDeclaration","scope":201,"src":"4310:32:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":157,"name":"bytes","nodeType":"ElementaryTypeName","src":"4310:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":160,"mutability":"mutable","name":"authenticatorDataFlagMask","nameLocation":"4359:25:0","nodeType":"VariableDeclaration","scope":201,"src":"4352:32:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"typeName":{"id":159,"name":"bytes1","nodeType":"ElementaryTypeName","src":"4352:6:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"visibility":"internal"},{"constant":false,"id":162,"mutability":"mutable","name":"clientData","nameLocation":"4409:10:0","nodeType":"VariableDeclaration","scope":201,"src":"4394:25:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":161,"name":"bytes","nodeType":"ElementaryTypeName","src":"4394:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":164,"mutability":"mutable","name":"clientChallenge","nameLocation":"4437:15:0","nodeType":"VariableDeclaration","scope":201,"src":"4429:23:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":163,"name":"bytes32","nodeType":"ElementaryTypeName","src":"4429:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":166,"mutability":"mutable","name":"clientChallengeDataOffset","nameLocation":"4470:25:0","nodeType":"VariableDeclaration","scope":201,"src":"4462:33:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":165,"name":"uint256","nodeType":"ElementaryTypeName","src":"4462:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":170,"mutability":"mutable","name":"rs","nameLocation":"4525:2:0","nodeType":"VariableDeclaration","scope":201,"src":"4505:22:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":167,"name":"uint256","nodeType":"ElementaryTypeName","src":"4505:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":169,"length":{"hexValue":"32","id":168,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"4513:1:0","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"4505:10:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":172,"mutability":"mutable","name":"dataPointer","nameLocation":"4545:11:0","nodeType":"VariableDeclaration","scope":201,"src":"4537:19:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":171,"name":"address","nodeType":"ElementaryTypeName","src":"4537:7:0","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"4300:262:0"},"returnParameters":{"id":176,"nodeType":"ParameterList","parameters":[{"constant":false,"id":175,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":201,"src":"4586:4:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":174,"name":"bool","nodeType":"ElementaryTypeName","src":"4586:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"4585:6:0"},"scope":247,"src":"4272:719:0","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":245,"nodeType":"Block","src":"5389:400:0","statements":[{"assignments":[223],"declarations":[{"constant":false,"id":223,"mutability":"mutable","name":"message","nameLocation":"5500:7:0","nodeType":"VariableDeclaration","scope":245,"src":"5492:15:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":222,"name":"bytes32","nodeType":"ElementaryTypeName","src":"5492:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":233,"initialValue":{"arguments":[{"id":226,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":203,"src":"5552:17:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":227,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":205,"src":"5571:25:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},{"id":228,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":207,"src":"5598:10:0","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":229,"name":"clientChallenge","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":209,"src":"5610:15:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":230,"name":"clientChallengeDataOffset","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":211,"src":"5627:25:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":231,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":215,"src":"5654:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes1","typeString":"bytes1"},{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}],"expression":{"id":224,"name":"FCL_WebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":247,"src":"5510:12:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_WebAuthn_$247_$","typeString":"type(library FCL_WebAuthn)"}},"id":225,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"5523:15:0","memberName":"WebAuthn_format","nodeType":"MemberAccess","referencedDeclaration":109,"src":"5510:28:0","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes_calldata_ptr_$_t_bytes1_$_t_bytes_calldata_ptr_$_t_bytes32_$_t_uint256_$_t_array$_t_uint256_$2_calldata_ptr_$returns$_t_bytes32_$","typeString":"function (bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata) pure returns (bytes32)"}},"id":232,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5510:156:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"5492:174:0"},{"assignments":[235],"declarations":[{"constant":false,"id":235,"mutability":"mutable","name":"result","nameLocation":"5682:6:0","nodeType":"VariableDeclaration","scope":245,"src":"5677:11:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":234,"name":"bool","nodeType":"ElementaryTypeName","src":"5677:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"id":242,"initialValue":{"arguments":[{"id":238,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":223,"src":"5733:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":239,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":215,"src":"5742:2:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},{"id":240,"name":"dataPointer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":217,"src":"5746:11:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"expression":{"id":236,"name":"FCL_Elliptic_ZZ","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1886,"src":"5691:15:0","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_Elliptic_ZZ_$1886_$","typeString":"type(library FCL_Elliptic_ZZ)"}},"id":237,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"5707:25:0","memberName":"ecdsa_precomputed_hackmem","nodeType":"MemberAccess","referencedDeclaration":1714,"src":"5691:41:0","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes32_$_t_array$_t_uint256_$2_calldata_ptr_$_t_uint256_$returns$_t_bool_$","typeString":"function (bytes32,uint256[2] calldata,uint256) view returns (bool)"}},"id":241,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5691:67:0","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"VariableDeclarationStatement","src":"5677:81:0"},{"expression":{"id":243,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":235,"src":"5776:6:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":221,"id":244,"nodeType":"Return","src":"5769:13:0"}]},"id":246,"implemented":true,"kind":"function","modifiers":[],"name":"checkSignature_hackmem","nameLocation":"5075:22:0","nodeType":"FunctionDefinition","parameters":{"id":218,"nodeType":"ParameterList","parameters":[{"constant":false,"id":203,"mutability":"mutable","name":"authenticatorData","nameLocation":"5122:17:0","nodeType":"VariableDeclaration","scope":246,"src":"5107:32:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":202,"name":"bytes","nodeType":"ElementaryTypeName","src":"5107:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":205,"mutability":"mutable","name":"authenticatorDataFlagMask","nameLocation":"5156:25:0","nodeType":"VariableDeclaration","scope":246,"src":"5149:32:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"typeName":{"id":204,"name":"bytes1","nodeType":"ElementaryTypeName","src":"5149:6:0","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"visibility":"internal"},{"constant":false,"id":207,"mutability":"mutable","name":"clientData","nameLocation":"5206:10:0","nodeType":"VariableDeclaration","scope":246,"src":"5191:25:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":206,"name":"bytes","nodeType":"ElementaryTypeName","src":"5191:5:0","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":209,"mutability":"mutable","name":"clientChallenge","nameLocation":"5234:15:0","nodeType":"VariableDeclaration","scope":246,"src":"5226:23:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":208,"name":"bytes32","nodeType":"ElementaryTypeName","src":"5226:7:0","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":211,"mutability":"mutable","name":"clientChallengeDataOffset","nameLocation":"5267:25:0","nodeType":"VariableDeclaration","scope":246,"src":"5259:33:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":210,"name":"uint256","nodeType":"ElementaryTypeName","src":"5259:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":215,"mutability":"mutable","name":"rs","nameLocation":"5322:2:0","nodeType":"VariableDeclaration","scope":246,"src":"5302:22:0","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":212,"name":"uint256","nodeType":"ElementaryTypeName","src":"5302:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":214,"length":{"hexValue":"32","id":213,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"5310:1:0","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"5302:10:0","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":217,"mutability":"mutable","name":"dataPointer","nameLocation":"5342:11:0","nodeType":"VariableDeclaration","scope":246,"src":"5334:19:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":216,"name":"uint256","nodeType":"ElementaryTypeName","src":"5334:7:0","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"5097:262:0"},"returnParameters":{"id":221,"nodeType":"ParameterList","parameters":[{"constant":false,"id":220,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":246,"src":"5383:4:0","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":219,"name":"bool","nodeType":"ElementaryTypeName","src":"5383:4:0","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"5382:6:0"},"scope":247,"src":"5066:723:0","stateMutability":"view","virtual":false,"visibility":"internal"}],"scope":248,"src":"1356:4435:0","usedErrors":[7,9,11],"usedEvents":[]}],"src":"1228:4564:0"},"id":0},"FreshCryptoLib/FCL_elliptic.sol":{"ast":{"absolutePath":"FreshCryptoLib/FCL_elliptic.sol","exportedSymbols":{"FCL_Elliptic_ZZ":[1886]},"id":1887,"license":"MIT","nodeType":"SourceUnit","nodes":[{"id":249,"literals":["solidity","^","0.8",".20"],"nodeType":"PragmaDirective","src":"1186:24:1"},{"abstract":false,"baseContracts":[],"canonicalName":"FCL_Elliptic_ZZ","contractDependencies":[],"contractKind":"library","fullyImplemented":true,"id":1886,"linearizedBaseContracts":[1886],"name":"FCL_Elliptic_ZZ","nameLocation":"1220:15:1","nodeType":"ContractDefinition","nodes":[{"constant":true,"id":252,"mutability":"constant","name":"MODEXP_PRECOMPILE","nameLocation":"1402:17:1","nodeType":"VariableDeclaration","scope":1886,"src":"1385:79:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":250,"name":"address","nodeType":"ElementaryTypeName","src":"1385:7:1","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"value":{"hexValue":"307830303030303030303030303030303030303030303030303030303030303030303030303030303035","id":251,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1422:42:1","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"value":"0x0000000000000000000000000000000000000005"},"visibility":"internal"},{"constant":true,"id":255,"mutability":"constant","name":"p","nameLocation":"1519:1:1","nodeType":"VariableDeclaration","scope":1886,"src":"1502:87:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":253,"name":"uint256","nodeType":"ElementaryTypeName","src":"1502:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303031303030303030303030303030303030303030303030303030464646464646464646464646464646464646464646464646","id":254,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1523:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248762697446949407573530086143415290314195533631308867097853951_by_1","typeString":"int_const 1157...(70 digits omitted)...3951"},"value":"0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"},"visibility":"internal"},{"constant":true,"id":258,"mutability":"constant","name":"a","nameLocation":"1654:1:1","nodeType":"VariableDeclaration","scope":1886,"src":"1637:87:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":256,"name":"uint256","nodeType":"ElementaryTypeName","src":"1637:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303031303030303030303030303030303030303030303030303030464646464646464646464646464646464646464646464643","id":257,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1658:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248762697446949407573530086143415290314195533631308867097853948_by_1","typeString":"int_const 1157...(70 digits omitted)...3948"},"value":"0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"},"visibility":"internal"},{"constant":true,"id":261,"mutability":"constant","name":"b","nameLocation":"1790:1:1","nodeType":"VariableDeclaration","scope":1886,"src":"1773:87:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":259,"name":"uint256","nodeType":"ElementaryTypeName","src":"1773:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307835414336333544384141334139334537423345424244353537363938383642433635314430364230434335334230463633424345334333453237443236303442","id":260,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1794:66:1","typeDescriptions":{"typeIdentifier":"t_rational_41058363725152142129326129780047268409114441015993725554835256314039467401291_by_1","typeString":"int_const 4105...(69 digits omitted)...1291"},"value":"0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"},"visibility":"internal"},{"constant":true,"id":264,"mutability":"constant","name":"gx","nameLocation":"1925:2:1","nodeType":"VariableDeclaration","scope":1886,"src":"1908:88:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":262,"name":"uint256","nodeType":"ElementaryTypeName","src":"1908:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307836423137443146324531324334323437463842434536453536334134343046323737303337443831324445423333413046344131333934354438393843323936","id":263,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"1930:66:1","typeDescriptions":{"typeIdentifier":"t_rational_48439561293906451759052585252797914202762949526041747995844080717082404635286_by_1","typeString":"int_const 4843...(69 digits omitted)...5286"},"value":"0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"},"visibility":"internal"},{"constant":true,"id":267,"mutability":"constant","name":"gy","nameLocation":"2019:2:1","nodeType":"VariableDeclaration","scope":1886,"src":"2002:88:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":265,"name":"uint256","nodeType":"ElementaryTypeName","src":"2002:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307834464533343245324645314137463942384545374542344137433046394531363242434533333537364233313545434543424236343036383337424635314635","id":266,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2024:66:1","typeDescriptions":{"typeIdentifier":"t_rational_36134250956749795798585127919587881956611106672985015071877198253568414405109_by_1","typeString":"int_const 3613...(69 digits omitted)...5109"},"value":"0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"},"visibility":"internal"},{"constant":true,"id":270,"mutability":"constant","name":"n","nameLocation":"2150:1:1","nodeType":"VariableDeclaration","scope":1886,"src":"2133:87:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":268,"name":"uint256","nodeType":"ElementaryTypeName","src":"2133:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303030464646464646464646464646464646464243453646414144413731373945383446334239434143324643363332353531","id":269,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2154:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248762697446949407573529996955224135760342422259061068512044369_by_1","typeString":"int_const 1157...(70 digits omitted)...4369"},"value":"0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"},"visibility":"internal"},{"constant":true,"id":273,"mutability":"constant","name":"minus_2","nameLocation":"2328:7:1","nodeType":"VariableDeclaration","scope":1886,"src":"2311:93:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":271,"name":"uint256","nodeType":"ElementaryTypeName","src":"2311:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303031303030303030303030303030303030303030303030303030464646464646464646464646464646464646464646464644","id":272,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2338:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248762697446949407573530086143415290314195533631308867097853949_by_1","typeString":"int_const 1157...(70 digits omitted)...3949"},"value":"0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD"},"visibility":"internal"},{"constant":true,"id":276,"mutability":"constant","name":"minus_2modn","nameLocation":"2482:11:1","nodeType":"VariableDeclaration","scope":1886,"src":"2465:97:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":274,"name":"uint256","nodeType":"ElementaryTypeName","src":"2465:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303030464646464646464646464646464646464243453646414144413731373945383446334239434143324643363332353446","id":275,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2496:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248762697446949407573529996955224135760342422259061068512044367_by_1","typeString":"int_const 1157...(70 digits omitted)...4367"},"value":"0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F"},"visibility":"internal"},{"constant":true,"id":279,"mutability":"constant","name":"minus_1","nameLocation":"2586:7:1","nodeType":"VariableDeclaration","scope":1886,"src":"2569:93:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":277,"name":"uint256","nodeType":"ElementaryTypeName","src":"2569:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646","id":278,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2596:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089237316195423570985008687907853269984665640564039457584007913129639935_by_1","typeString":"int_const 1157...(70 digits omitted)...9935"},"value":"0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"},"visibility":"internal"},{"constant":true,"id":282,"mutability":"constant","name":"pp1div4","nameLocation":"2701:7:1","nodeType":"VariableDeclaration","scope":1886,"src":"2684:91:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":280,"name":"uint256","nodeType":"ElementaryTypeName","src":"2684:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307833666666666666666330303030303030343030303030303030303030303030303030303030303030343030303030303030303030303030303030303030303030","id":281,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2709:66:1","typeDescriptions":{"typeIdentifier":"t_rational_28948022302589062190674361737351893382521535853822578548883407827216774463488_by_1","typeString":"int_const 2894...(69 digits omitted)...3488"},"value":"0x3fffffffc0000000400000000000000000000000400000000000000000000000"},"visibility":"internal"},{"constant":true,"id":285,"mutability":"constant","name":"_NOTSQUARE","nameLocation":"2859:10:1","nodeType":"VariableDeclaration","scope":1886,"src":"2842:94:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":283,"name":"uint256","nodeType":"ElementaryTypeName","src":"2842:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303032303030303030303030303030303030303030303030303030464646464646464646464646464646464646464646464646","id":284,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2870:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248768974548684794254293921932838497980611635986753331132366847_by_1","typeString":"int_const 1157...(70 digits omitted)...6847"},"value":"0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"},"visibility":"internal"},{"constant":true,"id":288,"mutability":"constant","name":"_NOTONCURVE","nameLocation":"2959:11:1","nodeType":"VariableDeclaration","scope":1886,"src":"2942:95:1","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":286,"name":"uint256","nodeType":"ElementaryTypeName","src":"2942:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"value":{"hexValue":"307846464646464646463030303030303033303030303030303030303030303030303030303030303030464646464646464646464646464646464646464646464646","id":287,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2971:66:1","typeDescriptions":{"typeIdentifier":"t_rational_115792089210356248775251650420180935057757722261705647027738342197795166879743_by_1","typeString":"int_const 1157...(70 digits omitted)...9743"},"value":"0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"},"visibility":"internal"},{"body":{"id":297,"nodeType":"Block","src":"3217:663:1","statements":[{"AST":{"nodeType":"YulBlock","src":"3236:638:1","statements":[{"nodeType":"YulVariableDeclaration","src":"3250:26:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3271:4:1","type":"","value":"0x40"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"3265:5:1"},"nodeType":"YulFunctionCall","src":"3265:11:1"},"variables":[{"name":"pointer","nodeType":"YulTypedName","src":"3254:7:1","type":""}]},{"expression":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3373:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3382:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3366:6:1"},"nodeType":"YulFunctionCall","src":"3366:21:1"},"nodeType":"YulExpressionStatement","src":"3366:21:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3411:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3420:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3407:3:1"},"nodeType":"YulFunctionCall","src":"3407:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"3427:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3400:6:1"},"nodeType":"YulFunctionCall","src":"3400:32:1"},"nodeType":"YulExpressionStatement","src":"3400:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3456:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3465:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3452:3:1"},"nodeType":"YulFunctionCall","src":"3452:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"3472:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3445:6:1"},"nodeType":"YulFunctionCall","src":"3445:32:1"},"nodeType":"YulExpressionStatement","src":"3445:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3560:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3569:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3556:3:1"},"nodeType":"YulFunctionCall","src":"3556:18:1"},{"name":"u","nodeType":"YulIdentifier","src":"3576:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3549:6:1"},"nodeType":"YulFunctionCall","src":"3549:29:1"},"nodeType":"YulExpressionStatement","src":"3549:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3602:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3611:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3598:3:1"},"nodeType":"YulFunctionCall","src":"3598:18:1"},{"name":"minus_2modn","nodeType":"YulIdentifier","src":"3618:11:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3591:6:1"},"nodeType":"YulFunctionCall","src":"3591:39:1"},"nodeType":"YulExpressionStatement","src":"3591:39:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3654:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3663:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3650:3:1"},"nodeType":"YulFunctionCall","src":"3650:18:1"},{"name":"n","nodeType":"YulIdentifier","src":"3670:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3643:6:1"},"nodeType":"YulFunctionCall","src":"3643:29:1"},"nodeType":"YulExpressionStatement","src":"3643:29:1"},{"body":{"nodeType":"YulBlock","src":"3811:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3820:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3823:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"3813:6:1"},"nodeType":"YulFunctionCall","src":"3813:12:1"},"nodeType":"YulExpressionStatement","src":"3813:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3770:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"3766:3:1"},"nodeType":"YulFunctionCall","src":"3766:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"3774:4:1","type":"","value":"0x05"},{"name":"pointer","nodeType":"YulIdentifier","src":"3780:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3789:4:1","type":"","value":"0xc0"},{"name":"pointer","nodeType":"YulIdentifier","src":"3795:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"3804:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"3755:10:1"},"nodeType":"YulFunctionCall","src":"3755:54:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"3748:6:1"},"nodeType":"YulFunctionCall","src":"3748:62:1"},"nodeType":"YulIf","src":"3745:82:1"},{"nodeType":"YulAssignment","src":"3840:24:1","value":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"3856:7:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"3850:5:1"},"nodeType":"YulFunctionCall","src":"3850:14:1"},"variableNames":[{"name":"result","nodeType":"YulIdentifier","src":"3840:6:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":276,"isOffset":false,"isSlot":false,"src":"3618:11:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"3670:1:1","valueSize":1},{"declaration":294,"isOffset":false,"isSlot":false,"src":"3840:6:1","valueSize":1},{"declaration":291,"isOffset":false,"isSlot":false,"src":"3576:1:1","valueSize":1}],"id":296,"nodeType":"InlineAssembly","src":"3227:647:1"}]},"documentation":{"id":289,"nodeType":"StructuredDocumentation","src":"3044:97:1","text":" /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem"},"id":298,"implemented":true,"kind":"function","modifiers":[],"name":"FCL_nModInv","nameLocation":"3155:11:1","nodeType":"FunctionDefinition","parameters":{"id":292,"nodeType":"ParameterList","parameters":[{"constant":false,"id":291,"mutability":"mutable","name":"u","nameLocation":"3175:1:1","nodeType":"VariableDeclaration","scope":298,"src":"3167:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":290,"name":"uint256","nodeType":"ElementaryTypeName","src":"3167:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"3166:11:1"},"returnParameters":{"id":295,"nodeType":"ParameterList","parameters":[{"constant":false,"id":294,"mutability":"mutable","name":"result","nameLocation":"3209:6:1","nodeType":"VariableDeclaration","scope":298,"src":"3201:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":293,"name":"uint256","nodeType":"ElementaryTypeName","src":"3201:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"3200:16:1"},"scope":1886,"src":"3146:734:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":307,"nodeType":"Block","src":"4063:659:1","statements":[{"AST":{"nodeType":"YulBlock","src":"4082:634:1","statements":[{"nodeType":"YulVariableDeclaration","src":"4096:26:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4117:4:1","type":"","value":"0x40"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"4111:5:1"},"nodeType":"YulFunctionCall","src":"4111:11:1"},"variables":[{"name":"pointer","nodeType":"YulTypedName","src":"4100:7:1","type":""}]},{"expression":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4219:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4228:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4212:6:1"},"nodeType":"YulFunctionCall","src":"4212:21:1"},"nodeType":"YulExpressionStatement","src":"4212:21:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4257:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4266:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4253:3:1"},"nodeType":"YulFunctionCall","src":"4253:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"4273:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4246:6:1"},"nodeType":"YulFunctionCall","src":"4246:32:1"},"nodeType":"YulExpressionStatement","src":"4246:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4302:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4311:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4298:3:1"},"nodeType":"YulFunctionCall","src":"4298:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"4318:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4291:6:1"},"nodeType":"YulFunctionCall","src":"4291:32:1"},"nodeType":"YulExpressionStatement","src":"4291:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4406:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4415:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4402:3:1"},"nodeType":"YulFunctionCall","src":"4402:18:1"},{"name":"u","nodeType":"YulIdentifier","src":"4422:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4395:6:1"},"nodeType":"YulFunctionCall","src":"4395:29:1"},"nodeType":"YulExpressionStatement","src":"4395:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4448:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4457:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4444:3:1"},"nodeType":"YulFunctionCall","src":"4444:18:1"},{"name":"minus_2","nodeType":"YulIdentifier","src":"4464:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4437:6:1"},"nodeType":"YulFunctionCall","src":"4437:35:1"},"nodeType":"YulExpressionStatement","src":"4437:35:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4496:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4505:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4492:3:1"},"nodeType":"YulFunctionCall","src":"4492:18:1"},{"name":"p","nodeType":"YulIdentifier","src":"4512:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4485:6:1"},"nodeType":"YulFunctionCall","src":"4485:29:1"},"nodeType":"YulExpressionStatement","src":"4485:29:1"},{"body":{"nodeType":"YulBlock","src":"4653:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4662:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4665:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4655:6:1"},"nodeType":"YulFunctionCall","src":"4655:12:1"},"nodeType":"YulExpressionStatement","src":"4655:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4612:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"4608:3:1"},"nodeType":"YulFunctionCall","src":"4608:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"4616:4:1","type":"","value":"0x05"},{"name":"pointer","nodeType":"YulIdentifier","src":"4622:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4631:4:1","type":"","value":"0xc0"},{"name":"pointer","nodeType":"YulIdentifier","src":"4637:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"4646:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"4597:10:1"},"nodeType":"YulFunctionCall","src":"4597:54:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"4590:6:1"},"nodeType":"YulFunctionCall","src":"4590:62:1"},"nodeType":"YulIf","src":"4587:82:1"},{"nodeType":"YulAssignment","src":"4682:24:1","value":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"4698:7:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"4692:5:1"},"nodeType":"YulFunctionCall","src":"4692:14:1"},"variableNames":[{"name":"result","nodeType":"YulIdentifier","src":"4682:6:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":273,"isOffset":false,"isSlot":false,"src":"4464:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"4512:1:1","valueSize":1},{"declaration":304,"isOffset":false,"isSlot":false,"src":"4682:6:1","valueSize":1},{"declaration":301,"isOffset":false,"isSlot":false,"src":"4422:1:1","valueSize":1}],"id":306,"nodeType":"InlineAssembly","src":"4073:643:1"}]},"documentation":{"id":299,"nodeType":"StructuredDocumentation","src":"3885:101:1","text":" /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled"},"id":308,"implemented":true,"kind":"function","modifiers":[],"name":"FCL_pModInv","nameLocation":"4001:11:1","nodeType":"FunctionDefinition","parameters":{"id":302,"nodeType":"ParameterList","parameters":[{"constant":false,"id":301,"mutability":"mutable","name":"u","nameLocation":"4021:1:1","nodeType":"VariableDeclaration","scope":308,"src":"4013:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":300,"name":"uint256","nodeType":"ElementaryTypeName","src":"4013:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"4012:11:1"},"returnParameters":{"id":305,"nodeType":"ParameterList","parameters":[{"constant":false,"id":304,"mutability":"mutable","name":"result","nameLocation":"4055:6:1","nodeType":"VariableDeclaration","scope":308,"src":"4047:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":303,"name":"uint256","nodeType":"ElementaryTypeName","src":"4047:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"4046:16:1"},"scope":1886,"src":"3992:730:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":383,"nodeType":"Block","src":"4962:318:1","statements":[{"assignments":[330],"declarations":[{"constant":false,"id":330,"mutability":"mutable","name":"alpha2","nameLocation":"4988:6:1","nodeType":"VariableDeclaration","scope":383,"src":"4980:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":329,"name":"uint256","nodeType":"ElementaryTypeName","src":"4980:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":336,"initialValue":{"arguments":[{"id":332,"name":"alpha","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":310,"src":"5002:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":333,"name":"alpha","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":310,"src":"5008:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":334,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5014:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":331,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"4995:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":335,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"4995:21:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"4980:36:1"},{"expression":{"id":343,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":337,"name":"x3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":321,"src":"5034:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":339,"name":"alpha2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":330,"src":"5044:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":340,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":312,"src":"5052:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":341,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5054:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":338,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5037:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":342,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5037:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5034:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":344,"nodeType":"ExpressionStatement","src":"5034:22:1"},{"expression":{"id":355,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":345,"name":"y3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":323,"src":"5079:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"id":348,"name":"alpha","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":310,"src":"5096:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":349,"name":"alpha2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":330,"src":"5103:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":350,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5110:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":347,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5089:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":351,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5089:23:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":352,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":314,"src":"5114:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":353,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5116:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":346,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5082:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":354,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5082:36:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5079:39:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":356,"nodeType":"ExpressionStatement","src":"5079:39:1"},{"expression":{"id":363,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":357,"name":"zz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":325,"src":"5129:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":359,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":316,"src":"5140:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":360,"name":"alpha2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":330,"src":"5143:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":361,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5150:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":358,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5133:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":362,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5133:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5129:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":364,"nodeType":"ExpressionStatement","src":"5129:23:1"},{"expression":{"id":375,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":365,"name":"zzz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":327,"src":"5174:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":367,"name":"zzz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":318,"src":"5186:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":369,"name":"alpha","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":310,"src":"5197:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":370,"name":"alpha2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":330,"src":"5204:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":371,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5211:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":368,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5190:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":372,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5190:23:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":373,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5214:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":366,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5179:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":374,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5179:37:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5174:42:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":376,"nodeType":"ExpressionStatement","src":"5174:42:1"},{"expression":{"components":[{"id":377,"name":"x3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":321,"src":"5256:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":378,"name":"y3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":323,"src":"5260:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":379,"name":"zz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":325,"src":"5264:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":380,"name":"zzz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":327,"src":"5269:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":381,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"5255:19:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"functionReturnParameters":328,"id":382,"nodeType":"Return","src":"5248:26:1"}]},"functionSelector":"7f99d960","id":384,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_Coronize","nameLocation":"4809:13:1","nodeType":"FunctionDefinition","parameters":{"id":319,"nodeType":"ParameterList","parameters":[{"constant":false,"id":310,"mutability":"mutable","name":"alpha","nameLocation":"4831:5:1","nodeType":"VariableDeclaration","scope":384,"src":"4823:13:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":309,"name":"uint256","nodeType":"ElementaryTypeName","src":"4823:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":312,"mutability":"mutable","name":"x","nameLocation":"4846:1:1","nodeType":"VariableDeclaration","scope":384,"src":"4838:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":311,"name":"uint256","nodeType":"ElementaryTypeName","src":"4838:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":314,"mutability":"mutable","name":"y","nameLocation":"4857:1:1","nodeType":"VariableDeclaration","scope":384,"src":"4849:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":313,"name":"uint256","nodeType":"ElementaryTypeName","src":"4849:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":316,"mutability":"mutable","name":"zz","nameLocation":"4869:2:1","nodeType":"VariableDeclaration","scope":384,"src":"4861:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":315,"name":"uint256","nodeType":"ElementaryTypeName","src":"4861:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":318,"mutability":"mutable","name":"zzz","nameLocation":"4881:3:1","nodeType":"VariableDeclaration","scope":384,"src":"4873:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":317,"name":"uint256","nodeType":"ElementaryTypeName","src":"4873:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"4822:63:1"},"returnParameters":{"id":328,"nodeType":"ParameterList","parameters":[{"constant":false,"id":321,"mutability":"mutable","name":"x3","nameLocation":"4916:2:1","nodeType":"VariableDeclaration","scope":384,"src":"4908:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":320,"name":"uint256","nodeType":"ElementaryTypeName","src":"4908:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":323,"mutability":"mutable","name":"y3","nameLocation":"4928:2:1","nodeType":"VariableDeclaration","scope":384,"src":"4920:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":322,"name":"uint256","nodeType":"ElementaryTypeName","src":"4920:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":325,"mutability":"mutable","name":"zz3","nameLocation":"4940:3:1","nodeType":"VariableDeclaration","scope":384,"src":"4932:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":324,"name":"uint256","nodeType":"ElementaryTypeName","src":"4932:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":327,"mutability":"mutable","name":"zzz3","nameLocation":"4953:4:1","nodeType":"VariableDeclaration","scope":384,"src":"4945:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":326,"name":"uint256","nodeType":"ElementaryTypeName","src":"4945:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"4907:51:1"},"scope":1886,"src":"4800:480:1","stateMutability":"pure","virtual":false,"visibility":"public"},{"body":{"id":563,"nodeType":"Block","src":"5481:757:1","statements":[{"assignments":[412],"declarations":[{"constant":false,"id":412,"mutability":"mutable","name":"u1","nameLocation":"5495:2:1","nodeType":"VariableDeclaration","scope":563,"src":"5487:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":411,"name":"uint256","nodeType":"ElementaryTypeName","src":"5487:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":418,"initialValue":{"arguments":[{"id":414,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":386,"src":"5505:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":415,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"5508:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":416,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5512:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":413,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5498:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":417,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5498:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"5487:27:1"},{"assignments":[420],"declarations":[{"constant":false,"id":420,"mutability":"mutable","name":"u2","nameLocation":"5543:2:1","nodeType":"VariableDeclaration","scope":563,"src":"5535:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":419,"name":"uint256","nodeType":"ElementaryTypeName","src":"5535:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":426,"initialValue":{"arguments":[{"id":422,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":394,"src":"5553:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":423,"name":"zz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":390,"src":"5557:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":424,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5561:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":421,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5546:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":425,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5546:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"5535:28:1"},{"expression":{"id":435,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":427,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":420,"src":"5599:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":429,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":420,"src":"5609:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":432,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":430,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5613:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"id":431,"name":"u1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":412,"src":"5615:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5613:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":433,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5619:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":428,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"5602:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":434,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5602:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5599:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":436,"nodeType":"ExpressionStatement","src":"5599:22:1"},{"expression":{"id":443,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":437,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":386,"src":"5640:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":439,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":420,"src":"5650:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":440,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":420,"src":"5654:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":441,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5658:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":438,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5643:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":442,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5643:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5640:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":444,"nodeType":"ExpressionStatement","src":"5640:20:1"},{"expression":{"id":451,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":445,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":394,"src":"5670:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":447,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":386,"src":"5680:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":448,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":420,"src":"5684:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":449,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5688:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":446,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5673:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":450,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5673:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5670:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":452,"nodeType":"ExpressionStatement","src":"5670:20:1"},{"expression":{"id":463,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":453,"name":"zz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":407,"src":"5706:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":455,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":386,"src":"5717:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":457,"name":"zz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":390,"src":"5728:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":458,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"5733:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":459,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5738:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":456,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5721:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":460,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5721:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":461,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5741:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":454,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5710:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":462,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5710:33:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5706:37:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":464,"nodeType":"ExpressionStatement","src":"5706:37:1"},{"expression":{"id":475,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":465,"name":"zzz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":409,"src":"5769:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":467,"name":"zzz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":392,"src":"5781:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":469,"name":"zzz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":400,"src":"5794:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":470,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":394,"src":"5800:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":471,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5804:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":468,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5787:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":472,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5787:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":473,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5807:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":466,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5774:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":474,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5774:35:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5769:40:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":476,"nodeType":"ExpressionStatement","src":"5769:40:1"},{"expression":{"id":483,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":477,"name":"zz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":390,"src":"5838:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":479,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":388,"src":"5849:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":480,"name":"zzz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":400,"src":"5853:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":481,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5858:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":478,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5842:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":482,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5842:18:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5838:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":484,"nodeType":"ExpressionStatement","src":"5838:22:1"},{"expression":{"id":491,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":485,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"5883:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":487,"name":"y2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":396,"src":"5894:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":488,"name":"zzz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":392,"src":"5898:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":489,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5904:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":486,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5887:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":490,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5887:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5883:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":492,"nodeType":"ExpressionStatement","src":"5883:23:1"},{"expression":{"id":501,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":493,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"5932:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":495,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"5943:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":498,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":496,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5948:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"id":497,"name":"zz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":390,"src":"5950:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5948:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":499,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5955:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":494,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"5936:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":500,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5936:21:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5932:25:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":502,"nodeType":"ExpressionStatement","src":"5932:25:1"},{"expression":{"id":509,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":503,"name":"zzz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":392,"src":"5974:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":505,"name":"u1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":412,"src":"5986:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":506,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":386,"src":"5990:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":507,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"5993:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":504,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"5979:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":508,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"5979:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"5974:21:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":510,"nodeType":"ExpressionStatement","src":"5974:21:1"},{"expression":{"id":531,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":511,"name":"x3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":403,"src":"6013:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"arguments":[{"id":515,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"6038:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":516,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"6043:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":517,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6048:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":514,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"6031:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":518,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6031:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":521,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":519,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6052:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"id":520,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":394,"src":"6054:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"6052:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":522,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6057:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":513,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"6024:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":523,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6024:35:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":525,"name":"minus_2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":273,"src":"6068:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":526,"name":"zzz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":392,"src":"6077:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":527,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6082:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":524,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"6061:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":528,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6061:23:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":529,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6085:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":512,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"6017:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":530,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6017:70:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"6013:74:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":532,"nodeType":"ExpressionStatement","src":"6013:74:1"},{"expression":{"id":555,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":533,"name":"y3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":405,"src":"6111:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"id":536,"name":"zz2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":398,"src":"6129:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":538,"name":"zzz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":392,"src":"6141:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":541,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":539,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6147:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"id":540,"name":"x3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":403,"src":"6149:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"6147:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":542,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6153:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":537,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"6134:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":543,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6134:21:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":544,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6156:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":535,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"6122:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":545,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6122:36:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":552,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":546,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6160:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"arguments":[{"id":548,"name":"zz1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":390,"src":"6169:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":549,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":394,"src":"6174:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":550,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6178:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":547,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"6162:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":551,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6162:18:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"6160:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":553,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"6181:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":534,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"6114:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":554,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"6114:69:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"6111:72:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":556,"nodeType":"ExpressionStatement","src":"6111:72:1"},{"expression":{"components":[{"id":557,"name":"x3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":403,"src":"6215:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":558,"name":"y3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":405,"src":"6219:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":559,"name":"zz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":407,"src":"6223:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":560,"name":"zzz3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":409,"src":"6228:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":561,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"6214:19:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"functionReturnParameters":410,"id":562,"nodeType":"Return","src":"6207:26:1"}]},"id":564,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_Add","nameLocation":"5293:8:1","nodeType":"FunctionDefinition","parameters":{"id":401,"nodeType":"ParameterList","parameters":[{"constant":false,"id":386,"mutability":"mutable","name":"x1","nameLocation":"5310:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5302:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":385,"name":"uint256","nodeType":"ElementaryTypeName","src":"5302:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":388,"mutability":"mutable","name":"y1","nameLocation":"5322:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5314:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":387,"name":"uint256","nodeType":"ElementaryTypeName","src":"5314:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":390,"mutability":"mutable","name":"zz1","nameLocation":"5334:3:1","nodeType":"VariableDeclaration","scope":564,"src":"5326:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":389,"name":"uint256","nodeType":"ElementaryTypeName","src":"5326:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":392,"mutability":"mutable","name":"zzz1","nameLocation":"5347:4:1","nodeType":"VariableDeclaration","scope":564,"src":"5339:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":391,"name":"uint256","nodeType":"ElementaryTypeName","src":"5339:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":394,"mutability":"mutable","name":"x2","nameLocation":"5361:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5353:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":393,"name":"uint256","nodeType":"ElementaryTypeName","src":"5353:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":396,"mutability":"mutable","name":"y2","nameLocation":"5373:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5365:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":395,"name":"uint256","nodeType":"ElementaryTypeName","src":"5365:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":398,"mutability":"mutable","name":"zz2","nameLocation":"5385:3:1","nodeType":"VariableDeclaration","scope":564,"src":"5377:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":397,"name":"uint256","nodeType":"ElementaryTypeName","src":"5377:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":400,"mutability":"mutable","name":"zzz2","nameLocation":"5398:4:1","nodeType":"VariableDeclaration","scope":564,"src":"5390:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":399,"name":"uint256","nodeType":"ElementaryTypeName","src":"5390:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"5301:102:1"},"returnParameters":{"id":410,"nodeType":"ParameterList","parameters":[{"constant":false,"id":403,"mutability":"mutable","name":"x3","nameLocation":"5436:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5428:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":402,"name":"uint256","nodeType":"ElementaryTypeName","src":"5428:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":405,"mutability":"mutable","name":"y3","nameLocation":"5448:2:1","nodeType":"VariableDeclaration","scope":564,"src":"5440:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":404,"name":"uint256","nodeType":"ElementaryTypeName","src":"5440:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":407,"mutability":"mutable","name":"zz3","nameLocation":"5460:3:1","nodeType":"VariableDeclaration","scope":564,"src":"5452:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":406,"name":"uint256","nodeType":"ElementaryTypeName","src":"5452:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":409,"mutability":"mutable","name":"zzz3","nameLocation":"5473:4:1","nodeType":"VariableDeclaration","scope":564,"src":"5465:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":408,"name":"uint256","nodeType":"ElementaryTypeName","src":"5465:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"5427:51:1"},"scope":1886,"src":"5284:954:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":588,"nodeType":"Block","src":"6691:1432:1","statements":[{"AST":{"nodeType":"YulBlock","src":"6719:1314:1","statements":[{"nodeType":"YulVariableDeclaration","src":"6775:26:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"6796:4:1","type":"","value":"0x40"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"6790:5:1"},"nodeType":"YulFunctionCall","src":"6790:11:1"},"variables":[{"name":"pointer","nodeType":"YulTypedName","src":"6779:7:1","type":""}]},{"expression":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"6859:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"6868:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6852:6:1"},"nodeType":"YulFunctionCall","src":"6852:21:1"},"nodeType":"YulExpressionStatement","src":"6852:21:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"6937:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"6946:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6933:3:1"},"nodeType":"YulFunctionCall","src":"6933:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"6953:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6926:6:1"},"nodeType":"YulFunctionCall","src":"6926:32:1"},"nodeType":"YulExpressionStatement","src":"6926:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"7021:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7030:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7017:3:1"},"nodeType":"YulFunctionCall","src":"7017:18:1"},{"kind":"number","nodeType":"YulLiteral","src":"7037:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7010:6:1"},"nodeType":"YulFunctionCall","src":"7010:32:1"},"nodeType":"YulExpressionStatement","src":"7010:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"7099:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7108:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7095:3:1"},"nodeType":"YulFunctionCall","src":"7095:18:1"},{"name":"self","nodeType":"YulIdentifier","src":"7115:4:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7088:6:1"},"nodeType":"YulFunctionCall","src":"7088:32:1"},"nodeType":"YulExpressionStatement","src":"7088:32:1"},{"expression":{"arguments":[{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"7175:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7184:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7171:3:1"},"nodeType":"YulFunctionCall","src":"7171:18:1"},{"name":"pp1div4","nodeType":"YulIdentifier","src":"7191:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7164:6:1"},"nodeType":"YulFunctionCall","src":"7164:35:1"},"nodeType":"YulExpressionStatement","src":"7164:35:1"},{"nodeType":"YulVariableDeclaration","src":"7386:33:1","value":{"arguments":[{"name":"pointer","nodeType":"YulIdentifier","src":"7405:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7414:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7401:3:1"},"nodeType":"YulFunctionCall","src":"7401:18:1"},"variables":[{"name":"_result","nodeType":"YulTypedName","src":"7390:7:1","type":""}]},{"expression":{"arguments":[{"name":"_result","nodeType":"YulIdentifier","src":"7469:7:1"},{"name":"p","nodeType":"YulIdentifier","src":"7478:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7462:6:1"},"nodeType":"YulFunctionCall","src":"7462:18:1"},"nodeType":"YulExpressionStatement","src":"7462:18:1"},{"body":{"nodeType":"YulBlock","src":"7954:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7963:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"7966:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"7956:6:1"},"nodeType":"YulFunctionCall","src":"7956:12:1"},"nodeType":"YulExpressionStatement","src":"7956:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7630:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"7626:3:1"},"nodeType":"YulFunctionCall","src":"7626:6:1"},{"name":"MODEXP_PRECOMPILE","nodeType":"YulIdentifier","src":"7675:17:1"},{"name":"pointer","nodeType":"YulIdentifier","src":"7720:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7759:4:1","type":"","value":"0xc0"},{"name":"_result","nodeType":"YulIdentifier","src":"7808:7:1"},{"kind":"number","nodeType":"YulLiteral","src":"7903:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"7598:10:1"},"nodeType":"YulFunctionCall","src":"7598:345:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"7578:6:1"},"nodeType":"YulFunctionCall","src":"7578:375:1"},"nodeType":"YulIf","src":"7575:395:1"},{"nodeType":"YulAssignment","src":"7974:24:1","value":{"arguments":[{"name":"_result","nodeType":"YulIdentifier","src":"7990:7:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"7984:5:1"},"nodeType":"YulFunctionCall","src":"7984:14:1"},"variableNames":[{"name":"result","nodeType":"YulIdentifier","src":"7974:6:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":252,"isOffset":false,"isSlot":false,"src":"7675:17:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"7478:1:1","valueSize":1},{"declaration":282,"isOffset":false,"isSlot":false,"src":"7191:7:1","valueSize":1},{"declaration":570,"isOffset":false,"isSlot":false,"src":"7974:6:1","valueSize":1},{"declaration":567,"isOffset":false,"isSlot":false,"src":"7115:4:1","valueSize":1}],"flags":["memory-safe"],"id":572,"nodeType":"InlineAssembly","src":"6694:1339:1"},{"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":579,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"arguments":[{"id":574,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":570,"src":"8047:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":575,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":570,"src":"8054:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":576,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8061:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":573,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"8040:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":577,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8040:23:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"!=","rightExpression":{"id":578,"name":"self","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":567,"src":"8065:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8040:29:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":585,"nodeType":"IfStatement","src":"8037:63:1","trueBody":{"id":584,"nodeType":"Block","src":"8070:30:1","statements":[{"expression":{"id":582,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":580,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":570,"src":"8077:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":581,"name":"_NOTSQUARE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":285,"src":"8084:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8077:17:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":583,"nodeType":"ExpressionStatement","src":"8077:17:1"}]}},{"expression":{"id":586,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":570,"src":"8114:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"functionReturnParameters":571,"id":587,"nodeType":"Return","src":"8107:13:1"}]},"documentation":{"id":565,"nodeType":"StructuredDocumentation","src":"6240:381:1","text":"@notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n @param self The integer of which to find the modular inverse\n @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx"},"id":589,"implemented":true,"kind":"function","modifiers":[],"name":"SqrtMod","nameLocation":"6631:7:1","nodeType":"FunctionDefinition","parameters":{"id":568,"nodeType":"ParameterList","parameters":[{"constant":false,"id":567,"mutability":"mutable","name":"self","nameLocation":"6647:4:1","nodeType":"VariableDeclaration","scope":589,"src":"6639:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":566,"name":"uint256","nodeType":"ElementaryTypeName","src":"6639:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"6638:14:1"},"returnParameters":{"id":571,"nodeType":"ParameterList","parameters":[{"constant":false,"id":570,"mutability":"mutable","name":"result","nameLocation":"6684:6:1","nodeType":"VariableDeclaration","scope":589,"src":"6676:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":569,"name":"uint256","nodeType":"ElementaryTypeName","src":"6676:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"6675:16:1"},"scope":1886,"src":"6622:1501:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":626,"nodeType":"Block","src":"8284:138:1","statements":[{"id":625,"nodeType":"UncheckedBlock","src":"8294:122:1","statements":[{"expression":{"id":605,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":601,"name":"P","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":599,"src":"8318:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_memory_ptr","typeString":"uint256[4] memory"}},"id":603,"indexExpression":{"hexValue":"32","id":602,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8320:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"8318:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"31","id":604,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8325:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"8318:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":606,"nodeType":"ExpressionStatement","src":"8318:8:1"},{"expression":{"id":611,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":607,"name":"P","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":599,"src":"8345:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_memory_ptr","typeString":"uint256[4] memory"}},"id":609,"indexExpression":{"hexValue":"33","id":608,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8347:1:1","typeDescriptions":{"typeIdentifier":"t_rational_3_by_1","typeString":"int_const 3"},"value":"3"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"8345:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"31","id":610,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8352:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"8345:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":612,"nodeType":"ExpressionStatement","src":"8345:8:1"},{"expression":{"id":617,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":613,"name":"P","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":599,"src":"8373:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_memory_ptr","typeString":"uint256[4] memory"}},"id":615,"indexExpression":{"hexValue":"30","id":614,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8375:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"8373:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":616,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":592,"src":"8380:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8373:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":618,"nodeType":"ExpressionStatement","src":"8373:9:1"},{"expression":{"id":623,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":619,"name":"P","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":599,"src":"8396:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_memory_ptr","typeString":"uint256[4] memory"}},"id":621,"indexExpression":{"hexValue":"31","id":620,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8398:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"8396:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":622,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":594,"src":"8403:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8396:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":624,"nodeType":"ExpressionStatement","src":"8396:9:1"}]}]},"documentation":{"id":590,"nodeType":"StructuredDocumentation","src":"8128:62:1","text":" /* @dev Convert from affine rep to XYZZ rep"},"id":627,"implemented":true,"kind":"function","modifiers":[],"name":"ecAff_SetZZ","nameLocation":"8204:11:1","nodeType":"FunctionDefinition","parameters":{"id":595,"nodeType":"ParameterList","parameters":[{"constant":false,"id":592,"mutability":"mutable","name":"x0","nameLocation":"8224:2:1","nodeType":"VariableDeclaration","scope":627,"src":"8216:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":591,"name":"uint256","nodeType":"ElementaryTypeName","src":"8216:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":594,"mutability":"mutable","name":"y0","nameLocation":"8236:2:1","nodeType":"VariableDeclaration","scope":627,"src":"8228:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":593,"name":"uint256","nodeType":"ElementaryTypeName","src":"8228:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"8215:24:1"},"returnParameters":{"id":600,"nodeType":"ParameterList","parameters":[{"constant":false,"id":599,"mutability":"mutable","name":"P","nameLocation":"8281:1:1","nodeType":"VariableDeclaration","scope":627,"src":"8263:19:1","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_memory_ptr","typeString":"uint256[4]"},"typeName":{"baseType":{"id":596,"name":"uint256","nodeType":"ElementaryTypeName","src":"8263:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":598,"length":{"hexValue":"34","id":597,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8271:1:1","typeDescriptions":{"typeIdentifier":"t_rational_4_by_1","typeString":"int_const 4"},"value":"4"},"nodeType":"ArrayTypeName","src":"8263:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$4_storage_ptr","typeString":"uint256[4]"}},"visibility":"internal"}],"src":"8262:21:1"},"scope":1886,"src":"8195:227:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":694,"nodeType":"Block","src":"8510:271:1","statements":[{"assignments":[637],"declarations":[{"constant":false,"id":637,"mutability":"mutable","name":"y2","nameLocation":"8530:2:1","nodeType":"VariableDeclaration","scope":694,"src":"8522:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":636,"name":"uint256","nodeType":"ElementaryTypeName","src":"8522:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":647,"initialValue":{"arguments":[{"id":639,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":629,"src":"8540:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":641,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":629,"src":"8549:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":642,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":629,"src":"8551:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":643,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8553:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":640,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"8542:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":644,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8542:13:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":645,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8556:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":638,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"8533:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":646,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8533:25:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"8522:36:1"},{"expression":{"id":662,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":648,"name":"y2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":637,"src":"8572:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":650,"name":"b","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":261,"src":"8582:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":652,"name":"y2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":637,"src":"8591:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":654,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":629,"src":"8601:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":655,"name":"a","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":258,"src":"8603:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":656,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8605:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":653,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"8594:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":657,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8594:13:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":658,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8608:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":651,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"8584:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":659,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8584:26:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":660,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8611:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":649,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"8575:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":661,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8575:38:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8572:41:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":663,"nodeType":"ExpressionStatement","src":"8572:41:1"},{"expression":{"id":668,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":664,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":634,"src":"8633:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":666,"name":"y2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":637,"src":"8643:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":665,"name":"SqrtMod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":589,"src":"8635:7:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":667,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"8635:11:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8633:13:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":669,"nodeType":"ExpressionStatement","src":"8633:13:1"},{"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":672,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":670,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":634,"src":"8659:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":671,"name":"_NOTSQUARE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":285,"src":"8662:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8659:13:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":676,"nodeType":"IfStatement","src":"8656:59:1","trueBody":{"id":675,"nodeType":"Block","src":"8673:42:1","statements":[{"expression":{"id":673,"name":"_NOTONCURVE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":288,"src":"8693:11:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"functionReturnParameters":635,"id":674,"nodeType":"Return","src":"8686:18:1"}]}},{"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":685,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":679,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":677,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":634,"src":"8728:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":678,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8730:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"8728:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":680,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"8727:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"!=","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":683,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":681,"name":"parity","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":631,"src":"8735:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":682,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"8742:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"8735:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":684,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"8734:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8727:17:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":693,"nodeType":"IfStatement","src":"8724:51:1","trueBody":{"id":692,"nodeType":"Block","src":"8745:30:1","statements":[{"expression":{"id":690,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":686,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":634,"src":"8759:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":689,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":687,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"8761:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"id":688,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":634,"src":"8763:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8761:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"8759:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":691,"nodeType":"ExpressionStatement","src":"8759:5:1"}]}}]},"id":695,"implemented":true,"kind":"function","modifiers":[],"name":"ec_Decompress","nameLocation":"8437:13:1","nodeType":"FunctionDefinition","parameters":{"id":632,"nodeType":"ParameterList","parameters":[{"constant":false,"id":629,"mutability":"mutable","name":"x","nameLocation":"8459:1:1","nodeType":"VariableDeclaration","scope":695,"src":"8451:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":628,"name":"uint256","nodeType":"ElementaryTypeName","src":"8451:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":631,"mutability":"mutable","name":"parity","nameLocation":"8470:6:1","nodeType":"VariableDeclaration","scope":695,"src":"8462:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":630,"name":"uint256","nodeType":"ElementaryTypeName","src":"8462:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"8450:27:1"},"returnParameters":{"id":635,"nodeType":"ParameterList","parameters":[{"constant":false,"id":634,"mutability":"mutable","name":"y","nameLocation":"8508:1:1","nodeType":"VariableDeclaration","scope":695,"src":"8500:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":633,"name":"uint256","nodeType":"ElementaryTypeName","src":"8500:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"8499:11:1"},"scope":1886,"src":"8428:353:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":749,"nodeType":"Block","src":"9059:236:1","statements":[{"assignments":[712],"declarations":[{"constant":false,"id":712,"mutability":"mutable","name":"zzzInv","nameLocation":"9077:6:1","nodeType":"VariableDeclaration","scope":749,"src":"9069:14:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":711,"name":"uint256","nodeType":"ElementaryTypeName","src":"9069:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":716,"initialValue":{"arguments":[{"id":714,"name":"zzz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":704,"src":"9098:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":713,"name":"FCL_pModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":308,"src":"9086:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":715,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9086:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"9069:33:1"},{"expression":{"id":723,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":717,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":709,"src":"9120:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":719,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":700,"src":"9132:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":720,"name":"zzzInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":712,"src":"9135:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":721,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"9143:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":718,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"9125:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":722,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9125:20:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"9120:25:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":724,"nodeType":"ExpressionStatement","src":"9120:25:1"},{"assignments":[726],"declarations":[{"constant":false,"id":726,"mutability":"mutable","name":"_b","nameLocation":"9171:2:1","nodeType":"VariableDeclaration","scope":749,"src":"9163:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":725,"name":"uint256","nodeType":"ElementaryTypeName","src":"9163:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":732,"initialValue":{"arguments":[{"id":728,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":702,"src":"9183:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":729,"name":"zzzInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":712,"src":"9187:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":730,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"9195:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":727,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"9176:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":731,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9176:21:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"9163:34:1"},{"expression":{"id":739,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":733,"name":"zzzInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":712,"src":"9213:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":735,"name":"_b","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":726,"src":"9229:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":736,"name":"_b","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":726,"src":"9233:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":737,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"9237:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":734,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"9222:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":738,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9222:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"9213:26:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":740,"nodeType":"ExpressionStatement","src":"9213:26:1"},{"expression":{"id":747,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":741,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":707,"src":"9256:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":743,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":698,"src":"9268:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":744,"name":"zzzInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":712,"src":"9271:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":745,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"9279:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":742,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"9261:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":746,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9261:20:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"9256:25:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":748,"nodeType":"ExpressionStatement","src":"9256:25:1"}]},"documentation":{"id":696,"nodeType":"StructuredDocumentation","src":"8787:62:1","text":" /* @dev Convert from XYZZ rep to affine rep"},"id":750,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_SetAff","nameLocation":"8953:11:1","nodeType":"FunctionDefinition","parameters":{"id":705,"nodeType":"ParameterList","parameters":[{"constant":false,"id":698,"mutability":"mutable","name":"x","nameLocation":"8973:1:1","nodeType":"VariableDeclaration","scope":750,"src":"8965:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":697,"name":"uint256","nodeType":"ElementaryTypeName","src":"8965:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":700,"mutability":"mutable","name":"y","nameLocation":"8984:1:1","nodeType":"VariableDeclaration","scope":750,"src":"8976:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":699,"name":"uint256","nodeType":"ElementaryTypeName","src":"8976:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":702,"mutability":"mutable","name":"zz","nameLocation":"8995:2:1","nodeType":"VariableDeclaration","scope":750,"src":"8987:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":701,"name":"uint256","nodeType":"ElementaryTypeName","src":"8987:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":704,"mutability":"mutable","name":"zzz","nameLocation":"9007:3:1","nodeType":"VariableDeclaration","scope":750,"src":"8999:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":703,"name":"uint256","nodeType":"ElementaryTypeName","src":"8999:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"8964:47:1"},"returnParameters":{"id":710,"nodeType":"ParameterList","parameters":[{"constant":false,"id":707,"mutability":"mutable","name":"x1","nameLocation":"9043:2:1","nodeType":"VariableDeclaration","scope":750,"src":"9035:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":706,"name":"uint256","nodeType":"ElementaryTypeName","src":"9035:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":709,"mutability":"mutable","name":"y1","nameLocation":"9055:2:1","nodeType":"VariableDeclaration","scope":750,"src":"9047:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":708,"name":"uint256","nodeType":"ElementaryTypeName","src":"9047:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"9034:24:1"},"scope":1886,"src":"8944:351:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":778,"nodeType":"Block","src":"9568:764:1","statements":[{"id":771,"nodeType":"UncheckedBlock","src":"9578:715:1","statements":[{"AST":{"nodeType":"YulBlock","src":"9611:672:1","statements":[{"nodeType":"YulAssignment","src":"9629:21:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9642:1:1","type":"","value":"2"},{"name":"y","nodeType":"YulIdentifier","src":"9645:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"9648:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9635:6:1"},"nodeType":"YulFunctionCall","src":"9635:15:1"},"variableNames":[{"name":"P0","nodeType":"YulIdentifier","src":"9629:2:1"}]},{"nodeType":"YulAssignment","src":"9678:23:1","value":{"arguments":[{"name":"P0","nodeType":"YulIdentifier","src":"9691:2:1"},{"name":"P0","nodeType":"YulIdentifier","src":"9695:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"9699:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9684:6:1"},"nodeType":"YulFunctionCall","src":"9684:17:1"},"variableNames":[{"name":"P2","nodeType":"YulIdentifier","src":"9678:2:1"}]},{"nodeType":"YulAssignment","src":"9727:22:1","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"9740:1:1"},{"name":"P2","nodeType":"YulIdentifier","src":"9743:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"9747:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9733:6:1"},"nodeType":"YulFunctionCall","src":"9733:16:1"},"variableNames":[{"name":"P3","nodeType":"YulIdentifier","src":"9727:2:1"}]},{"nodeType":"YulAssignment","src":"9778:23:1","value":{"arguments":[{"name":"P0","nodeType":"YulIdentifier","src":"9791:2:1"},{"name":"P2","nodeType":"YulIdentifier","src":"9795:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"9799:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9784:6:1"},"nodeType":"YulFunctionCall","src":"9784:17:1"},"variableNames":[{"name":"P1","nodeType":"YulIdentifier","src":"9778:2:1"}]},{"nodeType":"YulAssignment","src":"9826:23:1","value":{"arguments":[{"name":"P2","nodeType":"YulIdentifier","src":"9839:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"9843:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"9847:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9832:6:1"},"nodeType":"YulFunctionCall","src":"9832:17:1"},"variableNames":[{"name":"P2","nodeType":"YulIdentifier","src":"9826:2:1"}]},{"nodeType":"YulAssignment","src":"9878:73:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9891:1:1","type":"","value":"3"},{"arguments":[{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"9908:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"9915:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"9918:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"9911:3:1"},"nodeType":"YulFunctionCall","src":"9911:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"9923:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"9901:6:1"},"nodeType":"YulFunctionCall","src":"9901:24:1"},{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"9934:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"9937:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"9941:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"9927:6:1"},"nodeType":"YulFunctionCall","src":"9927:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"9945:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9894:6:1"},"nodeType":"YulFunctionCall","src":"9894:53:1"},{"name":"p","nodeType":"YulIdentifier","src":"9949:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"9884:6:1"},"nodeType":"YulFunctionCall","src":"9884:67:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"9878:2:1"}]},{"nodeType":"YulAssignment","src":"9992:58:1","value":{"arguments":[{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"10012:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"10016:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"10020:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10005:6:1"},"nodeType":"YulFunctionCall","src":"10005:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"10031:7:1"},{"name":"P3","nodeType":"YulIdentifier","src":"10040:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"10044:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10024:6:1"},"nodeType":"YulFunctionCall","src":"10024:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"10048:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"9998:6:1"},"nodeType":"YulFunctionCall","src":"9998:52:1"},"variableNames":[{"name":"P0","nodeType":"YulIdentifier","src":"9992:2:1"}]},{"nodeType":"YulAssignment","src":"10079:45:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"10091:2:1"},{"arguments":[{"name":"P3","nodeType":"YulIdentifier","src":"10102:2:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"10110:1:1"},{"name":"P0","nodeType":"YulIdentifier","src":"10113:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"10106:3:1"},"nodeType":"YulFunctionCall","src":"10106:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"10118:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"10095:6:1"},"nodeType":"YulFunctionCall","src":"10095:25:1"},{"name":"p","nodeType":"YulIdentifier","src":"10122:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10084:6:1"},"nodeType":"YulFunctionCall","src":"10084:40:1"},"variableNames":[{"name":"x","nodeType":"YulIdentifier","src":"10079:1:1"}]},{"nodeType":"YulAssignment","src":"10151:24:1","value":{"arguments":[{"name":"P1","nodeType":"YulIdentifier","src":"10164:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"10168:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"10173:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10157:6:1"},"nodeType":"YulFunctionCall","src":"10157:18:1"},"variableNames":[{"name":"P3","nodeType":"YulIdentifier","src":"10151:2:1"}]},{"nodeType":"YulAssignment","src":"10206:44:1","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"10219:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"10226:1:1"},{"arguments":[{"name":"P1","nodeType":"YulIdentifier","src":"10236:2:1"},{"name":"y","nodeType":"YulIdentifier","src":"10240:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"10243:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10229:6:1"},"nodeType":"YulFunctionCall","src":"10229:16:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"10222:3:1"},"nodeType":"YulFunctionCall","src":"10222:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"10248:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"10212:6:1"},"nodeType":"YulFunctionCall","src":"10212:38:1"},"variableNames":[{"name":"P1","nodeType":"YulIdentifier","src":"10206:2:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":762,"isOffset":false,"isSlot":false,"src":"10113:2:1","valueSize":1},{"declaration":762,"isOffset":false,"isSlot":false,"src":"9629:2:1","valueSize":1},{"declaration":762,"isOffset":false,"isSlot":false,"src":"9691:2:1","valueSize":1},{"declaration":762,"isOffset":false,"isSlot":false,"src":"9695:2:1","valueSize":1},{"declaration":762,"isOffset":false,"isSlot":false,"src":"9791:2:1","valueSize":1},{"declaration":762,"isOffset":false,"isSlot":false,"src":"9992:2:1","valueSize":1},{"declaration":764,"isOffset":false,"isSlot":false,"src":"10164:2:1","valueSize":1},{"declaration":764,"isOffset":false,"isSlot":false,"src":"10206:2:1","valueSize":1},{"declaration":764,"isOffset":false,"isSlot":false,"src":"10236:2:1","valueSize":1},{"declaration":764,"isOffset":false,"isSlot":false,"src":"9778:2:1","valueSize":1},{"declaration":766,"isOffset":false,"isSlot":false,"src":"9678:2:1","valueSize":1},{"declaration":766,"isOffset":false,"isSlot":false,"src":"9743:2:1","valueSize":1},{"declaration":766,"isOffset":false,"isSlot":false,"src":"9795:2:1","valueSize":1},{"declaration":766,"isOffset":false,"isSlot":false,"src":"9826:2:1","valueSize":1},{"declaration":766,"isOffset":false,"isSlot":false,"src":"9839:2:1","valueSize":1},{"declaration":768,"isOffset":false,"isSlot":false,"src":"10040:2:1","valueSize":1},{"declaration":768,"isOffset":false,"isSlot":false,"src":"10102:2:1","valueSize":1},{"declaration":768,"isOffset":false,"isSlot":false,"src":"10151:2:1","valueSize":1},{"declaration":768,"isOffset":false,"isSlot":false,"src":"9727:2:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"10031:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10020:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10044:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10048:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10110:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10118:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10122:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10173:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10226:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10243:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10248:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9648:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9699:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9747:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9799:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9847:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9915:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9923:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9941:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9945:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"9949:1:1","valueSize":1},{"declaration":753,"isOffset":false,"isSlot":false,"src":"10079:1:1","valueSize":1},{"declaration":753,"isOffset":false,"isSlot":false,"src":"10219:1:1","valueSize":1},{"declaration":753,"isOffset":false,"isSlot":false,"src":"9740:1:1","valueSize":1},{"declaration":753,"isOffset":false,"isSlot":false,"src":"9908:1:1","valueSize":1},{"declaration":753,"isOffset":false,"isSlot":false,"src":"9934:1:1","valueSize":1},{"declaration":755,"isOffset":false,"isSlot":false,"src":"10240:1:1","valueSize":1},{"declaration":755,"isOffset":false,"isSlot":false,"src":"9645:1:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"10012:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"10016:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"10091:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"9843:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"9878:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"9918:2:1","valueSize":1},{"declaration":757,"isOffset":false,"isSlot":false,"src":"9937:2:1","valueSize":1},{"declaration":759,"isOffset":false,"isSlot":false,"src":"10168:3:1","valueSize":1}],"id":770,"nodeType":"InlineAssembly","src":"9602:681:1"}]},{"expression":{"components":[{"id":772,"name":"P0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":762,"src":"10310:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":773,"name":"P1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":764,"src":"10314:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":774,"name":"P2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":766,"src":"10318:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":775,"name":"P3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":768,"src":"10322:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":776,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"10309:16:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"functionReturnParameters":769,"id":777,"nodeType":"Return","src":"10302:23:1"}]},"documentation":{"id":751,"nodeType":"StructuredDocumentation","src":"9301:50:1","text":" /* @dev Sutherland2008 doubling"},"id":779,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_Dbl","nameLocation":"9413:8:1","nodeType":"FunctionDefinition","parameters":{"id":760,"nodeType":"ParameterList","parameters":[{"constant":false,"id":753,"mutability":"mutable","name":"x","nameLocation":"9430:1:1","nodeType":"VariableDeclaration","scope":779,"src":"9422:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":752,"name":"uint256","nodeType":"ElementaryTypeName","src":"9422:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":755,"mutability":"mutable","name":"y","nameLocation":"9441:1:1","nodeType":"VariableDeclaration","scope":779,"src":"9433:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":754,"name":"uint256","nodeType":"ElementaryTypeName","src":"9433:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":757,"mutability":"mutable","name":"zz","nameLocation":"9452:2:1","nodeType":"VariableDeclaration","scope":779,"src":"9444:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":756,"name":"uint256","nodeType":"ElementaryTypeName","src":"9444:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":759,"mutability":"mutable","name":"zzz","nameLocation":"9464:3:1","nodeType":"VariableDeclaration","scope":779,"src":"9456:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":758,"name":"uint256","nodeType":"ElementaryTypeName","src":"9456:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"9421:47:1"},"returnParameters":{"id":769,"nodeType":"ParameterList","parameters":[{"constant":false,"id":762,"mutability":"mutable","name":"P0","nameLocation":"9524:2:1","nodeType":"VariableDeclaration","scope":779,"src":"9516:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":761,"name":"uint256","nodeType":"ElementaryTypeName","src":"9516:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":764,"mutability":"mutable","name":"P1","nameLocation":"9536:2:1","nodeType":"VariableDeclaration","scope":779,"src":"9528:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":763,"name":"uint256","nodeType":"ElementaryTypeName","src":"9528:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":766,"mutability":"mutable","name":"P2","nameLocation":"9548:2:1","nodeType":"VariableDeclaration","scope":779,"src":"9540:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":765,"name":"uint256","nodeType":"ElementaryTypeName","src":"9540:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":768,"mutability":"mutable","name":"P3","nameLocation":"9560:2:1","nodeType":"VariableDeclaration","scope":779,"src":"9552:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":767,"name":"uint256","nodeType":"ElementaryTypeName","src":"9552:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"9515:48:1"},"scope":1886,"src":"9404:928:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":822,"nodeType":"Block","src":"10742:880:1","statements":[{"id":815,"nodeType":"UncheckedBlock","src":"10752:815:1","statements":[{"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":805,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":803,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":784,"src":"10780:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":804,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"10786:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"10780:7:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":813,"nodeType":"IfStatement","src":"10776:67:1","trueBody":{"id":812,"nodeType":"Block","src":"10789:54:1","statements":[{"expression":{"components":[{"id":806,"name":"x2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":790,"src":"10815:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":807,"name":"y2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":792,"src":"10819:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"hexValue":"31","id":808,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"10823:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},{"hexValue":"31","id":809,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"10826:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"}],"id":810,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"10814:14:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_rational_1_by_1_$_t_rational_1_by_1_$","typeString":"tuple(uint256,uint256,int_const 1,int_const 1)"}},"functionReturnParameters":802,"id":811,"nodeType":"Return","src":"10807:21:1"}]}},{"AST":{"nodeType":"YulBlock","src":"10866:664:1","statements":[{"nodeType":"YulAssignment","src":"10884:16:1","value":{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"10894:1:1"},{"name":"y1","nodeType":"YulIdentifier","src":"10897:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"10890:3:1"},"nodeType":"YulFunctionCall","src":"10890:10:1"},"variableNames":[{"name":"y1","nodeType":"YulIdentifier","src":"10884:2:1"}]},{"nodeType":"YulAssignment","src":"10917:40:1","value":{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"10937:2:1"},{"name":"zzz1","nodeType":"YulIdentifier","src":"10941:4:1"},{"name":"p","nodeType":"YulIdentifier","src":"10947:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10930:6:1"},"nodeType":"YulFunctionCall","src":"10930:19:1"},{"name":"y1","nodeType":"YulIdentifier","src":"10951:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"10955:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"10923:6:1"},"nodeType":"YulFunctionCall","src":"10923:34:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"10917:2:1"}]},{"nodeType":"YulAssignment","src":"10974:47:1","value":{"arguments":[{"arguments":[{"name":"x2","nodeType":"YulIdentifier","src":"10994:2:1"},{"name":"zz1","nodeType":"YulIdentifier","src":"10998:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"11003:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"10987:6:1"},"nodeType":"YulFunctionCall","src":"10987:18:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"11011:1:1"},{"name":"x1","nodeType":"YulIdentifier","src":"11014:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"11007:3:1"},"nodeType":"YulFunctionCall","src":"11007:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"11019:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"10980:6:1"},"nodeType":"YulFunctionCall","src":"10980:41:1"},"variableNames":[{"name":"x2","nodeType":"YulIdentifier","src":"10974:2:1"}]},{"nodeType":"YulAssignment","src":"11038:23:1","value":{"arguments":[{"name":"x2","nodeType":"YulIdentifier","src":"11051:2:1"},{"name":"x2","nodeType":"YulIdentifier","src":"11055:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11059:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11044:6:1"},"nodeType":"YulFunctionCall","src":"11044:17:1"},"variableNames":[{"name":"P0","nodeType":"YulIdentifier","src":"11038:2:1"}]},{"nodeType":"YulAssignment","src":"11089:23:1","value":{"arguments":[{"name":"P0","nodeType":"YulIdentifier","src":"11102:2:1"},{"name":"x2","nodeType":"YulIdentifier","src":"11106:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11110:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11095:6:1"},"nodeType":"YulFunctionCall","src":"11095:17:1"},"variableNames":[{"name":"P1","nodeType":"YulIdentifier","src":"11089:2:1"}]},{"nodeType":"YulAssignment","src":"11142:24:1","value":{"arguments":[{"name":"zz1","nodeType":"YulIdentifier","src":"11155:3:1"},{"name":"P0","nodeType":"YulIdentifier","src":"11160:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11164:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11148:6:1"},"nodeType":"YulFunctionCall","src":"11148:18:1"},"variableNames":[{"name":"P2","nodeType":"YulIdentifier","src":"11142:2:1"}]},{"nodeType":"YulAssignment","src":"11200:25:1","value":{"arguments":[{"name":"zzz1","nodeType":"YulIdentifier","src":"11213:4:1"},{"name":"P1","nodeType":"YulIdentifier","src":"11219:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11223:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11206:6:1"},"nodeType":"YulFunctionCall","src":"11206:19:1"},"variableNames":[{"name":"P3","nodeType":"YulIdentifier","src":"11200:2:1"}]},{"nodeType":"YulAssignment","src":"11262:24:1","value":{"arguments":[{"name":"x1","nodeType":"YulIdentifier","src":"11276:2:1"},{"name":"P0","nodeType":"YulIdentifier","src":"11280:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11284:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11269:6:1"},"nodeType":"YulFunctionCall","src":"11269:17:1"},"variableNames":[{"name":"zz1","nodeType":"YulIdentifier","src":"11262:3:1"}]},{"nodeType":"YulAssignment","src":"11315:82:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"11342:2:1"},{"name":"y2","nodeType":"YulIdentifier","src":"11346:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11350:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11335:6:1"},"nodeType":"YulFunctionCall","src":"11335:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"11358:1:1"},{"name":"P1","nodeType":"YulIdentifier","src":"11361:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"11354:3:1"},"nodeType":"YulFunctionCall","src":"11354:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"11366:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"11328:6:1"},"nodeType":"YulFunctionCall","src":"11328:40:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"11377:7:1"},{"name":"zz1","nodeType":"YulIdentifier","src":"11386:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"11391:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11370:6:1"},"nodeType":"YulFunctionCall","src":"11370:23:1"},{"name":"p","nodeType":"YulIdentifier","src":"11395:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"11321:6:1"},"nodeType":"YulFunctionCall","src":"11321:76:1"},"variableNames":[{"name":"P0","nodeType":"YulIdentifier","src":"11315:2:1"}]},{"nodeType":"YulAssignment","src":"11428:77:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"zz1","nodeType":"YulIdentifier","src":"11455:3:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"11464:1:1"},{"name":"P0","nodeType":"YulIdentifier","src":"11467:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"11460:3:1"},"nodeType":"YulFunctionCall","src":"11460:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"11472:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"11448:6:1"},"nodeType":"YulFunctionCall","src":"11448:26:1"},{"name":"y2","nodeType":"YulIdentifier","src":"11476:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11480:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11441:6:1"},"nodeType":"YulFunctionCall","src":"11441:41:1"},{"arguments":[{"name":"y1","nodeType":"YulIdentifier","src":"11491:2:1"},{"name":"P1","nodeType":"YulIdentifier","src":"11495:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"11499:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"11484:6:1"},"nodeType":"YulFunctionCall","src":"11484:17:1"},{"name":"p","nodeType":"YulIdentifier","src":"11503:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"11434:6:1"},"nodeType":"YulFunctionCall","src":"11434:71:1"},"variableNames":[{"name":"P1","nodeType":"YulIdentifier","src":"11428:2:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":795,"isOffset":false,"isSlot":false,"src":"11038:2:1","valueSize":1},{"declaration":795,"isOffset":false,"isSlot":false,"src":"11102:2:1","valueSize":1},{"declaration":795,"isOffset":false,"isSlot":false,"src":"11160:2:1","valueSize":1},{"declaration":795,"isOffset":false,"isSlot":false,"src":"11280:2:1","valueSize":1},{"declaration":795,"isOffset":false,"isSlot":false,"src":"11315:2:1","valueSize":1},{"declaration":795,"isOffset":false,"isSlot":false,"src":"11467:2:1","valueSize":1},{"declaration":797,"isOffset":false,"isSlot":false,"src":"11089:2:1","valueSize":1},{"declaration":797,"isOffset":false,"isSlot":false,"src":"11219:2:1","valueSize":1},{"declaration":797,"isOffset":false,"isSlot":false,"src":"11361:2:1","valueSize":1},{"declaration":797,"isOffset":false,"isSlot":false,"src":"11428:2:1","valueSize":1},{"declaration":797,"isOffset":false,"isSlot":false,"src":"11495:2:1","valueSize":1},{"declaration":799,"isOffset":false,"isSlot":false,"src":"11142:2:1","valueSize":1},{"declaration":801,"isOffset":false,"isSlot":false,"src":"11200:2:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"11377:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10894:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10947:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"10955:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11003:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11011:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11019:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11059:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11110:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11164:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11223:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11284:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11350:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11358:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11366:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11391:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11395:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11464:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11472:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11480:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11499:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"11503:1:1","valueSize":1},{"declaration":782,"isOffset":false,"isSlot":false,"src":"11014:2:1","valueSize":1},{"declaration":782,"isOffset":false,"isSlot":false,"src":"11276:2:1","valueSize":1},{"declaration":790,"isOffset":false,"isSlot":false,"src":"10974:2:1","valueSize":1},{"declaration":790,"isOffset":false,"isSlot":false,"src":"10994:2:1","valueSize":1},{"declaration":790,"isOffset":false,"isSlot":false,"src":"11051:2:1","valueSize":1},{"declaration":790,"isOffset":false,"isSlot":false,"src":"11055:2:1","valueSize":1},{"declaration":790,"isOffset":false,"isSlot":false,"src":"11106:2:1","valueSize":1},{"declaration":784,"isOffset":false,"isSlot":false,"src":"10884:2:1","valueSize":1},{"declaration":784,"isOffset":false,"isSlot":false,"src":"10897:2:1","valueSize":1},{"declaration":784,"isOffset":false,"isSlot":false,"src":"10951:2:1","valueSize":1},{"declaration":784,"isOffset":false,"isSlot":false,"src":"11491:2:1","valueSize":1},{"declaration":792,"isOffset":false,"isSlot":false,"src":"10917:2:1","valueSize":1},{"declaration":792,"isOffset":false,"isSlot":false,"src":"10937:2:1","valueSize":1},{"declaration":792,"isOffset":false,"isSlot":false,"src":"11342:2:1","valueSize":1},{"declaration":792,"isOffset":false,"isSlot":false,"src":"11346:2:1","valueSize":1},{"declaration":792,"isOffset":false,"isSlot":false,"src":"11476:2:1","valueSize":1},{"declaration":786,"isOffset":false,"isSlot":false,"src":"10998:3:1","valueSize":1},{"declaration":786,"isOffset":false,"isSlot":false,"src":"11155:3:1","valueSize":1},{"declaration":786,"isOffset":false,"isSlot":false,"src":"11262:3:1","valueSize":1},{"declaration":786,"isOffset":false,"isSlot":false,"src":"11386:3:1","valueSize":1},{"declaration":786,"isOffset":false,"isSlot":false,"src":"11455:3:1","valueSize":1},{"declaration":788,"isOffset":false,"isSlot":false,"src":"10941:4:1","valueSize":1},{"declaration":788,"isOffset":false,"isSlot":false,"src":"11213:4:1","valueSize":1}],"id":814,"nodeType":"InlineAssembly","src":"10857:673:1"}]},{"expression":{"components":[{"id":816,"name":"P0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":795,"src":"11600:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":817,"name":"P1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":797,"src":"11604:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":818,"name":"P2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":799,"src":"11608:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":819,"name":"P3","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":801,"src":"11612:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":820,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"11599:16:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"functionReturnParameters":802,"id":821,"nodeType":"Return","src":"11592:23:1"}]},"documentation":{"id":780,"nodeType":"StructuredDocumentation","src":"10338:205:1","text":" @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)"},"id":823,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_AddN","nameLocation":"10558:9:1","nodeType":"FunctionDefinition","parameters":{"id":793,"nodeType":"ParameterList","parameters":[{"constant":false,"id":782,"mutability":"mutable","name":"x1","nameLocation":"10576:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10568:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":781,"name":"uint256","nodeType":"ElementaryTypeName","src":"10568:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":784,"mutability":"mutable","name":"y1","nameLocation":"10588:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10580:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":783,"name":"uint256","nodeType":"ElementaryTypeName","src":"10580:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":786,"mutability":"mutable","name":"zz1","nameLocation":"10600:3:1","nodeType":"VariableDeclaration","scope":823,"src":"10592:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":785,"name":"uint256","nodeType":"ElementaryTypeName","src":"10592:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":788,"mutability":"mutable","name":"zzz1","nameLocation":"10613:4:1","nodeType":"VariableDeclaration","scope":823,"src":"10605:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":787,"name":"uint256","nodeType":"ElementaryTypeName","src":"10605:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":790,"mutability":"mutable","name":"x2","nameLocation":"10627:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10619:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":789,"name":"uint256","nodeType":"ElementaryTypeName","src":"10619:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":792,"mutability":"mutable","name":"y2","nameLocation":"10639:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10631:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":791,"name":"uint256","nodeType":"ElementaryTypeName","src":"10631:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"10567:75:1"},"returnParameters":{"id":802,"nodeType":"ParameterList","parameters":[{"constant":false,"id":795,"mutability":"mutable","name":"P0","nameLocation":"10698:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10690:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":794,"name":"uint256","nodeType":"ElementaryTypeName","src":"10690:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":797,"mutability":"mutable","name":"P1","nameLocation":"10710:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10702:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":796,"name":"uint256","nodeType":"ElementaryTypeName","src":"10702:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":799,"mutability":"mutable","name":"P2","nameLocation":"10722:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10714:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":798,"name":"uint256","nodeType":"ElementaryTypeName","src":"10714:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":801,"mutability":"mutable","name":"P3","nameLocation":"10734:2:1","nodeType":"VariableDeclaration","scope":823,"src":"10726:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":800,"name":"uint256","nodeType":"ElementaryTypeName","src":"10726:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"10689:48:1"},"scope":1886,"src":"10549:1073:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":841,"nodeType":"Block","src":"11793:36:1","statements":[{"expression":{"components":[{"hexValue":"30","id":835,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"11811:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":836,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"11814:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":837,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"11817:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":838,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"11820:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"}],"id":839,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"TupleExpression","src":"11810:12:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_rational_0_by_1_$_t_rational_0_by_1_$_t_rational_0_by_1_$_t_rational_0_by_1_$","typeString":"tuple(int_const 0,int_const 0,int_const 0,int_const 0)"}},"functionReturnParameters":834,"id":840,"nodeType":"Return","src":"11803:19:1"}]},"documentation":{"id":824,"nodeType":"StructuredDocumentation","src":"11628:66:1","text":" @dev Return the zero curve in XYZZ coordinates."},"id":842,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_SetZero","nameLocation":"11708:12:1","nodeType":"FunctionDefinition","parameters":{"id":825,"nodeType":"ParameterList","parameters":[],"src":"11720:2:1"},"returnParameters":{"id":834,"nodeType":"ParameterList","parameters":[{"constant":false,"id":827,"mutability":"mutable","name":"x","nameLocation":"11754:1:1","nodeType":"VariableDeclaration","scope":842,"src":"11746:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":826,"name":"uint256","nodeType":"ElementaryTypeName","src":"11746:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":829,"mutability":"mutable","name":"y","nameLocation":"11765:1:1","nodeType":"VariableDeclaration","scope":842,"src":"11757:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":828,"name":"uint256","nodeType":"ElementaryTypeName","src":"11757:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":831,"mutability":"mutable","name":"zz","nameLocation":"11776:2:1","nodeType":"VariableDeclaration","scope":842,"src":"11768:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":830,"name":"uint256","nodeType":"ElementaryTypeName","src":"11768:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":833,"mutability":"mutable","name":"zzz","nameLocation":"11788:3:1","nodeType":"VariableDeclaration","scope":842,"src":"11780:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":832,"name":"uint256","nodeType":"ElementaryTypeName","src":"11780:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"11745:47:1"},"scope":1886,"src":"11699:130:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":860,"nodeType":"Block","src":"12052:31:1","statements":[{"expression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":858,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":856,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":847,"src":"12069:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":857,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12075:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"12069:7:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":855,"id":859,"nodeType":"Return","src":"12062:14:1"}]},"documentation":{"id":843,"nodeType":"StructuredDocumentation","src":"11834:66:1","text":" @dev Check if point is the neutral of the curve"},"id":861,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_IsZero","nameLocation":"11972:11:1","nodeType":"FunctionDefinition","parameters":{"id":852,"nodeType":"ParameterList","parameters":[{"constant":false,"id":845,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":861,"src":"11984:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":844,"name":"uint256","nodeType":"ElementaryTypeName","src":"11984:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":847,"mutability":"mutable","name":"y0","nameLocation":"12001:2:1","nodeType":"VariableDeclaration","scope":861,"src":"11993:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":846,"name":"uint256","nodeType":"ElementaryTypeName","src":"11993:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":849,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":861,"src":"12005:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":848,"name":"uint256","nodeType":"ElementaryTypeName","src":"12005:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":851,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":861,"src":"12014:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":850,"name":"uint256","nodeType":"ElementaryTypeName","src":"12014:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"11983:39:1"},"returnParameters":{"id":855,"nodeType":"ParameterList","parameters":[{"constant":false,"id":854,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":861,"src":"12046:4:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":853,"name":"bool","nodeType":"ElementaryTypeName","src":"12046:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"12045:6:1"},"scope":1886,"src":"11963:120:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":873,"nodeType":"Block","src":"12286:30:1","statements":[{"expression":{"components":[{"hexValue":"30","id":869,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12304:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":870,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12307:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"}],"id":871,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"TupleExpression","src":"12303:6:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_rational_0_by_1_$_t_rational_0_by_1_$","typeString":"tuple(int_const 0,int_const 0)"}},"functionReturnParameters":868,"id":872,"nodeType":"Return","src":"12296:13:1"}]},"documentation":{"id":862,"nodeType":"StructuredDocumentation","src":"12088:122:1","text":" @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)"},"id":874,"implemented":true,"kind":"function","modifiers":[],"name":"ecAff_SetZero","nameLocation":"12225:13:1","nodeType":"FunctionDefinition","parameters":{"id":863,"nodeType":"ParameterList","parameters":[],"src":"12238:2:1"},"returnParameters":{"id":868,"nodeType":"ParameterList","parameters":[{"constant":false,"id":865,"mutability":"mutable","name":"x","nameLocation":"12272:1:1","nodeType":"VariableDeclaration","scope":874,"src":"12264:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":864,"name":"uint256","nodeType":"ElementaryTypeName","src":"12264:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":867,"mutability":"mutable","name":"y","nameLocation":"12283:1:1","nodeType":"VariableDeclaration","scope":874,"src":"12275:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":866,"name":"uint256","nodeType":"ElementaryTypeName","src":"12275:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"12263:22:1"},"scope":1886,"src":"12216:100:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":889,"nodeType":"Block","src":"12507:32:1","statements":[{"expression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":886,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":884,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":879,"src":"12525:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":885,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12530:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"12525:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}}],"id":887,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"12524:8:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":883,"id":888,"nodeType":"Return","src":"12517:15:1"}]},"documentation":{"id":875,"nodeType":"StructuredDocumentation","src":"12322:75:1","text":" @dev Check if the curve is the zero curve in affine rep."},"id":890,"implemented":true,"kind":"function","modifiers":[],"name":"ecAff_IsZero","nameLocation":"12440:12:1","nodeType":"FunctionDefinition","parameters":{"id":880,"nodeType":"ParameterList","parameters":[{"constant":false,"id":877,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":890,"src":"12453:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":876,"name":"uint256","nodeType":"ElementaryTypeName","src":"12453:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":879,"mutability":"mutable","name":"y","nameLocation":"12470:1:1","nodeType":"VariableDeclaration","scope":890,"src":"12462:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":878,"name":"uint256","nodeType":"ElementaryTypeName","src":"12462:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"12452:20:1"},"returnParameters":{"id":883,"nodeType":"ParameterList","parameters":[{"constant":false,"id":882,"mutability":"mutable","name":"flag","nameLocation":"12501:4:1","nodeType":"VariableDeclaration","scope":890,"src":"12496:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":881,"name":"bool","nodeType":"ElementaryTypeName","src":"12496:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"12495:11:1"},"scope":1886,"src":"12431:108:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":960,"nodeType":"Block","src":"12750:356:1","statements":[{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":914,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":910,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":906,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":902,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"30","id":900,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12764:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":901,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12769:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"12764:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":905,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":903,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12774:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":904,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12779:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"12774:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"12764:16:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":909,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"30","id":907,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"12784:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":908,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":895,"src":"12789:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"12784:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"12764:26:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":913,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":911,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":895,"src":"12794:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":912,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12799:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"12794:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"12764:36:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":918,"nodeType":"IfStatement","src":"12760:79:1","trueBody":{"id":917,"nodeType":"Block","src":"12802:37:1","statements":[{"expression":{"hexValue":"66616c7365","id":915,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"12823:5:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"false"},"functionReturnParameters":899,"id":916,"nodeType":"Return","src":"12816:12:1"}]}},{"id":959,"nodeType":"UncheckedBlock","src":"12848:252:1","statements":[{"assignments":[920],"declarations":[{"constant":false,"id":920,"mutability":"mutable","name":"LHS","nameLocation":"12880:3:1","nodeType":"VariableDeclaration","scope":959,"src":"12872:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":919,"name":"uint256","nodeType":"ElementaryTypeName","src":"12872:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":926,"initialValue":{"arguments":[{"id":922,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":895,"src":"12893:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":923,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":895,"src":"12896:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":924,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12899:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":921,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"12886:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":925,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"12886:15:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"12872:29:1"},{"assignments":[928],"declarations":[{"constant":false,"id":928,"mutability":"mutable","name":"RHS","nameLocation":"12930:3:1","nodeType":"VariableDeclaration","scope":959,"src":"12922:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":927,"name":"uint256","nodeType":"ElementaryTypeName","src":"12922:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":946,"initialValue":{"arguments":[{"arguments":[{"arguments":[{"id":932,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12957:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":933,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12960:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":934,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12963:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":931,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"12950:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":935,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"12950:15:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":936,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12967:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":937,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12970:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":930,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"12943:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":938,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"12943:29:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":940,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":893,"src":"12981:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":941,"name":"a","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":258,"src":"12984:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":942,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12987:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":939,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"12974:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":943,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"12974:15:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":944,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"12991:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":929,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"12936:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":945,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"12936:57:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"12922:71:1"},{"expression":{"id":953,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":947,"name":"RHS","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":928,"src":"13017:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":949,"name":"RHS","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":928,"src":"13030:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":950,"name":"b","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":261,"src":"13035:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":951,"name":"p","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":255,"src":"13038:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":948,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"13023:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":952,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"13023:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"13017:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":954,"nodeType":"ExpressionStatement","src":"13017:23:1"},{"expression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":957,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":955,"name":"LHS","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":920,"src":"13079:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"id":956,"name":"RHS","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":928,"src":"13086:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"13079:10:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":899,"id":958,"nodeType":"Return","src":"13072:17:1"}]}]},"documentation":{"id":891,"nodeType":"StructuredDocumentation","src":"12545:124:1","text":" @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve)."},"id":961,"implemented":true,"kind":"function","modifiers":[],"name":"ecAff_isOnCurve","nameLocation":"12683:15:1","nodeType":"FunctionDefinition","parameters":{"id":896,"nodeType":"ParameterList","parameters":[{"constant":false,"id":893,"mutability":"mutable","name":"x","nameLocation":"12707:1:1","nodeType":"VariableDeclaration","scope":961,"src":"12699:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":892,"name":"uint256","nodeType":"ElementaryTypeName","src":"12699:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":895,"mutability":"mutable","name":"y","nameLocation":"12718:1:1","nodeType":"VariableDeclaration","scope":961,"src":"12710:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":894,"name":"uint256","nodeType":"ElementaryTypeName","src":"12710:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"12698:22:1"},"returnParameters":{"id":899,"nodeType":"ParameterList","parameters":[{"constant":false,"id":898,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":961,"src":"12744:4:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":897,"name":"bool","nodeType":"ElementaryTypeName","src":"12744:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"12743:6:1"},"scope":1886,"src":"12674:432:1","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":1023,"nodeType":"Block","src":"13302:265:1","statements":[{"assignments":[978],"declarations":[{"constant":false,"id":978,"mutability":"mutable","name":"zz0","nameLocation":"13320:3:1","nodeType":"VariableDeclaration","scope":1023,"src":"13312:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":977,"name":"uint256","nodeType":"ElementaryTypeName","src":"13312:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":979,"nodeType":"VariableDeclarationStatement","src":"13312:11:1"},{"assignments":[981],"declarations":[{"constant":false,"id":981,"mutability":"mutable","name":"zzz0","nameLocation":"13341:4:1","nodeType":"VariableDeclaration","scope":1023,"src":"13333:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":980,"name":"uint256","nodeType":"ElementaryTypeName","src":"13333:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":982,"nodeType":"VariableDeclarationStatement","src":"13333:12:1"},{"condition":{"arguments":[{"id":984,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":964,"src":"13373:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":985,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":966,"src":"13377:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":983,"name":"ecAff_IsZero","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":890,"src":"13360:12:1","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_uint256_$_t_uint256_$returns$_t_bool_$","typeString":"function (uint256,uint256) pure returns (bool)"}},"id":986,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"13360:20:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":991,"nodeType":"IfStatement","src":"13356:41:1","trueBody":{"expression":{"components":[{"id":987,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":968,"src":"13390:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":988,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":970,"src":"13394:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":989,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"13389:8:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"functionReturnParameters":976,"id":990,"nodeType":"Return","src":"13382:15:1"}},{"condition":{"arguments":[{"id":993,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":968,"src":"13424:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":994,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":970,"src":"13428:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":992,"name":"ecAff_IsZero","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":890,"src":"13411:12:1","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_uint256_$_t_uint256_$returns$_t_bool_$","typeString":"function (uint256,uint256) pure returns (bool)"}},"id":995,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"13411:20:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1000,"nodeType":"IfStatement","src":"13407:41:1","trueBody":{"expression":{"components":[{"id":996,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":964,"src":"13441:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":997,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":966,"src":"13445:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":998,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"13440:8:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"functionReturnParameters":976,"id":999,"nodeType":"Return","src":"13433:15:1"}},{"expression":{"id":1014,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"components":[{"id":1001,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":964,"src":"13460:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1002,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":966,"src":"13464:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1003,"name":"zz0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":978,"src":"13468:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1004,"name":"zzz0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":981,"src":"13473:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1005,"isConstant":false,"isInlineArray":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"TupleExpression","src":"13459:19:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":1007,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":964,"src":"13491:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1008,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":966,"src":"13495:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"hexValue":"31","id":1009,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"13499:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},{"hexValue":"31","id":1010,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"13502:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},{"id":1011,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":968,"src":"13505:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1012,"name":"y1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":970,"src":"13509:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1006,"name":"ecZZ_AddN","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":823,"src":"13481:9:1","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256,uint256,uint256) pure returns (uint256,uint256,uint256,uint256)"}},"id":1013,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"13481:31:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256,uint256,uint256)"}},"src":"13459:53:1","typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":1015,"nodeType":"ExpressionStatement","src":"13459:53:1"},{"expression":{"arguments":[{"id":1017,"name":"x0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":964,"src":"13542:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1018,"name":"y0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":966,"src":"13546:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1019,"name":"zz0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":978,"src":"13550:3:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1020,"name":"zzz0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":981,"src":"13555:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1016,"name":"ecZZ_SetAff","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":750,"src":"13530:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256,uint256)"}},"id":1021,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"13530:30:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"functionReturnParameters":976,"id":1022,"nodeType":"Return","src":"13523:37:1"}]},"documentation":{"id":962,"nodeType":"StructuredDocumentation","src":"13112:76:1","text":" @dev Add two elliptic curve points in affine coordinates."},"id":1024,"implemented":true,"kind":"function","modifiers":[],"name":"ecAff_add","nameLocation":"13203:9:1","nodeType":"FunctionDefinition","parameters":{"id":971,"nodeType":"ParameterList","parameters":[{"constant":false,"id":964,"mutability":"mutable","name":"x0","nameLocation":"13221:2:1","nodeType":"VariableDeclaration","scope":1024,"src":"13213:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":963,"name":"uint256","nodeType":"ElementaryTypeName","src":"13213:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":966,"mutability":"mutable","name":"y0","nameLocation":"13233:2:1","nodeType":"VariableDeclaration","scope":1024,"src":"13225:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":965,"name":"uint256","nodeType":"ElementaryTypeName","src":"13225:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":968,"mutability":"mutable","name":"x1","nameLocation":"13245:2:1","nodeType":"VariableDeclaration","scope":1024,"src":"13237:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":967,"name":"uint256","nodeType":"ElementaryTypeName","src":"13237:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":970,"mutability":"mutable","name":"y1","nameLocation":"13257:2:1","nodeType":"VariableDeclaration","scope":1024,"src":"13249:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":969,"name":"uint256","nodeType":"ElementaryTypeName","src":"13249:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"13212:48:1"},"returnParameters":{"id":976,"nodeType":"ParameterList","parameters":[{"constant":false,"id":973,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1024,"src":"13284:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":972,"name":"uint256","nodeType":"ElementaryTypeName","src":"13284:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":975,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1024,"src":"13293:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":974,"name":"uint256","nodeType":"ElementaryTypeName","src":"13293:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"13283:18:1"},"scope":1886,"src":"13194:373:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1082,"nodeType":"Block","src":"13932:6313:1","statements":[{"assignments":[1039],"declarations":[{"constant":false,"id":1039,"mutability":"mutable","name":"zz","nameLocation":"13950:2:1","nodeType":"VariableDeclaration","scope":1082,"src":"13942:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1038,"name":"uint256","nodeType":"ElementaryTypeName","src":"13942:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1040,"nodeType":"VariableDeclarationStatement","src":"13942:10:1"},{"assignments":[1042],"declarations":[{"constant":false,"id":1042,"mutability":"mutable","name":"zzz","nameLocation":"13970:3:1","nodeType":"VariableDeclaration","scope":1082,"src":"13962:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1041,"name":"uint256","nodeType":"ElementaryTypeName","src":"13962:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1043,"nodeType":"VariableDeclarationStatement","src":"13962:11:1"},{"assignments":[1045],"declarations":[{"constant":false,"id":1045,"mutability":"mutable","name":"Y","nameLocation":"13991:1:1","nodeType":"VariableDeclaration","scope":1082,"src":"13983:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1044,"name":"uint256","nodeType":"ElementaryTypeName","src":"13983:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1046,"nodeType":"VariableDeclarationStatement","src":"13983:9:1"},{"assignments":[1048],"declarations":[{"constant":false,"id":1048,"mutability":"mutable","name":"index","nameLocation":"14010:5:1","nodeType":"VariableDeclaration","scope":1082,"src":"14002:13:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1047,"name":"uint256","nodeType":"ElementaryTypeName","src":"14002:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1050,"initialValue":{"hexValue":"323535","id":1049,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"14018:3:1","typeDescriptions":{"typeIdentifier":"t_rational_255_by_1","typeString":"int_const 255"},"value":"255"},"nodeType":"VariableDeclarationStatement","src":"14002:19:1"},{"assignments":[1052],"declarations":[{"constant":false,"id":1052,"mutability":"mutable","name":"H0","nameLocation":"14039:2:1","nodeType":"VariableDeclaration","scope":1082,"src":"14031:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1051,"name":"uint256","nodeType":"ElementaryTypeName","src":"14031:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1053,"nodeType":"VariableDeclarationStatement","src":"14031:10:1"},{"assignments":[1055],"declarations":[{"constant":false,"id":1055,"mutability":"mutable","name":"H1","nameLocation":"14059:2:1","nodeType":"VariableDeclaration","scope":1082,"src":"14051:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1054,"name":"uint256","nodeType":"ElementaryTypeName","src":"14051:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1056,"nodeType":"VariableDeclarationStatement","src":"14051:10:1"},{"id":1079,"nodeType":"UncheckedBlock","src":"14072:6132:1","statements":[{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1063,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1059,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1057,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1031,"src":"14100:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1058,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"14112:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"14100:13:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"&&","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1062,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1060,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1033,"src":"14117:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1061,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"14129:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"14117:13:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"14100:30:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1066,"nodeType":"IfStatement","src":"14096:44:1","trueBody":{"expression":{"hexValue":"30","id":1064,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"14139:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"functionReturnParameters":1037,"id":1065,"nodeType":"Return","src":"14132:8:1"}},{"expression":{"id":1076,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"components":[{"id":1067,"name":"H0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1052,"src":"14156:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1068,"name":"H1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1055,"src":"14160:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1069,"isConstant":false,"isInlineArray":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"TupleExpression","src":"14155:8:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":1071,"name":"gx","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":264,"src":"14176:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1072,"name":"gy","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":267,"src":"14180:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1073,"name":"Q0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1027,"src":"14184:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1074,"name":"Q1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1029,"src":"14188:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1070,"name":"ecAff_add","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1024,"src":"14166:9:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256,uint256)"}},"id":1075,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"14166:25:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"src":"14155:36:1","typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":1077,"nodeType":"ExpressionStatement","src":"14155:36:1"},{"AST":{"nodeType":"YulBlock","src":"14269:5910:1","statements":[{"body":{"nodeType":"YulBlock","src":"14548:2:1","statements":[]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"14380:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"14384:1:1","type":"","value":"0"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"14377:2:1"},"nodeType":"YulFunctionCall","src":"14377:9:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"14387:160:1","statements":[{"nodeType":"YulAssignment","src":"14409:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14422:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"14429:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"14418:3:1"},"nodeType":"YulFunctionCall","src":"14418:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"14409:5:1"}]},{"nodeType":"YulAssignment","src":"14452:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"14466:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14477:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"14484:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14473:3:1"},"nodeType":"YulFunctionCall","src":"14473:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14495:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14469:3:1"},"nodeType":"YulFunctionCall","src":"14469:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"14462:3:1"},"nodeType":"YulFunctionCall","src":"14462:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14508:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"14515:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14504:3:1"},"nodeType":"YulFunctionCall","src":"14504:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14526:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14500:3:1"},"nodeType":"YulFunctionCall","src":"14500:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"14458:3:1"},"nodeType":"YulFunctionCall","src":"14458:71:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"14452:2:1"}]}]},"pre":{"nodeType":"YulBlock","src":"14291:85:1","statements":[{"nodeType":"YulVariableDeclaration","src":"14293:81:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"14311:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14322:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"14329:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14318:3:1"},"nodeType":"YulFunctionCall","src":"14318:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14340:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14314:3:1"},"nodeType":"YulFunctionCall","src":"14314:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"14307:3:1"},"nodeType":"YulFunctionCall","src":"14307:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14353:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"14360:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14349:3:1"},"nodeType":"YulFunctionCall","src":"14349:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14371:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14345:3:1"},"nodeType":"YulFunctionCall","src":"14345:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"14303:3:1"},"nodeType":"YulFunctionCall","src":"14303:71:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"14297:2:1","type":""}]}]},"src":"14287:263:1"},{"nodeType":"YulAssignment","src":"14567:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"14581:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14592:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"14599:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14588:3:1"},"nodeType":"YulFunctionCall","src":"14588:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14610:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14584:3:1"},"nodeType":"YulFunctionCall","src":"14584:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"14577:3:1"},"nodeType":"YulFunctionCall","src":"14577:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14623:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"14630:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"14619:3:1"},"nodeType":"YulFunctionCall","src":"14619:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"14641:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"14615:3:1"},"nodeType":"YulFunctionCall","src":"14615:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"14573:3:1"},"nodeType":"YulFunctionCall","src":"14573:71:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"14567:2:1"}]},{"body":{"nodeType":"YulBlock","src":"14675:75:1","statements":[{"nodeType":"YulAssignment","src":"14697:7:1","value":{"name":"gx","nodeType":"YulIdentifier","src":"14702:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"14697:1:1"}]},{"nodeType":"YulAssignment","src":"14725:7:1","value":{"name":"gy","nodeType":"YulIdentifier","src":"14730:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"14725:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"14668:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"14672:1:1","type":"","value":"1"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"14665:2:1"},"nodeType":"YulFunctionCall","src":"14665:9:1"},"nodeType":"YulIf","src":"14662:88:1"},{"body":{"nodeType":"YulBlock","src":"14780:75:1","statements":[{"nodeType":"YulAssignment","src":"14802:7:1","value":{"name":"Q0","nodeType":"YulIdentifier","src":"14807:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"14802:1:1"}]},{"nodeType":"YulAssignment","src":"14830:7:1","value":{"name":"Q1","nodeType":"YulIdentifier","src":"14835:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"14830:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"14773:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"14777:1:1","type":"","value":"2"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"14770:2:1"},"nodeType":"YulFunctionCall","src":"14770:9:1"},"nodeType":"YulIf","src":"14767:88:1"},{"body":{"nodeType":"YulBlock","src":"14885:75:1","statements":[{"nodeType":"YulAssignment","src":"14907:7:1","value":{"name":"H0","nodeType":"YulIdentifier","src":"14912:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"14907:1:1"}]},{"nodeType":"YulAssignment","src":"14935:7:1","value":{"name":"H1","nodeType":"YulIdentifier","src":"14940:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"14935:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"14878:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"14882:1:1","type":"","value":"3"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"14875:2:1"},"nodeType":"YulFunctionCall","src":"14875:9:1"},"nodeType":"YulIf","src":"14872:88:1"},{"nodeType":"YulAssignment","src":"14978:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"14991:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"14998:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"14987:3:1"},"nodeType":"YulFunctionCall","src":"14987:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"14978:5:1"}]},{"nodeType":"YulAssignment","src":"15017:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"15023:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"15017:2:1"}]},{"nodeType":"YulAssignment","src":"15041:8:1","value":{"kind":"number","nodeType":"YulLiteral","src":"15048:1:1","type":"","value":"1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"15041:3:1"}]},{"body":{"nodeType":"YulBlock","src":"15120:4061:1","statements":[{"nodeType":"YulVariableDeclaration","src":"15182:25:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15199:1:1","type":"","value":"2"},{"name":"Y","nodeType":"YulIdentifier","src":"15202:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"15205:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15192:6:1"},"nodeType":"YulFunctionCall","src":"15192:15:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"15186:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"15247:27:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"15264:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"15268:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15272:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15257:6:1"},"nodeType":"YulFunctionCall","src":"15257:17:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"15251:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"15304:26:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"15321:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"15324:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15328:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15314:6:1"},"nodeType":"YulFunctionCall","src":"15314:16:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"15308:2:1","type":""}]},{"nodeType":"YulAssignment","src":"15363:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"15376:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"15380:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15384:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15369:6:1"},"nodeType":"YulFunctionCall","src":"15369:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"15363:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"15415:77:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15432:1:1","type":"","value":"3"},{"arguments":[{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"15449:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"15456:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"15459:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"15452:3:1"},"nodeType":"YulFunctionCall","src":"15452:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"15464:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"15442:6:1"},"nodeType":"YulFunctionCall","src":"15442:24:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"15475:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"15478:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15482:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"15468:6:1"},"nodeType":"YulFunctionCall","src":"15468:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"15486:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15435:6:1"},"nodeType":"YulFunctionCall","src":"15435:53:1"},{"name":"p","nodeType":"YulIdentifier","src":"15490:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15425:6:1"},"nodeType":"YulFunctionCall","src":"15425:67:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"15419:2:1","type":""}]},{"nodeType":"YulAssignment","src":"15537:25:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"15551:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"15555:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"15560:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15544:6:1"},"nodeType":"YulFunctionCall","src":"15544:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"15537:3:1"}]},{"nodeType":"YulAssignment","src":"15597:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"15610:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"15614:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15618:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15603:6:1"},"nodeType":"YulFunctionCall","src":"15603:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"15597:2:1"}]},{"nodeType":"YulAssignment","src":"15662:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"15681:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"15685:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15689:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15674:6:1"},"nodeType":"YulFunctionCall","src":"15674:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"15700:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"15709:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15713:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15693:6:1"},"nodeType":"YulFunctionCall","src":"15693:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"15717:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"15667:6:1"},"nodeType":"YulFunctionCall","src":"15667:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"15662:1:1"}]},{"nodeType":"YulAssignment","src":"15752:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"15765:2:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"15776:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"15783:1:1"},{"name":"T3","nodeType":"YulIdentifier","src":"15786:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"15779:3:1"},"nodeType":"YulFunctionCall","src":"15779:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"15791:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"15769:6:1"},"nodeType":"YulFunctionCall","src":"15769:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"15795:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15758:6:1"},"nodeType":"YulFunctionCall","src":"15758:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"15752:2:1"}]},{"nodeType":"YulAssignment","src":"15837:36:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"15856:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"15860:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"15863:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"15849:6:1"},"nodeType":"YulFunctionCall","src":"15849:16:1"},{"name":"T2","nodeType":"YulIdentifier","src":"15867:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"15871:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"15842:6:1"},"nodeType":"YulFunctionCall","src":"15842:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"15837:1:1"}]},{"nodeType":"YulBlock","src":"15959:3204:1","statements":[{"nodeType":"YulAssignment","src":"16026:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16040:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"16051:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"16058:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"16047:3:1"},"nodeType":"YulFunctionCall","src":"16047:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"16069:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"16043:3:1"},"nodeType":"YulFunctionCall","src":"16043:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"16036:3:1"},"nodeType":"YulFunctionCall","src":"16036:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"16082:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"16089:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"16078:3:1"},"nodeType":"YulFunctionCall","src":"16078:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"16100:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"16074:3:1"},"nodeType":"YulFunctionCall","src":"16074:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"16032:3:1"},"nodeType":"YulFunctionCall","src":"16032:71:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"16026:2:1"}]},{"body":{"nodeType":"YulBlock","src":"16143:134:1","statements":[{"nodeType":"YulAssignment","src":"16173:14:1","value":{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"16182:1:1"},{"name":"Y","nodeType":"YulIdentifier","src":"16185:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"16178:3:1"},"nodeType":"YulFunctionCall","src":"16178:9:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"16173:1:1"}]},{"nodeType":"YulContinue","src":"16243:8:1"}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"16139:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"16132:6:1"},"nodeType":"YulFunctionCall","src":"16132:10:1"},"nodeType":"YulIf","src":"16129:148:1"},{"body":{"nodeType":"YulBlock","src":"16328:101:1","statements":[{"nodeType":"YulAssignment","src":"16358:8:1","value":{"name":"gx","nodeType":"YulIdentifier","src":"16364:2:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"16358:2:1"}]},{"nodeType":"YulAssignment","src":"16395:8:1","value":{"name":"gy","nodeType":"YulIdentifier","src":"16401:2:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"16395:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"16321:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"16325:1:1","type":"","value":"1"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"16318:2:1"},"nodeType":"YulFunctionCall","src":"16318:9:1"},"nodeType":"YulIf","src":"16315:114:1"},{"body":{"nodeType":"YulBlock","src":"16467:101:1","statements":[{"nodeType":"YulAssignment","src":"16497:8:1","value":{"name":"Q0","nodeType":"YulIdentifier","src":"16503:2:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"16497:2:1"}]},{"nodeType":"YulAssignment","src":"16534:8:1","value":{"name":"Q1","nodeType":"YulIdentifier","src":"16540:2:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"16534:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"16460:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"16464:1:1","type":"","value":"2"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"16457:2:1"},"nodeType":"YulFunctionCall","src":"16457:9:1"},"nodeType":"YulIf","src":"16454:114:1"},{"body":{"nodeType":"YulBlock","src":"16606:101:1","statements":[{"nodeType":"YulAssignment","src":"16636:8:1","value":{"name":"H0","nodeType":"YulIdentifier","src":"16642:2:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"16636:2:1"}]},{"nodeType":"YulAssignment","src":"16673:8:1","value":{"name":"H1","nodeType":"YulIdentifier","src":"16679:2:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"16673:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"16599:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"16603:1:1","type":"","value":"3"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"16596:2:1"},"nodeType":"YulFunctionCall","src":"16596:9:1"},"nodeType":"YulIf","src":"16593:114:1"},{"body":{"nodeType":"YulBlock","src":"16746:209:1","statements":[{"nodeType":"YulAssignment","src":"16776:7:1","value":{"name":"T1","nodeType":"YulIdentifier","src":"16781:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"16776:1:1"}]},{"nodeType":"YulAssignment","src":"16812:7:1","value":{"name":"T2","nodeType":"YulIdentifier","src":"16817:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"16812:1:1"}]},{"nodeType":"YulAssignment","src":"16848:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"16854:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"16848:2:1"}]},{"nodeType":"YulAssignment","src":"16884:8:1","value":{"kind":"number","nodeType":"YulLiteral","src":"16891:1:1","type":"","value":"1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"16884:3:1"}]},{"nodeType":"YulContinue","src":"16921:8:1"}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"16742:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"16735:6:1"},"nodeType":"YulFunctionCall","src":"16735:10:1"},"nodeType":"YulIf","src":"16732:223:1"},{"nodeType":"YulVariableDeclaration","src":"17098:42:1","value":{"arguments":[{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"17122:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"17126:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"17131:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17115:6:1"},"nodeType":"YulFunctionCall","src":"17115:18:1"},{"name":"Y","nodeType":"YulIdentifier","src":"17135:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"17138:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"17108:6:1"},"nodeType":"YulFunctionCall","src":"17108:32:1"},"variables":[{"name":"y2","nodeType":"YulTypedName","src":"17102:2:1","type":""}]},{"nodeType":"YulAssignment","src":"17169:45:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"17189:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"17193:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"17197:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17182:6:1"},"nodeType":"YulFunctionCall","src":"17182:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"17205:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"17208:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"17201:3:1"},"nodeType":"YulFunctionCall","src":"17201:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"17212:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"17175:6:1"},"nodeType":"YulFunctionCall","src":"17175:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"17169:2:1"}]},{"body":{"nodeType":"YulBlock","src":"17443:1118:1","statements":[{"body":{"nodeType":"YulBlock","src":"17487:1048:1","statements":[{"nodeType":"YulAssignment","src":"17521:27:1","value":{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"17534:7:1"},{"name":"Y","nodeType":"YulIdentifier","src":"17543:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"17546:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17527:6:1"},"nodeType":"YulFunctionCall","src":"17527:21:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"17521:2:1"}]},{"nodeType":"YulAssignment","src":"17600:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"17613:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"17617:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"17621:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17606:6:1"},"nodeType":"YulFunctionCall","src":"17606:17:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"17600:2:1"}]},{"nodeType":"YulAssignment","src":"17665:22:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"17678:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"17681:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"17685:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17671:6:1"},"nodeType":"YulFunctionCall","src":"17671:16:1"},"variableNames":[{"name":"T3","nodeType":"YulIdentifier","src":"17665:2:1"}]},{"nodeType":"YulAssignment","src":"17733:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"17746:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"17750:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"17754:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17739:6:1"},"nodeType":"YulFunctionCall","src":"17739:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"17733:2:1"}]},{"nodeType":"YulAssignment","src":"17797:22:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"17810:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"17813:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"17817:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"17803:6:1"},"nodeType":"YulFunctionCall","src":"17803:16:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"17797:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"17860:35:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"17878:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"17885:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"17888:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"17881:3:1"},"nodeType":"YulFunctionCall","src":"17881:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"17893:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"17871:6:1"},"nodeType":"YulFunctionCall","src":"17871:24:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"17864:3:1","type":""}]},{"nodeType":"YulAssignment","src":"17935:24:1","value":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"17948:2:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"17952:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"17957:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"17941:6:1"},"nodeType":"YulFunctionCall","src":"17941:18:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"17935:2:1"}]},{"nodeType":"YulAssignment","src":"18007:22:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"18020:1:1","type":"","value":"3"},{"name":"y2","nodeType":"YulIdentifier","src":"18023:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18027:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18013:6:1"},"nodeType":"YulFunctionCall","src":"18013:16:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"18007:2:1"}]},{"nodeType":"YulAssignment","src":"18067:26:1","value":{"arguments":[{"name":"TT1","nodeType":"YulIdentifier","src":"18081:3:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"18086:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"18091:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18074:6:1"},"nodeType":"YulFunctionCall","src":"18074:19:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"18067:3:1"}]},{"nodeType":"YulAssignment","src":"18140:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"18153:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"18157:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18161:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18146:6:1"},"nodeType":"YulFunctionCall","src":"18146:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"18140:2:1"}]},{"nodeType":"YulAssignment","src":"18217:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"18236:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"18240:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18244:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18229:6:1"},"nodeType":"YulFunctionCall","src":"18229:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"18255:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"18264:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18268:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18248:6:1"},"nodeType":"YulFunctionCall","src":"18248:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"18272:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"18222:6:1"},"nodeType":"YulFunctionCall","src":"18222:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"18217:1:1"}]},{"nodeType":"YulAssignment","src":"18319:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"18332:2:1"},{"arguments":[{"name":"T3","nodeType":"YulIdentifier","src":"18343:2:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"18351:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"18354:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"18347:3:1"},"nodeType":"YulFunctionCall","src":"18347:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"18358:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"18336:6:1"},"nodeType":"YulFunctionCall","src":"18336:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"18362:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18325:6:1"},"nodeType":"YulFunctionCall","src":"18325:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"18319:2:1"}]},{"nodeType":"YulAssignment","src":"18408:36:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"18420:2:1"},{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"18431:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"18435:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"18438:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18424:6:1"},"nodeType":"YulFunctionCall","src":"18424:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"18442:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"18413:6:1"},"nodeType":"YulFunctionCall","src":"18413:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"18408:1:1"}]},{"nodeType":"YulContinue","src":"18497:8:1"}]},"condition":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"17483:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"17476:6:1"},"nodeType":"YulFunctionCall","src":"17476:10:1"},"nodeType":"YulIf","src":"17473:1062:1"}]},"condition":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"17439:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"17432:6:1"},"nodeType":"YulFunctionCall","src":"17432:10:1"},"nodeType":"YulIf","src":"17429:1132:1"},{"nodeType":"YulAssignment","src":"18587:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"18600:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"18604:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18608:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18593:6:1"},"nodeType":"YulFunctionCall","src":"18593:17:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"18587:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"18640:28:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"18658:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"18662:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18666:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18651:6:1"},"nodeType":"YulFunctionCall","src":"18651:17:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"18644:3:1","type":""}]},{"nodeType":"YulAssignment","src":"18761:23:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"18774:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"18778:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18782:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18767:6:1"},"nodeType":"YulFunctionCall","src":"18767:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"18761:2:1"}]},{"nodeType":"YulAssignment","src":"18809:26:1","value":{"arguments":[{"name":"zzz","nodeType":"YulIdentifier","src":"18823:3:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"18828:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"18833:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18816:6:1"},"nodeType":"YulFunctionCall","src":"18816:19:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"18809:3:1"}]},{"nodeType":"YulVariableDeclaration","src":"18872:27:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"18890:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"18893:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18897:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18883:6:1"},"nodeType":"YulFunctionCall","src":"18883:16:1"},"variables":[{"name":"TT2","nodeType":"YulTypedName","src":"18876:3:1","type":""}]},{"nodeType":"YulAssignment","src":"18924:83:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"18951:2:1"},{"name":"y2","nodeType":"YulIdentifier","src":"18955:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"18959:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18944:6:1"},"nodeType":"YulFunctionCall","src":"18944:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"18967:1:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"18970:3:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"18963:3:1"},"nodeType":"YulFunctionCall","src":"18963:11:1"},{"name":"p","nodeType":"YulIdentifier","src":"18976:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"18937:6:1"},"nodeType":"YulFunctionCall","src":"18937:41:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"18987:7:1"},{"name":"TT2","nodeType":"YulIdentifier","src":"18996:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"19001:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"18980:6:1"},"nodeType":"YulFunctionCall","src":"18980:23:1"},{"name":"p","nodeType":"YulIdentifier","src":"19005:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"18930:6:1"},"nodeType":"YulFunctionCall","src":"18930:77:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"18924:2:1"}]},{"nodeType":"YulAssignment","src":"19032:76:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"TT2","nodeType":"YulIdentifier","src":"19058:3:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"19067:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"19070:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"19063:3:1"},"nodeType":"YulFunctionCall","src":"19063:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"19075:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"19051:6:1"},"nodeType":"YulFunctionCall","src":"19051:26:1"},{"name":"y2","nodeType":"YulIdentifier","src":"19079:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"19083:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"19044:6:1"},"nodeType":"YulFunctionCall","src":"19044:41:1"},{"arguments":[{"name":"Y","nodeType":"YulIdentifier","src":"19094:1:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"19097:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"19102:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"19087:6:1"},"nodeType":"YulFunctionCall","src":"19087:17:1"},{"name":"p","nodeType":"YulIdentifier","src":"19106:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"19037:6:1"},"nodeType":"YulFunctionCall","src":"19037:71:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"19032:1:1"}]},{"nodeType":"YulAssignment","src":"19134:7:1","value":{"name":"T4","nodeType":"YulIdentifier","src":"19139:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"19134:1:1"}]}]}]},"condition":{"arguments":[{"name":"minus_1","nodeType":"YulIdentifier","src":"15077:7:1"},{"name":"index","nodeType":"YulIdentifier","src":"15086:5:1"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"15074:2:1"},"nodeType":"YulFunctionCall","src":"15074:18:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"15093:26:1","statements":[{"nodeType":"YulAssignment","src":"15095:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"15108:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"15115:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"15104:3:1"},"nodeType":"YulFunctionCall","src":"15104:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"15095:5:1"}]}]},"pre":{"nodeType":"YulBlock","src":"15071:2:1","statements":[]},"src":"15067:4114:1"},{"nodeType":"YulVariableDeclaration","src":"19209:20:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"19224:4:1","type":"","value":"0x40"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19218:5:1"},"nodeType":"YulFunctionCall","src":"19218:11:1"},"variables":[{"name":"T","nodeType":"YulTypedName","src":"19213:1:1","type":""}]},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19257:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19260:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19253:3:1"},"nodeType":"YulFunctionCall","src":"19253:12:1"},{"name":"zz","nodeType":"YulIdentifier","src":"19267:2:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19246:6:1"},"nodeType":"YulFunctionCall","src":"19246:24:1"},"nodeType":"YulExpressionStatement","src":"19246:24:1"},{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19529:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19532:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19522:6:1"},"nodeType":"YulFunctionCall","src":"19522:15:1"},"nodeType":"YulExpressionStatement","src":"19522:15:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19565:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19568:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19561:3:1"},"nodeType":"YulFunctionCall","src":"19561:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"19575:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19554:6:1"},"nodeType":"YulFunctionCall","src":"19554:26:1"},"nodeType":"YulExpressionStatement","src":"19554:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19608:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19611:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19604:3:1"},"nodeType":"YulFunctionCall","src":"19604:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"19618:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19597:6:1"},"nodeType":"YulFunctionCall","src":"19597:26:1"},"nodeType":"YulExpressionStatement","src":"19597:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19762:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19765:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19758:3:1"},"nodeType":"YulFunctionCall","src":"19758:12:1"},{"name":"minus_2","nodeType":"YulIdentifier","src":"19772:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19751:6:1"},"nodeType":"YulFunctionCall","src":"19751:29:1"},"nodeType":"YulExpressionStatement","src":"19751:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"19808:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19811:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19804:3:1"},"nodeType":"YulFunctionCall","src":"19804:12:1"},{"name":"p","nodeType":"YulIdentifier","src":"19818:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"19797:6:1"},"nodeType":"YulFunctionCall","src":"19797:23:1"},"nodeType":"YulExpressionStatement","src":"19797:23:1"},{"body":{"nodeType":"YulBlock","src":"19955:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"19964:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"19967:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"19957:6:1"},"nodeType":"YulFunctionCall","src":"19957:12:1"},"nodeType":"YulExpressionStatement","src":"19957:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"19926:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"19922:3:1"},"nodeType":"YulFunctionCall","src":"19922:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"19930:4:1","type":"","value":"0x05"},{"name":"T","nodeType":"YulIdentifier","src":"19936:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19939:4:1","type":"","value":"0xc0"},{"name":"T","nodeType":"YulIdentifier","src":"19945:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"19948:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"19911:10:1"},"nodeType":"YulFunctionCall","src":"19911:42:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"19904:6:1"},"nodeType":"YulFunctionCall","src":"19904:50:1"},"nodeType":"YulIf","src":"19901:70:1"},{"nodeType":"YulAssignment","src":"20131:27:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"20143:1:1"},{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"20152:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"20146:5:1"},"nodeType":"YulFunctionCall","src":"20146:8:1"},{"name":"p","nodeType":"YulIdentifier","src":"20156:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"20136:6:1"},"nodeType":"YulFunctionCall","src":"20136:22:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"20131:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1052,"isOffset":false,"isSlot":false,"src":"14912:2:1","valueSize":1},{"declaration":1052,"isOffset":false,"isSlot":false,"src":"16642:2:1","valueSize":1},{"declaration":1055,"isOffset":false,"isSlot":false,"src":"14940:2:1","valueSize":1},{"declaration":1055,"isOffset":false,"isSlot":false,"src":"16679:2:1","valueSize":1},{"declaration":1027,"isOffset":false,"isSlot":false,"src":"14807:2:1","valueSize":1},{"declaration":1027,"isOffset":false,"isSlot":false,"src":"16503:2:1","valueSize":1},{"declaration":1029,"isOffset":false,"isSlot":false,"src":"14835:2:1","valueSize":1},{"declaration":1029,"isOffset":false,"isSlot":false,"src":"16540:2:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"14697:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"14802:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"14907:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"15321:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"15449:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"15475:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"15662:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"15776:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"16776:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"17208:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"17678:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"17810:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"17878:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"18217:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"18354:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"18890:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"19134:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"20131:1:1","valueSize":1},{"declaration":1036,"isOffset":false,"isSlot":false,"src":"20143:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"14725:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"14830:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"14935:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"15202:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"15837:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"15860:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"16173:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"16185:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"16812:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"17135:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"17543:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"18408:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"18435:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"19032:1:1","valueSize":1},{"declaration":1045,"isOffset":false,"isSlot":false,"src":"19094:1:1","valueSize":1},{"declaration":264,"isOffset":false,"isSlot":false,"src":"14702:2:1","valueSize":1},{"declaration":264,"isOffset":false,"isSlot":false,"src":"16364:2:1","valueSize":1},{"declaration":267,"isOffset":false,"isSlot":false,"src":"14730:2:1","valueSize":1},{"declaration":267,"isOffset":false,"isSlot":false,"src":"16401:2:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14322:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14353:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14409:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14422:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14477:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14508:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14592:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14623:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14978:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"14991:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"15086:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"15095:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"15108:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"16051:5:1","valueSize":1},{"declaration":1048,"isOffset":false,"isSlot":false,"src":"16082:5:1","valueSize":1},{"declaration":279,"isOffset":false,"isSlot":false,"src":"15077:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"15700:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"17534:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"18255:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"18987:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"19772:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15205:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15272:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15328:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15384:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15456:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15464:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15482:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15486:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15490:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15560:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15618:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15689:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15713:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15717:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15783:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15791:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15795:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15863:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"15871:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"16182:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17131:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17138:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17197:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17205:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17212:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17546:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17621:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17685:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17754:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17817:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17885:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17893:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"17957:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18027:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18091:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18161:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18244:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18268:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18272:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18351:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18358:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18362:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18438:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18442:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18608:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18666:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18782:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18833:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18897:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18959:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18967:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"18976:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19001:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19005:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19067:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19075:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19083:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19102:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19106:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"19818:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"20156:1:1","valueSize":1},{"declaration":1031,"isOffset":false,"isSlot":false,"src":"14360:8:1","valueSize":1},{"declaration":1031,"isOffset":false,"isSlot":false,"src":"14515:8:1","valueSize":1},{"declaration":1031,"isOffset":false,"isSlot":false,"src":"14630:8:1","valueSize":1},{"declaration":1031,"isOffset":false,"isSlot":false,"src":"16089:8:1","valueSize":1},{"declaration":1033,"isOffset":false,"isSlot":false,"src":"14329:8:1","valueSize":1},{"declaration":1033,"isOffset":false,"isSlot":false,"src":"14484:8:1","valueSize":1},{"declaration":1033,"isOffset":false,"isSlot":false,"src":"14599:8:1","valueSize":1},{"declaration":1033,"isOffset":false,"isSlot":false,"src":"16058:8:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"14567:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"14668:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"14773:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"14878:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"15017:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"15459:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"15478:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"15597:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"15614:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"16742:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"16848:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"17193:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"17813:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"17888:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"18140:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"18157:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"18761:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"18774:2:1","valueSize":1},{"declaration":1039,"isOffset":false,"isSlot":false,"src":"19267:2:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"15041:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"15537:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"15555:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"16884:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"17126:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"18067:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"18086:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"18809:3:1","valueSize":1},{"declaration":1042,"isOffset":false,"isSlot":false,"src":"18823:3:1","valueSize":1}],"id":1078,"nodeType":"InlineAssembly","src":"14260:5919:1"}]},{"expression":{"id":1080,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1036,"src":"20237:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"functionReturnParameters":1037,"id":1081,"nodeType":"Return","src":"20230:8:1"}]},"documentation":{"id":1025,"nodeType":"StructuredDocumentation","src":"13573:161:1","text":" @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n Returns only x for ECDSA use \n "},"id":1083,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_mulmuladd_S_asm","nameLocation":"13748:20:1","nodeType":"FunctionDefinition","parameters":{"id":1034,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1027,"mutability":"mutable","name":"Q0","nameLocation":"13786:2:1","nodeType":"VariableDeclaration","scope":1083,"src":"13778:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1026,"name":"uint256","nodeType":"ElementaryTypeName","src":"13778:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1029,"mutability":"mutable","name":"Q1","nameLocation":"13806:2:1","nodeType":"VariableDeclaration","scope":1083,"src":"13798:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1028,"name":"uint256","nodeType":"ElementaryTypeName","src":"13798:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1031,"mutability":"mutable","name":"scalar_u","nameLocation":"13857:8:1","nodeType":"VariableDeclaration","scope":1083,"src":"13849:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1030,"name":"uint256","nodeType":"ElementaryTypeName","src":"13849:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1033,"mutability":"mutable","name":"scalar_v","nameLocation":"13883:8:1","nodeType":"VariableDeclaration","scope":1083,"src":"13875:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1032,"name":"uint256","nodeType":"ElementaryTypeName","src":"13875:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"13768:129:1"},"returnParameters":{"id":1037,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1036,"mutability":"mutable","name":"X","nameLocation":"13929:1:1","nodeType":"VariableDeclaration","scope":1083,"src":"13921:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1035,"name":"uint256","nodeType":"ElementaryTypeName","src":"13921:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"13920:11:1"},"scope":1886,"src":"13739:6506:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1156,"nodeType":"Block","src":"20634:6321:1","statements":[{"assignments":[1100],"declarations":[{"constant":false,"id":1100,"mutability":"mutable","name":"zz","nameLocation":"20652:2:1","nodeType":"VariableDeclaration","scope":1156,"src":"20644:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1099,"name":"uint256","nodeType":"ElementaryTypeName","src":"20644:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1101,"nodeType":"VariableDeclarationStatement","src":"20644:10:1"},{"assignments":[1103],"declarations":[{"constant":false,"id":1103,"mutability":"mutable","name":"zzz","nameLocation":"20672:3:1","nodeType":"VariableDeclaration","scope":1156,"src":"20664:11:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1102,"name":"uint256","nodeType":"ElementaryTypeName","src":"20664:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1104,"nodeType":"VariableDeclarationStatement","src":"20664:11:1"},{"assignments":[1106],"declarations":[{"constant":false,"id":1106,"mutability":"mutable","name":"index","nameLocation":"20693:5:1","nodeType":"VariableDeclaration","scope":1156,"src":"20685:13:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1105,"name":"uint256","nodeType":"ElementaryTypeName","src":"20685:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1108,"initialValue":{"hexValue":"323535","id":1107,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20701:3:1","typeDescriptions":{"typeIdentifier":"t_rational_255_by_1","typeString":"int_const 255"},"value":"255"},"nodeType":"VariableDeclarationStatement","src":"20685:19:1"},{"assignments":[1114],"declarations":[{"constant":false,"id":1114,"mutability":"mutable","name":"T","nameLocation":"20732:1:1","nodeType":"VariableDeclaration","scope":1156,"src":"20714:19:1","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6]"},"typeName":{"baseType":{"id":1112,"name":"uint256","nodeType":"ElementaryTypeName","src":"20714:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1113,"length":{"hexValue":"36","id":1111,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20722:1:1","typeDescriptions":{"typeIdentifier":"t_rational_6_by_1","typeString":"int_const 6"},"value":"6"},"nodeType":"ArrayTypeName","src":"20714:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_storage_ptr","typeString":"uint256[6]"}},"visibility":"internal"}],"id":1115,"nodeType":"VariableDeclarationStatement","src":"20714:19:1"},{"assignments":[1121],"declarations":[{"constant":false,"id":1121,"mutability":"mutable","name":"H","nameLocation":"20761:1:1","nodeType":"VariableDeclaration","scope":1156,"src":"20743:19:1","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1119,"name":"uint256","nodeType":"ElementaryTypeName","src":"20743:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1120,"length":{"hexValue":"32","id":1118,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20751:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"20743:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"id":1122,"nodeType":"VariableDeclarationStatement","src":"20743:19:1"},{"id":1151,"nodeType":"UncheckedBlock","src":"20774:6136:1","statements":[{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1129,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1125,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1123,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1090,"src":"20802:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1124,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20814:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"20802:13:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"&&","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1128,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1126,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1092,"src":"20819:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1127,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20831:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"20819:13:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"20802:30:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1134,"nodeType":"IfStatement","src":"20798:48:1","trueBody":{"expression":{"components":[{"hexValue":"30","id":1130,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20842:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":1131,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20844:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"}],"id":1132,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"TupleExpression","src":"20841:5:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_rational_0_by_1_$_t_rational_0_by_1_$","typeString":"tuple(int_const 0,int_const 0)"}},"functionReturnParameters":1098,"id":1133,"nodeType":"Return","src":"20834:12:1"}},{"expression":{"id":1148,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"components":[{"baseExpression":{"id":1135,"name":"H","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1121,"src":"20862:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"}},"id":1137,"indexExpression":{"hexValue":"30","id":1136,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20864:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"20862:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"baseExpression":{"id":1138,"name":"H","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1121,"src":"20868:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"}},"id":1140,"indexExpression":{"hexValue":"31","id":1139,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"20870:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"20868:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1141,"isConstant":false,"isInlineArray":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"TupleExpression","src":"20861:12:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":1143,"name":"gx","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":264,"src":"20886:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1144,"name":"gy","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":267,"src":"20890:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1145,"name":"Q0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1086,"src":"20894:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1146,"name":"Q1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1088,"src":"20898:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1142,"name":"ecAff_add","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1024,"src":"20876:9:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256,uint256)"}},"id":1147,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"20876:25:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"src":"20861:40:1","typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":1149,"nodeType":"ExpressionStatement","src":"20861:40:1"},{"AST":{"nodeType":"YulBlock","src":"20979:5906:1","statements":[{"body":{"nodeType":"YulBlock","src":"21258:2:1","statements":[]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"21090:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"21094:1:1","type":"","value":"0"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"21087:2:1"},"nodeType":"YulFunctionCall","src":"21087:9:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"21097:160:1","statements":[{"nodeType":"YulAssignment","src":"21119:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21132:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"21139:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"21128:3:1"},"nodeType":"YulFunctionCall","src":"21128:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"21119:5:1"}]},{"nodeType":"YulAssignment","src":"21162:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"21176:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21187:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"21194:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21183:3:1"},"nodeType":"YulFunctionCall","src":"21183:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21205:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21179:3:1"},"nodeType":"YulFunctionCall","src":"21179:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"21172:3:1"},"nodeType":"YulFunctionCall","src":"21172:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21218:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"21225:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21214:3:1"},"nodeType":"YulFunctionCall","src":"21214:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21236:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21210:3:1"},"nodeType":"YulFunctionCall","src":"21210:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"21168:3:1"},"nodeType":"YulFunctionCall","src":"21168:71:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"21162:2:1"}]}]},"pre":{"nodeType":"YulBlock","src":"21001:85:1","statements":[{"nodeType":"YulVariableDeclaration","src":"21003:81:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"21021:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21032:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"21039:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21028:3:1"},"nodeType":"YulFunctionCall","src":"21028:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21050:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21024:3:1"},"nodeType":"YulFunctionCall","src":"21024:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"21017:3:1"},"nodeType":"YulFunctionCall","src":"21017:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21063:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"21070:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21059:3:1"},"nodeType":"YulFunctionCall","src":"21059:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21081:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21055:3:1"},"nodeType":"YulFunctionCall","src":"21055:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"21013:3:1"},"nodeType":"YulFunctionCall","src":"21013:71:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"21007:2:1","type":""}]}]},"src":"20997:263:1"},{"nodeType":"YulAssignment","src":"21277:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"21291:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21302:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"21309:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21298:3:1"},"nodeType":"YulFunctionCall","src":"21298:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21320:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21294:3:1"},"nodeType":"YulFunctionCall","src":"21294:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"21287:3:1"},"nodeType":"YulFunctionCall","src":"21287:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21333:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"21340:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"21329:3:1"},"nodeType":"YulFunctionCall","src":"21329:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"21351:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"21325:3:1"},"nodeType":"YulFunctionCall","src":"21325:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"21283:3:1"},"nodeType":"YulFunctionCall","src":"21283:71:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"21277:2:1"}]},{"body":{"nodeType":"YulBlock","src":"21385:75:1","statements":[{"nodeType":"YulAssignment","src":"21407:7:1","value":{"name":"gx","nodeType":"YulIdentifier","src":"21412:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"21407:1:1"}]},{"nodeType":"YulAssignment","src":"21435:7:1","value":{"name":"gy","nodeType":"YulIdentifier","src":"21440:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"21435:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"21378:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"21382:1:1","type":"","value":"1"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"21375:2:1"},"nodeType":"YulFunctionCall","src":"21375:9:1"},"nodeType":"YulIf","src":"21372:88:1"},{"body":{"nodeType":"YulBlock","src":"21490:75:1","statements":[{"nodeType":"YulAssignment","src":"21512:7:1","value":{"name":"Q0","nodeType":"YulIdentifier","src":"21517:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"21512:1:1"}]},{"nodeType":"YulAssignment","src":"21540:7:1","value":{"name":"Q1","nodeType":"YulIdentifier","src":"21545:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"21540:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"21483:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"21487:1:1","type":"","value":"2"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"21480:2:1"},"nodeType":"YulFunctionCall","src":"21480:9:1"},"nodeType":"YulIf","src":"21477:88:1"},{"body":{"nodeType":"YulBlock","src":"21595:95:1","statements":[{"nodeType":"YulAssignment","src":"21617:21:1","value":{"arguments":[{"arguments":[{"name":"H","nodeType":"YulIdentifier","src":"21632:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"21634:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"21628:3:1"},"nodeType":"YulFunctionCall","src":"21628:9:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"21622:5:1"},"nodeType":"YulFunctionCall","src":"21622:16:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"21617:1:1"}]},{"nodeType":"YulAssignment","src":"21659:13:1","value":{"arguments":[{"name":"H","nodeType":"YulIdentifier","src":"21670:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"21664:5:1"},"nodeType":"YulFunctionCall","src":"21664:8:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"21659:1:1"}]}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"21588:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"21592:1:1","type":"","value":"3"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"21585:2:1"},"nodeType":"YulFunctionCall","src":"21585:9:1"},"nodeType":"YulIf","src":"21582:108:1"},{"nodeType":"YulAssignment","src":"21708:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21721:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"21728:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"21717:3:1"},"nodeType":"YulFunctionCall","src":"21717:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"21708:5:1"}]},{"nodeType":"YulAssignment","src":"21747:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"21753:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"21747:2:1"}]},{"nodeType":"YulAssignment","src":"21771:8:1","value":{"kind":"number","nodeType":"YulLiteral","src":"21778:1:1","type":"","value":"1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"21771:3:1"}]},{"body":{"nodeType":"YulBlock","src":"21850:4080:1","statements":[{"nodeType":"YulVariableDeclaration","src":"21912:25:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"21929:1:1","type":"","value":"2"},{"name":"Y","nodeType":"YulIdentifier","src":"21932:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"21935:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"21922:6:1"},"nodeType":"YulFunctionCall","src":"21922:15:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"21916:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"21977:27:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"21994:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"21998:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22002:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"21987:6:1"},"nodeType":"YulFunctionCall","src":"21987:17:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"21981:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"22034:26:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"22051:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"22054:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22058:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22044:6:1"},"nodeType":"YulFunctionCall","src":"22044:16:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"22038:2:1","type":""}]},{"nodeType":"YulAssignment","src":"22093:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"22106:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"22110:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22114:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22099:6:1"},"nodeType":"YulFunctionCall","src":"22099:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"22093:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"22145:77:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"22162:1:1","type":"","value":"3"},{"arguments":[{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"22179:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"22186:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"22189:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"22182:3:1"},"nodeType":"YulFunctionCall","src":"22182:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"22194:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"22172:6:1"},"nodeType":"YulFunctionCall","src":"22172:24:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"22205:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"22208:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22212:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"22198:6:1"},"nodeType":"YulFunctionCall","src":"22198:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"22216:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22165:6:1"},"nodeType":"YulFunctionCall","src":"22165:53:1"},{"name":"p","nodeType":"YulIdentifier","src":"22220:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22155:6:1"},"nodeType":"YulFunctionCall","src":"22155:67:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"22149:2:1","type":""}]},{"nodeType":"YulAssignment","src":"22267:25:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"22281:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"22285:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"22290:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22274:6:1"},"nodeType":"YulFunctionCall","src":"22274:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"22267:3:1"}]},{"nodeType":"YulAssignment","src":"22327:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"22340:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"22344:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22348:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22333:6:1"},"nodeType":"YulFunctionCall","src":"22333:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"22327:2:1"}]},{"nodeType":"YulAssignment","src":"22392:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"22411:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"22415:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22419:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22404:6:1"},"nodeType":"YulFunctionCall","src":"22404:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"22430:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"22439:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22443:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22423:6:1"},"nodeType":"YulFunctionCall","src":"22423:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"22447:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"22397:6:1"},"nodeType":"YulFunctionCall","src":"22397:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"22392:1:1"}]},{"nodeType":"YulAssignment","src":"22482:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"22495:2:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"22506:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"22513:1:1"},{"name":"T3","nodeType":"YulIdentifier","src":"22516:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"22509:3:1"},"nodeType":"YulFunctionCall","src":"22509:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"22521:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"22499:6:1"},"nodeType":"YulFunctionCall","src":"22499:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"22525:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22488:6:1"},"nodeType":"YulFunctionCall","src":"22488:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"22482:2:1"}]},{"nodeType":"YulAssignment","src":"22567:36:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"22586:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"22590:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"22593:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"22579:6:1"},"nodeType":"YulFunctionCall","src":"22579:16:1"},{"name":"T2","nodeType":"YulIdentifier","src":"22597:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"22601:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"22572:6:1"},"nodeType":"YulFunctionCall","src":"22572:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"22567:1:1"}]},{"nodeType":"YulBlock","src":"22689:3223:1","statements":[{"nodeType":"YulAssignment","src":"22756:77:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"22770:1:1","type":"","value":"1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"22781:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"22788:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"22777:3:1"},"nodeType":"YulFunctionCall","src":"22777:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"22799:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"22773:3:1"},"nodeType":"YulFunctionCall","src":"22773:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"22766:3:1"},"nodeType":"YulFunctionCall","src":"22766:36:1"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"22812:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"22819:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"22808:3:1"},"nodeType":"YulFunctionCall","src":"22808:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"22830:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"22804:3:1"},"nodeType":"YulFunctionCall","src":"22804:28:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"22762:3:1"},"nodeType":"YulFunctionCall","src":"22762:71:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"22756:2:1"}]},{"body":{"nodeType":"YulBlock","src":"22873:134:1","statements":[{"nodeType":"YulAssignment","src":"22903:14:1","value":{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"22912:1:1"},{"name":"Y","nodeType":"YulIdentifier","src":"22915:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"22908:3:1"},"nodeType":"YulFunctionCall","src":"22908:9:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"22903:1:1"}]},{"nodeType":"YulContinue","src":"22973:8:1"}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"22869:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"22862:6:1"},"nodeType":"YulFunctionCall","src":"22862:10:1"},"nodeType":"YulIf","src":"22859:148:1"},{"body":{"nodeType":"YulBlock","src":"23058:101:1","statements":[{"nodeType":"YulAssignment","src":"23088:8:1","value":{"name":"gx","nodeType":"YulIdentifier","src":"23094:2:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"23088:2:1"}]},{"nodeType":"YulAssignment","src":"23125:8:1","value":{"name":"gy","nodeType":"YulIdentifier","src":"23131:2:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"23125:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"23051:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"23055:1:1","type":"","value":"1"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"23048:2:1"},"nodeType":"YulFunctionCall","src":"23048:9:1"},"nodeType":"YulIf","src":"23045:114:1"},{"body":{"nodeType":"YulBlock","src":"23197:101:1","statements":[{"nodeType":"YulAssignment","src":"23227:8:1","value":{"name":"Q0","nodeType":"YulIdentifier","src":"23233:2:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"23227:2:1"}]},{"nodeType":"YulAssignment","src":"23264:8:1","value":{"name":"Q1","nodeType":"YulIdentifier","src":"23270:2:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"23264:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"23190:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"23194:1:1","type":"","value":"2"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"23187:2:1"},"nodeType":"YulFunctionCall","src":"23187:9:1"},"nodeType":"YulIf","src":"23184:114:1"},{"body":{"nodeType":"YulBlock","src":"23336:121:1","statements":[{"nodeType":"YulAssignment","src":"23366:14:1","value":{"arguments":[{"name":"H","nodeType":"YulIdentifier","src":"23378:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"23372:5:1"},"nodeType":"YulFunctionCall","src":"23372:8:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"23366:2:1"}]},{"nodeType":"YulAssignment","src":"23409:22:1","value":{"arguments":[{"arguments":[{"name":"H","nodeType":"YulIdentifier","src":"23425:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"23427:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"23421:3:1"},"nodeType":"YulFunctionCall","src":"23421:9:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"23415:5:1"},"nodeType":"YulFunctionCall","src":"23415:16:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"23409:2:1"}]}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"23329:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"23333:1:1","type":"","value":"3"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"23326:2:1"},"nodeType":"YulFunctionCall","src":"23326:9:1"},"nodeType":"YulIf","src":"23323:134:1"},{"body":{"nodeType":"YulBlock","src":"23496:209:1","statements":[{"nodeType":"YulAssignment","src":"23526:7:1","value":{"name":"T1","nodeType":"YulIdentifier","src":"23531:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"23526:1:1"}]},{"nodeType":"YulAssignment","src":"23562:7:1","value":{"name":"T2","nodeType":"YulIdentifier","src":"23567:2:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"23562:1:1"}]},{"nodeType":"YulAssignment","src":"23598:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"23604:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"23598:2:1"}]},{"nodeType":"YulAssignment","src":"23634:8:1","value":{"kind":"number","nodeType":"YulLiteral","src":"23641:1:1","type":"","value":"1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"23634:3:1"}]},{"nodeType":"YulContinue","src":"23671:8:1"}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"23492:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"23485:6:1"},"nodeType":"YulFunctionCall","src":"23485:10:1"},"nodeType":"YulIf","src":"23482:223:1"},{"nodeType":"YulVariableDeclaration","src":"23848:42:1","value":{"arguments":[{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"23872:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"23876:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"23881:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"23865:6:1"},"nodeType":"YulFunctionCall","src":"23865:18:1"},{"name":"Y","nodeType":"YulIdentifier","src":"23885:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"23888:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"23858:6:1"},"nodeType":"YulFunctionCall","src":"23858:32:1"},"variables":[{"name":"y2","nodeType":"YulTypedName","src":"23852:2:1","type":""}]},{"nodeType":"YulAssignment","src":"23919:45:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"23939:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"23943:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"23947:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"23932:6:1"},"nodeType":"YulFunctionCall","src":"23932:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"23955:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"23958:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"23951:3:1"},"nodeType":"YulFunctionCall","src":"23951:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"23962:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"23925:6:1"},"nodeType":"YulFunctionCall","src":"23925:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"23919:2:1"}]},{"body":{"nodeType":"YulBlock","src":"24193:1117:1","statements":[{"body":{"nodeType":"YulBlock","src":"24237:1047:1","statements":[{"nodeType":"YulAssignment","src":"24271:27:1","value":{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"24284:7:1"},{"name":"Y","nodeType":"YulIdentifier","src":"24293:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"24296:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24277:6:1"},"nodeType":"YulFunctionCall","src":"24277:21:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"24271:2:1"}]},{"nodeType":"YulAssignment","src":"24350:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"24363:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"24367:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24371:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24356:6:1"},"nodeType":"YulFunctionCall","src":"24356:17:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"24350:2:1"}]},{"nodeType":"YulAssignment","src":"24415:22:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"24428:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"24431:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24435:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24421:6:1"},"nodeType":"YulFunctionCall","src":"24421:16:1"},"variableNames":[{"name":"T3","nodeType":"YulIdentifier","src":"24415:2:1"}]},{"nodeType":"YulAssignment","src":"24483:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"24496:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"24500:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24504:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24489:6:1"},"nodeType":"YulFunctionCall","src":"24489:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"24483:2:1"}]},{"nodeType":"YulAssignment","src":"24547:22:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"24560:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"24563:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24567:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"24553:6:1"},"nodeType":"YulFunctionCall","src":"24553:16:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"24547:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"24609:35:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"24627:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"24634:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"24637:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"24630:3:1"},"nodeType":"YulFunctionCall","src":"24630:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"24642:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"24620:6:1"},"nodeType":"YulFunctionCall","src":"24620:24:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"24613:3:1","type":""}]},{"nodeType":"YulAssignment","src":"24684:24:1","value":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"24697:2:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"24701:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"24706:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24690:6:1"},"nodeType":"YulFunctionCall","src":"24690:18:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"24684:2:1"}]},{"nodeType":"YulAssignment","src":"24756:22:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"24769:1:1","type":"","value":"3"},{"name":"y2","nodeType":"YulIdentifier","src":"24772:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24776:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24762:6:1"},"nodeType":"YulFunctionCall","src":"24762:16:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"24756:2:1"}]},{"nodeType":"YulAssignment","src":"24816:26:1","value":{"arguments":[{"name":"TT1","nodeType":"YulIdentifier","src":"24830:3:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"24835:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"24840:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24823:6:1"},"nodeType":"YulFunctionCall","src":"24823:19:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"24816:3:1"}]},{"nodeType":"YulAssignment","src":"24889:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"24902:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"24906:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24910:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24895:6:1"},"nodeType":"YulFunctionCall","src":"24895:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"24889:2:1"}]},{"nodeType":"YulAssignment","src":"24966:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"24985:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"24989:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"24993:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24978:6:1"},"nodeType":"YulFunctionCall","src":"24978:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"25004:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"25013:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25017:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"24997:6:1"},"nodeType":"YulFunctionCall","src":"24997:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"25021:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"24971:6:1"},"nodeType":"YulFunctionCall","src":"24971:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"24966:1:1"}]},{"nodeType":"YulAssignment","src":"25068:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"25081:2:1"},{"arguments":[{"name":"T3","nodeType":"YulIdentifier","src":"25092:2:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"25100:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"25103:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"25096:3:1"},"nodeType":"YulFunctionCall","src":"25096:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"25107:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25085:6:1"},"nodeType":"YulFunctionCall","src":"25085:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"25111:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25074:6:1"},"nodeType":"YulFunctionCall","src":"25074:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"25068:2:1"}]},{"nodeType":"YulAssignment","src":"25157:36:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"25169:2:1"},{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"25180:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"25184:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"25187:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25173:6:1"},"nodeType":"YulFunctionCall","src":"25173:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"25191:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25162:6:1"},"nodeType":"YulFunctionCall","src":"25162:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"25157:1:1"}]},{"nodeType":"YulContinue","src":"25246:8:1"}]},"condition":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"24233:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"24226:6:1"},"nodeType":"YulFunctionCall","src":"24226:10:1"},"nodeType":"YulIf","src":"24223:1061:1"}]},"condition":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"24189:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"24182:6:1"},"nodeType":"YulFunctionCall","src":"24182:10:1"},"nodeType":"YulIf","src":"24179:1131:1"},{"nodeType":"YulAssignment","src":"25336:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"25349:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"25353:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25357:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25342:6:1"},"nodeType":"YulFunctionCall","src":"25342:17:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"25336:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"25389:28:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"25407:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"25411:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25415:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25400:6:1"},"nodeType":"YulFunctionCall","src":"25400:17:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"25393:3:1","type":""}]},{"nodeType":"YulAssignment","src":"25510:23:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"25523:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"25527:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25531:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25516:6:1"},"nodeType":"YulFunctionCall","src":"25516:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"25510:2:1"}]},{"nodeType":"YulAssignment","src":"25558:26:1","value":{"arguments":[{"name":"zzz","nodeType":"YulIdentifier","src":"25572:3:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"25577:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"25582:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25565:6:1"},"nodeType":"YulFunctionCall","src":"25565:19:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"25558:3:1"}]},{"nodeType":"YulVariableDeclaration","src":"25621:27:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"25639:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"25642:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25646:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25632:6:1"},"nodeType":"YulFunctionCall","src":"25632:16:1"},"variables":[{"name":"TT2","nodeType":"YulTypedName","src":"25625:3:1","type":""}]},{"nodeType":"YulAssignment","src":"25673:83:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"25700:2:1"},{"name":"y2","nodeType":"YulIdentifier","src":"25704:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25708:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25693:6:1"},"nodeType":"YulFunctionCall","src":"25693:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"25716:1:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"25719:3:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"25712:3:1"},"nodeType":"YulFunctionCall","src":"25712:11:1"},{"name":"p","nodeType":"YulIdentifier","src":"25725:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25686:6:1"},"nodeType":"YulFunctionCall","src":"25686:41:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"25736:7:1"},{"name":"TT2","nodeType":"YulIdentifier","src":"25745:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"25750:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25729:6:1"},"nodeType":"YulFunctionCall","src":"25729:23:1"},{"name":"p","nodeType":"YulIdentifier","src":"25754:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25679:6:1"},"nodeType":"YulFunctionCall","src":"25679:77:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"25673:2:1"}]},{"nodeType":"YulAssignment","src":"25781:76:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"TT2","nodeType":"YulIdentifier","src":"25807:3:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"25816:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"25819:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"25812:3:1"},"nodeType":"YulFunctionCall","src":"25812:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"25824:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25800:6:1"},"nodeType":"YulFunctionCall","src":"25800:26:1"},{"name":"y2","nodeType":"YulIdentifier","src":"25828:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"25832:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25793:6:1"},"nodeType":"YulFunctionCall","src":"25793:41:1"},{"arguments":[{"name":"Y","nodeType":"YulIdentifier","src":"25843:1:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"25846:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"25851:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"25836:6:1"},"nodeType":"YulFunctionCall","src":"25836:17:1"},{"name":"p","nodeType":"YulIdentifier","src":"25855:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"25786:6:1"},"nodeType":"YulFunctionCall","src":"25786:71:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"25781:1:1"}]},{"nodeType":"YulAssignment","src":"25883:7:1","value":{"name":"T4","nodeType":"YulIdentifier","src":"25888:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"25883:1:1"}]}]}]},"condition":{"arguments":[{"name":"minus_1","nodeType":"YulIdentifier","src":"21807:7:1"},{"name":"index","nodeType":"YulIdentifier","src":"21816:5:1"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"21804:2:1"},"nodeType":"YulFunctionCall","src":"21804:18:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"21823:26:1","statements":[{"nodeType":"YulAssignment","src":"21825:22:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"21838:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"21845:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"21834:3:1"},"nodeType":"YulFunctionCall","src":"21834:13:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"21825:5:1"}]}]},"pre":{"nodeType":"YulBlock","src":"21801:2:1","statements":[]},"src":"21797:4133:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"25969:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"25972:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"25965:3:1"},"nodeType":"YulFunctionCall","src":"25965:12:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"25979:3:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"25958:6:1"},"nodeType":"YulFunctionCall","src":"25958:25:1"},"nodeType":"YulExpressionStatement","src":"25958:25:1"},{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26242:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26245:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"26235:6:1"},"nodeType":"YulFunctionCall","src":"26235:15:1"},"nodeType":"YulExpressionStatement","src":"26235:15:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26278:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26281:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"26274:3:1"},"nodeType":"YulFunctionCall","src":"26274:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"26288:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"26267:6:1"},"nodeType":"YulFunctionCall","src":"26267:26:1"},"nodeType":"YulExpressionStatement","src":"26267:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26321:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26324:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"26317:3:1"},"nodeType":"YulFunctionCall","src":"26317:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"26331:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"26310:6:1"},"nodeType":"YulFunctionCall","src":"26310:26:1"},"nodeType":"YulExpressionStatement","src":"26310:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26475:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26478:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"26471:3:1"},"nodeType":"YulFunctionCall","src":"26471:12:1"},{"name":"minus_2","nodeType":"YulIdentifier","src":"26485:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"26464:6:1"},"nodeType":"YulFunctionCall","src":"26464:29:1"},"nodeType":"YulExpressionStatement","src":"26464:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26521:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26524:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"26517:3:1"},"nodeType":"YulFunctionCall","src":"26517:12:1"},{"name":"p","nodeType":"YulIdentifier","src":"26531:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"26510:6:1"},"nodeType":"YulFunctionCall","src":"26510:23:1"},"nodeType":"YulExpressionStatement","src":"26510:23:1"},{"body":{"nodeType":"YulBlock","src":"26668:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"26677:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"26680:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"26670:6:1"},"nodeType":"YulFunctionCall","src":"26670:12:1"},"nodeType":"YulExpressionStatement","src":"26670:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"26639:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"26635:3:1"},"nodeType":"YulFunctionCall","src":"26635:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"26643:4:1","type":"","value":"0x05"},{"name":"T","nodeType":"YulIdentifier","src":"26649:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26652:4:1","type":"","value":"0xc0"},{"name":"T","nodeType":"YulIdentifier","src":"26658:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"26661:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"26624:10:1"},"nodeType":"YulFunctionCall","src":"26624:42:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"26617:6:1"},"nodeType":"YulFunctionCall","src":"26617:50:1"},"nodeType":"YulIf","src":"26614:70:1"},{"nodeType":"YulAssignment","src":"26702:23:1","value":{"arguments":[{"name":"Y","nodeType":"YulIdentifier","src":"26712:1:1"},{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26720:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"26714:5:1"},"nodeType":"YulFunctionCall","src":"26714:8:1"},{"name":"p","nodeType":"YulIdentifier","src":"26723:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"26705:6:1"},"nodeType":"YulFunctionCall","src":"26705:20:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"26702:1:1"}]},{"nodeType":"YulAssignment","src":"26749:27:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"26761:2:1"},{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"26771:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"26765:5:1"},"nodeType":"YulFunctionCall","src":"26765:8:1"},{"name":"p","nodeType":"YulIdentifier","src":"26774:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"26754:6:1"},"nodeType":"YulFunctionCall","src":"26754:22:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"26749:2:1"}]},{"nodeType":"YulAssignment","src":"26799:20:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"26811:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"26814:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"26817:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"26804:6:1"},"nodeType":"YulFunctionCall","src":"26804:15:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"26799:2:1"}]},{"nodeType":"YulAssignment","src":"26843:21:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"26855:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"26858:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"26862:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"26848:6:1"},"nodeType":"YulFunctionCall","src":"26848:16:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"26843:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1121,"isOffset":false,"isSlot":false,"src":"21632:1:1","valueSize":1},{"declaration":1121,"isOffset":false,"isSlot":false,"src":"21670:1:1","valueSize":1},{"declaration":1121,"isOffset":false,"isSlot":false,"src":"23378:1:1","valueSize":1},{"declaration":1121,"isOffset":false,"isSlot":false,"src":"23425:1:1","valueSize":1},{"declaration":1086,"isOffset":false,"isSlot":false,"src":"21517:2:1","valueSize":1},{"declaration":1086,"isOffset":false,"isSlot":false,"src":"23233:2:1","valueSize":1},{"declaration":1088,"isOffset":false,"isSlot":false,"src":"21545:2:1","valueSize":1},{"declaration":1088,"isOffset":false,"isSlot":false,"src":"23270:2:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"25969:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26242:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26278:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26321:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26475:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26521:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26649:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26658:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26720:1:1","valueSize":1},{"declaration":1114,"isOffset":false,"isSlot":false,"src":"26771:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"21407:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"21512:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"21659:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"22051:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"22179:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"22205:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"22392:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"22506:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"23526:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"23958:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"24428:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"24560:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"24627:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"24966:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"25103:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"25639:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"25883:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"26843:1:1","valueSize":1},{"declaration":1095,"isOffset":false,"isSlot":false,"src":"26855:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"21435:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"21540:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"21617:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"21932:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"22567:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"22590:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"22903:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"22915:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"23562:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"23885:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"24293:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"25157:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"25184:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"25781:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"25843:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"26702:1:1","valueSize":1},{"declaration":1097,"isOffset":false,"isSlot":false,"src":"26712:1:1","valueSize":1},{"declaration":264,"isOffset":false,"isSlot":false,"src":"21412:2:1","valueSize":1},{"declaration":264,"isOffset":false,"isSlot":false,"src":"23094:2:1","valueSize":1},{"declaration":267,"isOffset":false,"isSlot":false,"src":"21440:2:1","valueSize":1},{"declaration":267,"isOffset":false,"isSlot":false,"src":"23131:2:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21032:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21063:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21119:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21132:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21187:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21218:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21302:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21333:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21708:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21721:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21816:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21825:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"21838:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"22781:5:1","valueSize":1},{"declaration":1106,"isOffset":false,"isSlot":false,"src":"22812:5:1","valueSize":1},{"declaration":279,"isOffset":false,"isSlot":false,"src":"21807:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"22430:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"24284:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"25004:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"25736:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"26485:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"21935:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22002:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22058:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22114:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22186:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22194:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22212:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22216:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22220:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22290:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22348:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22419:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22443:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22447:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22513:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22521:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22525:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22593:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22601:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"22912:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"23881:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"23888:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"23947:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"23955:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"23962:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24296:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24371:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24435:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24504:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24567:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24634:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24642:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24706:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24776:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24840:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24910:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"24993:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25017:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25021:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25100:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25107:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25111:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25187:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25191:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25357:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25415:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25531:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25582:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25646:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25708:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25716:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25725:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25750:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25754:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25816:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25824:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25832:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25851:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"25855:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"26531:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"26723:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"26774:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"26817:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"26862:1:1","valueSize":1},{"declaration":1090,"isOffset":false,"isSlot":false,"src":"21070:8:1","valueSize":1},{"declaration":1090,"isOffset":false,"isSlot":false,"src":"21225:8:1","valueSize":1},{"declaration":1090,"isOffset":false,"isSlot":false,"src":"21340:8:1","valueSize":1},{"declaration":1090,"isOffset":false,"isSlot":false,"src":"22819:8:1","valueSize":1},{"declaration":1092,"isOffset":false,"isSlot":false,"src":"21039:8:1","valueSize":1},{"declaration":1092,"isOffset":false,"isSlot":false,"src":"21194:8:1","valueSize":1},{"declaration":1092,"isOffset":false,"isSlot":false,"src":"21309:8:1","valueSize":1},{"declaration":1092,"isOffset":false,"isSlot":false,"src":"22788:8:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"21277:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"21378:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"21483:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"21588:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"21747:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"22189:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"22208:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"22327:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"22344:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"23492:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"23598:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"23943:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"24563:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"24637:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"24889:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"24906:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"25510:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"25523:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26749:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26761:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26799:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26811:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26814:2:1","valueSize":1},{"declaration":1100,"isOffset":false,"isSlot":false,"src":"26858:2:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"21771:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"22267:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"22285:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"23634:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"23876:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"24816:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"24835:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"25558:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"25572:3:1","valueSize":1},{"declaration":1103,"isOffset":false,"isSlot":false,"src":"25979:3:1","valueSize":1}],"id":1150,"nodeType":"InlineAssembly","src":"20970:5915:1"}]},{"expression":{"components":[{"id":1152,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1095,"src":"26944:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1153,"name":"Y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1097,"src":"26946:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1154,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"26943:5:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"functionReturnParameters":1098,"id":1155,"nodeType":"Return","src":"26936:12:1"}]},"documentation":{"id":1084,"nodeType":"StructuredDocumentation","src":"20252:179:1","text":" @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n Returns affine representation of point (normalized) \n "},"id":1157,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_mulmuladd","nameLocation":"20445:14:1","nodeType":"FunctionDefinition","parameters":{"id":1093,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1086,"mutability":"mutable","name":"Q0","nameLocation":"20477:2:1","nodeType":"VariableDeclaration","scope":1157,"src":"20469:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1085,"name":"uint256","nodeType":"ElementaryTypeName","src":"20469:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1088,"mutability":"mutable","name":"Q1","nameLocation":"20497:2:1","nodeType":"VariableDeclaration","scope":1157,"src":"20489:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1087,"name":"uint256","nodeType":"ElementaryTypeName","src":"20489:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1090,"mutability":"mutable","name":"scalar_u","nameLocation":"20548:8:1","nodeType":"VariableDeclaration","scope":1157,"src":"20540:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1089,"name":"uint256","nodeType":"ElementaryTypeName","src":"20540:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1092,"mutability":"mutable","name":"scalar_v","nameLocation":"20574:8:1","nodeType":"VariableDeclaration","scope":1157,"src":"20566:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1091,"name":"uint256","nodeType":"ElementaryTypeName","src":"20566:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"20459:129:1"},"returnParameters":{"id":1098,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1095,"mutability":"mutable","name":"X","nameLocation":"20620:1:1","nodeType":"VariableDeclaration","scope":1157,"src":"20612:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1094,"name":"uint256","nodeType":"ElementaryTypeName","src":"20612:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1097,"mutability":"mutable","name":"Y","nameLocation":"20631:1:1","nodeType":"VariableDeclaration","scope":1157,"src":"20623:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1096,"name":"uint256","nodeType":"ElementaryTypeName","src":"20623:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"20611:22:1"},"scope":1886,"src":"20436:6519:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1300,"nodeType":"Block","src":"27452:6599:1","statements":[{"id":1299,"nodeType":"UncheckedBlock","src":"27462:6567:1","statements":[{"assignments":[1169],"declarations":[{"constant":false,"id":1169,"mutability":"mutable","name":"zz","nameLocation":"27494:2:1","nodeType":"VariableDeclaration","scope":1299,"src":"27486:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1168,"name":"uint256","nodeType":"ElementaryTypeName","src":"27486:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1170,"nodeType":"VariableDeclarationStatement","src":"27486:10:1"},{"assignments":[1176],"declarations":[{"constant":false,"id":1176,"mutability":"mutable","name":"T","nameLocation":"27568:1:1","nodeType":"VariableDeclaration","scope":1299,"src":"27550:19:1","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6]"},"typeName":{"baseType":{"id":1174,"name":"uint256","nodeType":"ElementaryTypeName","src":"27550:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1175,"length":{"hexValue":"36","id":1173,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27558:1:1","typeDescriptions":{"typeIdentifier":"t_rational_6_by_1","typeString":"int_const 6"},"value":"6"},"nodeType":"ArrayTypeName","src":"27550:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_storage_ptr","typeString":"uint256[6]"}},"visibility":"internal"}],"id":1177,"nodeType":"VariableDeclarationStatement","src":"27550:19:1"},{"expression":{"id":1180,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1178,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27583:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"323536","id":1179,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27588:3:1","typeDescriptions":{"typeIdentifier":"t_rational_256_by_1","typeString":"int_const 256"},"value":"256"},"src":"27583:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1181,"nodeType":"ExpressionStatement","src":"27583:8:1"},{"body":{"id":1296,"nodeType":"Block","src":"27638:552:1","statements":[{"expression":{"id":1191,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1187,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27656:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1190,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1188,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27661:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"31","id":1189,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27666:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27661:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27656:11:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1192,"nodeType":"ExpressionStatement","src":"27656:11:1"},{"expression":{"id":1294,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":1193,"name":"T","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1176,"src":"27735:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6] memory"}},"id":1195,"indexExpression":{"hexValue":"30","id":1194,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27737:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"27735:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1293,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3634","id":1196,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27742:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1291,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1280,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1267,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1254,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1244,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1231,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1218,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1205,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"313238","id":1197,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27793:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1203,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1200,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1198,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1161,"src":"27801:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"id":1199,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27813:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27801:14:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1201,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27800:16:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1202,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27819:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27800:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1204,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27799:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1217,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3634","id":1206,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27824:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1215,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1212,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1207,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1161,"src":"27831:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1210,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1208,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27844:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"3634","id":1209,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27849:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"src":"27844:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1211,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27843:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27831:21:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1213,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27830:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1214,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27856:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27830:27:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1216,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27829:29:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27824:34:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:65:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1230,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3332","id":1219,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27889:2:1","typeDescriptions":{"typeIdentifier":"t_rational_32_by_1","typeString":"int_const 32"},"value":"32"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1228,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1225,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1220,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1161,"src":"27896:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1223,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1221,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27909:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313238","id":1222,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27914:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"src":"27909:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1224,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27908:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27896:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1226,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27895:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1227,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27922:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27895:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1229,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27894:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27889:35:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:131:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1243,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3136","id":1232,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27927:2:1","typeDescriptions":{"typeIdentifier":"t_rational_16_by_1","typeString":"int_const 16"},"value":"16"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1241,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1238,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1233,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1161,"src":"27934:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1236,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1234,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"27947:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313932","id":1235,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27952:3:1","typeDescriptions":{"typeIdentifier":"t_rational_192_by_1","typeString":"int_const 192"},"value":"192"},"src":"27947:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1237,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27946:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27934:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1239,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27933:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1240,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27960:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27933:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1242,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27932:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27927:35:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:169:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1253,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"38","id":1245,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27993:1:1","typeDescriptions":{"typeIdentifier":"t_rational_8_by_1","typeString":"int_const 8"},"value":"8"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1251,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1248,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1246,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1159,"src":"27999:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"id":1247,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"28011:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27999:14:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1249,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27998:16:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1250,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28017:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"27998:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1252,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27997:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27993:26:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:226:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1266,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"34","id":1255,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28022:1:1","typeDescriptions":{"typeIdentifier":"t_rational_4_by_1","typeString":"int_const 4"},"value":"4"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1264,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1261,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1256,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1159,"src":"28028:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1259,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1257,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"28041:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"3634","id":1258,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28046:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"src":"28041:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1260,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28040:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"28028:21:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1262,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28027:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1263,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28053:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"28027:27:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1265,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28026:29:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"28022:33:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:262:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1279,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"32","id":1268,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28086:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1277,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1274,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1269,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1159,"src":"28092:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1272,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1270,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"28105:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313238","id":1271,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28110:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"src":"28105:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1273,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28104:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"28092:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1275,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28091:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1276,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28118:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"28091:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1278,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28090:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"28086:34:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:327:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1289,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1286,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1281,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1159,"src":"28125:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1284,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1282,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1169,"src":"28138:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313932","id":1283,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28143:3:1","typeDescriptions":{"typeIdentifier":"t_rational_192_by_1","typeString":"int_const 192"},"value":"192"},"src":"28138:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1285,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28137:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"28125:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1287,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28124:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1288,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"28151:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"28124:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1290,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"28123:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27793:360:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1292,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"27767:408:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27742:433:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"27735:440:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1295,"nodeType":"ExpressionStatement","src":"27735:440:1"}]},"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1186,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"baseExpression":{"id":1182,"name":"T","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1176,"src":"27627:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6] memory"}},"id":1184,"indexExpression":{"hexValue":"30","id":1183,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27629:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"27627:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1185,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"27635:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"27627:9:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1297,"nodeType":"WhileStatement","src":"27620:570:1"},{"AST":{"nodeType":"YulBlock","src":"28212:5807:1","statements":[{"expression":{"arguments":[{"name":"dataPointer","nodeType":"YulIdentifier","src":"28242:11:1"},{"name":"T","nodeType":"YulIdentifier","src":"28255:1:1"},{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"28264:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"28258:5:1"},"nodeType":"YulFunctionCall","src":"28258:8:1"},{"kind":"number","nodeType":"YulLiteral","src":"28268:2:1","type":"","value":"64"}],"functionName":{"name":"extcodecopy","nodeType":"YulIdentifier","src":"28230:11:1"},"nodeType":"YulFunctionCall","src":"28230:41:1"},"nodeType":"YulExpressionStatement","src":"28230:41:1"},{"nodeType":"YulVariableDeclaration","src":"28288:23:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"28305:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"28309:1:1","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"28301:3:1"},"nodeType":"YulFunctionCall","src":"28301:10:1"},"variables":[{"name":"index","nodeType":"YulTypedName","src":"28292:5:1","type":""}]},{"nodeType":"YulAssignment","src":"28328:13:1","value":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"28339:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"28333:5:1"},"nodeType":"YulFunctionCall","src":"28333:8:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"28328:1:1"}]},{"nodeType":"YulVariableDeclaration","src":"28358:26:1","value":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"28377:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"28380:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"28373:3:1"},"nodeType":"YulFunctionCall","src":"28373:10:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"28367:5:1"},"nodeType":"YulFunctionCall","src":"28367:17:1"},"variables":[{"name":"Y","nodeType":"YulTypedName","src":"28362:1:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"28401:12:1","value":{"kind":"number","nodeType":"YulLiteral","src":"28412:1:1","type":"","value":"1"},"variables":[{"name":"zzz","nodeType":"YulTypedName","src":"28405:3:1","type":""}]},{"nodeType":"YulAssignment","src":"28430:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"28436:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"28430:2:1"}]},{"body":{"nodeType":"YulBlock","src":"28585:4589:1","statements":[{"nodeType":"YulBlock","src":"28643:1095:1","statements":[{"nodeType":"YulVariableDeclaration","src":"28669:26:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"28687:1:1","type":"","value":"2"},{"name":"Y","nodeType":"YulIdentifier","src":"28690:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"28693:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28680:6:1"},"nodeType":"YulFunctionCall","src":"28680:15:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"28673:3:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"28739:29:1","value":{"arguments":[{"name":"TT1","nodeType":"YulIdentifier","src":"28756:3:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"28761:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"28766:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28749:6:1"},"nodeType":"YulFunctionCall","src":"28749:19:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"28743:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"28802:26:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"28819:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"28822:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"28826:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28812:6:1"},"nodeType":"YulFunctionCall","src":"28812:16:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"28806:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"28865:28:1","value":{"arguments":[{"name":"TT1","nodeType":"YulIdentifier","src":"28882:3:1"},{"name":"T2","nodeType":"YulIdentifier","src":"28887:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"28891:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28875:6:1"},"nodeType":"YulFunctionCall","src":"28875:18:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"28869:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"28926:77:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"28943:1:1","type":"","value":"3"},{"arguments":[{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"28960:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"28967:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"28970:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"28963:3:1"},"nodeType":"YulFunctionCall","src":"28963:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"28975:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"28953:6:1"},"nodeType":"YulFunctionCall","src":"28953:24:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"28986:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"28989:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"28993:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"28979:6:1"},"nodeType":"YulFunctionCall","src":"28979:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"28997:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28946:6:1"},"nodeType":"YulFunctionCall","src":"28946:53:1"},{"name":"p","nodeType":"YulIdentifier","src":"29001:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"28936:6:1"},"nodeType":"YulFunctionCall","src":"28936:67:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"28930:2:1","type":""}]},{"nodeType":"YulAssignment","src":"29052:25:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"29066:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"29070:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"29075:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29059:6:1"},"nodeType":"YulFunctionCall","src":"29059:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"29052:3:1"}]},{"nodeType":"YulAssignment","src":"29116:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"29129:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"29133:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"29137:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29122:6:1"},"nodeType":"YulFunctionCall","src":"29122:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"29116:2:1"}]},{"nodeType":"YulAssignment","src":"29185:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"29204:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"29208:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"29212:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29197:6:1"},"nodeType":"YulFunctionCall","src":"29197:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"29223:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"29232:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"29236:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29216:6:1"},"nodeType":"YulFunctionCall","src":"29216:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"29240:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"29190:6:1"},"nodeType":"YulFunctionCall","src":"29190:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"29185:1:1"}]},{"nodeType":"YulVariableDeclaration","src":"29355:49:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"29372:2:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"29383:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"29390:1:1"},{"name":"T3","nodeType":"YulIdentifier","src":"29393:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"29386:3:1"},"nodeType":"YulFunctionCall","src":"29386:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"29398:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"29376:6:1"},"nodeType":"YulFunctionCall","src":"29376:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"29402:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29365:6:1"},"nodeType":"YulFunctionCall","src":"29365:39:1"},"variables":[{"name":"T5","nodeType":"YulTypedName","src":"29359:2:1","type":""}]},{"nodeType":"YulAssignment","src":"29538:36:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"29557:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"29561:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"29564:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"29550:6:1"},"nodeType":"YulFunctionCall","src":"29550:16:1"},{"name":"T5","nodeType":"YulIdentifier","src":"29568:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"29572:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"29543:6:1"},"nodeType":"YulFunctionCall","src":"29543:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"29538:1:1"}]}]},{"nodeType":"YulBlock","src":"29759:1058:1","statements":[{"nodeType":"YulVariableDeclaration","src":"29785:90:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29803:2:1","type":"","value":"13"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"29815:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"29822:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"29811:3:1"},"nodeType":"YulFunctionCall","src":"29811:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"29833:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"29807:3:1"},"nodeType":"YulFunctionCall","src":"29807:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"29799:3:1"},"nodeType":"YulFunctionCall","src":"29799:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29842:1:1","type":"","value":"9"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"29853:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"29860:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"29849:3:1"},"nodeType":"YulFunctionCall","src":"29849:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"29871:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"29845:3:1"},"nodeType":"YulFunctionCall","src":"29845:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"29838:3:1"},"nodeType":"YulFunctionCall","src":"29838:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29795:3:1"},"nodeType":"YulFunctionCall","src":"29795:80:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"29789:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"29900:28:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"29918:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"29925:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"29914:3:1"},"nodeType":"YulFunctionCall","src":"29914:14:1"},"variables":[{"name":"index2","nodeType":"YulTypedName","src":"29904:6:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"29953:129:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"29995:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30007:2:1","type":"","value":"12"},{"arguments":[{"arguments":[{"name":"index2","nodeType":"YulIdentifier","src":"30019:6:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"30027:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30015:3:1"},"nodeType":"YulFunctionCall","src":"30015:21:1"},{"kind":"number","nodeType":"YulLiteral","src":"30038:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30011:3:1"},"nodeType":"YulFunctionCall","src":"30011:29:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30003:3:1"},"nodeType":"YulFunctionCall","src":"30003:38:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30047:1:1","type":"","value":"8"},{"arguments":[{"arguments":[{"name":"index2","nodeType":"YulIdentifier","src":"30058:6:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"30066:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30054:3:1"},"nodeType":"YulFunctionCall","src":"30054:21:1"},{"kind":"number","nodeType":"YulLiteral","src":"30077:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30050:3:1"},"nodeType":"YulFunctionCall","src":"30050:29:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30043:3:1"},"nodeType":"YulFunctionCall","src":"30043:37:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29999:3:1"},"nodeType":"YulFunctionCall","src":"29999:82:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29991:3:1"},"nodeType":"YulFunctionCall","src":"29991:91:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"29957:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"30107:29:1","value":{"arguments":[{"name":"index2","nodeType":"YulIdentifier","src":"30125:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"30133:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30121:3:1"},"nodeType":"YulFunctionCall","src":"30121:15:1"},"variables":[{"name":"index3","nodeType":"YulTypedName","src":"30111:6:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"30161:129:1","value":{"arguments":[{"name":"T3","nodeType":"YulIdentifier","src":"30203:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30215:2:1","type":"","value":"11"},{"arguments":[{"arguments":[{"name":"index3","nodeType":"YulIdentifier","src":"30227:6:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"30235:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30223:3:1"},"nodeType":"YulFunctionCall","src":"30223:21:1"},{"kind":"number","nodeType":"YulLiteral","src":"30246:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30219:3:1"},"nodeType":"YulFunctionCall","src":"30219:29:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30211:3:1"},"nodeType":"YulFunctionCall","src":"30211:38:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30255:1:1","type":"","value":"7"},{"arguments":[{"arguments":[{"name":"index3","nodeType":"YulIdentifier","src":"30266:6:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"30274:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30262:3:1"},"nodeType":"YulFunctionCall","src":"30262:21:1"},{"kind":"number","nodeType":"YulLiteral","src":"30285:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30258:3:1"},"nodeType":"YulFunctionCall","src":"30258:29:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30251:3:1"},"nodeType":"YulFunctionCall","src":"30251:37:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"30207:3:1"},"nodeType":"YulFunctionCall","src":"30207:82:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"30199:3:1"},"nodeType":"YulFunctionCall","src":"30199:91:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"30165:2:1","type":""}]},{"nodeType":"YulAssignment","src":"30315:24:1","value":{"arguments":[{"name":"index3","nodeType":"YulIdentifier","src":"30328:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"30336:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30324:3:1"},"nodeType":"YulFunctionCall","src":"30324:15:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"30315:5:1"}]},{"nodeType":"YulVariableDeclaration","src":"30364:127:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"30406:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30418:2:1","type":"","value":"10"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"30430:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"30437:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30426:3:1"},"nodeType":"YulFunctionCall","src":"30426:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"30448:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30422:3:1"},"nodeType":"YulFunctionCall","src":"30422:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30414:3:1"},"nodeType":"YulFunctionCall","src":"30414:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30457:1:1","type":"","value":"6"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"30468:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"30475:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"30464:3:1"},"nodeType":"YulFunctionCall","src":"30464:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"30486:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"30460:3:1"},"nodeType":"YulFunctionCall","src":"30460:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"30453:3:1"},"nodeType":"YulFunctionCall","src":"30453:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"30410:3:1"},"nodeType":"YulFunctionCall","src":"30410:80:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"30402:3:1"},"nodeType":"YulFunctionCall","src":"30402:89:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"30368:2:1","type":""}]},{"body":{"nodeType":"YulBlock","src":"30627:108:1","statements":[{"nodeType":"YulAssignment","src":"30657:14:1","value":{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"30666:1:1"},{"name":"Y","nodeType":"YulIdentifier","src":"30669:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30662:3:1"},"nodeType":"YulFunctionCall","src":"30662:9:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"30657:1:1"}]},{"nodeType":"YulContinue","src":"30701:8:1"}]},"condition":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"30623:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"30616:6:1"},"nodeType":"YulFunctionCall","src":"30616:10:1"},"nodeType":"YulIf","src":"30613:122:1"},{"expression":{"arguments":[{"name":"dataPointer","nodeType":"YulIdentifier","src":"30772:11:1"},{"name":"T","nodeType":"YulIdentifier","src":"30785:1:1"},{"name":"T1","nodeType":"YulIdentifier","src":"30788:2:1"},{"kind":"number","nodeType":"YulLiteral","src":"30792:2:1","type":"","value":"64"}],"functionName":{"name":"extcodecopy","nodeType":"YulIdentifier","src":"30760:11:1"},"nodeType":"YulFunctionCall","src":"30760:35:1"},"nodeType":"YulExpressionStatement","src":"30760:35:1"}]},{"nodeType":"YulBlock","src":"30839:2317:1","statements":[{"body":{"nodeType":"YulBlock","src":"31006:231:1","statements":[{"nodeType":"YulAssignment","src":"31036:13:1","value":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"31047:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31041:5:1"},"nodeType":"YulFunctionCall","src":"31041:8:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"31036:1:1"}]},{"nodeType":"YulAssignment","src":"31078:22:1","value":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"31093:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"31096:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"31089:3:1"},"nodeType":"YulFunctionCall","src":"31089:10:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31083:5:1"},"nodeType":"YulFunctionCall","src":"31083:17:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"31078:1:1"}]},{"nodeType":"YulAssignment","src":"31129:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"31135:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"31129:2:1"}]},{"nodeType":"YulAssignment","src":"31165:8:1","value":{"kind":"number","nodeType":"YulLiteral","src":"31172:1:1","type":"","value":"1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"31165:3:1"}]},{"nodeType":"YulContinue","src":"31203:8:1"}]},"condition":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"31002:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"30995:6:1"},"nodeType":"YulFunctionCall","src":"30995:10:1"},"nodeType":"YulIf","src":"30992:245:1"},{"nodeType":"YulVariableDeclaration","src":"31263:57:1","value":{"arguments":[{"arguments":[{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"31297:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"31300:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"31293:3:1"},"nodeType":"YulFunctionCall","src":"31293:10:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31287:5:1"},"nodeType":"YulFunctionCall","src":"31287:17:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"31306:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"31311:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31280:6:1"},"nodeType":"YulFunctionCall","src":"31280:33:1"},{"name":"Y","nodeType":"YulIdentifier","src":"31315:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"31318:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"31273:6:1"},"nodeType":"YulFunctionCall","src":"31273:47:1"},"variables":[{"name":"y2","nodeType":"YulTypedName","src":"31267:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31345:55:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"31375:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31369:5:1"},"nodeType":"YulFunctionCall","src":"31369:8:1"},{"name":"zz","nodeType":"YulIdentifier","src":"31379:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"31383:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31362:6:1"},"nodeType":"YulFunctionCall","src":"31362:23:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"31391:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"31394:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31387:3:1"},"nodeType":"YulFunctionCall","src":"31387:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"31398:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"31355:6:1"},"nodeType":"YulFunctionCall","src":"31355:45:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"31349:2:1","type":""}]},{"body":{"nodeType":"YulBlock","src":"31496:1129:1","statements":[{"body":{"nodeType":"YulBlock","src":"31540:1059:1","statements":[{"nodeType":"YulVariableDeclaration","src":"31574:31:1","value":{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"31591:7:1"},{"name":"Y","nodeType":"YulIdentifier","src":"31600:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"31603:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31584:6:1"},"nodeType":"YulFunctionCall","src":"31584:21:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"31578:2:1","type":""}]},{"nodeType":"YulAssignment","src":"31657:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"31670:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"31674:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"31678:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31663:6:1"},"nodeType":"YulFunctionCall","src":"31663:17:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"31657:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"31722:26:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"31739:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"31742:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"31746:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31732:6:1"},"nodeType":"YulFunctionCall","src":"31732:16:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"31726:2:1","type":""}]},{"nodeType":"YulAssignment","src":"31794:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"31807:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"31811:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"31815:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"31800:6:1"},"nodeType":"YulFunctionCall","src":"31800:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"31794:2:1"}]},{"nodeType":"YulAssignment","src":"31858:22:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"31871:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"31874:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"31878:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"31864:6:1"},"nodeType":"YulFunctionCall","src":"31864:16:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"31858:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"31920:35:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"31938:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"31945:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"31948:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31941:3:1"},"nodeType":"YulFunctionCall","src":"31941:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"31953:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"31931:6:1"},"nodeType":"YulFunctionCall","src":"31931:24:1"},"variables":[{"name":"TT1","nodeType":"YulTypedName","src":"31924:3:1","type":""}]},{"nodeType":"YulAssignment","src":"31995:24:1","value":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"32008:2:1"},{"name":"TT1","nodeType":"YulIdentifier","src":"32012:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"32017:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32001:6:1"},"nodeType":"YulFunctionCall","src":"32001:18:1"},"variableNames":[{"name":"y2","nodeType":"YulIdentifier","src":"31995:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"32067:26:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32084:1:1","type":"","value":"3"},{"name":"y2","nodeType":"YulIdentifier","src":"32087:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32091:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32077:6:1"},"nodeType":"YulFunctionCall","src":"32077:16:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"32071:2:1","type":""}]},{"nodeType":"YulAssignment","src":"32131:26:1","value":{"arguments":[{"name":"TT1","nodeType":"YulIdentifier","src":"32145:3:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"32150:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"32155:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32138:6:1"},"nodeType":"YulFunctionCall","src":"32138:19:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"32131:3:1"}]},{"nodeType":"YulAssignment","src":"32204:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"32217:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"32221:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32225:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32210:6:1"},"nodeType":"YulFunctionCall","src":"32210:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"32204:2:1"}]},{"nodeType":"YulAssignment","src":"32281:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"32300:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"32304:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32308:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32293:6:1"},"nodeType":"YulFunctionCall","src":"32293:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"32319:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"32328:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32332:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32312:6:1"},"nodeType":"YulFunctionCall","src":"32312:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"32336:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"32286:6:1"},"nodeType":"YulFunctionCall","src":"32286:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"32281:1:1"}]},{"nodeType":"YulAssignment","src":"32383:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"32396:2:1"},{"arguments":[{"name":"T3","nodeType":"YulIdentifier","src":"32407:2:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"32415:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"32418:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32411:3:1"},"nodeType":"YulFunctionCall","src":"32411:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"32422:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"32400:6:1"},"nodeType":"YulFunctionCall","src":"32400:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"32426:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32389:6:1"},"nodeType":"YulFunctionCall","src":"32389:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"32383:2:1"}]},{"nodeType":"YulAssignment","src":"32472:36:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"32484:2:1"},{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"32495:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"32499:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"32502:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32488:6:1"},"nodeType":"YulFunctionCall","src":"32488:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"32506:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"32477:6:1"},"nodeType":"YulFunctionCall","src":"32477:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"32472:1:1"}]},{"nodeType":"YulContinue","src":"32561:8:1"}]},"condition":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"31536:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"31529:6:1"},"nodeType":"YulFunctionCall","src":"31529:10:1"},"nodeType":"YulIf","src":"31526:1073:1"}]},"condition":{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"31492:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"31485:6:1"},"nodeType":"YulFunctionCall","src":"31485:10:1"},"nodeType":"YulIf","src":"31482:1143:1"},{"nodeType":"YulVariableDeclaration","src":"32651:27:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"32668:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"32672:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32676:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32661:6:1"},"nodeType":"YulFunctionCall","src":"32661:17:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"32655:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"32703:27:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"32720:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"32724:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32728:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32713:6:1"},"nodeType":"YulFunctionCall","src":"32713:17:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"32707:2:1","type":""}]},{"nodeType":"YulAssignment","src":"32758:23:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"32771:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"32775:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32779:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32764:6:1"},"nodeType":"YulFunctionCall","src":"32764:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"32758:2:1"}]},{"nodeType":"YulAssignment","src":"32843:25:1","value":{"arguments":[{"name":"zzz","nodeType":"YulIdentifier","src":"32857:3:1"},{"name":"T1","nodeType":"YulIdentifier","src":"32862:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32866:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32850:6:1"},"nodeType":"YulFunctionCall","src":"32850:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"32843:3:1"}]},{"nodeType":"YulVariableDeclaration","src":"32902:27:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"32920:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"32923:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32927:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32913:6:1"},"nodeType":"YulFunctionCall","src":"32913:16:1"},"variables":[{"name":"zz1","nodeType":"YulTypedName","src":"32906:3:1","type":""}]},{"nodeType":"YulAssignment","src":"32954:81:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"32980:2:1"},{"name":"y2","nodeType":"YulIdentifier","src":"32984:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"32988:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"32973:6:1"},"nodeType":"YulFunctionCall","src":"32973:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"32996:1:1"},{"name":"T1","nodeType":"YulIdentifier","src":"32999:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32992:3:1"},"nodeType":"YulFunctionCall","src":"32992:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"33004:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"32966:6:1"},"nodeType":"YulFunctionCall","src":"32966:40:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"33015:7:1"},{"name":"zz1","nodeType":"YulIdentifier","src":"33024:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"33029:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"33008:6:1"},"nodeType":"YulFunctionCall","src":"33008:23:1"},{"name":"p","nodeType":"YulIdentifier","src":"33033:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"32959:6:1"},"nodeType":"YulFunctionCall","src":"32959:76:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"32954:1:1"}]},{"nodeType":"YulAssignment","src":"33060:74:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"zz1","nodeType":"YulIdentifier","src":"33086:3:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"33095:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"33098:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"33091:3:1"},"nodeType":"YulFunctionCall","src":"33091:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"33102:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"33079:6:1"},"nodeType":"YulFunctionCall","src":"33079:25:1"},{"name":"y2","nodeType":"YulIdentifier","src":"33106:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"33110:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"33072:6:1"},"nodeType":"YulFunctionCall","src":"33072:40:1"},{"arguments":[{"name":"Y","nodeType":"YulIdentifier","src":"33121:1:1"},{"name":"T1","nodeType":"YulIdentifier","src":"33124:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"33128:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"33114:6:1"},"nodeType":"YulFunctionCall","src":"33114:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"33132:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"33065:6:1"},"nodeType":"YulFunctionCall","src":"33065:69:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"33060:1:1"}]}]}]},"condition":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"28544:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"28551:3:1","type":"","value":"191"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"28541:2:1"},"nodeType":"YulFunctionCall","src":"28541:14:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"28556:28:1","statements":[{"nodeType":"YulAssignment","src":"28558:24:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"28571:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"28578:3:1","type":"","value":"191"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"28567:3:1"},"nodeType":"YulFunctionCall","src":"28567:15:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"28558:5:1"}]}]},"pre":{"nodeType":"YulBlock","src":"28538:2:1","statements":[]},"src":"28534:4640:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33213:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33216:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33209:3:1"},"nodeType":"YulFunctionCall","src":"33209:12:1"},{"name":"zz","nodeType":"YulIdentifier","src":"33223:2:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33202:6:1"},"nodeType":"YulFunctionCall","src":"33202:24:1"},"nodeType":"YulExpressionStatement","src":"33202:24:1"},{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33486:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33489:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33479:6:1"},"nodeType":"YulFunctionCall","src":"33479:15:1"},"nodeType":"YulExpressionStatement","src":"33479:15:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33522:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33525:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33518:3:1"},"nodeType":"YulFunctionCall","src":"33518:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"33532:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33511:6:1"},"nodeType":"YulFunctionCall","src":"33511:26:1"},"nodeType":"YulExpressionStatement","src":"33511:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33565:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33568:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33561:3:1"},"nodeType":"YulFunctionCall","src":"33561:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"33575:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33554:6:1"},"nodeType":"YulFunctionCall","src":"33554:26:1"},"nodeType":"YulExpressionStatement","src":"33554:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33719:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33722:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33715:3:1"},"nodeType":"YulFunctionCall","src":"33715:12:1"},{"name":"minus_2","nodeType":"YulIdentifier","src":"33729:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33708:6:1"},"nodeType":"YulFunctionCall","src":"33708:29:1"},"nodeType":"YulExpressionStatement","src":"33708:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33765:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33768:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33761:3:1"},"nodeType":"YulFunctionCall","src":"33761:12:1"},{"name":"p","nodeType":"YulIdentifier","src":"33775:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33754:6:1"},"nodeType":"YulFunctionCall","src":"33754:23:1"},"nodeType":"YulExpressionStatement","src":"33754:23:1"},{"body":{"nodeType":"YulBlock","src":"33912:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"33921:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"33924:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"33914:6:1"},"nodeType":"YulFunctionCall","src":"33914:12:1"},"nodeType":"YulExpressionStatement","src":"33914:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"33883:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"33879:3:1"},"nodeType":"YulFunctionCall","src":"33879:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"33887:4:1","type":"","value":"0x05"},{"name":"T","nodeType":"YulIdentifier","src":"33893:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33896:4:1","type":"","value":"0xc0"},{"name":"T","nodeType":"YulIdentifier","src":"33902:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"33905:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"33868:10:1"},"nodeType":"YulFunctionCall","src":"33868:42:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"33861:6:1"},"nodeType":"YulFunctionCall","src":"33861:50:1"},"nodeType":"YulIf","src":"33858:70:1"},{"nodeType":"YulAssignment","src":"33946:14:1","value":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"33958:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33952:5:1"},"nodeType":"YulFunctionCall","src":"33952:8:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"33946:2:1"}]},{"nodeType":"YulAssignment","src":"33977:21:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"33989:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"33992:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"33996:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"33982:6:1"},"nodeType":"YulFunctionCall","src":"33982:16:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"33977:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1176,"isOffset":false,"isSlot":false,"src":"28255:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"28264:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"28339:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"28377:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"30785:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"31047:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"31093:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"31297:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"31375:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33213:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33486:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33522:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33565:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33719:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33765:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33893:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33902:1:1","valueSize":1},{"declaration":1176,"isOffset":false,"isSlot":false,"src":"33958:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"28328:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"28819:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"28960:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"28986:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"29185:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"29383:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"31036:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"31394:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"31739:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"31871:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"31938:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"32281:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"32418:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"32920:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"32954:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"33098:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"33977:1:1","valueSize":1},{"declaration":1166,"isOffset":false,"isSlot":false,"src":"33989:1:1","valueSize":1},{"declaration":1163,"isOffset":false,"isSlot":false,"src":"28242:11:1","valueSize":1},{"declaration":1163,"isOffset":false,"isSlot":false,"src":"30772:11:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"29223:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"31591:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"32319:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"33015:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"33729:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28693:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28766:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28826:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28891:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28967:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28975:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28993:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"28997:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29001:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29075:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29137:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29212:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29236:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29240:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29390:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29398:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29402:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29564:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"29572:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"30666:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31311:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31318:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31383:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31391:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31398:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31603:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31678:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31746:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31815:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31878:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31945:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"31953:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32017:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32091:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32155:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32225:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32308:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32332:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32336:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32415:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32422:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32426:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32502:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32506:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32676:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32728:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32779:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32866:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32927:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32988:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"32996:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33004:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33029:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33033:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33095:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33102:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33110:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33128:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33132:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33775:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"33996:1:1","valueSize":1},{"declaration":1159,"isOffset":false,"isSlot":false,"src":"29860:8:1","valueSize":1},{"declaration":1159,"isOffset":false,"isSlot":false,"src":"30066:8:1","valueSize":1},{"declaration":1159,"isOffset":false,"isSlot":false,"src":"30274:8:1","valueSize":1},{"declaration":1159,"isOffset":false,"isSlot":false,"src":"30475:8:1","valueSize":1},{"declaration":1161,"isOffset":false,"isSlot":false,"src":"29822:8:1","valueSize":1},{"declaration":1161,"isOffset":false,"isSlot":false,"src":"30027:8:1","valueSize":1},{"declaration":1161,"isOffset":false,"isSlot":false,"src":"30235:8:1","valueSize":1},{"declaration":1161,"isOffset":false,"isSlot":false,"src":"30437:8:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"28305:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"28430:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"28970:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"28989:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"29116:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"29133:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"31002:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"31129:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"31379:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"31874:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"31948:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"32204:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"32221:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"32758:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"32771:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"33223:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"33946:2:1","valueSize":1},{"declaration":1169,"isOffset":false,"isSlot":false,"src":"33992:2:1","valueSize":1}],"id":1298,"nodeType":"InlineAssembly","src":"28203:5816:1"}]}]},"id":1301,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_mulmuladd_S8_extcode","nameLocation":"27301:25:1","nodeType":"FunctionDefinition","parameters":{"id":1164,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1159,"mutability":"mutable","name":"scalar_u","nameLocation":"27335:8:1","nodeType":"VariableDeclaration","scope":1301,"src":"27327:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1158,"name":"uint256","nodeType":"ElementaryTypeName","src":"27327:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1161,"mutability":"mutable","name":"scalar_v","nameLocation":"27353:8:1","nodeType":"VariableDeclaration","scope":1301,"src":"27345:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1160,"name":"uint256","nodeType":"ElementaryTypeName","src":"27345:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1163,"mutability":"mutable","name":"dataPointer","nameLocation":"27371:11:1","nodeType":"VariableDeclaration","scope":1301,"src":"27363:19:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":1162,"name":"address","nodeType":"ElementaryTypeName","src":"27363:7:1","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"27326:57:1"},"returnParameters":{"id":1167,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1166,"mutability":"mutable","name":"X","nameLocation":"27431:1:1","nodeType":"VariableDeclaration","scope":1301,"src":"27423:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1165,"name":"uint256","nodeType":"ElementaryTypeName","src":"27423:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"27422:25:1"},"scope":1886,"src":"27292:6759:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1444,"nodeType":"Block","src":"34295:4828:1","statements":[{"assignments":[1313],"declarations":[{"constant":false,"id":1313,"mutability":"mutable","name":"zz","nameLocation":"34313:2:1","nodeType":"VariableDeclaration","scope":1444,"src":"34305:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1312,"name":"uint256","nodeType":"ElementaryTypeName","src":"34305:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1314,"nodeType":"VariableDeclarationStatement","src":"34305:10:1"},{"assignments":[1320],"declarations":[{"constant":false,"id":1320,"mutability":"mutable","name":"T","nameLocation":"34383:1:1","nodeType":"VariableDeclaration","scope":1444,"src":"34365:19:1","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6]"},"typeName":{"baseType":{"id":1318,"name":"uint256","nodeType":"ElementaryTypeName","src":"34365:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1319,"length":{"hexValue":"36","id":1317,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34373:1:1","typeDescriptions":{"typeIdentifier":"t_rational_6_by_1","typeString":"int_const 6"},"value":"6"},"nodeType":"ArrayTypeName","src":"34365:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_storage_ptr","typeString":"uint256[6]"}},"visibility":"internal"}],"id":1321,"nodeType":"VariableDeclarationStatement","src":"34365:19:1"},{"expression":{"id":1324,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1322,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34394:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"323536","id":1323,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34399:3:1","typeDescriptions":{"typeIdentifier":"t_rational_256_by_1","typeString":"int_const 256"},"value":"256"},"src":"34394:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1325,"nodeType":"ExpressionStatement","src":"34394:8:1"},{"id":1443,"nodeType":"UncheckedBlock","src":"34427:4674:1","statements":[{"body":{"id":1440,"nodeType":"Block","src":"34469:552:1","statements":[{"expression":{"id":1335,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1331,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34487:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1334,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1332,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34492:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"31","id":1333,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34497:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34492:6:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34487:11:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1336,"nodeType":"ExpressionStatement","src":"34487:11:1"},{"expression":{"id":1438,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"baseExpression":{"id":1337,"name":"T","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1320,"src":"34566:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6] memory"}},"id":1339,"indexExpression":{"hexValue":"30","id":1338,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34568:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"IndexAccess","src":"34566:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1437,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3634","id":1340,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34573:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1435,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1424,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1411,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1398,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1388,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1375,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1362,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1349,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"313238","id":1341,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34624:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1347,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1344,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1342,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1305,"src":"34632:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"id":1343,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34644:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34632:14:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1345,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34631:16:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1346,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34650:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34631:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1348,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34630:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1361,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3634","id":1350,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34655:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1359,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1356,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1351,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1305,"src":"34662:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1354,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1352,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34675:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"3634","id":1353,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34680:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"src":"34675:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1355,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34674:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34662:21:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1357,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34661:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1358,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34687:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34661:27:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1360,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34660:29:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34655:34:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:65:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1374,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3332","id":1363,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34720:2:1","typeDescriptions":{"typeIdentifier":"t_rational_32_by_1","typeString":"int_const 32"},"value":"32"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1372,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1369,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1364,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1305,"src":"34727:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1367,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1365,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34740:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313238","id":1366,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34745:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"src":"34740:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1368,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34739:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34727:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1370,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34726:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1371,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34753:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34726:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1373,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34725:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34720:35:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:131:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1387,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"3136","id":1376,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34758:2:1","typeDescriptions":{"typeIdentifier":"t_rational_16_by_1","typeString":"int_const 16"},"value":"16"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1385,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1382,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1377,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1305,"src":"34765:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1380,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1378,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34778:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313932","id":1379,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34783:3:1","typeDescriptions":{"typeIdentifier":"t_rational_192_by_1","typeString":"int_const 192"},"value":"192"},"src":"34778:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1381,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34777:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34765:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1383,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34764:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1384,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34791:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34764:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1386,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34763:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34758:35:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:169:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1397,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"38","id":1389,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34824:1:1","typeDescriptions":{"typeIdentifier":"t_rational_8_by_1","typeString":"int_const 8"},"value":"8"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1395,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1392,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1390,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1303,"src":"34830:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"id":1391,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34842:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34830:14:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1393,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34829:16:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1394,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34848:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34829:20:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1396,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34828:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34824:26:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:226:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1410,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"34","id":1399,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34853:1:1","typeDescriptions":{"typeIdentifier":"t_rational_4_by_1","typeString":"int_const 4"},"value":"4"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1408,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1405,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1400,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1303,"src":"34859:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1403,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1401,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34872:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"3634","id":1402,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34877:2:1","typeDescriptions":{"typeIdentifier":"t_rational_64_by_1","typeString":"int_const 64"},"value":"64"},"src":"34872:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1404,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34871:9:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34859:21:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1406,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34858:23:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1407,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34884:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34858:27:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1409,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34857:29:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34853:33:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:262:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1423,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"32","id":1412,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34917:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1421,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1418,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1413,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1303,"src":"34923:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1416,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1414,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34936:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313238","id":1415,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34941:3:1","typeDescriptions":{"typeIdentifier":"t_rational_128_by_1","typeString":"int_const 128"},"value":"128"},"src":"34936:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1417,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34935:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34923:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1419,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34922:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1420,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34949:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34922:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1422,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34921:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34917:34:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:327:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1433,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1430,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1425,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1303,"src":"34956:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">>","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1428,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1426,"name":"zz","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1313,"src":"34969:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"313932","id":1427,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34974:3:1","typeDescriptions":{"typeIdentifier":"t_rational_192_by_1","typeString":"int_const 192"},"value":"192"},"src":"34969:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1429,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34968:10:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34956:22:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1431,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34955:24:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"&","rightExpression":{"hexValue":"31","id":1432,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34982:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"src":"34955:28:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1434,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34954:30:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34624:360:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1436,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"34598:408:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34573:433:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"34566:440:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1439,"nodeType":"ExpressionStatement","src":"34566:440:1"}]},"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1330,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"baseExpression":{"id":1326,"name":"T","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1320,"src":"34458:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$6_memory_ptr","typeString":"uint256[6] memory"}},"id":1328,"indexExpression":{"hexValue":"30","id":1327,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34460:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":true,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"34458:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1329,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"34466:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"34458:9:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1441,"nodeType":"WhileStatement","src":"34451:570:1"},{"AST":{"nodeType":"YulBlock","src":"35043:4048:1","statements":[{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"35070:1:1"},{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"35083:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"35077:5:1"},"nodeType":"YulFunctionCall","src":"35077:8:1"},{"name":"dataPointer","nodeType":"YulIdentifier","src":"35087:11:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"35073:3:1"},"nodeType":"YulFunctionCall","src":"35073:26:1"},{"kind":"number","nodeType":"YulLiteral","src":"35101:2:1","type":"","value":"64"}],"functionName":{"name":"codecopy","nodeType":"YulIdentifier","src":"35061:8:1"},"nodeType":"YulFunctionCall","src":"35061:43:1"},"nodeType":"YulExpressionStatement","src":"35061:43:1"},{"nodeType":"YulAssignment","src":"35121:13:1","value":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"35132:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"35126:5:1"},"nodeType":"YulFunctionCall","src":"35126:8:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"35121:1:1"}]},{"nodeType":"YulVariableDeclaration","src":"35151:26:1","value":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"35170:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"35173:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"35166:3:1"},"nodeType":"YulFunctionCall","src":"35166:10:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"35160:5:1"},"nodeType":"YulFunctionCall","src":"35160:17:1"},"variables":[{"name":"Y","nodeType":"YulTypedName","src":"35155:1:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"35194:12:1","value":{"kind":"number","nodeType":"YulLiteral","src":"35205:1:1","type":"","value":"1"},"variables":[{"name":"zzz","nodeType":"YulTypedName","src":"35198:3:1","type":""}]},{"nodeType":"YulAssignment","src":"35223:7:1","value":{"kind":"number","nodeType":"YulLiteral","src":"35229:1:1","type":"","value":"1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"35223:2:1"}]},{"body":{"nodeType":"YulBlock","src":"35396:2850:1","statements":[{"nodeType":"YulVariableDeclaration","src":"35418:25:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"35435:1:1","type":"","value":"2"},{"name":"Y","nodeType":"YulIdentifier","src":"35438:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"35441:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35428:6:1"},"nodeType":"YulFunctionCall","src":"35428:15:1"},"variables":[{"name":"T1","nodeType":"YulTypedName","src":"35422:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"35483:27:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"35500:2:1"},{"name":"T1","nodeType":"YulIdentifier","src":"35504:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35508:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35493:6:1"},"nodeType":"YulFunctionCall","src":"35493:17:1"},"variables":[{"name":"T2","nodeType":"YulTypedName","src":"35487:2:1","type":""}]},{"nodeType":"YulVariableDeclaration","src":"35540:26:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"35557:1:1"},{"name":"T2","nodeType":"YulIdentifier","src":"35560:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35564:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35550:6:1"},"nodeType":"YulFunctionCall","src":"35550:16:1"},"variables":[{"name":"T3","nodeType":"YulTypedName","src":"35544:2:1","type":""}]},{"nodeType":"YulAssignment","src":"35599:23:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"35612:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"35616:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35620:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35605:6:1"},"nodeType":"YulFunctionCall","src":"35605:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"35599:2:1"}]},{"nodeType":"YulVariableDeclaration","src":"35651:77:1","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"35668:1:1","type":"","value":"3"},{"arguments":[{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"35685:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"35692:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"35695:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"35688:3:1"},"nodeType":"YulFunctionCall","src":"35688:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"35700:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"35678:6:1"},"nodeType":"YulFunctionCall","src":"35678:24:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"35711:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"35714:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35718:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"35704:6:1"},"nodeType":"YulFunctionCall","src":"35704:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"35722:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35671:6:1"},"nodeType":"YulFunctionCall","src":"35671:53:1"},{"name":"p","nodeType":"YulIdentifier","src":"35726:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35661:6:1"},"nodeType":"YulFunctionCall","src":"35661:67:1"},"variables":[{"name":"T4","nodeType":"YulTypedName","src":"35655:2:1","type":""}]},{"nodeType":"YulAssignment","src":"35773:25:1","value":{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"35787:2:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"35791:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"35796:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35780:6:1"},"nodeType":"YulFunctionCall","src":"35780:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"35773:3:1"}]},{"nodeType":"YulAssignment","src":"35833:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"35846:2:1"},{"name":"zz","nodeType":"YulIdentifier","src":"35850:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35854:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35839:6:1"},"nodeType":"YulFunctionCall","src":"35839:17:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"35833:2:1"}]},{"nodeType":"YulAssignment","src":"35898:57:1","value":{"arguments":[{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"35917:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"35921:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35925:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35910:6:1"},"nodeType":"YulFunctionCall","src":"35910:17:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"35936:7:1"},{"name":"T3","nodeType":"YulIdentifier","src":"35945:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"35949:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"35929:6:1"},"nodeType":"YulFunctionCall","src":"35929:22:1"},{"name":"p","nodeType":"YulIdentifier","src":"35953:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"35903:6:1"},"nodeType":"YulFunctionCall","src":"35903:52:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"35898:1:1"}]},{"nodeType":"YulAssignment","src":"36060:45:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"36073:2:1"},{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"36084:1:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"36091:1:1"},{"name":"T3","nodeType":"YulIdentifier","src":"36094:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"36087:3:1"},"nodeType":"YulFunctionCall","src":"36087:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"36099:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"36077:6:1"},"nodeType":"YulFunctionCall","src":"36077:24:1"},{"name":"p","nodeType":"YulIdentifier","src":"36103:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"36066:6:1"},"nodeType":"YulFunctionCall","src":"36066:39:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"36060:2:1"}]},{"nodeType":"YulAssignment","src":"36231:36:1","value":{"arguments":[{"arguments":[{"name":"T1","nodeType":"YulIdentifier","src":"36250:2:1"},{"name":"Y","nodeType":"YulIdentifier","src":"36254:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"36257:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"36243:6:1"},"nodeType":"YulFunctionCall","src":"36243:16:1"},{"name":"T2","nodeType":"YulIdentifier","src":"36261:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"36265:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"36236:6:1"},"nodeType":"YulFunctionCall","src":"36236:31:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"36231:1:1"}]},{"nodeType":"YulAssignment","src":"36426:86:1","value":{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36440:2:1","type":"","value":"13"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36452:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"36459:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36448:3:1"},"nodeType":"YulFunctionCall","src":"36448:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36470:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36444:3:1"},"nodeType":"YulFunctionCall","src":"36444:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36436:3:1"},"nodeType":"YulFunctionCall","src":"36436:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36479:1:1","type":"","value":"9"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36490:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"36497:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36486:3:1"},"nodeType":"YulFunctionCall","src":"36486:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36508:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36482:3:1"},"nodeType":"YulFunctionCall","src":"36482:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36475:3:1"},"nodeType":"YulFunctionCall","src":"36475:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36432:3:1"},"nodeType":"YulFunctionCall","src":"36432:80:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"36426:2:1"}]},{"nodeType":"YulAssignment","src":"36533:23:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36546:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"36553:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"36542:3:1"},"nodeType":"YulFunctionCall","src":"36542:14:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"36533:5:1"}]},{"nodeType":"YulAssignment","src":"36577:95:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"36587:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36599:2:1","type":"","value":"12"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36611:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"36618:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36607:3:1"},"nodeType":"YulFunctionCall","src":"36607:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36629:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36603:3:1"},"nodeType":"YulFunctionCall","src":"36603:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36595:3:1"},"nodeType":"YulFunctionCall","src":"36595:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36638:1:1","type":"","value":"8"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36649:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"36656:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36645:3:1"},"nodeType":"YulFunctionCall","src":"36645:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36667:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36641:3:1"},"nodeType":"YulFunctionCall","src":"36641:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36634:3:1"},"nodeType":"YulFunctionCall","src":"36634:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36591:3:1"},"nodeType":"YulFunctionCall","src":"36591:80:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36583:3:1"},"nodeType":"YulFunctionCall","src":"36583:89:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"36577:2:1"}]},{"nodeType":"YulAssignment","src":"36693:23:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36706:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"36713:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"36702:3:1"},"nodeType":"YulFunctionCall","src":"36702:14:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"36693:5:1"}]},{"nodeType":"YulAssignment","src":"36737:95:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"36747:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36759:2:1","type":"","value":"11"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36771:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"36778:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36767:3:1"},"nodeType":"YulFunctionCall","src":"36767:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36789:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36763:3:1"},"nodeType":"YulFunctionCall","src":"36763:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36755:3:1"},"nodeType":"YulFunctionCall","src":"36755:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36798:1:1","type":"","value":"7"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36809:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"36816:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36805:3:1"},"nodeType":"YulFunctionCall","src":"36805:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36827:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36801:3:1"},"nodeType":"YulFunctionCall","src":"36801:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36794:3:1"},"nodeType":"YulFunctionCall","src":"36794:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36751:3:1"},"nodeType":"YulFunctionCall","src":"36751:80:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36743:3:1"},"nodeType":"YulFunctionCall","src":"36743:89:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"36737:2:1"}]},{"nodeType":"YulAssignment","src":"36853:23:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36866:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"36873:2:1","type":"","value":"64"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"36862:3:1"},"nodeType":"YulFunctionCall","src":"36862:14:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"36853:5:1"}]},{"nodeType":"YulAssignment","src":"36897:95:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"36907:2:1"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36919:2:1","type":"","value":"10"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36931:5:1"},{"name":"scalar_v","nodeType":"YulIdentifier","src":"36938:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36927:3:1"},"nodeType":"YulFunctionCall","src":"36927:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36949:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36923:3:1"},"nodeType":"YulFunctionCall","src":"36923:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36915:3:1"},"nodeType":"YulFunctionCall","src":"36915:37:1"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36958:1:1","type":"","value":"6"},{"arguments":[{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"36969:5:1"},{"name":"scalar_u","nodeType":"YulIdentifier","src":"36976:8:1"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"36965:3:1"},"nodeType":"YulFunctionCall","src":"36965:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"36987:1:1","type":"","value":"1"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"36961:3:1"},"nodeType":"YulFunctionCall","src":"36961:28:1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36954:3:1"},"nodeType":"YulFunctionCall","src":"36954:36:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36911:3:1"},"nodeType":"YulFunctionCall","src":"36911:80:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"36903:3:1"},"nodeType":"YulFunctionCall","src":"36903:89:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"36897:2:1"}]},{"body":{"nodeType":"YulBlock","src":"37202:96:1","statements":[{"nodeType":"YulAssignment","src":"37228:14:1","value":{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"37237:1:1"},{"name":"Y","nodeType":"YulIdentifier","src":"37240:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"37233:3:1"},"nodeType":"YulFunctionCall","src":"37233:9:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"37228:1:1"}]},{"nodeType":"YulContinue","src":"37268:8:1"}]},"condition":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"37198:2:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"37191:6:1"},"nodeType":"YulFunctionCall","src":"37191:10:1"},"nodeType":"YulIf","src":"37188:110:1"},{"nodeType":"YulBlock","src":"37319:909:1","statements":[{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"37435:1:1"},{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"37442:2:1"},{"name":"dataPointer","nodeType":"YulIdentifier","src":"37446:11:1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"37438:3:1"},"nodeType":"YulFunctionCall","src":"37438:20:1"},{"kind":"number","nodeType":"YulLiteral","src":"37460:2:1","type":"","value":"64"}],"functionName":{"name":"codecopy","nodeType":"YulIdentifier","src":"37426:8:1"},"nodeType":"YulFunctionCall","src":"37426:37:1"},"nodeType":"YulExpressionStatement","src":"37426:37:1"},{"nodeType":"YulVariableDeclaration","src":"37535:57:1","value":{"arguments":[{"arguments":[{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"37569:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"37572:2:1","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"37565:3:1"},"nodeType":"YulFunctionCall","src":"37565:10:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"37559:5:1"},"nodeType":"YulFunctionCall","src":"37559:17:1"},{"name":"zzz","nodeType":"YulIdentifier","src":"37578:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"37583:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37552:6:1"},"nodeType":"YulFunctionCall","src":"37552:33:1"},{"name":"Y","nodeType":"YulIdentifier","src":"37587:1:1"},{"name":"p","nodeType":"YulIdentifier","src":"37590:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"37545:6:1"},"nodeType":"YulFunctionCall","src":"37545:47:1"},"variables":[{"name":"y2","nodeType":"YulTypedName","src":"37539:2:1","type":""}]},{"nodeType":"YulAssignment","src":"37617:51:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"37643:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"37637:5:1"},"nodeType":"YulFunctionCall","src":"37637:8:1"},{"name":"zz","nodeType":"YulIdentifier","src":"37647:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37651:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37630:6:1"},"nodeType":"YulFunctionCall","src":"37630:23:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"37659:1:1"},{"name":"X","nodeType":"YulIdentifier","src":"37662:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"37655:3:1"},"nodeType":"YulFunctionCall","src":"37655:9:1"},{"name":"p","nodeType":"YulIdentifier","src":"37666:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"37623:6:1"},"nodeType":"YulFunctionCall","src":"37623:45:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"37617:2:1"}]},{"nodeType":"YulAssignment","src":"37693:23:1","value":{"arguments":[{"name":"T2","nodeType":"YulIdentifier","src":"37706:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"37710:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37714:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37699:6:1"},"nodeType":"YulFunctionCall","src":"37699:17:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"37693:2:1"}]},{"nodeType":"YulAssignment","src":"37741:23:1","value":{"arguments":[{"name":"T4","nodeType":"YulIdentifier","src":"37754:2:1"},{"name":"T2","nodeType":"YulIdentifier","src":"37758:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37762:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37747:6:1"},"nodeType":"YulFunctionCall","src":"37747:17:1"},"variableNames":[{"name":"T1","nodeType":"YulIdentifier","src":"37741:2:1"}]},{"nodeType":"YulAssignment","src":"37789:23:1","value":{"arguments":[{"name":"zz","nodeType":"YulIdentifier","src":"37802:2:1"},{"name":"T4","nodeType":"YulIdentifier","src":"37806:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37810:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37795:6:1"},"nodeType":"YulFunctionCall","src":"37795:17:1"},"variableNames":[{"name":"T2","nodeType":"YulIdentifier","src":"37789:2:1"}]},{"nodeType":"YulAssignment","src":"37845:25:1","value":{"arguments":[{"name":"zzz","nodeType":"YulIdentifier","src":"37859:3:1"},{"name":"T1","nodeType":"YulIdentifier","src":"37864:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37868:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37852:6:1"},"nodeType":"YulFunctionCall","src":"37852:18:1"},"variableNames":[{"name":"zzz","nodeType":"YulIdentifier","src":"37845:3:1"}]},{"nodeType":"YulVariableDeclaration","src":"37907:27:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"37925:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"37928:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37932:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37918:6:1"},"nodeType":"YulFunctionCall","src":"37918:16:1"},"variables":[{"name":"zz1","nodeType":"YulTypedName","src":"37911:3:1","type":""}]},{"nodeType":"YulAssignment","src":"37959:82:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"y2","nodeType":"YulIdentifier","src":"37986:2:1"},{"name":"y2","nodeType":"YulIdentifier","src":"37990:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"37994:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"37979:6:1"},"nodeType":"YulFunctionCall","src":"37979:17:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"38002:1:1"},{"name":"T1","nodeType":"YulIdentifier","src":"38005:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"37998:3:1"},"nodeType":"YulFunctionCall","src":"37998:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"38010:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"37972:6:1"},"nodeType":"YulFunctionCall","src":"37972:40:1"},{"arguments":[{"name":"minus_2","nodeType":"YulIdentifier","src":"38021:7:1"},{"name":"zz1","nodeType":"YulIdentifier","src":"38030:3:1"},{"name":"p","nodeType":"YulIdentifier","src":"38035:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"38014:6:1"},"nodeType":"YulFunctionCall","src":"38014:23:1"},{"name":"p","nodeType":"YulIdentifier","src":"38039:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"37965:6:1"},"nodeType":"YulFunctionCall","src":"37965:76:1"},"variableNames":[{"name":"T4","nodeType":"YulIdentifier","src":"37959:2:1"}]},{"nodeType":"YulAssignment","src":"38066:75:1","value":{"arguments":[{"arguments":[{"arguments":[{"name":"zz1","nodeType":"YulIdentifier","src":"38092:3:1"},{"arguments":[{"name":"p","nodeType":"YulIdentifier","src":"38101:1:1"},{"name":"T4","nodeType":"YulIdentifier","src":"38104:2:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"38097:3:1"},"nodeType":"YulFunctionCall","src":"38097:10:1"},{"name":"p","nodeType":"YulIdentifier","src":"38109:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"38085:6:1"},"nodeType":"YulFunctionCall","src":"38085:26:1"},{"name":"y2","nodeType":"YulIdentifier","src":"38113:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"38117:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"38078:6:1"},"nodeType":"YulFunctionCall","src":"38078:41:1"},{"arguments":[{"name":"Y","nodeType":"YulIdentifier","src":"38128:1:1"},{"name":"T1","nodeType":"YulIdentifier","src":"38131:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"38135:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"38121:6:1"},"nodeType":"YulFunctionCall","src":"38121:16:1"},{"name":"p","nodeType":"YulIdentifier","src":"38139:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"38071:6:1"},"nodeType":"YulFunctionCall","src":"38071:70:1"},"variableNames":[{"name":"Y","nodeType":"YulIdentifier","src":"38066:1:1"}]},{"nodeType":"YulAssignment","src":"38166:8:1","value":{"name":"T2","nodeType":"YulIdentifier","src":"38172:2:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"38166:2:1"}]},{"nodeType":"YulAssignment","src":"38199:7:1","value":{"name":"T4","nodeType":"YulIdentifier","src":"38204:2:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"38199:1:1"}]}]}]},"condition":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"35355:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"35362:3:1","type":"","value":"191"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"35352:2:1"},"nodeType":"YulFunctionCall","src":"35352:14:1"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"35367:28:1","statements":[{"nodeType":"YulAssignment","src":"35369:24:1","value":{"arguments":[{"name":"index","nodeType":"YulIdentifier","src":"35382:5:1"},{"kind":"number","nodeType":"YulLiteral","src":"35389:3:1","type":"","value":"191"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"35378:3:1"},"nodeType":"YulFunctionCall","src":"35378:15:1"},"variableNames":[{"name":"index","nodeType":"YulIdentifier","src":"35369:5:1"}]}]},"pre":{"nodeType":"YulBlock","src":"35331:20:1","statements":[{"nodeType":"YulVariableDeclaration","src":"35333:16:1","value":{"kind":"number","nodeType":"YulLiteral","src":"35346:3:1","type":"","value":"254"},"variables":[{"name":"index","nodeType":"YulTypedName","src":"35337:5:1","type":""}]}]},"src":"35327:2919:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38285:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38288:4:1","type":"","value":"0x60"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"38281:3:1"},"nodeType":"YulFunctionCall","src":"38281:12:1"},{"name":"zz","nodeType":"YulIdentifier","src":"38295:2:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38274:6:1"},"nodeType":"YulFunctionCall","src":"38274:24:1"},"nodeType":"YulExpressionStatement","src":"38274:24:1"},{"expression":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38558:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38561:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38551:6:1"},"nodeType":"YulFunctionCall","src":"38551:15:1"},"nodeType":"YulExpressionStatement","src":"38551:15:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38594:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38597:4:1","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"38590:3:1"},"nodeType":"YulFunctionCall","src":"38590:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"38604:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38583:6:1"},"nodeType":"YulFunctionCall","src":"38583:26:1"},"nodeType":"YulExpressionStatement","src":"38583:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38637:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38640:4:1","type":"","value":"0x40"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"38633:3:1"},"nodeType":"YulFunctionCall","src":"38633:12:1"},{"kind":"number","nodeType":"YulLiteral","src":"38647:4:1","type":"","value":"0x20"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38626:6:1"},"nodeType":"YulFunctionCall","src":"38626:26:1"},"nodeType":"YulExpressionStatement","src":"38626:26:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38791:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38794:4:1","type":"","value":"0x80"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"38787:3:1"},"nodeType":"YulFunctionCall","src":"38787:12:1"},{"name":"minus_2","nodeType":"YulIdentifier","src":"38801:7:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38780:6:1"},"nodeType":"YulFunctionCall","src":"38780:29:1"},"nodeType":"YulExpressionStatement","src":"38780:29:1"},{"expression":{"arguments":[{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"38837:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38840:4:1","type":"","value":"0xa0"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"38833:3:1"},"nodeType":"YulFunctionCall","src":"38833:12:1"},{"name":"p","nodeType":"YulIdentifier","src":"38847:1:1"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"38826:6:1"},"nodeType":"YulFunctionCall","src":"38826:23:1"},"nodeType":"YulExpressionStatement","src":"38826:23:1"},{"body":{"nodeType":"YulBlock","src":"38984:16:1","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"38993:1:1","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"38996:1:1","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"38986:6:1"},"nodeType":"YulFunctionCall","src":"38986:12:1"},"nodeType":"YulExpressionStatement","src":"38986:12:1"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"38955:1:1","type":"","value":"0"}],"functionName":{"name":"not","nodeType":"YulIdentifier","src":"38951:3:1"},"nodeType":"YulFunctionCall","src":"38951:6:1"},{"kind":"number","nodeType":"YulLiteral","src":"38959:4:1","type":"","value":"0x05"},{"name":"T","nodeType":"YulIdentifier","src":"38965:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38968:4:1","type":"","value":"0xc0"},{"name":"T","nodeType":"YulIdentifier","src":"38974:1:1"},{"kind":"number","nodeType":"YulLiteral","src":"38977:4:1","type":"","value":"0x20"}],"functionName":{"name":"staticcall","nodeType":"YulIdentifier","src":"38940:10:1"},"nodeType":"YulFunctionCall","src":"38940:42:1"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"38933:6:1"},"nodeType":"YulFunctionCall","src":"38933:50:1"},"nodeType":"YulIf","src":"38930:70:1"},{"nodeType":"YulAssignment","src":"39018:14:1","value":{"arguments":[{"name":"T","nodeType":"YulIdentifier","src":"39030:1:1"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"39024:5:1"},"nodeType":"YulFunctionCall","src":"39024:8:1"},"variableNames":[{"name":"zz","nodeType":"YulIdentifier","src":"39018:2:1"}]},{"nodeType":"YulAssignment","src":"39049:21:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"39061:1:1"},{"name":"zz","nodeType":"YulIdentifier","src":"39064:2:1"},{"name":"p","nodeType":"YulIdentifier","src":"39068:1:1"}],"functionName":{"name":"mulmod","nodeType":"YulIdentifier","src":"39054:6:1"},"nodeType":"YulFunctionCall","src":"39054:16:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"39049:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1320,"isOffset":false,"isSlot":false,"src":"35070:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"35083:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"35132:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"35170:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"37435:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"37569:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"37643:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38285:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38558:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38594:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38637:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38791:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38837:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38965:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"38974:1:1","valueSize":1},{"declaration":1320,"isOffset":false,"isSlot":false,"src":"39030:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"35121:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"35557:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"35685:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"35711:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"35898:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"36084:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"37662:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"37925:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"38199:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"39049:1:1","valueSize":1},{"declaration":1310,"isOffset":false,"isSlot":false,"src":"39061:1:1","valueSize":1},{"declaration":1307,"isOffset":false,"isSlot":false,"src":"35087:11:1","valueSize":1},{"declaration":1307,"isOffset":false,"isSlot":false,"src":"37446:11:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"35936:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"38021:7:1","valueSize":1},{"declaration":273,"isOffset":false,"isSlot":false,"src":"38801:7:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35441:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35508:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35564:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35620:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35692:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35700:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35718:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35722:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35726:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35796:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35854:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35925:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35949:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"35953:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"36091:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"36099:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"36103:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"36257:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"36265:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37237:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37583:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37590:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37651:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37659:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37666:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37714:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37762:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37810:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37868:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37932:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"37994:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38002:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38010:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38035:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38039:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38101:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38109:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38117:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38135:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38139:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"38847:1:1","valueSize":1},{"declaration":255,"isOffset":false,"isSlot":false,"src":"39068:1:1","valueSize":1},{"declaration":1303,"isOffset":false,"isSlot":false,"src":"36497:8:1","valueSize":1},{"declaration":1303,"isOffset":false,"isSlot":false,"src":"36656:8:1","valueSize":1},{"declaration":1303,"isOffset":false,"isSlot":false,"src":"36816:8:1","valueSize":1},{"declaration":1303,"isOffset":false,"isSlot":false,"src":"36976:8:1","valueSize":1},{"declaration":1305,"isOffset":false,"isSlot":false,"src":"36459:8:1","valueSize":1},{"declaration":1305,"isOffset":false,"isSlot":false,"src":"36618:8:1","valueSize":1},{"declaration":1305,"isOffset":false,"isSlot":false,"src":"36778:8:1","valueSize":1},{"declaration":1305,"isOffset":false,"isSlot":false,"src":"36938:8:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"35223:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"35695:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"35714:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"35833:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"35850:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"37647:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"37802:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"38166:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"38295:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"39018:2:1","valueSize":1},{"declaration":1313,"isOffset":false,"isSlot":false,"src":"39064:2:1","valueSize":1}],"id":1442,"nodeType":"InlineAssembly","src":"35034:4057:1"}]}]},"id":1445,"implemented":true,"kind":"function","modifiers":[],"name":"ecZZ_mulmuladd_S8_hackmem","nameLocation":"34144:25:1","nodeType":"FunctionDefinition","parameters":{"id":1308,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1303,"mutability":"mutable","name":"scalar_u","nameLocation":"34178:8:1","nodeType":"VariableDeclaration","scope":1445,"src":"34170:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1302,"name":"uint256","nodeType":"ElementaryTypeName","src":"34170:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1305,"mutability":"mutable","name":"scalar_v","nameLocation":"34196:8:1","nodeType":"VariableDeclaration","scope":1445,"src":"34188:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1304,"name":"uint256","nodeType":"ElementaryTypeName","src":"34188:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1307,"mutability":"mutable","name":"dataPointer","nameLocation":"34214:11:1","nodeType":"VariableDeclaration","scope":1445,"src":"34206:19:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1306,"name":"uint256","nodeType":"ElementaryTypeName","src":"34206:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"34169:57:1"},"returnParameters":{"id":1311,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1310,"mutability":"mutable","name":"X","nameLocation":"34274:1:1","nodeType":"VariableDeclaration","scope":1445,"src":"34266:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1309,"name":"uint256","nodeType":"ElementaryTypeName","src":"34266:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"34265:25:1"},"scope":1886,"src":"34135:4988:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1555,"nodeType":"Block","src":"39327:633:1","statements":[{"assignments":[1462],"declarations":[{"constant":false,"id":1462,"mutability":"mutable","name":"r","nameLocation":"39345:1:1","nodeType":"VariableDeclaration","scope":1555,"src":"39337:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1461,"name":"uint256","nodeType":"ElementaryTypeName","src":"39337:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1466,"initialValue":{"baseExpression":{"id":1463,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1452,"src":"39349:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1465,"indexExpression":{"hexValue":"30","id":1464,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39352:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"39349:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39337:17:1"},{"assignments":[1468],"declarations":[{"constant":false,"id":1468,"mutability":"mutable","name":"s","nameLocation":"39372:1:1","nodeType":"VariableDeclaration","scope":1555,"src":"39364:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1467,"name":"uint256","nodeType":"ElementaryTypeName","src":"39364:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1472,"initialValue":{"baseExpression":{"id":1469,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1452,"src":"39376:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1471,"indexExpression":{"hexValue":"31","id":1470,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39379:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"39376:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39364:17:1"},{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1487,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1483,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1479,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1475,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1473,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1462,"src":"39395:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1474,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39400:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"39395:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1478,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1476,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1462,"src":"39405:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1477,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"39410:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"39405:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"39395:16:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1482,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1480,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1468,"src":"39415:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1481,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39420:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"39415:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"39395:26:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1486,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1484,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1468,"src":"39425:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1485,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"39430:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"39425:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"39395:36:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1491,"nodeType":"IfStatement","src":"39391:79:1","trueBody":{"id":1490,"nodeType":"Block","src":"39433:37:1","statements":[{"expression":{"hexValue":"66616c7365","id":1488,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"39454:5:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"false"},"functionReturnParameters":1460,"id":1489,"nodeType":"Return","src":"39447:12:1"}]}},{"assignments":[1493],"declarations":[{"constant":false,"id":1493,"mutability":"mutable","name":"Q0","nameLocation":"39487:2:1","nodeType":"VariableDeclaration","scope":1555,"src":"39479:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1492,"name":"uint256","nodeType":"ElementaryTypeName","src":"39479:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1497,"initialValue":{"baseExpression":{"id":1494,"name":"Q","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1456,"src":"39492:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1496,"indexExpression":{"hexValue":"30","id":1495,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39494:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"39492:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39479:17:1"},{"assignments":[1499],"declarations":[{"constant":false,"id":1499,"mutability":"mutable","name":"Q1","nameLocation":"39514:2:1","nodeType":"VariableDeclaration","scope":1555,"src":"39506:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1498,"name":"uint256","nodeType":"ElementaryTypeName","src":"39506:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1503,"initialValue":{"baseExpression":{"id":1500,"name":"Q","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1456,"src":"39519:1:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1502,"indexExpression":{"hexValue":"31","id":1501,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39521:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"39519:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39506:17:1"},{"condition":{"id":1508,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"UnaryOperation","operator":"!","prefix":true,"src":"39537:24:1","subExpression":{"arguments":[{"id":1505,"name":"Q0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1493,"src":"39554:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1506,"name":"Q1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1499,"src":"39558:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1504,"name":"ecAff_isOnCurve","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":961,"src":"39538:15:1","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_uint256_$_t_uint256_$returns$_t_bool_$","typeString":"function (uint256,uint256) pure returns (bool)"}},"id":1507,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39538:23:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1512,"nodeType":"IfStatement","src":"39533:67:1","trueBody":{"id":1511,"nodeType":"Block","src":"39563:37:1","statements":[{"expression":{"hexValue":"66616c7365","id":1509,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"39584:5:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"false"},"functionReturnParameters":1460,"id":1510,"nodeType":"Return","src":"39577:12:1"}]}},{"assignments":[1514],"declarations":[{"constant":false,"id":1514,"mutability":"mutable","name":"sInv","nameLocation":"39618:4:1","nodeType":"VariableDeclaration","scope":1555,"src":"39610:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1513,"name":"uint256","nodeType":"ElementaryTypeName","src":"39610:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1518,"initialValue":{"arguments":[{"id":1516,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1468,"src":"39637:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1515,"name":"FCL_nModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":298,"src":"39625:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":1517,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39625:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39610:29:1"},{"assignments":[1520],"declarations":[{"constant":false,"id":1520,"mutability":"mutable","name":"scalar_u","nameLocation":"39658:8:1","nodeType":"VariableDeclaration","scope":1555,"src":"39650:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1519,"name":"uint256","nodeType":"ElementaryTypeName","src":"39650:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1529,"initialValue":{"arguments":[{"arguments":[{"id":1524,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1448,"src":"39684:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"id":1523,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"39676:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":1522,"name":"uint256","nodeType":"ElementaryTypeName","src":"39676:7:1","typeDescriptions":{}}},"id":1525,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39676:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1526,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1514,"src":"39694:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1527,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"39700:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1521,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"39669:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1528,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39669:33:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39650:52:1"},{"assignments":[1531],"declarations":[{"constant":false,"id":1531,"mutability":"mutable","name":"scalar_v","nameLocation":"39720:8:1","nodeType":"VariableDeclaration","scope":1555,"src":"39712:16:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1530,"name":"uint256","nodeType":"ElementaryTypeName","src":"39712:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1537,"initialValue":{"arguments":[{"id":1533,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1462,"src":"39738:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1534,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1514,"src":"39741:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1535,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"39747:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1532,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"39731:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1536,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39731:18:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"39712:37:1"},{"assignments":[1539],"declarations":[{"constant":false,"id":1539,"mutability":"mutable","name":"x1","nameLocation":"39767:2:1","nodeType":"VariableDeclaration","scope":1555,"src":"39759:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1538,"name":"uint256","nodeType":"ElementaryTypeName","src":"39759:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1540,"nodeType":"VariableDeclarationStatement","src":"39759:10:1"},{"expression":{"id":1548,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1541,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1539,"src":"39780:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":1543,"name":"Q0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1493,"src":"39806:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1544,"name":"Q1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1499,"src":"39810:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1545,"name":"scalar_u","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1520,"src":"39814:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1546,"name":"scalar_v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1531,"src":"39824:8:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1542,"name":"ecZZ_mulmuladd_S_asm","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1083,"src":"39785:20:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256)"}},"id":1547,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"39785:48:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"39780:53:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1549,"nodeType":"ExpressionStatement","src":"39780:53:1"},{"AST":{"nodeType":"YulBlock","src":"39853:54:1","statements":[{"nodeType":"YulAssignment","src":"39867:30:1","value":{"arguments":[{"name":"x1","nodeType":"YulIdentifier","src":"39880:2:1"},{"arguments":[{"name":"n","nodeType":"YulIdentifier","src":"39888:1:1"},{"name":"r","nodeType":"YulIdentifier","src":"39891:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"39884:3:1"},"nodeType":"YulFunctionCall","src":"39884:9:1"},{"name":"n","nodeType":"YulIdentifier","src":"39895:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"39873:6:1"},"nodeType":"YulFunctionCall","src":"39873:24:1"},"variableNames":[{"name":"x1","nodeType":"YulIdentifier","src":"39867:2:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":270,"isOffset":false,"isSlot":false,"src":"39888:1:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"39895:1:1","valueSize":1},{"declaration":1462,"isOffset":false,"isSlot":false,"src":"39891:1:1","valueSize":1},{"declaration":1539,"isOffset":false,"isSlot":false,"src":"39867:2:1","valueSize":1},{"declaration":1539,"isOffset":false,"isSlot":false,"src":"39880:2:1","valueSize":1}],"id":1550,"nodeType":"InlineAssembly","src":"39844:63:1"},{"expression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1553,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1551,"name":"x1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1539,"src":"39946:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1552,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39952:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"39946:7:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":1460,"id":1554,"nodeType":"Return","src":"39939:14:1"}]},"documentation":{"id":1446,"nodeType":"StructuredDocumentation","src":"39129:78:1","text":" @dev ECDSA verification, given , signature, and public key."},"id":1556,"implemented":true,"kind":"function","modifiers":[],"name":"ecdsa_verify","nameLocation":"39221:12:1","nodeType":"FunctionDefinition","parameters":{"id":1457,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1448,"mutability":"mutable","name":"message","nameLocation":"39242:7:1","nodeType":"VariableDeclaration","scope":1556,"src":"39234:15:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":1447,"name":"bytes32","nodeType":"ElementaryTypeName","src":"39234:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":1452,"mutability":"mutable","name":"rs","nameLocation":"39271:2:1","nodeType":"VariableDeclaration","scope":1556,"src":"39251:22:1","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1449,"name":"uint256","nodeType":"ElementaryTypeName","src":"39251:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1451,"length":{"hexValue":"32","id":1450,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39259:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"39251:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":1456,"mutability":"mutable","name":"Q","nameLocation":"39295:1:1","nodeType":"VariableDeclaration","scope":1556,"src":"39275:21:1","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1453,"name":"uint256","nodeType":"ElementaryTypeName","src":"39275:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1455,"length":{"hexValue":"32","id":1454,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"39283:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"39275:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"src":"39233:64:1"},"returnParameters":{"id":1460,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1459,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1556,"src":"39321:4:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":1458,"name":"bool","nodeType":"ElementaryTypeName","src":"39321:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"39320:6:1"},"scope":1886,"src":"39212:748:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1634,"nodeType":"Block","src":"40392:572:1","statements":[{"assignments":[1571],"declarations":[{"constant":false,"id":1571,"mutability":"mutable","name":"r","nameLocation":"40410:1:1","nodeType":"VariableDeclaration","scope":1634,"src":"40402:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1570,"name":"uint256","nodeType":"ElementaryTypeName","src":"40402:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1575,"initialValue":{"baseExpression":{"id":1572,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1563,"src":"40414:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1574,"indexExpression":{"hexValue":"30","id":1573,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40417:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"40414:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"40402:17:1"},{"assignments":[1577],"declarations":[{"constant":false,"id":1577,"mutability":"mutable","name":"s","nameLocation":"40437:1:1","nodeType":"VariableDeclaration","scope":1634,"src":"40429:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1576,"name":"uint256","nodeType":"ElementaryTypeName","src":"40429:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1581,"initialValue":{"baseExpression":{"id":1578,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1563,"src":"40441:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1580,"indexExpression":{"hexValue":"31","id":1579,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40444:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"40441:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"40429:17:1"},{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1596,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1592,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1588,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1584,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1582,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1571,"src":"40460:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1583,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40465:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"40460:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1587,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1585,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1571,"src":"40470:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1586,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"40475:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"40470:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"40460:16:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1591,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1589,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1577,"src":"40480:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1590,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40485:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"40480:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"40460:26:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1595,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1593,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1577,"src":"40490:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1594,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"40495:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"40490:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"40460:36:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1600,"nodeType":"IfStatement","src":"40456:79:1","trueBody":{"id":1599,"nodeType":"Block","src":"40498:37:1","statements":[{"expression":{"hexValue":"66616c7365","id":1597,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"40519:5:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"false"},"functionReturnParameters":1569,"id":1598,"nodeType":"Return","src":"40512:12:1"}]}},{"assignments":[1602],"declarations":[{"constant":false,"id":1602,"mutability":"mutable","name":"sInv","nameLocation":"40687:4:1","nodeType":"VariableDeclaration","scope":1634,"src":"40679:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1601,"name":"uint256","nodeType":"ElementaryTypeName","src":"40679:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1606,"initialValue":{"arguments":[{"id":1604,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1577,"src":"40706:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1603,"name":"FCL_nModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":298,"src":"40694:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":1605,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"40694:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"40679:29:1"},{"assignments":[1608],"declarations":[{"constant":false,"id":1608,"mutability":"mutable","name":"X","nameLocation":"40727:1:1","nodeType":"VariableDeclaration","scope":1634,"src":"40719:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1607,"name":"uint256","nodeType":"ElementaryTypeName","src":"40719:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1609,"nodeType":"VariableDeclarationStatement","src":"40719:9:1"},{"expression":{"id":1627,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1610,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1608,"src":"40769:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"arguments":[{"id":1615,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1559,"src":"40814:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"id":1614,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"40806:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":1613,"name":"uint256","nodeType":"ElementaryTypeName","src":"40806:7:1","typeDescriptions":{}}},"id":1616,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"40806:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1617,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1602,"src":"40824:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1618,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"40830:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1612,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"40799:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1619,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"40799:33:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":1621,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1571,"src":"40841:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1622,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1602,"src":"40844:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1623,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"40850:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1620,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"40834:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1624,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"40834:18:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1625,"name":"Shamir8","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1565,"src":"40854:7:1","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_address","typeString":"address"}],"id":1611,"name":"ecZZ_mulmuladd_S8_extcode","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1301,"src":"40773:25:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_address_$returns$_t_uint256_$","typeString":"function (uint256,uint256,address) view returns (uint256)"}},"id":1626,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"40773:89:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"40769:93:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1628,"nodeType":"ExpressionStatement","src":"40769:93:1"},{"AST":{"nodeType":"YulBlock","src":"40882:52:1","statements":[{"nodeType":"YulAssignment","src":"40896:28:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"40908:1:1"},{"arguments":[{"name":"n","nodeType":"YulIdentifier","src":"40915:1:1"},{"name":"r","nodeType":"YulIdentifier","src":"40918:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"40911:3:1"},"nodeType":"YulFunctionCall","src":"40911:9:1"},{"name":"n","nodeType":"YulIdentifier","src":"40922:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"40901:6:1"},"nodeType":"YulFunctionCall","src":"40901:23:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"40896:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1608,"isOffset":false,"isSlot":false,"src":"40896:1:1","valueSize":1},{"declaration":1608,"isOffset":false,"isSlot":false,"src":"40908:1:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"40915:1:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"40922:1:1","valueSize":1},{"declaration":1571,"isOffset":false,"isSlot":false,"src":"40918:1:1","valueSize":1}],"id":1629,"nodeType":"InlineAssembly","src":"40873:61:1"},{"expression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1632,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1630,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1608,"src":"40951:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1631,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40956:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"40951:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":1569,"id":1633,"nodeType":"Return","src":"40944:13:1"}]},"documentation":{"id":1557,"nodeType":"StructuredDocumentation","src":"39966:279:1","text":" @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n generation of contract bytecode for precomputations is done using sagemath code\n (see sage directory, WebAuthn_precompute.sage)"},"id":1635,"implemented":true,"kind":"function","modifiers":[],"name":"ecdsa_precomputed_verify","nameLocation":"40260:24:1","nodeType":"FunctionDefinition","parameters":{"id":1566,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1559,"mutability":"mutable","name":"message","nameLocation":"40293:7:1","nodeType":"VariableDeclaration","scope":1635,"src":"40285:15:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":1558,"name":"bytes32","nodeType":"ElementaryTypeName","src":"40285:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":1563,"mutability":"mutable","name":"rs","nameLocation":"40322:2:1","nodeType":"VariableDeclaration","scope":1635,"src":"40302:22:1","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1560,"name":"uint256","nodeType":"ElementaryTypeName","src":"40302:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1562,"length":{"hexValue":"32","id":1561,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"40310:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"40302:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":1565,"mutability":"mutable","name":"Shamir8","nameLocation":"40334:7:1","nodeType":"VariableDeclaration","scope":1635,"src":"40326:15:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":1564,"name":"address","nodeType":"ElementaryTypeName","src":"40326:7:1","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"40284:58:1"},"returnParameters":{"id":1569,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1568,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1635,"src":"40382:4:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":1567,"name":"bool","nodeType":"ElementaryTypeName","src":"40382:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"40381:6:1"},"scope":1886,"src":"40251:713:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1713,"nodeType":"Block","src":"41448:574:1","statements":[{"assignments":[1650],"declarations":[{"constant":false,"id":1650,"mutability":"mutable","name":"r","nameLocation":"41466:1:1","nodeType":"VariableDeclaration","scope":1713,"src":"41458:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1649,"name":"uint256","nodeType":"ElementaryTypeName","src":"41458:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1654,"initialValue":{"baseExpression":{"id":1651,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1642,"src":"41470:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1653,"indexExpression":{"hexValue":"30","id":1652,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"41473:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"41470:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"41458:17:1"},{"assignments":[1656],"declarations":[{"constant":false,"id":1656,"mutability":"mutable","name":"s","nameLocation":"41493:1:1","nodeType":"VariableDeclaration","scope":1713,"src":"41485:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1655,"name":"uint256","nodeType":"ElementaryTypeName","src":"41485:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1660,"initialValue":{"baseExpression":{"id":1657,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1642,"src":"41497:2:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},"id":1659,"indexExpression":{"hexValue":"31","id":1658,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"41500:1:1","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"1"},"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"IndexAccess","src":"41497:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"41485:17:1"},{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1675,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1671,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1667,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1663,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1661,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1650,"src":"41516:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1662,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"41521:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"41516:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1666,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1664,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1650,"src":"41526:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1665,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"41531:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"41526:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"41516:16:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1670,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1668,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1656,"src":"41536:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1669,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"41541:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"41536:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"41516:26:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1674,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1672,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1656,"src":"41546:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1673,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"41551:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"41546:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"41516:36:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1679,"nodeType":"IfStatement","src":"41512:79:1","trueBody":{"id":1678,"nodeType":"Block","src":"41554:37:1","statements":[{"expression":{"hexValue":"66616c7365","id":1676,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"41575:5:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"false"},"functionReturnParameters":1648,"id":1677,"nodeType":"Return","src":"41568:12:1"}]}},{"assignments":[1681],"declarations":[{"constant":false,"id":1681,"mutability":"mutable","name":"sInv","nameLocation":"41743:4:1","nodeType":"VariableDeclaration","scope":1713,"src":"41735:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1680,"name":"uint256","nodeType":"ElementaryTypeName","src":"41735:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1685,"initialValue":{"arguments":[{"id":1683,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1656,"src":"41762:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1682,"name":"FCL_nModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":298,"src":"41750:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":1684,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"41750:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"41735:29:1"},{"assignments":[1687],"declarations":[{"constant":false,"id":1687,"mutability":"mutable","name":"X","nameLocation":"41782:1:1","nodeType":"VariableDeclaration","scope":1713,"src":"41774:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1686,"name":"uint256","nodeType":"ElementaryTypeName","src":"41774:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1688,"nodeType":"VariableDeclarationStatement","src":"41774:9:1"},{"expression":{"id":1706,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1689,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1687,"src":"41824:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"arguments":[{"id":1694,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1638,"src":"41869:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"id":1693,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"41861:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":1692,"name":"uint256","nodeType":"ElementaryTypeName","src":"41861:7:1","typeDescriptions":{}}},"id":1695,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"41861:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1696,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1681,"src":"41879:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1697,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"41885:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1691,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"41854:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1698,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"41854:33:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":1700,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1650,"src":"41896:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1701,"name":"sInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1681,"src":"41899:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1702,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"41905:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1699,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"41889:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1703,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"41889:18:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1704,"name":"endcontract","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1644,"src":"41909:11:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1690,"name":"ecZZ_mulmuladd_S8_hackmem","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1445,"src":"41828:25:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) view returns (uint256)"}},"id":1705,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"41828:93:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"41824:97:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1707,"nodeType":"ExpressionStatement","src":"41824:97:1"},{"AST":{"nodeType":"YulBlock","src":"41941:52:1","statements":[{"nodeType":"YulAssignment","src":"41955:28:1","value":{"arguments":[{"name":"X","nodeType":"YulIdentifier","src":"41967:1:1"},{"arguments":[{"name":"n","nodeType":"YulIdentifier","src":"41974:1:1"},{"name":"r","nodeType":"YulIdentifier","src":"41977:1:1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"41970:3:1"},"nodeType":"YulFunctionCall","src":"41970:9:1"},{"name":"n","nodeType":"YulIdentifier","src":"41981:1:1"}],"functionName":{"name":"addmod","nodeType":"YulIdentifier","src":"41960:6:1"},"nodeType":"YulFunctionCall","src":"41960:23:1"},"variableNames":[{"name":"X","nodeType":"YulIdentifier","src":"41955:1:1"}]}]},"evmVersion":"paris","externalReferences":[{"declaration":1687,"isOffset":false,"isSlot":false,"src":"41955:1:1","valueSize":1},{"declaration":1687,"isOffset":false,"isSlot":false,"src":"41967:1:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"41974:1:1","valueSize":1},{"declaration":270,"isOffset":false,"isSlot":false,"src":"41981:1:1","valueSize":1},{"declaration":1650,"isOffset":false,"isSlot":false,"src":"41977:1:1","valueSize":1}],"id":1708,"nodeType":"InlineAssembly","src":"41932:61:1"},{"expression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1711,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1709,"name":"X","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1687,"src":"42009:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1710,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42014:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"42009:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":1648,"id":1712,"nodeType":"Return","src":"42002:13:1"}]},"documentation":{"id":1636,"nodeType":"StructuredDocumentation","src":"41004:292:1","text":" @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n generation of contract bytecode for precomputations is done using sagemath code\n (see sage directory, WebAuthn_precompute.sage)"},"id":1714,"implemented":true,"kind":"function","modifiers":[],"name":"ecdsa_precomputed_hackmem","nameLocation":"41311:25:1","nodeType":"FunctionDefinition","parameters":{"id":1645,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1638,"mutability":"mutable","name":"message","nameLocation":"41345:7:1","nodeType":"VariableDeclaration","scope":1714,"src":"41337:15:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":1637,"name":"bytes32","nodeType":"ElementaryTypeName","src":"41337:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":1642,"mutability":"mutable","name":"rs","nameLocation":"41374:2:1","nodeType":"VariableDeclaration","scope":1714,"src":"41354:22:1","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1639,"name":"uint256","nodeType":"ElementaryTypeName","src":"41354:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1641,"length":{"hexValue":"32","id":1640,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"41362:1:1","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"41354:10:1","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":1644,"mutability":"mutable","name":"endcontract","nameLocation":"41386:11:1","nodeType":"VariableDeclaration","scope":1714,"src":"41378:19:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1643,"name":"uint256","nodeType":"ElementaryTypeName","src":"41378:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"41336:62:1"},"returnParameters":{"id":1648,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1647,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1714,"src":"41438:4:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":1646,"name":"bool","nodeType":"ElementaryTypeName","src":"41438:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"41437:6:1"},"scope":1886,"src":"41302:720:1","stateMutability":"view","virtual":false,"visibility":"internal"},{"body":{"id":1820,"nodeType":"Block","src":"42163:451:1","statements":[{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1741,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1737,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1733,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1729,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1727,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1720,"src":"42178:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1728,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42183:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"42178:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1732,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1730,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1720,"src":"42188:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1731,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42193:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"42188:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"42178:16:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1736,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1734,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1722,"src":"42198:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1735,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42203:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"42198:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"42178:26:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1740,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1738,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1722,"src":"42208:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":">=","rightExpression":{"id":1739,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42213:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"42208:6:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"42178:36:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1748,"nodeType":"IfStatement","src":"42174:84:1","trueBody":{"id":1747,"nodeType":"Block","src":"42216:42:1","statements":[{"expression":{"arguments":[{"hexValue":"30","id":1744,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42245:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"}],"expression":{"argumentTypes":[{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"}],"id":1743,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"42237:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_address_$","typeString":"type(address)"},"typeName":{"id":1742,"name":"address","nodeType":"ElementaryTypeName","src":"42237:7:1","typeDescriptions":{}}},"id":1745,"isConstant":false,"isLValue":false,"isPure":true,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42237:10:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"functionReturnParameters":1726,"id":1746,"nodeType":"Return","src":"42230:17:1"}]}},{"assignments":[1750],"declarations":[{"constant":false,"id":1750,"mutability":"mutable","name":"y","nameLocation":"42275:1:1","nodeType":"VariableDeclaration","scope":1820,"src":"42267:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1749,"name":"uint256","nodeType":"ElementaryTypeName","src":"42267:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1757,"initialValue":{"arguments":[{"id":1752,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1720,"src":"42291:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1755,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1753,"name":"v","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1718,"src":"42294:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"hexValue":"3237","id":1754,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42296:2:1","typeDescriptions":{"typeIdentifier":"t_rational_27_by_1","typeString":"int_const 27"},"value":"27"},"src":"42294:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1751,"name":"ec_Decompress","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":695,"src":"42277:13:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256) view returns (uint256)"}},"id":1756,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42277:22:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"42267:32:1"},{"assignments":[1759],"declarations":[{"constant":false,"id":1759,"mutability":"mutable","name":"rinv","nameLocation":"42317:4:1","nodeType":"VariableDeclaration","scope":1820,"src":"42309:12:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1758,"name":"uint256","nodeType":"ElementaryTypeName","src":"42309:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1763,"initialValue":{"arguments":[{"id":1761,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1720,"src":"42334:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1760,"name":"FCL_nModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":298,"src":"42322:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":1762,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42322:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"42309:27:1"},{"assignments":[1765],"declarations":[{"constant":false,"id":1765,"mutability":"mutable","name":"u1","nameLocation":"42354:2:1","nodeType":"VariableDeclaration","scope":1820,"src":"42346:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1764,"name":"uint256","nodeType":"ElementaryTypeName","src":"42346:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1777,"initialValue":{"arguments":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1773,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1767,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42364:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"-","rightExpression":{"arguments":[{"hexValue":"30","id":1769,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42373:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"id":1770,"name":"h","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1716,"src":"42375:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1771,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42377:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1768,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"42366:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1772,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42366:13:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"42364:15:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1774,"name":"rinv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1759,"src":"42381:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1775,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42386:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1766,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"42357:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1776,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42357:31:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"42346:42:1"},{"assignments":[1779],"declarations":[{"constant":false,"id":1779,"mutability":"mutable","name":"u2","nameLocation":"42414:2:1","nodeType":"VariableDeclaration","scope":1820,"src":"42406:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1778,"name":"uint256","nodeType":"ElementaryTypeName","src":"42406:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1785,"initialValue":{"arguments":[{"id":1781,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1722,"src":"42424:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1782,"name":"rinv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1759,"src":"42427:4:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1783,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42432:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1780,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"42417:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1784,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42417:17:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"VariableDeclarationStatement","src":"42406:28:1"},{"assignments":[1787],"declarations":[{"constant":false,"id":1787,"mutability":"mutable","name":"Qx","nameLocation":"42460:2:1","nodeType":"VariableDeclaration","scope":1820,"src":"42452:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1786,"name":"uint256","nodeType":"ElementaryTypeName","src":"42452:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1788,"nodeType":"VariableDeclarationStatement","src":"42452:10:1"},{"assignments":[1790],"declarations":[{"constant":false,"id":1790,"mutability":"mutable","name":"Qy","nameLocation":"42480:2:1","nodeType":"VariableDeclaration","scope":1820,"src":"42472:10:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1789,"name":"uint256","nodeType":"ElementaryTypeName","src":"42472:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"id":1791,"nodeType":"VariableDeclarationStatement","src":"42472:10:1"},{"expression":{"id":1801,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"components":[{"id":1792,"name":"Qx","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1787,"src":"42493:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1793,"name":"Qy","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1790,"src":"42496:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1794,"isConstant":false,"isInlineArray":false,"isLValue":true,"isPure":false,"lValueRequested":true,"nodeType":"TupleExpression","src":"42492:7:1","typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":1796,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1720,"src":"42515:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1797,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1750,"src":"42517:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1798,"name":"u1","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1765,"src":"42520:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1799,"name":"u2","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1779,"src":"42524:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1795,"name":"ecZZ_mulmuladd","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1157,"src":"42500:14:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256,uint256)"}},"id":1800,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42500:27:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_uint256_$_t_uint256_$","typeString":"tuple(uint256,uint256)"}},"src":"42492:35:1","typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":1802,"nodeType":"ExpressionStatement","src":"42492:35:1"},{"expression":{"arguments":[{"arguments":[{"arguments":[{"arguments":[{"arguments":[{"id":1812,"name":"Qx","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1787,"src":"42596:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1813,"name":"Qy","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1790,"src":"42600:2:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"expression":{"id":1810,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"42579:3:1","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":1811,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"42583:12:1","memberName":"encodePacked","nodeType":"MemberAccess","src":"42579:16:1","typeDescriptions":{"typeIdentifier":"t_function_abiencodepacked_pure$__$returns$_t_bytes_memory_ptr_$","typeString":"function () pure returns (bytes memory)"}},"id":1814,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42579:24:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":1809,"name":"keccak256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-8,"src":"42569:9:1","typeDescriptions":{"typeIdentifier":"t_function_keccak256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":1815,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42569:35:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"id":1808,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"42561:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":1807,"name":"uint256","nodeType":"ElementaryTypeName","src":"42561:7:1","typeDescriptions":{}}},"id":1816,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42561:44:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1806,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"42553:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint160_$","typeString":"type(uint160)"},"typeName":{"id":1805,"name":"uint160","nodeType":"ElementaryTypeName","src":"42553:7:1","typeDescriptions":{}}},"id":1817,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42553:53:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint160","typeString":"uint160"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint160","typeString":"uint160"}],"id":1804,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"42545:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_address_$","typeString":"type(address)"},"typeName":{"id":1803,"name":"address","nodeType":"ElementaryTypeName","src":"42545:7:1","typeDescriptions":{}}},"id":1818,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42545:62:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"functionReturnParameters":1726,"id":1819,"nodeType":"Return","src":"42538:69:1"}]},"functionSelector":"5f67f323","id":1821,"implemented":true,"kind":"function","modifiers":[],"name":"ec_recover_r1","nameLocation":"42071:13:1","nodeType":"FunctionDefinition","parameters":{"id":1723,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1716,"mutability":"mutable","name":"h","nameLocation":"42093:1:1","nodeType":"VariableDeclaration","scope":1821,"src":"42085:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1715,"name":"uint256","nodeType":"ElementaryTypeName","src":"42085:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1718,"mutability":"mutable","name":"v","nameLocation":"42104:1:1","nodeType":"VariableDeclaration","scope":1821,"src":"42096:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1717,"name":"uint256","nodeType":"ElementaryTypeName","src":"42096:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1720,"mutability":"mutable","name":"r","nameLocation":"42115:1:1","nodeType":"VariableDeclaration","scope":1821,"src":"42107:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1719,"name":"uint256","nodeType":"ElementaryTypeName","src":"42107:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1722,"mutability":"mutable","name":"s","nameLocation":"42126:1:1","nodeType":"VariableDeclaration","scope":1821,"src":"42118:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1721,"name":"uint256","nodeType":"ElementaryTypeName","src":"42118:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"42084:44:1"},"returnParameters":{"id":1726,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1725,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1821,"src":"42150:7:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":1724,"name":"address","nodeType":"ElementaryTypeName","src":"42150:7:1","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"42149:9:1"},"scope":1886,"src":"42062:552:1","stateMutability":"view","virtual":false,"visibility":"public"},{"body":{"id":1884,"nodeType":"Block","src":"42869:312:1","statements":[{"expression":{"id":1841,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1834,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1830,"src":"42879:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"hexValue":"30","id":1836,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42902:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"hexValue":"30","id":1837,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42904:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"id":1838,"name":"k","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1825,"src":"42907:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"hexValue":"30","id":1839,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42910:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"}],"expression":{"argumentTypes":[{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"}],"id":1835,"name":"ecZZ_mulmuladd_S_asm","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1083,"src":"42881:20:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256,uint256) view returns (uint256)"}},"id":1840,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42881:31:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"42879:33:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1842,"nodeType":"ExpressionStatement","src":"42879:33:1"},{"expression":{"id":1849,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1843,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1830,"src":"42984:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"hexValue":"30","id":1845,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"42993:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},{"id":1846,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1830,"src":"42995:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1847,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"42998:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1844,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"42986:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1848,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"42986:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"42984:16:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1850,"nodeType":"ExpressionStatement","src":"42984:16:1"},{"expression":{"id":1870,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":1851,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1832,"src":"43011:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"arguments":[{"id":1854,"name":"k","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1825,"src":"43032:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1853,"name":"FCL_nModInv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":298,"src":"43020:11:1","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256) view returns (uint256)"}},"id":1855,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43020:14:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"arguments":[{"id":1859,"name":"message","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1823,"src":"43051:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"id":1858,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"43043:7:1","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":1857,"name":"uint256","nodeType":"ElementaryTypeName","src":"43043:7:1","typeDescriptions":{}}},"id":1860,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43043:16:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"arguments":[{"id":1862,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1830,"src":"43068:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1863,"name":"kpriv","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1827,"src":"43071:5:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1864,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"43078:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1861,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"43061:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1865,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43061:19:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1866,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"43081:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1856,"name":"addmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-2,"src":"43036:6:1","typeDescriptions":{"typeIdentifier":"t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1867,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43036:47:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1868,"name":"n","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":270,"src":"43084:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1852,"name":"mulmod","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-16,"src":"43013:6:1","typeDescriptions":{"typeIdentifier":"t_function_mulmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$","typeString":"function (uint256,uint256,uint256) pure returns (uint256)"}},"id":1869,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43013:73:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"43011:75:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1871,"nodeType":"ExpressionStatement","src":"43011:75:1"},{"condition":{"commonType":{"typeIdentifier":"t_bool","typeString":"bool"},"id":1878,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1874,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1872,"name":"r","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1830,"src":"43129:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1873,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"43132:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"43129:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"BinaryOperation","operator":"||","rightExpression":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1877,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"id":1875,"name":"s","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1832,"src":"43135:1:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1876,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"43138:1:1","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"43135:4:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"src":"43129:10:1","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1883,"nodeType":"IfStatement","src":"43126:47:1","trueBody":{"id":1882,"nodeType":"Block","src":"43140:33:1","statements":[{"expression":{"arguments":[],"expression":{"argumentTypes":[],"id":1879,"name":"revert","nodeType":"Identifier","overloadedDeclarations":[-19,-19],"referencedDeclaration":-19,"src":"43154:6:1","typeDescriptions":{"typeIdentifier":"t_function_revert_pure$__$returns$__$","typeString":"function () pure"}},"id":1880,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"43154:8:1","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":1881,"nodeType":"ExpressionStatement","src":"43154:8:1"}]}}]},"functionSelector":"e982f355","id":1885,"implemented":true,"kind":"function","modifiers":[],"name":"ecdsa_sign","nameLocation":"42768:10:1","nodeType":"FunctionDefinition","parameters":{"id":1828,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1823,"mutability":"mutable","name":"message","nameLocation":"42787:7:1","nodeType":"VariableDeclaration","scope":1885,"src":"42779:15:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":1822,"name":"bytes32","nodeType":"ElementaryTypeName","src":"42779:7:1","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":1825,"mutability":"mutable","name":"k","nameLocation":"42804:1:1","nodeType":"VariableDeclaration","scope":1885,"src":"42796:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1824,"name":"uint256","nodeType":"ElementaryTypeName","src":"42796:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1827,"mutability":"mutable","name":"kpriv","nameLocation":"42816:5:1","nodeType":"VariableDeclaration","scope":1885,"src":"42808:13:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1826,"name":"uint256","nodeType":"ElementaryTypeName","src":"42808:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"42778:44:1"},"returnParameters":{"id":1833,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1830,"mutability":"mutable","name":"r","nameLocation":"42851:1:1","nodeType":"VariableDeclaration","scope":1885,"src":"42843:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1829,"name":"uint256","nodeType":"ElementaryTypeName","src":"42843:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1832,"mutability":"mutable","name":"s","nameLocation":"42862:1:1","nodeType":"VariableDeclaration","scope":1885,"src":"42854:9:1","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1831,"name":"uint256","nodeType":"ElementaryTypeName","src":"42854:7:1","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"42842:22:1"},"scope":1886,"src":"42759:422:1","stateMutability":"view","virtual":false,"visibility":"public"}],"scope":1887,"src":"1212:41972:1","usedErrors":[],"usedEvents":[]}],"src":"1186:42005:1"},"id":1},"FreshCryptoLib/utils/Base64Url.sol":{"ast":{"absolutePath":"FreshCryptoLib/utils/Base64Url.sol","exportedSymbols":{"Base64Url":[1932]},"id":1933,"license":"Apache-2.0","nodeType":"SourceUnit","nodes":[{"id":1888,"literals":["solidity","^","0.8",".0"],"nodeType":"PragmaDirective","src":"39:23:2"},{"abstract":false,"baseContracts":[],"canonicalName":"Base64Url","contractDependencies":[],"contractKind":"library","documentation":{"id":1889,"nodeType":"StructuredDocumentation","src":"64:111:2","text":" @dev Encode (without '=' padding) \n @author evmbrahmin, adapted from hiromin's Base64URL libraries"},"fullyImplemented":true,"id":1932,"linearizedBaseContracts":[1932],"name":"Base64Url","nameLocation":"184:9:2","nodeType":"ContractDefinition","nodes":[{"constant":true,"documentation":{"id":1890,"nodeType":"StructuredDocumentation","src":"200:48:2","text":" @dev Base64Url Encoding Table"},"id":1893,"mutability":"constant","name":"ENCODING_TABLE","nameLocation":"278:14:2","nodeType":"VariableDeclaration","scope":1932,"src":"253:116:2","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string"},"typeName":{"id":1891,"name":"string","nodeType":"ElementaryTypeName","src":"253:6:2","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}},"value":{"hexValue":"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5f","id":1892,"isConstant":false,"isLValue":false,"isPure":true,"kind":"string","lValueRequested":false,"nodeType":"Literal","src":"303:66:2","typeDescriptions":{"typeIdentifier":"t_stringliteral_5f7e6d3cba140c1411e96b7033571a229a3135b5c436a9698b398a19a1c64b50","typeString":"literal_string \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\""},"value":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"},"visibility":"internal"},{"body":{"id":1930,"nodeType":"Block","src":"449:1841:2","statements":[{"condition":{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1903,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"expression":{"id":1900,"name":"data","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1895,"src":"463:4:2","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},"id":1901,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"468:6:2","memberName":"length","nodeType":"MemberAccess","src":"463:11:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"==","rightExpression":{"hexValue":"30","id":1902,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"478:1:2","typeDescriptions":{"typeIdentifier":"t_rational_0_by_1","typeString":"int_const 0"},"value":"0"},"src":"463:16:2","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":1906,"nodeType":"IfStatement","src":"459:31:2","trueBody":{"expression":{"hexValue":"","id":1904,"isConstant":false,"isLValue":false,"isPure":true,"kind":"string","lValueRequested":false,"nodeType":"Literal","src":"488:2:2","typeDescriptions":{"typeIdentifier":"t_stringliteral_c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470","typeString":"literal_string \"\""},"value":""},"functionReturnParameters":1899,"id":1905,"nodeType":"Return","src":"481:9:2"}},{"assignments":[1908],"declarations":[{"constant":false,"id":1908,"mutability":"mutable","name":"table","nameLocation":"553:5:2","nodeType":"VariableDeclaration","scope":1930,"src":"539:19:2","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string"},"typeName":{"id":1907,"name":"string","nodeType":"ElementaryTypeName","src":"539:6:2","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}},"visibility":"internal"}],"id":1910,"initialValue":{"id":1909,"name":"ENCODING_TABLE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1893,"src":"561:14:2","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}},"nodeType":"VariableDeclarationStatement","src":"539:36:2"},{"assignments":[1912],"declarations":[{"constant":false,"id":1912,"mutability":"mutable","name":"result","nameLocation":"600:6:2","nodeType":"VariableDeclaration","scope":1930,"src":"586:20:2","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string"},"typeName":{"id":1911,"name":"string","nodeType":"ElementaryTypeName","src":"586:6:2","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}},"visibility":"internal"}],"id":1926,"initialValue":{"arguments":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1924,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"hexValue":"34","id":1915,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"620:1:2","typeDescriptions":{"typeIdentifier":"t_rational_4_by_1","typeString":"int_const 4"},"value":"4"},"nodeType":"BinaryOperation","operator":"*","rightExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1922,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"components":[{"commonType":{"typeIdentifier":"t_uint256","typeString":"uint256"},"id":1919,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftExpression":{"expression":{"id":1916,"name":"data","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1895,"src":"626:4:2","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},"id":1917,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"631:6:2","memberName":"length","nodeType":"MemberAccess","src":"626:11:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"+","rightExpression":{"hexValue":"32","id":1918,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"640:1:2","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"src":"626:15:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1920,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"625:17:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"BinaryOperation","operator":"/","rightExpression":{"hexValue":"33","id":1921,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"645:1:2","typeDescriptions":{"typeIdentifier":"t_rational_3_by_1","typeString":"int_const 3"},"value":"3"},"src":"625:21:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":1923,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"624:23:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"620:27:2","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"}],"id":1914,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"NewExpression","src":"609:10:2","typeDescriptions":{"typeIdentifier":"t_function_objectcreation_pure$_t_uint256_$returns$_t_string_memory_ptr_$","typeString":"function (uint256) pure returns (string memory)"},"typeName":{"id":1913,"name":"string","nodeType":"ElementaryTypeName","src":"613:6:2","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}}},"id":1925,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"609:39:2","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}},"nodeType":"VariableDeclarationStatement","src":"586:62:2"},{"AST":{"nodeType":"YulBlock","src":"710:1548:2","statements":[{"nodeType":"YulVariableDeclaration","src":"724:29:2","value":{"arguments":[{"name":"table","nodeType":"YulIdentifier","src":"744:5:2"},{"kind":"number","nodeType":"YulLiteral","src":"751:1:2","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"740:3:2"},"nodeType":"YulFunctionCall","src":"740:13:2"},"variables":[{"name":"tablePtr","nodeType":"YulTypedName","src":"728:8:2","type":""}]},{"nodeType":"YulVariableDeclaration","src":"766:32:2","value":{"arguments":[{"name":"result","nodeType":"YulIdentifier","src":"787:6:2"},{"kind":"number","nodeType":"YulLiteral","src":"795:2:2","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"783:3:2"},"nodeType":"YulFunctionCall","src":"783:15:2"},"variables":[{"name":"resultPtr","nodeType":"YulTypedName","src":"770:9:2","type":""}]},{"body":{"nodeType":"YulBlock","src":"958:794:2","statements":[{"nodeType":"YulAssignment","src":"976:26:2","value":{"arguments":[{"name":"dataPtr","nodeType":"YulIdentifier","src":"991:7:2"},{"kind":"number","nodeType":"YulLiteral","src":"1000:1:2","type":"","value":"3"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"987:3:2"},"nodeType":"YulFunctionCall","src":"987:15:2"},"variableNames":[{"name":"dataPtr","nodeType":"YulIdentifier","src":"976:7:2"}]},{"nodeType":"YulVariableDeclaration","src":"1019:27:2","value":{"arguments":[{"name":"dataPtr","nodeType":"YulIdentifier","src":"1038:7:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1032:5:2"},"nodeType":"YulFunctionCall","src":"1032:14:2"},"variables":[{"name":"input","nodeType":"YulTypedName","src":"1023:5:2","type":""}]},{"expression":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1093:9:2"},{"arguments":[{"arguments":[{"name":"tablePtr","nodeType":"YulIdentifier","src":"1134:8:2"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1152:2:2","type":"","value":"18"},{"name":"input","nodeType":"YulIdentifier","src":"1156:5:2"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"1148:3:2"},"nodeType":"YulFunctionCall","src":"1148:14:2"},{"kind":"number","nodeType":"YulLiteral","src":"1164:4:2","type":"","value":"0x3F"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1144:3:2"},"nodeType":"YulFunctionCall","src":"1144:25:2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1130:3:2"},"nodeType":"YulFunctionCall","src":"1130:40:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1124:5:2"},"nodeType":"YulFunctionCall","src":"1124:47:2"}],"functionName":{"name":"mstore8","nodeType":"YulIdentifier","src":"1064:7:2"},"nodeType":"YulFunctionCall","src":"1064:125:2"},"nodeType":"YulExpressionStatement","src":"1064:125:2"},{"nodeType":"YulAssignment","src":"1206:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1223:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"1234:1:2","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1219:3:2"},"nodeType":"YulFunctionCall","src":"1219:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1206:9:2"}]},{"expression":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1283:9:2"},{"arguments":[{"arguments":[{"name":"tablePtr","nodeType":"YulIdentifier","src":"1324:8:2"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1342:2:2","type":"","value":"12"},{"name":"input","nodeType":"YulIdentifier","src":"1346:5:2"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"1338:3:2"},"nodeType":"YulFunctionCall","src":"1338:14:2"},{"kind":"number","nodeType":"YulLiteral","src":"1354:4:2","type":"","value":"0x3F"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1334:3:2"},"nodeType":"YulFunctionCall","src":"1334:25:2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1320:3:2"},"nodeType":"YulFunctionCall","src":"1320:40:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1314:5:2"},"nodeType":"YulFunctionCall","src":"1314:47:2"}],"functionName":{"name":"mstore8","nodeType":"YulIdentifier","src":"1254:7:2"},"nodeType":"YulFunctionCall","src":"1254:125:2"},"nodeType":"YulExpressionStatement","src":"1254:125:2"},{"nodeType":"YulAssignment","src":"1396:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1413:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"1424:1:2","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1409:3:2"},"nodeType":"YulFunctionCall","src":"1409:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1396:9:2"}]},{"expression":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1473:9:2"},{"arguments":[{"arguments":[{"name":"tablePtr","nodeType":"YulIdentifier","src":"1514:8:2"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1532:1:2","type":"","value":"6"},{"name":"input","nodeType":"YulIdentifier","src":"1535:5:2"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"1528:3:2"},"nodeType":"YulFunctionCall","src":"1528:13:2"},{"kind":"number","nodeType":"YulLiteral","src":"1543:4:2","type":"","value":"0x3F"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1524:3:2"},"nodeType":"YulFunctionCall","src":"1524:24:2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1510:3:2"},"nodeType":"YulFunctionCall","src":"1510:39:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1504:5:2"},"nodeType":"YulFunctionCall","src":"1504:46:2"}],"functionName":{"name":"mstore8","nodeType":"YulIdentifier","src":"1444:7:2"},"nodeType":"YulFunctionCall","src":"1444:124:2"},"nodeType":"YulExpressionStatement","src":"1444:124:2"},{"nodeType":"YulAssignment","src":"1585:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1602:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"1613:1:2","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1598:3:2"},"nodeType":"YulFunctionCall","src":"1598:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1585:9:2"}]},{"expression":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1641:9:2"},{"arguments":[{"arguments":[{"name":"tablePtr","nodeType":"YulIdentifier","src":"1662:8:2"},{"arguments":[{"name":"input","nodeType":"YulIdentifier","src":"1676:5:2"},{"kind":"number","nodeType":"YulLiteral","src":"1683:4:2","type":"","value":"0x3F"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1672:3:2"},"nodeType":"YulFunctionCall","src":"1672:16:2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1658:3:2"},"nodeType":"YulFunctionCall","src":"1658:31:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1652:5:2"},"nodeType":"YulFunctionCall","src":"1652:38:2"}],"functionName":{"name":"mstore8","nodeType":"YulIdentifier","src":"1633:7:2"},"nodeType":"YulFunctionCall","src":"1633:58:2"},"nodeType":"YulExpressionStatement","src":"1633:58:2"},{"nodeType":"YulAssignment","src":"1708:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1725:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"1736:1:2","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1721:3:2"},"nodeType":"YulFunctionCall","src":"1721:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1708:9:2"}]}]},"condition":{"arguments":[{"name":"dataPtr","nodeType":"YulIdentifier","src":"924:7:2"},{"name":"endPtr","nodeType":"YulIdentifier","src":"933:6:2"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"921:2:2"},"nodeType":"YulFunctionCall","src":"921:19:2"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"941:16:2","statements":[]},"pre":{"nodeType":"YulBlock","src":"816:104:2","statements":[{"nodeType":"YulVariableDeclaration","src":"834:19:2","value":{"name":"data","nodeType":"YulIdentifier","src":"849:4:2"},"variables":[{"name":"dataPtr","nodeType":"YulTypedName","src":"838:7:2","type":""}]},{"nodeType":"YulVariableDeclaration","src":"870:36:2","value":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"888:4:2"},{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"900:4:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"894:5:2"},"nodeType":"YulFunctionCall","src":"894:11:2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"884:3:2"},"nodeType":"YulFunctionCall","src":"884:22:2"},"variables":[{"name":"endPtr","nodeType":"YulTypedName","src":"874:6:2","type":""}]}]},"src":"812:940:2"},{"cases":[{"body":{"nodeType":"YulBlock","src":"1863:114:2","statements":[{"nodeType":"YulAssignment","src":"1933:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1950:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"1961:1:2","type":"","value":"2"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"1946:3:2"},"nodeType":"YulFunctionCall","src":"1946:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"1933:9:2"}]}]},"nodeType":"YulCase","src":"1856:121:2","value":{"kind":"number","nodeType":"YulLiteral","src":"1861:1:2","type":"","value":"1"}},{"body":{"nodeType":"YulBlock","src":"1997:119:2","statements":[{"nodeType":"YulAssignment","src":"2072:30:2","value":{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"2089:9:2"},{"kind":"number","nodeType":"YulLiteral","src":"2100:1:2","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"2085:3:2"},"nodeType":"YulFunctionCall","src":"2085:17:2"},"variableNames":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"2072:9:2"}]}]},"nodeType":"YulCase","src":"1990:126:2","value":{"kind":"number","nodeType":"YulLiteral","src":"1995:1:2","type":"","value":"2"}}],"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"1834:4:2"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"1828:5:2"},"nodeType":"YulFunctionCall","src":"1828:11:2"},{"kind":"number","nodeType":"YulLiteral","src":"1841:1:2","type":"","value":"3"}],"functionName":{"name":"mod","nodeType":"YulIdentifier","src":"1824:3:2"},"nodeType":"YulFunctionCall","src":"1824:19:2"},"nodeType":"YulSwitch","src":"1817:299:2"},{"expression":{"arguments":[{"name":"result","nodeType":"YulIdentifier","src":"2208:6:2"},{"arguments":[{"name":"resultPtr","nodeType":"YulIdentifier","src":"2220:9:2"},{"arguments":[{"name":"result","nodeType":"YulIdentifier","src":"2235:6:2"},{"kind":"number","nodeType":"YulLiteral","src":"2243:2:2","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2231:3:2"},"nodeType":"YulFunctionCall","src":"2231:15:2"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"2216:3:2"},"nodeType":"YulFunctionCall","src":"2216:31:2"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2201:6:2"},"nodeType":"YulFunctionCall","src":"2201:47:2"},"nodeType":"YulExpressionStatement","src":"2201:47:2"}]},"evmVersion":"paris","externalReferences":[{"declaration":1895,"isOffset":false,"isSlot":false,"src":"1834:4:2","valueSize":1},{"declaration":1895,"isOffset":false,"isSlot":false,"src":"849:4:2","valueSize":1},{"declaration":1895,"isOffset":false,"isSlot":false,"src":"888:4:2","valueSize":1},{"declaration":1895,"isOffset":false,"isSlot":false,"src":"900:4:2","valueSize":1},{"declaration":1912,"isOffset":false,"isSlot":false,"src":"2208:6:2","valueSize":1},{"declaration":1912,"isOffset":false,"isSlot":false,"src":"2235:6:2","valueSize":1},{"declaration":1912,"isOffset":false,"isSlot":false,"src":"787:6:2","valueSize":1},{"declaration":1908,"isOffset":false,"isSlot":false,"src":"744:5:2","valueSize":1}],"id":1927,"nodeType":"InlineAssembly","src":"701:1557:2"},{"expression":{"id":1928,"name":"result","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1912,"src":"2275:6:2","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string memory"}},"functionReturnParameters":1899,"id":1929,"nodeType":"Return","src":"2268:13:2"}]},"id":1931,"implemented":true,"kind":"function","modifiers":[],"name":"encode","nameLocation":"385:6:2","nodeType":"FunctionDefinition","parameters":{"id":1896,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1895,"mutability":"mutable","name":"data","nameLocation":"405:4:2","nodeType":"VariableDeclaration","scope":1931,"src":"392:17:2","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":1894,"name":"bytes","nodeType":"ElementaryTypeName","src":"392:5:2","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"391:19:2"},"returnParameters":{"id":1899,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1898,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1931,"src":"434:13:2","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_string_memory_ptr","typeString":"string"},"typeName":{"id":1897,"name":"string","nodeType":"ElementaryTypeName","src":"434:6:2","typeDescriptions":{"typeIdentifier":"t_string_storage_ptr","typeString":"string"}},"visibility":"internal"}],"src":"433:15:2"},"scope":1932,"src":"376:1914:2","stateMutability":"pure","virtual":false,"visibility":"internal"}],"scope":1933,"src":"176:2116:2","usedErrors":[],"usedEvents":[]}],"src":"39:2254:2"},"id":2},"contracts/FCL/WrapperFCLWebAuthn.sol":{"ast":{"absolutePath":"contracts/FCL/WrapperFCLWebAuthn.sol","exportedSymbols":{"FCL_WebAuthn":[247],"WrapperFCLWebAuthn":[1973]},"id":1974,"nodeType":"SourceUnit","nodes":[{"id":1934,"literals":["solidity","^","0.8",".0"],"nodeType":"PragmaDirective","src":"0:23:3"},{"absolutePath":"FreshCryptoLib/FCL_Webauthn.sol","file":"FreshCryptoLib/FCL_Webauthn.sol","id":1936,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":1974,"sourceUnit":248,"src":"25:61:3","symbolAliases":[{"foreign":{"id":1935,"name":"FCL_WebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":247,"src":"33:12:3","typeDescriptions":{}},"nameLocation":"-1:-1:-1"}],"unitAlias":""},{"abstract":false,"baseContracts":[],"canonicalName":"WrapperFCLWebAuthn","contractDependencies":[],"contractKind":"contract","documentation":{"id":1937,"nodeType":"StructuredDocumentation","src":"88:403:3","text":"@title WrapperFCLWebAuthn\n @notice A contract used to verify ECDSA signatures over secp256r1 through\n EIP-1271 of Webauthn payloads.\n @dev This contract is only a wrapper around the FCL_WebAuthn library.\n It is meant to be used with 1271 signatures.\n The wrapping is necessary because the library is not compatible with\n memory and only works with calldata."},"fullyImplemented":true,"id":1973,"linearizedBaseContracts":[1973],"name":"WrapperFCLWebAuthn","nameLocation":"500:18:3","nodeType":"ContractDefinition","nodes":[{"body":{"id":1971,"nodeType":"Block","src":"842:254:3","statements":[{"expression":{"arguments":[{"id":1962,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1939,"src":"900:17:3","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":1963,"name":"authenticatorDataFlagMask","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1941,"src":"931:25:3","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},{"id":1964,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1943,"src":"970:10:3","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"}},{"id":1965,"name":"clientChallenge","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1945,"src":"994:15:3","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":1966,"name":"clientChallengeDataOffset","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1947,"src":"1023:25:3","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":1967,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1951,"src":"1062:2:3","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}},{"id":1968,"name":"Q","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1955,"src":"1078:1:3","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes1","typeString":"bytes1"},{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes calldata"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"},{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2] calldata"}],"expression":{"id":1960,"name":"FCL_WebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":247,"src":"859:12:3","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_FCL_WebAuthn_$247_$","typeString":"type(library FCL_WebAuthn)"}},"id":1961,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"872:14:3","memberName":"checkSignature","nodeType":"MemberAccess","referencedDeclaration":156,"src":"859:27:3","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes_calldata_ptr_$_t_bytes1_$_t_bytes_calldata_ptr_$_t_bytes32_$_t_uint256_$_t_array$_t_uint256_$2_calldata_ptr_$_t_array$_t_uint256_$2_calldata_ptr_$returns$_t_bool_$","typeString":"function (bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata,uint256[2] calldata) view returns (bool)"}},"id":1969,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"859:230:3","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"functionReturnParameters":1959,"id":1970,"nodeType":"Return","src":"852:237:3"}]},"functionSelector":"0d5efec9","id":1972,"implemented":true,"kind":"function","modifiers":[],"name":"checkSignature","nameLocation":"534:14:3","nodeType":"FunctionDefinition","parameters":{"id":1956,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1939,"mutability":"mutable","name":"authenticatorData","nameLocation":"573:17:3","nodeType":"VariableDeclaration","scope":1972,"src":"558:32:3","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":1938,"name":"bytes","nodeType":"ElementaryTypeName","src":"558:5:3","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":1941,"mutability":"mutable","name":"authenticatorDataFlagMask","nameLocation":"607:25:3","nodeType":"VariableDeclaration","scope":1972,"src":"600:32:3","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"},"typeName":{"id":1940,"name":"bytes1","nodeType":"ElementaryTypeName","src":"600:6:3","typeDescriptions":{"typeIdentifier":"t_bytes1","typeString":"bytes1"}},"visibility":"internal"},{"constant":false,"id":1943,"mutability":"mutable","name":"clientData","nameLocation":"657:10:3","nodeType":"VariableDeclaration","scope":1972,"src":"642:25:3","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_bytes_calldata_ptr","typeString":"bytes"},"typeName":{"id":1942,"name":"bytes","nodeType":"ElementaryTypeName","src":"642:5:3","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":1945,"mutability":"mutable","name":"clientChallenge","nameLocation":"685:15:3","nodeType":"VariableDeclaration","scope":1972,"src":"677:23:3","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":1944,"name":"bytes32","nodeType":"ElementaryTypeName","src":"677:7:3","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":1947,"mutability":"mutable","name":"clientChallengeDataOffset","nameLocation":"718:25:3","nodeType":"VariableDeclaration","scope":1972,"src":"710:33:3","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1946,"name":"uint256","nodeType":"ElementaryTypeName","src":"710:7:3","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":1951,"mutability":"mutable","name":"rs","nameLocation":"773:2:3","nodeType":"VariableDeclaration","scope":1972,"src":"753:22:3","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1948,"name":"uint256","nodeType":"ElementaryTypeName","src":"753:7:3","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1950,"length":{"hexValue":"32","id":1949,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"761:1:3","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"753:10:3","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"},{"constant":false,"id":1955,"mutability":"mutable","name":"Q","nameLocation":"805:1:3","nodeType":"VariableDeclaration","scope":1972,"src":"785:21:3","stateVariable":false,"storageLocation":"calldata","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_calldata_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":1952,"name":"uint256","nodeType":"ElementaryTypeName","src":"785:7:3","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":1954,"length":{"hexValue":"32","id":1953,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"793:1:3","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"785:10:3","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"src":"548:264:3"},"returnParameters":{"id":1959,"nodeType":"ParameterList","parameters":[{"constant":false,"id":1958,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":1972,"src":"836:4:3","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":1957,"name":"bool","nodeType":"ElementaryTypeName","src":"836:4:3","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"src":"835:6:3"},"scope":1973,"src":"525:571:3","stateMutability":"view","virtual":false,"visibility":"external"}],"scope":1974,"src":"491:607:3","usedErrors":[7,9],"usedEvents":[]}],"src":"0:1098:3"},"id":3},"contracts/P256Signer.sol":{"ast":{"absolutePath":"contracts/P256Signer.sol","exportedSymbols":{"P256Signer":[2151],"WrapperFCLWebAuthn":[1973]},"id":2152,"nodeType":"SourceUnit","nodes":[{"id":1975,"literals":["solidity","^","0.8",".0"],"nodeType":"PragmaDirective","src":"0:23:4"},{"absolutePath":"contracts/FCL/WrapperFCLWebAuthn.sol","file":"./FCL/WrapperFCLWebAuthn.sol","id":1977,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":2152,"sourceUnit":1974,"src":"25:64:4","symbolAliases":[{"foreign":{"id":1976,"name":"WrapperFCLWebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1973,"src":"33:18:4","typeDescriptions":{}},"nameLocation":"-1:-1:-1"}],"unitAlias":""},{"abstract":false,"baseContracts":[],"canonicalName":"P256Signer","contractDependencies":[],"contractKind":"contract","documentation":{"id":1978,"nodeType":"StructuredDocumentation","src":"91:242:4","text":"@title P256Signer\n @notice A contract used to verify ECDSA signatures over secp256r1 through\n EIP-1271 of Webauthn payloads.\n @dev This contract is the implementation. It is meant to be used through\n proxy clone."},"fullyImplemented":true,"id":2151,"linearizedBaseContracts":[2151],"name":"P256Signer","nameLocation":"342:10:4","nodeType":"ContractDefinition","nodes":[{"constant":true,"documentation":{"id":1979,"nodeType":"StructuredDocumentation","src":"359:36:4","text":"@notice The EIP-1271 magic value"},"id":1982,"mutability":"constant","name":"EIP1271_MAGICVALUE","nameLocation":"425:18:4","nodeType":"VariableDeclaration","scope":2151,"src":"400:56:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"},"typeName":{"id":1980,"name":"bytes4","nodeType":"ElementaryTypeName","src":"400:6:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"value":{"hexValue":"30783136323662613765","id":1981,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"446:10:4","typeDescriptions":{"typeIdentifier":"t_rational_371636862_by_1","typeString":"int_const 371636862"},"value":"0x1626ba7e"},"visibility":"internal"},{"constant":true,"documentation":{"id":1983,"nodeType":"StructuredDocumentation","src":"463:40:4","text":"@notice The old EIP-1271 magic value"},"id":1986,"mutability":"constant","name":"OLD_EIP1271_MAGICVALUE","nameLocation":"533:22:4","nodeType":"VariableDeclaration","scope":2151,"src":"508:60:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"},"typeName":{"id":1984,"name":"bytes4","nodeType":"ElementaryTypeName","src":"508:6:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"value":{"hexValue":"30783230633133623062","id":1985,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"558:10:4","typeDescriptions":{"typeIdentifier":"t_rational_549534475_by_1","typeString":"int_const 549534475"},"value":"0x20c13b0b"},"visibility":"internal"},{"constant":false,"functionSelector":"c71187f0","id":1989,"mutability":"immutable","name":"FCLWebAuthn","nameLocation":"658:11:4","nodeType":"VariableDeclaration","scope":2151,"src":"622:47:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"},"typeName":{"id":1988,"nodeType":"UserDefinedTypeName","pathNode":{"id":1987,"name":"WrapperFCLWebAuthn","nameLocations":["622:18:4"],"nodeType":"IdentifierPath","referencedDeclaration":1973,"src":"622:18:4"},"referencedDeclaration":1973,"src":"622:18:4","typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"}},"visibility":"public"},{"constant":false,"documentation":{"id":1990,"nodeType":"StructuredDocumentation","src":"676:53:4","text":"@notice Whether the contract has been initialized"},"functionSelector":"158ef93e","id":1992,"mutability":"mutable","name":"initialized","nameLocation":"746:11:4","nodeType":"VariableDeclaration","scope":2151,"src":"734:23:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":1991,"name":"bool","nodeType":"ElementaryTypeName","src":"734:4:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"public"},{"constant":false,"documentation":{"id":1993,"nodeType":"StructuredDocumentation","src":"764:56:4","text":"@notice The x coordinate of the secp256r1 public key"},"functionSelector":"0c55699c","id":1995,"mutability":"mutable","name":"x","nameLocation":"840:1:4","nodeType":"VariableDeclaration","scope":2151,"src":"825:16:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1994,"name":"uint256","nodeType":"ElementaryTypeName","src":"825:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"public"},{"constant":false,"documentation":{"id":1996,"nodeType":"StructuredDocumentation","src":"848:56:4","text":"@notice The y coordinate of the secp256r1 public key"},"functionSelector":"a56dfe4a","id":1998,"mutability":"mutable","name":"y","nameLocation":"924:1:4","nodeType":"VariableDeclaration","scope":2151,"src":"909:16:4","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":1997,"name":"uint256","nodeType":"ElementaryTypeName","src":"909:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"public"},{"documentation":{"id":1999,"nodeType":"StructuredDocumentation","src":"932:55:4","text":"@notice Error message when the signature is invalid"},"errorSelector":"8baa579f","id":2001,"name":"InvalidSignature","nameLocation":"998:16:4","nodeType":"ErrorDefinition","parameters":{"id":2000,"nodeType":"ParameterList","parameters":[],"src":"1014:2:4"},"src":"992:25:4"},{"documentation":{"id":2002,"nodeType":"StructuredDocumentation","src":"1023:50:4","text":"@notice Error message when the hash is invalid"},"errorSelector":"0af806e0","id":2004,"name":"InvalidHash","nameLocation":"1084:11:4","nodeType":"ErrorDefinition","parameters":{"id":2003,"nodeType":"ParameterList","parameters":[],"src":"1095:2:4"},"src":"1078:20:4"},{"documentation":{"id":2005,"nodeType":"StructuredDocumentation","src":"1104:66:4","text":"@notice Error message when the contract is already initialized"},"errorSelector":"0dc149f0","id":2007,"name":"AlreadyInitialized","nameLocation":"1181:18:4","nodeType":"ErrorDefinition","parameters":{"id":2006,"nodeType":"ParameterList","parameters":[],"src":"1199:2:4"},"src":"1175:27:4"},{"body":{"id":2022,"nodeType":"Block","src":"1242:91:4","statements":[{"expression":{"id":2014,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2012,"name":"initialized","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1992,"src":"1252:11:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"74727565","id":2013,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"1266:4:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"true"},"src":"1252:18:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":2015,"nodeType":"ExpressionStatement","src":"1252:18:4"},{"expression":{"id":2020,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2016,"name":"FCLWebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1989,"src":"1280:11:4","typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":2018,"name":"FCLWebAuthn_","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2009,"src":"1313:12:4","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"}],"id":2017,"name":"WrapperFCLWebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1973,"src":"1294:18:4","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_WrapperFCLWebAuthn_$1973_$","typeString":"type(contract WrapperFCLWebAuthn)"}},"id":2019,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"1294:32:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"}},"src":"1280:46:4","typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"}},"id":2021,"nodeType":"ExpressionStatement","src":"1280:46:4"}]},"id":2023,"implemented":true,"kind":"constructor","modifiers":[],"name":"","nameLocation":"-1:-1:-1","nodeType":"FunctionDefinition","parameters":{"id":2010,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2009,"mutability":"mutable","name":"FCLWebAuthn_","nameLocation":"1228:12:4","nodeType":"VariableDeclaration","scope":2023,"src":"1220:20:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2008,"name":"address","nodeType":"ElementaryTypeName","src":"1220:7:4","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"1219:22:4"},"returnParameters":{"id":2011,"nodeType":"ParameterList","parameters":[],"src":"1242:0:4"},"scope":2151,"src":"1208:125:4","stateMutability":"nonpayable","virtual":false,"visibility":"public"},{"body":{"id":2043,"nodeType":"Block","src":"1647:92:4","statements":[{"expression":{"arguments":[{"arguments":[{"id":2036,"name":"_hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2026,"src":"1678:5:4","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"expression":{"id":2034,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"1667:3:4","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":2035,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"1671:6:4","memberName":"encode","nodeType":"MemberAccess","src":"1667:10:4","typeDescriptions":{"typeIdentifier":"t_function_abiencode_pure$__$returns$_t_bytes_memory_ptr_$","typeString":"function () pure returns (bytes memory)"}},"id":2037,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"1667:17:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},{"id":2038,"name":"_signature","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2028,"src":"1686:10:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"},{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":2033,"name":"_validate","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2124,"src":"1657:9:4","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes_memory_ptr_$_t_bytes_memory_ptr_$returns$__$","typeString":"function (bytes memory,bytes memory) view"}},"id":2039,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"1657:40:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2040,"nodeType":"ExpressionStatement","src":"1657:40:4"},{"expression":{"id":2041,"name":"EIP1271_MAGICVALUE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1982,"src":"1714:18:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"functionReturnParameters":2032,"id":2042,"nodeType":"Return","src":"1707:25:4"}]},"documentation":{"id":2024,"nodeType":"StructuredDocumentation","src":"1339:208:4","text":"@notice Verifies that the signer is the owner of the secp256r1 public key.\n @param _hash The hash of the data signed\n @param _signature The signature\n @return The EIP-1271 magic value"},"functionSelector":"1626ba7e","id":2044,"implemented":true,"kind":"function","modifiers":[],"name":"isValidSignature","nameLocation":"1561:16:4","nodeType":"FunctionDefinition","parameters":{"id":2029,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2026,"mutability":"mutable","name":"_hash","nameLocation":"1586:5:4","nodeType":"VariableDeclaration","scope":2044,"src":"1578:13:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2025,"name":"bytes32","nodeType":"ElementaryTypeName","src":"1578:7:4","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2028,"mutability":"mutable","name":"_signature","nameLocation":"1606:10:4","nodeType":"VariableDeclaration","scope":2044,"src":"1593:23:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2027,"name":"bytes","nodeType":"ElementaryTypeName","src":"1593:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"1577:40:4"},"returnParameters":{"id":2032,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2031,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":2044,"src":"1639:6:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"},"typeName":{"id":2030,"name":"bytes4","nodeType":"ElementaryTypeName","src":"1639:6:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"visibility":"internal"}],"src":"1638:8:4"},"scope":2151,"src":"1552:187:4","stateMutability":"view","virtual":false,"visibility":"public"},{"body":{"id":2061,"nodeType":"Block","src":"2174:84:4","statements":[{"expression":{"arguments":[{"id":2055,"name":"_hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2047,"src":"2194:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},{"id":2056,"name":"_signature","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2049,"src":"2201:10:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"},{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":2054,"name":"_validate","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2124,"src":"2184:9:4","typeDescriptions":{"typeIdentifier":"t_function_internal_view$_t_bytes_memory_ptr_$_t_bytes_memory_ptr_$returns$__$","typeString":"function (bytes memory,bytes memory) view"}},"id":2057,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2184:28:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2058,"nodeType":"ExpressionStatement","src":"2184:28:4"},{"expression":{"id":2059,"name":"OLD_EIP1271_MAGICVALUE","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1986,"src":"2229:22:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"functionReturnParameters":2053,"id":2060,"nodeType":"Return","src":"2222:29:4"}]},"documentation":{"id":2045,"nodeType":"StructuredDocumentation","src":"1745:324:4","text":"@notice Verifies that the signer is the owner of the secp256r1 public key.\n @dev This is the old version of the function of EIP-1271 using bytes\n memory instead of bytes32\n @param _hash The hash of the data signed\n @param _signature The signature\n @return The EIP-1271 magic value"},"functionSelector":"20c13b0b","id":2062,"implemented":true,"kind":"function","modifiers":[],"name":"isValidSignature","nameLocation":"2083:16:4","nodeType":"FunctionDefinition","parameters":{"id":2050,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2047,"mutability":"mutable","name":"_hash","nameLocation":"2113:5:4","nodeType":"VariableDeclaration","scope":2062,"src":"2100:18:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2046,"name":"bytes","nodeType":"ElementaryTypeName","src":"2100:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2049,"mutability":"mutable","name":"_signature","nameLocation":"2133:10:4","nodeType":"VariableDeclaration","scope":2062,"src":"2120:23:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2048,"name":"bytes","nodeType":"ElementaryTypeName","src":"2120:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"2099:45:4"},"returnParameters":{"id":2053,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2052,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":2062,"src":"2166:6:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"},"typeName":{"id":2051,"name":"bytes4","nodeType":"ElementaryTypeName","src":"2166:6:4","typeDescriptions":{"typeIdentifier":"t_bytes4","typeString":"bytes4"}},"visibility":"internal"}],"src":"2165:8:4"},"scope":2151,"src":"2074:184:4","stateMutability":"view","virtual":false,"visibility":"public"},{"body":{"id":2123,"nodeType":"Block","src":"2456:407:4","statements":[{"assignments":[2071],"declarations":[{"constant":false,"id":2071,"mutability":"mutable","name":"_hash","nameLocation":"2474:5:4","nodeType":"VariableDeclaration","scope":2123,"src":"2466:13:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2070,"name":"bytes32","nodeType":"ElementaryTypeName","src":"2466:7:4","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":2075,"initialValue":{"arguments":[{"id":2073,"name":"data","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2065,"src":"2492:4:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":2072,"name":"keccak256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-8,"src":"2482:9:4","typeDescriptions":{"typeIdentifier":"t_function_keccak256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":2074,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2482:15:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"2466:31:4"},{"assignments":[2077,2079,2081,2085],"declarations":[{"constant":false,"id":2077,"mutability":"mutable","name":"authenticatorData","nameLocation":"2521:17:4","nodeType":"VariableDeclaration","scope":2123,"src":"2508:30:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2076,"name":"bytes","nodeType":"ElementaryTypeName","src":"2508:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2079,"mutability":"mutable","name":"clientData","nameLocation":"2553:10:4","nodeType":"VariableDeclaration","scope":2123,"src":"2540:23:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2078,"name":"bytes","nodeType":"ElementaryTypeName","src":"2540:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2081,"mutability":"mutable","name":"challengeOffset","nameLocation":"2573:15:4","nodeType":"VariableDeclaration","scope":2123,"src":"2565:23:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2080,"name":"uint256","nodeType":"ElementaryTypeName","src":"2565:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":2085,"mutability":"mutable","name":"rs","nameLocation":"2608:2:4","nodeType":"VariableDeclaration","scope":2123,"src":"2590:20:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2]"},"typeName":{"baseType":{"id":2082,"name":"uint256","nodeType":"ElementaryTypeName","src":"2590:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":2084,"length":{"hexValue":"32","id":2083,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2598:1:4","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"nodeType":"ArrayTypeName","src":"2590:10:4","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_storage_ptr","typeString":"uint256[2]"}},"visibility":"internal"}],"id":2101,"initialValue":{"arguments":[{"id":2088,"name":"_signature","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2067,"src":"2637:10:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},{"components":[{"id":2090,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2650:5:4","typeDescriptions":{"typeIdentifier":"t_type$_t_bytes_storage_ptr_$","typeString":"type(bytes storage pointer)"},"typeName":{"id":2089,"name":"bytes","nodeType":"ElementaryTypeName","src":"2650:5:4","typeDescriptions":{}}},{"id":2092,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2657:5:4","typeDescriptions":{"typeIdentifier":"t_type$_t_bytes_storage_ptr_$","typeString":"type(bytes storage pointer)"},"typeName":{"id":2091,"name":"bytes","nodeType":"ElementaryTypeName","src":"2657:5:4","typeDescriptions":{}}},{"id":2094,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2664:7:4","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":2093,"name":"uint256","nodeType":"ElementaryTypeName","src":"2664:7:4","typeDescriptions":{}}},{"baseExpression":{"id":2096,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"ElementaryTypeNameExpression","src":"2673:7:4","typeDescriptions":{"typeIdentifier":"t_type$_t_uint256_$","typeString":"type(uint256)"},"typeName":{"id":2095,"name":"uint256","nodeType":"ElementaryTypeName","src":"2673:7:4","typeDescriptions":{}}},"id":2098,"indexExpression":{"hexValue":"32","id":2097,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2681:1:4","typeDescriptions":{"typeIdentifier":"t_rational_2_by_1","typeString":"int_const 2"},"value":"2"},"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"IndexAccess","src":"2673:10:4","typeDescriptions":{"typeIdentifier":"t_type$_t_array$_t_uint256_$2_memory_ptr_$","typeString":"type(uint256[2] memory)"}}],"id":2099,"isConstant":false,"isInlineArray":false,"isLValue":false,"isPure":true,"lValueRequested":false,"nodeType":"TupleExpression","src":"2649:35:4","typeDescriptions":{"typeIdentifier":"t_tuple$_t_type$_t_bytes_storage_ptr_$_$_t_type$_t_bytes_storage_ptr_$_$_t_type$_t_uint256_$_$_t_type$_t_array$_t_uint256_$2_memory_ptr_$_$","typeString":"tuple(type(bytes storage pointer),type(bytes storage pointer),type(uint256),type(uint256[2] memory))"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"},{"typeIdentifier":"t_tuple$_t_type$_t_bytes_storage_ptr_$_$_t_type$_t_bytes_storage_ptr_$_$_t_type$_t_uint256_$_$_t_type$_t_array$_t_uint256_$2_memory_ptr_$_$","typeString":"tuple(type(bytes storage pointer),type(bytes storage pointer),type(uint256),type(uint256[2] memory))"}],"expression":{"id":2086,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"2626:3:4","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":2087,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"2630:6:4","memberName":"decode","nodeType":"MemberAccess","src":"2626:10:4","typeDescriptions":{"typeIdentifier":"t_function_abidecode_pure$__$returns$__$","typeString":"function () pure"}},"id":2100,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2626:59:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$_t_bytes_memory_ptr_$_t_bytes_memory_ptr_$_t_uint256_$_t_array$_t_uint256_$2_memory_ptr_$","typeString":"tuple(bytes memory,bytes memory,uint256,uint256[2] memory)"}},"nodeType":"VariableDeclarationStatement","src":"2507:178:4"},{"assignments":[2103],"declarations":[{"constant":false,"id":2103,"mutability":"mutable","name":"valid","nameLocation":"2701:5:4","nodeType":"VariableDeclaration","scope":2123,"src":"2696:10:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"typeName":{"id":2102,"name":"bool","nodeType":"ElementaryTypeName","src":"2696:4:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"visibility":"internal"}],"id":2116,"initialValue":{"arguments":[{"id":2106,"name":"authenticatorData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2077,"src":"2736:17:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},{"hexValue":"30783031","id":2107,"isConstant":false,"isLValue":false,"isPure":true,"kind":"number","lValueRequested":false,"nodeType":"Literal","src":"2755:4:4","typeDescriptions":{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},"value":"0x01"},{"id":2108,"name":"clientData","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2079,"src":"2761:10:4","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}},{"id":2109,"name":"_hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2071,"src":"2773:5:4","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2110,"name":"challengeOffset","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2081,"src":"2780:15:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2111,"name":"rs","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2085,"src":"2797:2:4","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"}},{"components":[{"id":2112,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1995,"src":"2802:1:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2113,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1998,"src":"2805:1:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"id":2114,"isConstant":false,"isInlineArray":true,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"TupleExpression","src":"2801:6:4","typeDescriptions":{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"},{"typeIdentifier":"t_rational_1_by_1","typeString":"int_const 1"},{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"},{"typeIdentifier":"t_array$_t_uint256_$2_memory_ptr","typeString":"uint256[2] memory"}],"expression":{"id":2104,"name":"FCLWebAuthn","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1989,"src":"2709:11:4","typeDescriptions":{"typeIdentifier":"t_contract$_WrapperFCLWebAuthn_$1973","typeString":"contract WrapperFCLWebAuthn"}},"id":2105,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"2721:14:4","memberName":"checkSignature","nodeType":"MemberAccess","referencedDeclaration":1972,"src":"2709:26:4","typeDescriptions":{"typeIdentifier":"t_function_external_view$_t_bytes_memory_ptr_$_t_bytes1_$_t_bytes_memory_ptr_$_t_bytes32_$_t_uint256_$_t_array$_t_uint256_$2_memory_ptr_$_t_array$_t_uint256_$2_memory_ptr_$returns$_t_bool_$","typeString":"function (bytes memory,bytes1,bytes memory,bytes32,uint256,uint256[2] memory,uint256[2] memory) view external returns (bool)"}},"id":2115,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2709:99:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"VariableDeclarationStatement","src":"2696:112:4"},{"condition":{"id":2118,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"nodeType":"UnaryOperation","operator":"!","prefix":true,"src":"2823:6:4","subExpression":{"id":2117,"name":"valid","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2103,"src":"2824:5:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":2122,"nodeType":"IfStatement","src":"2819:37:4","trueBody":{"errorCall":{"arguments":[],"expression":{"argumentTypes":[],"id":2119,"name":"InvalidSignature","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2001,"src":"2838:16:4","typeDescriptions":{"typeIdentifier":"t_function_error_pure$__$returns$__$","typeString":"function () pure"}},"id":2120,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"2838:18:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2121,"nodeType":"RevertStatement","src":"2831:25:4"}}]},"documentation":{"id":2063,"nodeType":"StructuredDocumentation","src":"2264:111:4","text":"@notice Validates the signature\n @param data The data signed\n @param _signature The signature"},"id":2124,"implemented":true,"kind":"function","modifiers":[],"name":"_validate","nameLocation":"2389:9:4","nodeType":"FunctionDefinition","parameters":{"id":2068,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2065,"mutability":"mutable","name":"data","nameLocation":"2412:4:4","nodeType":"VariableDeclaration","scope":2124,"src":"2399:17:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2064,"name":"bytes","nodeType":"ElementaryTypeName","src":"2399:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2067,"mutability":"mutable","name":"_signature","nameLocation":"2431:10:4","nodeType":"VariableDeclaration","scope":2124,"src":"2418:23:4","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2066,"name":"bytes","nodeType":"ElementaryTypeName","src":"2418:5:4","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"2398:44:4"},"returnParameters":{"id":2069,"nodeType":"ParameterList","parameters":[],"src":"2456:0:4"},"scope":2151,"src":"2380:483:4","stateMutability":"view","virtual":false,"visibility":"private"},{"body":{"id":2149,"nodeType":"Block","src":"3182:121:4","statements":[{"condition":{"id":2132,"name":"initialized","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1992,"src":"3196:11:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":2136,"nodeType":"IfStatement","src":"3192:44:4","trueBody":{"errorCall":{"arguments":[],"expression":{"argumentTypes":[],"id":2133,"name":"AlreadyInitialized","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2007,"src":"3216:18:4","typeDescriptions":{"typeIdentifier":"t_function_error_pure$__$returns$__$","typeString":"function () pure"}},"id":2134,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"3216:20:4","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2135,"nodeType":"RevertStatement","src":"3209:27:4"}},{"expression":{"id":2139,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2137,"name":"initialized","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1992,"src":"3246:11:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"hexValue":"74727565","id":2138,"isConstant":false,"isLValue":false,"isPure":true,"kind":"bool","lValueRequested":false,"nodeType":"Literal","src":"3260:4:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"},"value":"true"},"src":"3246:18:4","typeDescriptions":{"typeIdentifier":"t_bool","typeString":"bool"}},"id":2140,"nodeType":"ExpressionStatement","src":"3246:18:4"},{"expression":{"id":2143,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2141,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1995,"src":"3274:1:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":2142,"name":"x_","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2127,"src":"3278:2:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"3274:6:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":2144,"nodeType":"ExpressionStatement","src":"3274:6:4"},{"expression":{"id":2147,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2145,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":1998,"src":"3290:1:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":2146,"name":"y_","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2129,"src":"3294:2:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"src":"3290:6:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"id":2148,"nodeType":"ExpressionStatement","src":"3290:6:4"}]},"documentation":{"id":2125,"nodeType":"StructuredDocumentation","src":"2869:255:4","text":"@dev This function is only callable once and needs to be called immediately\n after deployment by the factory in the same transaction.\n @param x_ The x coordinate of the public key\n @param y_ The y coordinate of the public key"},"functionSelector":"e4a30116","id":2150,"implemented":true,"kind":"function","modifiers":[],"name":"initialize","nameLocation":"3138:10:4","nodeType":"FunctionDefinition","parameters":{"id":2130,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2127,"mutability":"mutable","name":"x_","nameLocation":"3157:2:4","nodeType":"VariableDeclaration","scope":2150,"src":"3149:10:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2126,"name":"uint256","nodeType":"ElementaryTypeName","src":"3149:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":2129,"mutability":"mutable","name":"y_","nameLocation":"3169:2:4","nodeType":"VariableDeclaration","scope":2150,"src":"3161:10:4","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2128,"name":"uint256","nodeType":"ElementaryTypeName","src":"3161:7:4","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"3148:24:4"},"returnParameters":{"id":2131,"nodeType":"ParameterList","parameters":[],"src":"3182:0:4"},"scope":2151,"src":"3129:174:4","stateMutability":"nonpayable","virtual":false,"visibility":"external"}],"scope":2152,"src":"333:2972:4","usedErrors":[2001,2004,2007],"usedEvents":[]}],"src":"0:3306:4"},"id":4},"contracts/P256SignerFactory.sol":{"ast":{"absolutePath":"contracts/P256SignerFactory.sol","exportedSymbols":{"LibClone":[2443],"P256Signer":[2151],"P256SignerFactory":[2225]},"id":2226,"nodeType":"SourceUnit","nodes":[{"id":2153,"literals":["solidity","^","0.8",".0"],"nodeType":"PragmaDirective","src":"0:23:5"},{"absolutePath":"contracts/P256Signer.sol","file":"./P256Signer.sol","id":2155,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":2226,"sourceUnit":2152,"src":"25:44:5","symbolAliases":[{"foreign":{"id":2154,"name":"P256Signer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2151,"src":"33:10:5","typeDescriptions":{}},"nameLocation":"-1:-1:-1"}],"unitAlias":""},{"absolutePath":"solady/src/utils/LibClone.sol","file":"solady/src/utils/LibClone.sol","id":2156,"nameLocation":"-1:-1:-1","nodeType":"ImportDirective","scope":2226,"sourceUnit":2444,"src":"70:39:5","symbolAliases":[],"unitAlias":""},{"abstract":false,"baseContracts":[],"canonicalName":"P256SignerFactory","contractDependencies":[],"contractKind":"contract","documentation":{"id":2157,"nodeType":"StructuredDocumentation","src":"111:94:5","text":"@title P256SignerFactory\n @notice Factory contract for creating proxies for P256Signer"},"fullyImplemented":true,"id":2225,"linearizedBaseContracts":[2225],"name":"P256SignerFactory","nameLocation":"214:17:5","nodeType":"ContractDefinition","nodes":[{"constant":false,"documentation":{"id":2158,"nodeType":"StructuredDocumentation","src":"238:65:5","text":"@notice The implementation address of the P256Signer contract"},"functionSelector":"5c60da1b","id":2160,"mutability":"immutable","name":"implementation","nameLocation":"333:14:5","nodeType":"VariableDeclaration","scope":2225,"src":"308:39:5","stateVariable":true,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2159,"name":"address","nodeType":"ElementaryTypeName","src":"308:7:5","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"public"},{"body":{"id":2169,"nodeType":"Block","src":"391:49:5","statements":[{"expression":{"id":2167,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2165,"name":"implementation","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2160,"src":"401:14:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"id":2166,"name":"implementation_","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2162,"src":"418:15:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"src":"401:32:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"id":2168,"nodeType":"ExpressionStatement","src":"401:32:5"}]},"id":2170,"implemented":true,"kind":"constructor","modifiers":[],"name":"","nameLocation":"-1:-1:-1","nodeType":"FunctionDefinition","parameters":{"id":2163,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2162,"mutability":"mutable","name":"implementation_","nameLocation":"374:15:5","nodeType":"VariableDeclaration","scope":2170,"src":"366:23:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2161,"name":"address","nodeType":"ElementaryTypeName","src":"366:7:5","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"365:25:5"},"returnParameters":{"id":2164,"nodeType":"ParameterList","parameters":[],"src":"391:0:5"},"scope":2225,"src":"354:86:5","stateMutability":"nonpayable","virtual":false,"visibility":"public"},{"anonymous":false,"documentation":{"id":2171,"nodeType":"StructuredDocumentation","src":"446:67:5","text":"@notice Emitted when a new P256Signer proxy contract is created"},"eventSelector":"33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde1","id":2179,"name":"NewSignerCreated","nameLocation":"524:16:5","nodeType":"EventDefinition","parameters":{"id":2178,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2173,"indexed":true,"mutability":"mutable","name":"x","nameLocation":"557:1:5","nodeType":"VariableDeclaration","scope":2179,"src":"541:17:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2172,"name":"uint256","nodeType":"ElementaryTypeName","src":"541:7:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":2175,"indexed":true,"mutability":"mutable","name":"y","nameLocation":"576:1:5","nodeType":"VariableDeclaration","scope":2179,"src":"560:17:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2174,"name":"uint256","nodeType":"ElementaryTypeName","src":"560:7:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":2177,"indexed":false,"mutability":"mutable","name":"signer","nameLocation":"587:6:5","nodeType":"VariableDeclaration","scope":2179,"src":"579:14:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2176,"name":"address","nodeType":"ElementaryTypeName","src":"579:7:5","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"540:54:5"},"src":"518:77:5"},{"body":{"id":2223,"nodeType":"Block","src":"826:254:5","statements":[{"assignments":[2190],"declarations":[{"constant":false,"id":2190,"mutability":"mutable","name":"salt","nameLocation":"844:4:5","nodeType":"VariableDeclaration","scope":2223,"src":"836:12:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2189,"name":"bytes32","nodeType":"ElementaryTypeName","src":"836:7:5","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":2198,"initialValue":{"arguments":[{"arguments":[{"id":2194,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2182,"src":"878:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2195,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2184,"src":"881:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"expression":{"id":2192,"name":"abi","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-1,"src":"861:3:5","typeDescriptions":{"typeIdentifier":"t_magic_abi","typeString":"abi"}},"id":2193,"isConstant":false,"isLValue":false,"isPure":true,"lValueRequested":false,"memberLocation":"865:12:5","memberName":"encodePacked","nodeType":"MemberAccess","src":"861:16:5","typeDescriptions":{"typeIdentifier":"t_function_abiencodepacked_pure$__$returns$_t_bytes_memory_ptr_$","typeString":"function () pure returns (bytes memory)"}},"id":2196,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"861:22:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":2191,"name":"keccak256","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":-8,"src":"851:9:5","typeDescriptions":{"typeIdentifier":"t_function_keccak256_pure$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (bytes memory) pure returns (bytes32)"}},"id":2197,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"851:33:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"836:48:5"},{"assignments":[2200],"declarations":[{"constant":false,"id":2200,"mutability":"mutable","name":"signer","nameLocation":"902:6:5","nodeType":"VariableDeclaration","scope":2223,"src":"894:14:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2199,"name":"address","nodeType":"ElementaryTypeName","src":"894:7:5","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"id":2206,"initialValue":{"arguments":[{"id":2203,"name":"implementation","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2160,"src":"939:14:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},{"id":2204,"name":"salt","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2190,"src":"955:4:5","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"}],"expression":{"id":2201,"name":"LibClone","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2443,"src":"911:8:5","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_LibClone_$2443_$","typeString":"type(library LibClone)"}},"id":2202,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"920:18:5","memberName":"cloneDeterministic","nodeType":"MemberAccess","referencedDeclaration":2256,"src":"911:27:5","typeDescriptions":{"typeIdentifier":"t_function_internal_nonpayable$_t_address_$_t_bytes32_$returns$_t_address_$","typeString":"function (address,bytes32) returns (address)"}},"id":2205,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"911:49:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"nodeType":"VariableDeclarationStatement","src":"894:66:5"},{"expression":{"arguments":[{"id":2211,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2182,"src":"1000:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2212,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2184,"src":"1003:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"}],"expression":{"arguments":[{"id":2208,"name":"signer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2200,"src":"981:6:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"}],"id":2207,"name":"P256Signer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2151,"src":"970:10:5","typeDescriptions":{"typeIdentifier":"t_type$_t_contract$_P256Signer_$2151_$","typeString":"type(contract P256Signer)"}},"id":2209,"isConstant":false,"isLValue":false,"isPure":false,"kind":"typeConversion","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"970:18:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_contract$_P256Signer_$2151","typeString":"contract P256Signer"}},"id":2210,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"memberLocation":"989:10:5","memberName":"initialize","nodeType":"MemberAccess","referencedDeclaration":2150,"src":"970:29:5","typeDescriptions":{"typeIdentifier":"t_function_external_nonpayable$_t_uint256_$_t_uint256_$returns$__$","typeString":"function (uint256,uint256) external"}},"id":2213,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"970:35:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2214,"nodeType":"ExpressionStatement","src":"970:35:5"},{"eventCall":{"arguments":[{"id":2216,"name":"x","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2182,"src":"1037:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2217,"name":"y","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2184,"src":"1040:1:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},{"id":2218,"name":"signer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2200,"src":"1043:6:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_uint256","typeString":"uint256"},{"typeIdentifier":"t_address","typeString":"address"}],"id":2215,"name":"NewSignerCreated","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2179,"src":"1020:16:5","typeDescriptions":{"typeIdentifier":"t_function_event_nonpayable$_t_uint256_$_t_uint256_$_t_address_$returns$__$","typeString":"function (uint256,uint256,address)"}},"id":2219,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"1020:30:5","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_tuple$__$","typeString":"tuple()"}},"id":2220,"nodeType":"EmitStatement","src":"1015:35:5"},{"expression":{"id":2221,"name":"signer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2200,"src":"1067:6:5","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"functionReturnParameters":2188,"id":2222,"nodeType":"Return","src":"1060:13:5"}]},"documentation":{"id":2180,"nodeType":"StructuredDocumentation","src":"601:155:5","text":"@notice Creates a new P256Signer proxy contract\n @param x The x coordinate of the public key\n @param y The y coordinate of the public key"},"functionSelector":"9f7b4579","id":2224,"implemented":true,"kind":"function","modifiers":[],"name":"create","nameLocation":"770:6:5","nodeType":"FunctionDefinition","parameters":{"id":2185,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2182,"mutability":"mutable","name":"x","nameLocation":"785:1:5","nodeType":"VariableDeclaration","scope":2224,"src":"777:9:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2181,"name":"uint256","nodeType":"ElementaryTypeName","src":"777:7:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"},{"constant":false,"id":2184,"mutability":"mutable","name":"y","nameLocation":"796:1:5","nodeType":"VariableDeclaration","scope":2224,"src":"788:9:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"},"typeName":{"id":2183,"name":"uint256","nodeType":"ElementaryTypeName","src":"788:7:5","typeDescriptions":{"typeIdentifier":"t_uint256","typeString":"uint256"}},"visibility":"internal"}],"src":"776:22:5"},"returnParameters":{"id":2188,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2187,"mutability":"mutable","name":"","nameLocation":"-1:-1:-1","nodeType":"VariableDeclaration","scope":2224,"src":"817:7:5","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2186,"name":"address","nodeType":"ElementaryTypeName","src":"817:7:5","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"816:9:5"},"scope":2225,"src":"761:319:5","stateMutability":"nonpayable","virtual":false,"visibility":"external"}],"scope":2226,"src":"205:877:5","usedErrors":[],"usedEvents":[2179]}],"src":"0:1083:5"},"id":5},"solady/src/utils/LibClone.sol":{"ast":{"absolutePath":"solady/src/utils/LibClone.sol","exportedSymbols":{"LibClone":[2443]},"id":2444,"license":"MIT","nodeType":"SourceUnit","nodes":[{"id":2227,"literals":["solidity","^","0.8",".4"],"nodeType":"PragmaDirective","src":"32:23:6"},{"abstract":false,"baseContracts":[],"canonicalName":"LibClone","contractDependencies":[],"contractKind":"library","documentation":{"id":2228,"nodeType":"StructuredDocumentation","src":"57:1443:6","text":"@notice Minimal proxy library.\n @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n @author Minimal proxy by 0age (https://github.com/0age)\n @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n @dev Minimal proxy:\n Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n @dev Minimal proxy (PUSH0 variant):\n This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n It is optimized first for minimal runtime gas, then for minimal bytecode.\n The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n Please use with caution.\n @dev Clones with immutable args (CWIA):\n The implementation of CWIA here implements a `receive()` method that emits the\n `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n composability. The minimal proxy implementation does not offer this feature."},"fullyImplemented":true,"id":2443,"linearizedBaseContracts":[2443],"name":"LibClone","nameLocation":"1508:8:6","nodeType":"ContractDefinition","nodes":[{"documentation":{"id":2229,"nodeType":"StructuredDocumentation","src":"1806:36:6","text":"@dev Unable to deploy the clone."},"errorSelector":"30116425","id":2231,"name":"DeploymentFailed","nameLocation":"1853:16:6","nodeType":"ErrorDefinition","parameters":{"id":2230,"nodeType":"ParameterList","parameters":[],"src":"1869:2:6"},"src":"1847:25:6"},{"documentation":{"id":2232,"nodeType":"StructuredDocumentation","src":"1878:72:6","text":"@dev The salt must start with either the zero address or the caller."},"errorSelector":"2f634836","id":2234,"name":"SaltDoesNotStartWithCaller","nameLocation":"1961:26:6","nodeType":"ErrorDefinition","parameters":{"id":2233,"nodeType":"ParameterList","parameters":[],"src":"1987:2:6"},"src":"1955:35:6"},{"body":{"id":2243,"nodeType":"Block","src":"2404:5640:6","statements":[{"AST":{"nodeType":"YulBlock","src":"2466:5572:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7434:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"7440:28:6","type":"","value":"0x5af43d3d93803e602a57fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7427:6:6"},"nodeType":"YulFunctionCall","src":"7427:42:6"},"nodeType":"YulExpressionStatement","src":"7427:42:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7489:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"7495:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7482:6:6"},"nodeType":"YulFunctionCall","src":"7482:28:6"},"nodeType":"YulExpressionStatement","src":"7482:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7530:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"7536:42:6","type":"","value":"0x602c3d8160093d39f33d3d3d3d363d3d37363d73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7523:6:6"},"nodeType":"YulFunctionCall","src":"7523:56:6"},"nodeType":"YulExpressionStatement","src":"7523:56:6"},{"nodeType":"YulAssignment","src":"7592:33:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7611:1:6","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"7614:4:6","type":"","value":"0x0c"},{"kind":"number","nodeType":"YulLiteral","src":"7620:4:6","type":"","value":"0x35"}],"functionName":{"name":"create","nodeType":"YulIdentifier","src":"7604:6:6"},"nodeType":"YulFunctionCall","src":"7604:21:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"7592:8:6"}]},{"body":{"nodeType":"YulBlock","src":"7704:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7801:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"7807:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7794:6:6"},"nodeType":"YulFunctionCall","src":"7794:24:6"},"nodeType":"YulExpressionStatement","src":"7794:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7889:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"7895:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"7882:6:6"},"nodeType":"YulFunctionCall","src":"7882:18:6"},"nodeType":"YulExpressionStatement","src":"7882:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"7694:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"7687:6:6"},"nodeType":"YulFunctionCall","src":"7687:16:6"},"nodeType":"YulIf","src":"7684:230:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8020:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"8026:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8013:6:6"},"nodeType":"YulFunctionCall","src":"8013:15:6"},"nodeType":"YulExpressionStatement","src":"8013:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2237,"isOffset":false,"isSlot":false,"src":"7495:14:6","valueSize":1},{"declaration":2240,"isOffset":false,"isSlot":false,"src":"7592:8:6","valueSize":1},{"declaration":2240,"isOffset":false,"isSlot":false,"src":"7694:8:6","valueSize":1}],"id":2242,"nodeType":"InlineAssembly","src":"2457:5581:6"}]},"documentation":{"id":2235,"nodeType":"StructuredDocumentation","src":"2279:45:6","text":"@dev Deploys a clone of `implementation`."},"id":2244,"implemented":true,"kind":"function","modifiers":[],"name":"clone","nameLocation":"2338:5:6","nodeType":"FunctionDefinition","parameters":{"id":2238,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2237,"mutability":"mutable","name":"implementation","nameLocation":"2352:14:6","nodeType":"VariableDeclaration","scope":2244,"src":"2344:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2236,"name":"address","nodeType":"ElementaryTypeName","src":"2344:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"2343:24:6"},"returnParameters":{"id":2241,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2240,"mutability":"mutable","name":"instance","nameLocation":"2394:8:6","nodeType":"VariableDeclaration","scope":2244,"src":"2386:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2239,"name":"address","nodeType":"ElementaryTypeName","src":"2386:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"2385:18:6"},"scope":2443,"src":"2329:5715:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2255,"nodeType":"Block","src":"8248:700:6","statements":[{"AST":{"nodeType":"YulBlock","src":"8310:632:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8331:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"8337:28:6","type":"","value":"0x5af43d3d93803e602a57fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8324:6:6"},"nodeType":"YulFunctionCall","src":"8324:42:6"},"nodeType":"YulExpressionStatement","src":"8324:42:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8386:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"8392:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8379:6:6"},"nodeType":"YulFunctionCall","src":"8379:28:6"},"nodeType":"YulExpressionStatement","src":"8379:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8427:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"8433:42:6","type":"","value":"0x602c3d8160093d39f33d3d3d3d363d3d37363d73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8420:6:6"},"nodeType":"YulFunctionCall","src":"8420:56:6"},"nodeType":"YulExpressionStatement","src":"8420:56:6"},{"nodeType":"YulAssignment","src":"8489:40:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8509:1:6","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"8512:4:6","type":"","value":"0x0c"},{"kind":"number","nodeType":"YulLiteral","src":"8518:4:6","type":"","value":"0x35"},{"name":"salt","nodeType":"YulIdentifier","src":"8524:4:6"}],"functionName":{"name":"create2","nodeType":"YulIdentifier","src":"8501:7:6"},"nodeType":"YulFunctionCall","src":"8501:28:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"8489:8:6"}]},{"body":{"nodeType":"YulBlock","src":"8608:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8705:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"8711:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8698:6:6"},"nodeType":"YulFunctionCall","src":"8698:24:6"},"nodeType":"YulExpressionStatement","src":"8698:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8793:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"8799:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"8786:6:6"},"nodeType":"YulFunctionCall","src":"8786:18:6"},"nodeType":"YulExpressionStatement","src":"8786:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"8598:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"8591:6:6"},"nodeType":"YulFunctionCall","src":"8591:16:6"},"nodeType":"YulIf","src":"8588:230:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"8924:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"8930:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"8917:6:6"},"nodeType":"YulFunctionCall","src":"8917:15:6"},"nodeType":"YulExpressionStatement","src":"8917:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2247,"isOffset":false,"isSlot":false,"src":"8392:14:6","valueSize":1},{"declaration":2252,"isOffset":false,"isSlot":false,"src":"8489:8:6","valueSize":1},{"declaration":2252,"isOffset":false,"isSlot":false,"src":"8598:8:6","valueSize":1},{"declaration":2249,"isOffset":false,"isSlot":false,"src":"8524:4:6","valueSize":1}],"id":2254,"nodeType":"InlineAssembly","src":"8301:641:6"}]},"documentation":{"id":2245,"nodeType":"StructuredDocumentation","src":"8050:71:6","text":"@dev Deploys a deterministic clone of `implementation` with `salt`."},"id":2256,"implemented":true,"kind":"function","modifiers":[],"name":"cloneDeterministic","nameLocation":"8135:18:6","nodeType":"FunctionDefinition","parameters":{"id":2250,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2247,"mutability":"mutable","name":"implementation","nameLocation":"8162:14:6","nodeType":"VariableDeclaration","scope":2256,"src":"8154:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2246,"name":"address","nodeType":"ElementaryTypeName","src":"8154:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2249,"mutability":"mutable","name":"salt","nameLocation":"8186:4:6","nodeType":"VariableDeclaration","scope":2256,"src":"8178:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2248,"name":"bytes32","nodeType":"ElementaryTypeName","src":"8178:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"8153:38:6"},"returnParameters":{"id":2253,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2252,"mutability":"mutable","name":"instance","nameLocation":"8234:8:6","nodeType":"VariableDeclaration","scope":2256,"src":"8226:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2251,"name":"address","nodeType":"ElementaryTypeName","src":"8226:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"8225:18:6"},"scope":2443,"src":"8126:822:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2265,"nodeType":"Block","src":"9182:400:6","statements":[{"AST":{"nodeType":"YulBlock","src":"9244:332:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9265:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"9271:28:6","type":"","value":"0x5af43d3d93803e602a57fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"9258:6:6"},"nodeType":"YulFunctionCall","src":"9258:42:6"},"nodeType":"YulExpressionStatement","src":"9258:42:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9320:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"9326:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"9313:6:6"},"nodeType":"YulFunctionCall","src":"9313:28:6"},"nodeType":"YulExpressionStatement","src":"9313:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9361:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"9367:42:6","type":"","value":"0x602c3d8160093d39f33d3d3d3d363d3d37363d73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"9354:6:6"},"nodeType":"YulFunctionCall","src":"9354:56:6"},"nodeType":"YulExpressionStatement","src":"9354:56:6"},{"nodeType":"YulAssignment","src":"9423:29:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9441:4:6","type":"","value":"0x0c"},{"kind":"number","nodeType":"YulLiteral","src":"9447:4:6","type":"","value":"0x35"}],"functionName":{"name":"keccak256","nodeType":"YulIdentifier","src":"9431:9:6"},"nodeType":"YulFunctionCall","src":"9431:21:6"},"variableNames":[{"name":"hash","nodeType":"YulIdentifier","src":"9423:4:6"}]},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"9558:4:6","type":"","value":"0x21"},{"kind":"number","nodeType":"YulLiteral","src":"9564:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"9551:6:6"},"nodeType":"YulFunctionCall","src":"9551:15:6"},"nodeType":"YulExpressionStatement","src":"9551:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2262,"isOffset":false,"isSlot":false,"src":"9423:4:6","valueSize":1},{"declaration":2259,"isOffset":false,"isSlot":false,"src":"9326:14:6","valueSize":1}],"id":2264,"nodeType":"InlineAssembly","src":"9235:341:6"}]},"documentation":{"id":2257,"nodeType":"StructuredDocumentation","src":"8954:140:6","text":"@dev Returns the initialization code hash of the clone of `implementation`.\n Used for mining vanity addresses with create2crunch."},"id":2266,"implemented":true,"kind":"function","modifiers":[],"name":"initCodeHash","nameLocation":"9108:12:6","nodeType":"FunctionDefinition","parameters":{"id":2260,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2259,"mutability":"mutable","name":"implementation","nameLocation":"9129:14:6","nodeType":"VariableDeclaration","scope":2266,"src":"9121:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2258,"name":"address","nodeType":"ElementaryTypeName","src":"9121:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"9120:24:6"},"returnParameters":{"id":2263,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2262,"mutability":"mutable","name":"hash","nameLocation":"9176:4:6","nodeType":"VariableDeclaration","scope":2266,"src":"9168:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2261,"name":"bytes32","nodeType":"ElementaryTypeName","src":"9168:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"9167:14:6"},"scope":2443,"src":"9099:483:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2292,"nodeType":"Block","src":"9960:131:6","statements":[{"assignments":[2279],"declarations":[{"constant":false,"id":2279,"mutability":"mutable","name":"hash","nameLocation":"9978:4:6","nodeType":"VariableDeclaration","scope":2292,"src":"9970:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2278,"name":"bytes32","nodeType":"ElementaryTypeName","src":"9970:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":2283,"initialValue":{"arguments":[{"id":2281,"name":"implementation","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2269,"src":"9998:14:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"}],"id":2280,"name":"initCodeHash","nodeType":"Identifier","overloadedDeclarations":[2266,2390],"referencedDeclaration":2266,"src":"9985:12:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_address_$returns$_t_bytes32_$","typeString":"function (address) pure returns (bytes32)"}},"id":2282,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"9985:28:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"9970:43:6"},{"expression":{"id":2290,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2284,"name":"predicted","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2276,"src":"10023:9:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":2286,"name":"hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2279,"src":"10063:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2287,"name":"salt","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2271,"src":"10069:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2288,"name":"deployer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2273,"src":"10075:8:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_address","typeString":"address"}],"id":2285,"name":"predictDeterministicAddress","nodeType":"Identifier","overloadedDeclarations":[2293,2420,2434],"referencedDeclaration":2434,"src":"10035:27:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes32_$_t_bytes32_$_t_address_$returns$_t_address_$","typeString":"function (bytes32,bytes32,address) pure returns (address)"}},"id":2289,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"10035:49:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"src":"10023:61:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"id":2291,"nodeType":"ExpressionStatement","src":"10023:61:6"}]},"documentation":{"id":2267,"nodeType":"StructuredDocumentation","src":"9588:204:6","text":"@dev Returns the address of the deterministic clone of `implementation`,\n with `salt` by `deployer`.\n Note: The returned result has dirty upper 96 bits. Please clean if used in assembly."},"id":2293,"implemented":true,"kind":"function","modifiers":[],"name":"predictDeterministicAddress","nameLocation":"9806:27:6","nodeType":"FunctionDefinition","parameters":{"id":2274,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2269,"mutability":"mutable","name":"implementation","nameLocation":"9842:14:6","nodeType":"VariableDeclaration","scope":2293,"src":"9834:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2268,"name":"address","nodeType":"ElementaryTypeName","src":"9834:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2271,"mutability":"mutable","name":"salt","nameLocation":"9866:4:6","nodeType":"VariableDeclaration","scope":2293,"src":"9858:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2270,"name":"bytes32","nodeType":"ElementaryTypeName","src":"9858:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2273,"mutability":"mutable","name":"deployer","nameLocation":"9880:8:6","nodeType":"VariableDeclaration","scope":2293,"src":"9872:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2272,"name":"address","nodeType":"ElementaryTypeName","src":"9872:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"9833:56:6"},"returnParameters":{"id":2277,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2276,"mutability":"mutable","name":"predicted","nameLocation":"9945:9:6","nodeType":"VariableDeclaration","scope":2293,"src":"9937:17:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2275,"name":"address","nodeType":"ElementaryTypeName","src":"9937:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"9936:19:6"},"scope":2443,"src":"9797:294:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2302,"nodeType":"Block","src":"10517:5754:6","statements":[{"AST":{"nodeType":"YulBlock","src":"10579:5686:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15638:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"15644:34:6","type":"","value":"0x5af43d5f5f3e6029573d5ffd5b3d5ff3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"15631:6:6"},"nodeType":"YulFunctionCall","src":"15631:48:6"},"nodeType":"YulExpressionStatement","src":"15631:48:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15705:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"15711:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"15698:6:6"},"nodeType":"YulFunctionCall","src":"15698:28:6"},"nodeType":"YulExpressionStatement","src":"15698:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15752:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"15758:38:6","type":"","value":"0x602d5f8160095f39f35f5f365f5f37365f73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"15745:6:6"},"nodeType":"YulFunctionCall","src":"15745:52:6"},"nodeType":"YulExpressionStatement","src":"15745:52:6"},{"nodeType":"YulAssignment","src":"15819:33:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"15838:1:6","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"15841:4:6","type":"","value":"0x0e"},{"kind":"number","nodeType":"YulLiteral","src":"15847:4:6","type":"","value":"0x36"}],"functionName":{"name":"create","nodeType":"YulIdentifier","src":"15831:6:6"},"nodeType":"YulFunctionCall","src":"15831:21:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"15819:8:6"}]},{"body":{"nodeType":"YulBlock","src":"15931:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16028:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"16034:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16021:6:6"},"nodeType":"YulFunctionCall","src":"16021:24:6"},"nodeType":"YulExpressionStatement","src":"16021:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16116:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"16122:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"16109:6:6"},"nodeType":"YulFunctionCall","src":"16109:18:6"},"nodeType":"YulExpressionStatement","src":"16109:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"15921:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"15914:6:6"},"nodeType":"YulFunctionCall","src":"15914:16:6"},"nodeType":"YulIf","src":"15911:230:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16247:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"16253:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16240:6:6"},"nodeType":"YulFunctionCall","src":"16240:15:6"},"nodeType":"YulExpressionStatement","src":"16240:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2296,"isOffset":false,"isSlot":false,"src":"15711:14:6","valueSize":1},{"declaration":2299,"isOffset":false,"isSlot":false,"src":"15819:8:6","valueSize":1},{"declaration":2299,"isOffset":false,"isSlot":false,"src":"15921:8:6","valueSize":1}],"id":2301,"nodeType":"InlineAssembly","src":"10570:5695:6"}]},"documentation":{"id":2294,"nodeType":"StructuredDocumentation","src":"10380:51:6","text":"@dev Deploys a PUSH0 clone of `implementation`."},"id":2303,"implemented":true,"kind":"function","modifiers":[],"name":"clone_PUSH0","nameLocation":"10445:11:6","nodeType":"FunctionDefinition","parameters":{"id":2297,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2296,"mutability":"mutable","name":"implementation","nameLocation":"10465:14:6","nodeType":"VariableDeclaration","scope":2303,"src":"10457:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2295,"name":"address","nodeType":"ElementaryTypeName","src":"10457:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"10456:24:6"},"returnParameters":{"id":2300,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2299,"mutability":"mutable","name":"instance","nameLocation":"10507:8:6","nodeType":"VariableDeclaration","scope":2303,"src":"10499:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2298,"name":"address","nodeType":"ElementaryTypeName","src":"10499:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"10498:18:6"},"scope":2443,"src":"10436:5835:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2314,"nodeType":"Block","src":"16487:723:6","statements":[{"AST":{"nodeType":"YulBlock","src":"16549:655:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16570:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"16576:34:6","type":"","value":"0x5af43d5f5f3e6029573d5ffd5b3d5ff3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16563:6:6"},"nodeType":"YulFunctionCall","src":"16563:48:6"},"nodeType":"YulExpressionStatement","src":"16563:48:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16637:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"16643:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16630:6:6"},"nodeType":"YulFunctionCall","src":"16630:28:6"},"nodeType":"YulExpressionStatement","src":"16630:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16684:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"16690:38:6","type":"","value":"0x602d5f8160095f39f35f5f365f5f37365f73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16677:6:6"},"nodeType":"YulFunctionCall","src":"16677:52:6"},"nodeType":"YulExpressionStatement","src":"16677:52:6"},{"nodeType":"YulAssignment","src":"16751:40:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16771:1:6","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"16774:4:6","type":"","value":"0x0e"},{"kind":"number","nodeType":"YulLiteral","src":"16780:4:6","type":"","value":"0x36"},{"name":"salt","nodeType":"YulIdentifier","src":"16786:4:6"}],"functionName":{"name":"create2","nodeType":"YulIdentifier","src":"16763:7:6"},"nodeType":"YulFunctionCall","src":"16763:28:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"16751:8:6"}]},{"body":{"nodeType":"YulBlock","src":"16870:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"16967:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"16973:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"16960:6:6"},"nodeType":"YulFunctionCall","src":"16960:24:6"},"nodeType":"YulExpressionStatement","src":"16960:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17055:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"17061:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"17048:6:6"},"nodeType":"YulFunctionCall","src":"17048:18:6"},"nodeType":"YulExpressionStatement","src":"17048:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"16860:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"16853:6:6"},"nodeType":"YulFunctionCall","src":"16853:16:6"},"nodeType":"YulIf","src":"16850:230:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17186:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"17192:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"17179:6:6"},"nodeType":"YulFunctionCall","src":"17179:15:6"},"nodeType":"YulExpressionStatement","src":"17179:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2306,"isOffset":false,"isSlot":false,"src":"16643:14:6","valueSize":1},{"declaration":2311,"isOffset":false,"isSlot":false,"src":"16751:8:6","valueSize":1},{"declaration":2311,"isOffset":false,"isSlot":false,"src":"16860:8:6","valueSize":1},{"declaration":2308,"isOffset":false,"isSlot":false,"src":"16786:4:6","valueSize":1}],"id":2313,"nodeType":"InlineAssembly","src":"16540:664:6"}]},"documentation":{"id":2304,"nodeType":"StructuredDocumentation","src":"16277:77:6","text":"@dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`."},"id":2315,"implemented":true,"kind":"function","modifiers":[],"name":"cloneDeterministic_PUSH0","nameLocation":"16368:24:6","nodeType":"FunctionDefinition","parameters":{"id":2309,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2306,"mutability":"mutable","name":"implementation","nameLocation":"16401:14:6","nodeType":"VariableDeclaration","scope":2315,"src":"16393:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2305,"name":"address","nodeType":"ElementaryTypeName","src":"16393:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2308,"mutability":"mutable","name":"salt","nameLocation":"16425:4:6","nodeType":"VariableDeclaration","scope":2315,"src":"16417:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2307,"name":"bytes32","nodeType":"ElementaryTypeName","src":"16417:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"16392:38:6"},"returnParameters":{"id":2312,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2311,"mutability":"mutable","name":"instance","nameLocation":"16473:8:6","nodeType":"VariableDeclaration","scope":2315,"src":"16465:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2310,"name":"address","nodeType":"ElementaryTypeName","src":"16465:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"16464:18:6"},"scope":2443,"src":"16359:851:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2324,"nodeType":"Block","src":"17456:423:6","statements":[{"AST":{"nodeType":"YulBlock","src":"17518:355:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17539:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"17545:34:6","type":"","value":"0x5af43d5f5f3e6029573d5ffd5b3d5ff3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"17532:6:6"},"nodeType":"YulFunctionCall","src":"17532:48:6"},"nodeType":"YulExpressionStatement","src":"17532:48:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17606:4:6","type":"","value":"0x14"},{"name":"implementation","nodeType":"YulIdentifier","src":"17612:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"17599:6:6"},"nodeType":"YulFunctionCall","src":"17599:28:6"},"nodeType":"YulExpressionStatement","src":"17599:28:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17653:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"17659:38:6","type":"","value":"0x602d5f8160095f39f35f5f365f5f37365f73"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"17646:6:6"},"nodeType":"YulFunctionCall","src":"17646:52:6"},"nodeType":"YulExpressionStatement","src":"17646:52:6"},{"nodeType":"YulAssignment","src":"17720:29:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17738:4:6","type":"","value":"0x0e"},{"kind":"number","nodeType":"YulLiteral","src":"17744:4:6","type":"","value":"0x36"}],"functionName":{"name":"keccak256","nodeType":"YulIdentifier","src":"17728:9:6"},"nodeType":"YulFunctionCall","src":"17728:21:6"},"variableNames":[{"name":"hash","nodeType":"YulIdentifier","src":"17720:4:6"}]},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"17855:4:6","type":"","value":"0x24"},{"kind":"number","nodeType":"YulLiteral","src":"17861:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"17848:6:6"},"nodeType":"YulFunctionCall","src":"17848:15:6"},"nodeType":"YulExpressionStatement","src":"17848:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2321,"isOffset":false,"isSlot":false,"src":"17720:4:6","valueSize":1},{"declaration":2318,"isOffset":false,"isSlot":false,"src":"17612:14:6","valueSize":1}],"id":2323,"nodeType":"InlineAssembly","src":"17509:364:6"}]},"documentation":{"id":2316,"nodeType":"StructuredDocumentation","src":"17216:146:6","text":"@dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n Used for mining vanity addresses with create2crunch."},"id":2325,"implemented":true,"kind":"function","modifiers":[],"name":"initCodeHash_PUSH0","nameLocation":"17376:18:6","nodeType":"FunctionDefinition","parameters":{"id":2319,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2318,"mutability":"mutable","name":"implementation","nameLocation":"17403:14:6","nodeType":"VariableDeclaration","scope":2325,"src":"17395:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2317,"name":"address","nodeType":"ElementaryTypeName","src":"17395:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"17394:24:6"},"returnParameters":{"id":2322,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2321,"mutability":"mutable","name":"hash","nameLocation":"17450:4:6","nodeType":"VariableDeclaration","scope":2325,"src":"17442:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2320,"name":"bytes32","nodeType":"ElementaryTypeName","src":"17442:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"17441:14:6"},"scope":2443,"src":"17367:512:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2351,"nodeType":"Block","src":"18271:137:6","statements":[{"assignments":[2338],"declarations":[{"constant":false,"id":2338,"mutability":"mutable","name":"hash","nameLocation":"18289:4:6","nodeType":"VariableDeclaration","scope":2351,"src":"18281:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2337,"name":"bytes32","nodeType":"ElementaryTypeName","src":"18281:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":2342,"initialValue":{"arguments":[{"id":2340,"name":"implementation","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2328,"src":"18315:14:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"}],"id":2339,"name":"initCodeHash_PUSH0","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2325,"src":"18296:18:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_address_$returns$_t_bytes32_$","typeString":"function (address) pure returns (bytes32)"}},"id":2341,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"18296:34:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"18281:49:6"},{"expression":{"id":2349,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2343,"name":"predicted","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2335,"src":"18340:9:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":2345,"name":"hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2338,"src":"18380:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2346,"name":"salt","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2330,"src":"18386:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2347,"name":"deployer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2332,"src":"18392:8:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_address","typeString":"address"}],"id":2344,"name":"predictDeterministicAddress","nodeType":"Identifier","overloadedDeclarations":[2293,2420,2434],"referencedDeclaration":2434,"src":"18352:27:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes32_$_t_bytes32_$_t_address_$returns$_t_address_$","typeString":"function (bytes32,bytes32,address) pure returns (address)"}},"id":2348,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"18352:49:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"src":"18340:61:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"id":2350,"nodeType":"ExpressionStatement","src":"18340:61:6"}]},"documentation":{"id":2326,"nodeType":"StructuredDocumentation","src":"17885:210:6","text":"@dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n with `salt` by `deployer`.\n Note: The returned result has dirty upper 96 bits. Please clean if used in assembly."},"id":2352,"implemented":true,"kind":"function","modifiers":[],"name":"predictDeterministicAddress_PUSH0","nameLocation":"18109:33:6","nodeType":"FunctionDefinition","parameters":{"id":2333,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2328,"mutability":"mutable","name":"implementation","nameLocation":"18160:14:6","nodeType":"VariableDeclaration","scope":2352,"src":"18152:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2327,"name":"address","nodeType":"ElementaryTypeName","src":"18152:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2330,"mutability":"mutable","name":"salt","nameLocation":"18192:4:6","nodeType":"VariableDeclaration","scope":2352,"src":"18184:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2329,"name":"bytes32","nodeType":"ElementaryTypeName","src":"18184:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2332,"mutability":"mutable","name":"deployer","nameLocation":"18214:8:6","nodeType":"VariableDeclaration","scope":2352,"src":"18206:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2331,"name":"address","nodeType":"ElementaryTypeName","src":"18206:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"18142:86:6"},"returnParameters":{"id":2336,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2335,"mutability":"mutable","name":"predicted","nameLocation":"18260:9:6","nodeType":"VariableDeclaration","scope":2352,"src":"18252:17:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2334,"name":"address","nodeType":"ElementaryTypeName","src":"18252:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"18251:19:6"},"scope":2443,"src":"18100:308:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2363,"nodeType":"Block","src":"19102:11230:6","statements":[{"AST":{"nodeType":"YulBlock","src":"19121:11205:6","statements":[{"nodeType":"YulVariableDeclaration","src":"19223:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"19249:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"19255:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"19245:3:6"},"nodeType":"YulFunctionCall","src":"19245:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19239:5:6"},"nodeType":"YulFunctionCall","src":"19239:22:6"},"variables":[{"name":"mBefore3","nodeType":"YulTypedName","src":"19227:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19274:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"19300:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"19306:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"19296:3:6"},"nodeType":"YulFunctionCall","src":"19296:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19290:5:6"},"nodeType":"YulFunctionCall","src":"19290:22:6"},"variables":[{"name":"mBefore2","nodeType":"YulTypedName","src":"19278:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19325:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"19351:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"19357:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"19347:3:6"},"nodeType":"YulFunctionCall","src":"19347:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19341:5:6"},"nodeType":"YulFunctionCall","src":"19341:22:6"},"variables":[{"name":"mBefore1","nodeType":"YulTypedName","src":"19329:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19376:29:6","value":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"19400:4:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19394:5:6"},"nodeType":"YulFunctionCall","src":"19394:11:6"},"variables":[{"name":"dataLength","nodeType":"YulTypedName","src":"19380:10:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19418:47:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"19441:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"19447:4:6","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19437:3:6"},"nodeType":"YulFunctionCall","src":"19437:15:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"19454:10:6"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19433:3:6"},"nodeType":"YulFunctionCall","src":"19433:32:6"},"variables":[{"name":"dataEnd","nodeType":"YulTypedName","src":"19422:7:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19478:29:6","value":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"19499:7:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"19493:5:6"},"nodeType":"YulFunctionCall","src":"19493:14:6"},"variables":[{"name":"mAfter1","nodeType":"YulTypedName","src":"19482:7:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"19602:37:6","value":{"arguments":[{"name":"dataLength","nodeType":"YulIdentifier","src":"19625:10:6"},{"kind":"number","nodeType":"YulLiteral","src":"19637:1:6","type":"","value":"2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"19621:3:6"},"nodeType":"YulFunctionCall","src":"19621:18:6"},"variables":[{"name":"extraLength","nodeType":"YulTypedName","src":"19606:11:6","type":""}]},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"28669:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"28675:28:6","type":"","value":"0x5af43d3d93803e606057fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"28662:6:6"},"nodeType":"YulFunctionCall","src":"28662:42:6"},"nodeType":"YulExpressionStatement","src":"28662:42:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"28784:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"28790:4:6","type":"","value":"0x0d"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"28780:3:6"},"nodeType":"YulFunctionCall","src":"28780:15:6"},{"name":"implementation","nodeType":"YulIdentifier","src":"28797:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"28773:6:6"},"nodeType":"YulFunctionCall","src":"28773:39:6"},"nodeType":"YulExpressionStatement","src":"28773:39:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"28900:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"28906:4:6","type":"","value":"0x21"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"28896:3:6"},"nodeType":"YulFunctionCall","src":"28896:15:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"28936:4:6","type":"","value":"0x48"},{"name":"extraLength","nodeType":"YulIdentifier","src":"28942:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"28932:3:6"},"nodeType":"YulFunctionCall","src":"28932:22:6"},{"kind":"number","nodeType":"YulLiteral","src":"28956:52:6","type":"","value":"0x593da1005b363d3d373d3d3d3d610000806062363936013d73"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"28929:2:6"},"nodeType":"YulFunctionCall","src":"28929:80:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"28872:6:6"},"nodeType":"YulFunctionCall","src":"28872:151:6"},"nodeType":"YulExpressionStatement","src":"28872:151:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"29114:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"29120:4:6","type":"","value":"0x3a"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"29110:3:6"},"nodeType":"YulFunctionCall","src":"29110:15:6"},{"kind":"number","nodeType":"YulLiteral","src":"29127:66:6","type":"","value":"0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"29086:6:6"},"nodeType":"YulFunctionCall","src":"29086:121:6"},"nodeType":"YulExpressionStatement","src":"29086:121:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"29431:4:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29441:4:6","type":"","value":"0x59"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"29450:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"29463:6:6","type":"","value":"0xff9e"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"29447:2:6"},"nodeType":"YulFunctionCall","src":"29447:23:6"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29437:3:6"},"nodeType":"YulFunctionCall","src":"29437:34:6"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"29427:3:6"},"nodeType":"YulFunctionCall","src":"29427:45:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29497:4:6","type":"","value":"0x78"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"29507:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"29520:4:6","type":"","value":"0x62"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29503:3:6"},"nodeType":"YulFunctionCall","src":"29503:22:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"29493:3:6"},"nodeType":"YulFunctionCall","src":"29493:33:6"},{"kind":"number","nodeType":"YulLiteral","src":"29528:40:6","type":"","value":"0xfd6100003d81600a3d39f336602c57343d527f"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"29490:2:6"},"nodeType":"YulFunctionCall","src":"29490:79:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"29220:6:6"},"nodeType":"YulFunctionCall","src":"29220:363:6"},"nodeType":"YulExpressionStatement","src":"29220:363:6"},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"29603:7:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29616:4:6","type":"","value":"0xf0"},{"name":"extraLength","nodeType":"YulIdentifier","src":"29622:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"29612:3:6"},"nodeType":"YulFunctionCall","src":"29612:22:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"29596:6:6"},"nodeType":"YulFunctionCall","src":"29596:39:6"},"nodeType":"YulExpressionStatement","src":"29596:39:6"},{"nodeType":"YulAssignment","src":"29685:62:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29704:1:6","type":"","value":"0"},{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"29711:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"29717:4:6","type":"","value":"0x4c"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"29707:3:6"},"nodeType":"YulFunctionCall","src":"29707:15:6"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"29728:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"29741:4:6","type":"","value":"0x6c"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"29724:3:6"},"nodeType":"YulFunctionCall","src":"29724:22:6"}],"functionName":{"name":"create","nodeType":"YulIdentifier","src":"29697:6:6"},"nodeType":"YulFunctionCall","src":"29697:50:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"29685:8:6"}]},{"body":{"nodeType":"YulBlock","src":"29827:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"29924:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"29930:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"29917:6:6"},"nodeType":"YulFunctionCall","src":"29917:24:6"},"nodeType":"YulExpressionStatement","src":"29917:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"30012:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"30018:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"30005:6:6"},"nodeType":"YulFunctionCall","src":"30005:18:6"},"nodeType":"YulExpressionStatement","src":"30005:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"29817:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"29810:6:6"},"nodeType":"YulFunctionCall","src":"29810:16:6"},"nodeType":"YulIf","src":"29807:230:6"},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"30124:7:6"},{"name":"mAfter1","nodeType":"YulIdentifier","src":"30133:7:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"30117:6:6"},"nodeType":"YulFunctionCall","src":"30117:24:6"},"nodeType":"YulExpressionStatement","src":"30117:24:6"},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"30161:4:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"30167:10:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"30154:6:6"},"nodeType":"YulFunctionCall","src":"30154:24:6"},"nodeType":"YulExpressionStatement","src":"30154:24:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"30202:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"30208:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30198:3:6"},"nodeType":"YulFunctionCall","src":"30198:15:6"},{"name":"mBefore1","nodeType":"YulIdentifier","src":"30215:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"30191:6:6"},"nodeType":"YulFunctionCall","src":"30191:33:6"},"nodeType":"YulExpressionStatement","src":"30191:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"30248:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"30254:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30244:3:6"},"nodeType":"YulFunctionCall","src":"30244:15:6"},{"name":"mBefore2","nodeType":"YulIdentifier","src":"30261:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"30237:6:6"},"nodeType":"YulFunctionCall","src":"30237:33:6"},"nodeType":"YulExpressionStatement","src":"30237:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"30294:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"30300:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30290:3:6"},"nodeType":"YulFunctionCall","src":"30290:15:6"},{"name":"mBefore3","nodeType":"YulIdentifier","src":"30307:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"30283:6:6"},"nodeType":"YulFunctionCall","src":"30283:33:6"},"nodeType":"YulExpressionStatement","src":"30283:33:6"}]},"evmVersion":"paris","externalReferences":[{"declaration":2357,"isOffset":false,"isSlot":false,"src":"19249:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"19300:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"19351:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"19400:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"19441:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"28669:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"28784:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"28900:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"29114:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"29431:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"29711:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"30161:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"30202:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"30248:4:6","valueSize":1},{"declaration":2357,"isOffset":false,"isSlot":false,"src":"30294:4:6","valueSize":1},{"declaration":2355,"isOffset":false,"isSlot":false,"src":"28797:14:6","valueSize":1},{"declaration":2360,"isOffset":false,"isSlot":false,"src":"29685:8:6","valueSize":1},{"declaration":2360,"isOffset":false,"isSlot":false,"src":"29817:8:6","valueSize":1}],"id":2362,"nodeType":"InlineAssembly","src":"19112:11214:6"}]},"documentation":{"id":2353,"nodeType":"StructuredDocumentation","src":"18697:306:6","text":"@dev Deploys a minimal proxy with `implementation`,\n using immutable arguments encoded in `data`.\n Note: This implementation of CWIA differs from the original implementation.\n If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`."},"id":2364,"implemented":true,"kind":"function","modifiers":[],"name":"clone","nameLocation":"19017:5:6","nodeType":"FunctionDefinition","parameters":{"id":2358,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2355,"mutability":"mutable","name":"implementation","nameLocation":"19031:14:6","nodeType":"VariableDeclaration","scope":2364,"src":"19023:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2354,"name":"address","nodeType":"ElementaryTypeName","src":"19023:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2357,"mutability":"mutable","name":"data","nameLocation":"19060:4:6","nodeType":"VariableDeclaration","scope":2364,"src":"19047:17:6","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2356,"name":"bytes","nodeType":"ElementaryTypeName","src":"19047:5:6","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"19022:43:6"},"returnParameters":{"id":2361,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2360,"mutability":"mutable","name":"instance","nameLocation":"19092:8:6","nodeType":"VariableDeclaration","scope":2364,"src":"19084:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2359,"name":"address","nodeType":"ElementaryTypeName","src":"19084:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"19083:18:6"},"scope":2443,"src":"19008:11324:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2377,"nodeType":"Block","src":"30807:2279:6","statements":[{"AST":{"nodeType":"YulBlock","src":"30826:2254:6","statements":[{"nodeType":"YulVariableDeclaration","src":"30928:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"30954:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"30960:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"30950:3:6"},"nodeType":"YulFunctionCall","src":"30950:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"30944:5:6"},"nodeType":"YulFunctionCall","src":"30944:22:6"},"variables":[{"name":"mBefore3","nodeType":"YulTypedName","src":"30932:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"30979:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31005:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31011:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31001:3:6"},"nodeType":"YulFunctionCall","src":"31001:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"30995:5:6"},"nodeType":"YulFunctionCall","src":"30995:22:6"},"variables":[{"name":"mBefore2","nodeType":"YulTypedName","src":"30983:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31030:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31056:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31062:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31052:3:6"},"nodeType":"YulFunctionCall","src":"31052:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31046:5:6"},"nodeType":"YulFunctionCall","src":"31046:22:6"},"variables":[{"name":"mBefore1","nodeType":"YulTypedName","src":"31034:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31081:29:6","value":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31105:4:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31099:5:6"},"nodeType":"YulFunctionCall","src":"31099:11:6"},"variables":[{"name":"dataLength","nodeType":"YulTypedName","src":"31085:10:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31123:47:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31146:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31152:4:6","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"31142:3:6"},"nodeType":"YulFunctionCall","src":"31142:15:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"31159:10:6"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"31138:3:6"},"nodeType":"YulFunctionCall","src":"31138:32:6"},"variables":[{"name":"dataEnd","nodeType":"YulTypedName","src":"31127:7:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31183:29:6","value":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"31204:7:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"31198:5:6"},"nodeType":"YulFunctionCall","src":"31198:14:6"},"variables":[{"name":"mAfter1","nodeType":"YulTypedName","src":"31187:7:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"31307:37:6","value":{"arguments":[{"name":"dataLength","nodeType":"YulIdentifier","src":"31330:10:6"},{"kind":"number","nodeType":"YulLiteral","src":"31342:1:6","type":"","value":"2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"31326:3:6"},"nodeType":"YulFunctionCall","src":"31326:18:6"},"variables":[{"name":"extraLength","nodeType":"YulTypedName","src":"31311:11:6","type":""}]},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31416:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31422:28:6","type":"","value":"0x5af43d3d93803e606057fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"31409:6:6"},"nodeType":"YulFunctionCall","src":"31409:42:6"},"nodeType":"YulExpressionStatement","src":"31409:42:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31531:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31537:4:6","type":"","value":"0x0d"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31527:3:6"},"nodeType":"YulFunctionCall","src":"31527:15:6"},{"name":"implementation","nodeType":"YulIdentifier","src":"31544:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"31520:6:6"},"nodeType":"YulFunctionCall","src":"31520:39:6"},"nodeType":"YulExpressionStatement","src":"31520:39:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31647:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31653:4:6","type":"","value":"0x21"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31643:3:6"},"nodeType":"YulFunctionCall","src":"31643:15:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"31683:4:6","type":"","value":"0x48"},{"name":"extraLength","nodeType":"YulIdentifier","src":"31689:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"31679:3:6"},"nodeType":"YulFunctionCall","src":"31679:22:6"},{"kind":"number","nodeType":"YulLiteral","src":"31703:52:6","type":"","value":"0x593da1005b363d3d373d3d3d3d610000806062363936013d73"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"31676:2:6"},"nodeType":"YulFunctionCall","src":"31676:80:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"31619:6:6"},"nodeType":"YulFunctionCall","src":"31619:151:6"},"nodeType":"YulExpressionStatement","src":"31619:151:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"31861:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"31867:4:6","type":"","value":"0x3a"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"31857:3:6"},"nodeType":"YulFunctionCall","src":"31857:15:6"},{"kind":"number","nodeType":"YulLiteral","src":"31874:66:6","type":"","value":"0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"31833:6:6"},"nodeType":"YulFunctionCall","src":"31833:121:6"},"nodeType":"YulExpressionStatement","src":"31833:121:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"32178:4:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32188:4:6","type":"","value":"0x59"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"32197:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"32210:6:6","type":"","value":"0xff9e"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"32194:2:6"},"nodeType":"YulFunctionCall","src":"32194:23:6"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"32184:3:6"},"nodeType":"YulFunctionCall","src":"32184:34:6"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32174:3:6"},"nodeType":"YulFunctionCall","src":"32174:45:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32244:4:6","type":"","value":"0x78"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"32254:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"32267:4:6","type":"","value":"0x62"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"32250:3:6"},"nodeType":"YulFunctionCall","src":"32250:22:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"32240:3:6"},"nodeType":"YulFunctionCall","src":"32240:33:6"},{"kind":"number","nodeType":"YulLiteral","src":"32275:40:6","type":"","value":"0xfd6100003d81600a3d39f336602c57343d527f"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"32237:2:6"},"nodeType":"YulFunctionCall","src":"32237:79:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"31967:6:6"},"nodeType":"YulFunctionCall","src":"31967:363:6"},"nodeType":"YulExpressionStatement","src":"31967:363:6"},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"32350:7:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32363:4:6","type":"","value":"0xf0"},{"name":"extraLength","nodeType":"YulIdentifier","src":"32369:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"32359:3:6"},"nodeType":"YulFunctionCall","src":"32359:22:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32343:6:6"},"nodeType":"YulFunctionCall","src":"32343:39:6"},"nodeType":"YulExpressionStatement","src":"32343:39:6"},{"nodeType":"YulAssignment","src":"32432:69:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32452:1:6","type":"","value":"0"},{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"32459:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"32465:4:6","type":"","value":"0x4c"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32455:3:6"},"nodeType":"YulFunctionCall","src":"32455:15:6"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"32476:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"32489:4:6","type":"","value":"0x6c"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"32472:3:6"},"nodeType":"YulFunctionCall","src":"32472:22:6"},{"name":"salt","nodeType":"YulIdentifier","src":"32496:4:6"}],"functionName":{"name":"create2","nodeType":"YulIdentifier","src":"32444:7:6"},"nodeType":"YulFunctionCall","src":"32444:57:6"},"variableNames":[{"name":"instance","nodeType":"YulIdentifier","src":"32432:8:6"}]},{"body":{"nodeType":"YulBlock","src":"32581:210:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32678:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"32684:10:6","type":"","value":"0x30116425"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32671:6:6"},"nodeType":"YulFunctionCall","src":"32671:24:6"},"nodeType":"YulExpressionStatement","src":"32671:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"32766:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"32772:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"32759:6:6"},"nodeType":"YulFunctionCall","src":"32759:18:6"},"nodeType":"YulExpressionStatement","src":"32759:18:6"}]},"condition":{"arguments":[{"name":"instance","nodeType":"YulIdentifier","src":"32571:8:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"32564:6:6"},"nodeType":"YulFunctionCall","src":"32564:16:6"},"nodeType":"YulIf","src":"32561:230:6"},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"32878:7:6"},{"name":"mAfter1","nodeType":"YulIdentifier","src":"32887:7:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32871:6:6"},"nodeType":"YulFunctionCall","src":"32871:24:6"},"nodeType":"YulExpressionStatement","src":"32871:24:6"},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"32915:4:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"32921:10:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32908:6:6"},"nodeType":"YulFunctionCall","src":"32908:24:6"},"nodeType":"YulExpressionStatement","src":"32908:24:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"32956:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"32962:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32952:3:6"},"nodeType":"YulFunctionCall","src":"32952:15:6"},{"name":"mBefore1","nodeType":"YulIdentifier","src":"32969:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32945:6:6"},"nodeType":"YulFunctionCall","src":"32945:33:6"},"nodeType":"YulExpressionStatement","src":"32945:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33002:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33008:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"32998:3:6"},"nodeType":"YulFunctionCall","src":"32998:15:6"},{"name":"mBefore2","nodeType":"YulIdentifier","src":"33015:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"32991:6:6"},"nodeType":"YulFunctionCall","src":"32991:33:6"},"nodeType":"YulExpressionStatement","src":"32991:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33048:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33054:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"33044:3:6"},"nodeType":"YulFunctionCall","src":"33044:15:6"},{"name":"mBefore3","nodeType":"YulIdentifier","src":"33061:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"33037:6:6"},"nodeType":"YulFunctionCall","src":"33037:33:6"},"nodeType":"YulExpressionStatement","src":"33037:33:6"}]},"evmVersion":"paris","externalReferences":[{"declaration":2369,"isOffset":false,"isSlot":false,"src":"30954:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31005:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31056:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31105:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31146:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31416:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31531:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31647:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"31861:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"32178:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"32459:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"32915:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"32956:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"33002:4:6","valueSize":1},{"declaration":2369,"isOffset":false,"isSlot":false,"src":"33048:4:6","valueSize":1},{"declaration":2367,"isOffset":false,"isSlot":false,"src":"31544:14:6","valueSize":1},{"declaration":2374,"isOffset":false,"isSlot":false,"src":"32432:8:6","valueSize":1},{"declaration":2374,"isOffset":false,"isSlot":false,"src":"32571:8:6","valueSize":1},{"declaration":2371,"isOffset":false,"isSlot":false,"src":"32496:4:6","valueSize":1}],"id":2376,"nodeType":"InlineAssembly","src":"30817:2263:6"}]},"documentation":{"id":2365,"nodeType":"StructuredDocumentation","src":"30338:323:6","text":"@dev Deploys a deterministic clone of `implementation`,\n using immutable arguments encoded in `data`, with `salt`.\n Note: This implementation of CWIA differs from the original implementation.\n If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`."},"id":2378,"implemented":true,"kind":"function","modifiers":[],"name":"cloneDeterministic","nameLocation":"30675:18:6","nodeType":"FunctionDefinition","parameters":{"id":2372,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2367,"mutability":"mutable","name":"implementation","nameLocation":"30702:14:6","nodeType":"VariableDeclaration","scope":2378,"src":"30694:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2366,"name":"address","nodeType":"ElementaryTypeName","src":"30694:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2369,"mutability":"mutable","name":"data","nameLocation":"30731:4:6","nodeType":"VariableDeclaration","scope":2378,"src":"30718:17:6","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2368,"name":"bytes","nodeType":"ElementaryTypeName","src":"30718:5:6","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2371,"mutability":"mutable","name":"salt","nameLocation":"30745:4:6","nodeType":"VariableDeclaration","scope":2378,"src":"30737:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2370,"name":"bytes32","nodeType":"ElementaryTypeName","src":"30737:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"30693:57:6"},"returnParameters":{"id":2375,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2374,"mutability":"mutable","name":"instance","nameLocation":"30793:8:6","nodeType":"VariableDeclaration","scope":2378,"src":"30785:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2373,"name":"address","nodeType":"ElementaryTypeName","src":"30785:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"30784:18:6"},"scope":2443,"src":"30666:2420:6","stateMutability":"nonpayable","virtual":false,"visibility":"internal"},{"body":{"id":2389,"nodeType":"Block","src":"33419:2041:6","statements":[{"AST":{"nodeType":"YulBlock","src":"33438:2016:6","statements":[{"nodeType":"YulVariableDeclaration","src":"33540:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33566:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33572:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"33562:3:6"},"nodeType":"YulFunctionCall","src":"33562:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33556:5:6"},"nodeType":"YulFunctionCall","src":"33556:22:6"},"variables":[{"name":"mBefore3","nodeType":"YulTypedName","src":"33544:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"33591:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33617:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33623:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"33613:3:6"},"nodeType":"YulFunctionCall","src":"33613:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33607:5:6"},"nodeType":"YulFunctionCall","src":"33607:22:6"},"variables":[{"name":"mBefore2","nodeType":"YulTypedName","src":"33595:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"33642:38:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33668:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33674:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"33664:3:6"},"nodeType":"YulFunctionCall","src":"33664:15:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33658:5:6"},"nodeType":"YulFunctionCall","src":"33658:22:6"},"variables":[{"name":"mBefore1","nodeType":"YulTypedName","src":"33646:8:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"33693:29:6","value":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33717:4:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33711:5:6"},"nodeType":"YulFunctionCall","src":"33711:11:6"},"variables":[{"name":"dataLength","nodeType":"YulTypedName","src":"33697:10:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"33735:47:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"33758:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"33764:4:6","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33754:3:6"},"nodeType":"YulFunctionCall","src":"33754:15:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"33771:10:6"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"33750:3:6"},"nodeType":"YulFunctionCall","src":"33750:32:6"},"variables":[{"name":"dataEnd","nodeType":"YulTypedName","src":"33739:7:6","type":""}]},{"nodeType":"YulVariableDeclaration","src":"33795:29:6","value":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"33816:7:6"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"33810:5:6"},"nodeType":"YulFunctionCall","src":"33810:14:6"},"variables":[{"name":"mAfter1","nodeType":"YulTypedName","src":"33799:7:6","type":""}]},{"expression":{"arguments":[{"arguments":[],"functionName":{"name":"returndatasize","nodeType":"YulIdentifier","src":"34027:14:6"},"nodeType":"YulFunctionCall","src":"34027:16:6"},{"arguments":[],"functionName":{"name":"returndatasize","nodeType":"YulIdentifier","src":"34045:14:6"},"nodeType":"YulFunctionCall","src":"34045:16:6"},{"arguments":[{"name":"dataLength","nodeType":"YulIdentifier","src":"34066:10:6"},{"kind":"number","nodeType":"YulLiteral","src":"34078:6:6","type":"","value":"0xff9b"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"34063:2:6"},"nodeType":"YulFunctionCall","src":"34063:22:6"}],"functionName":{"name":"returndatacopy","nodeType":"YulIdentifier","src":"34012:14:6"},"nodeType":"YulFunctionCall","src":"34012:74:6"},"nodeType":"YulExpressionStatement","src":"34012:74:6"},{"nodeType":"YulVariableDeclaration","src":"34181:37:6","value":{"arguments":[{"name":"dataLength","nodeType":"YulIdentifier","src":"34204:10:6"},{"kind":"number","nodeType":"YulLiteral","src":"34216:1:6","type":"","value":"2"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"34200:3:6"},"nodeType":"YulFunctionCall","src":"34200:18:6"},"variables":[{"name":"extraLength","nodeType":"YulTypedName","src":"34185:11:6","type":""}]},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"34290:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"34296:28:6","type":"","value":"0x5af43d3d93803e606057fd5bf3"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"34283:6:6"},"nodeType":"YulFunctionCall","src":"34283:42:6"},"nodeType":"YulExpressionStatement","src":"34283:42:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"34405:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"34411:4:6","type":"","value":"0x0d"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"34401:3:6"},"nodeType":"YulFunctionCall","src":"34401:15:6"},{"name":"implementation","nodeType":"YulIdentifier","src":"34418:14:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"34394:6:6"},"nodeType":"YulFunctionCall","src":"34394:39:6"},"nodeType":"YulExpressionStatement","src":"34394:39:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"34521:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"34527:4:6","type":"","value":"0x21"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"34517:3:6"},"nodeType":"YulFunctionCall","src":"34517:15:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"34557:4:6","type":"","value":"0x48"},{"name":"extraLength","nodeType":"YulIdentifier","src":"34563:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"34553:3:6"},"nodeType":"YulFunctionCall","src":"34553:22:6"},{"kind":"number","nodeType":"YulLiteral","src":"34577:52:6","type":"","value":"0x593da1005b363d3d373d3d3d3d610000806062363936013d73"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"34550:2:6"},"nodeType":"YulFunctionCall","src":"34550:80:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"34493:6:6"},"nodeType":"YulFunctionCall","src":"34493:151:6"},"nodeType":"YulExpressionStatement","src":"34493:151:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"34735:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"34741:4:6","type":"","value":"0x3a"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"34731:3:6"},"nodeType":"YulFunctionCall","src":"34731:15:6"},{"kind":"number","nodeType":"YulLiteral","src":"34748:66:6","type":"","value":"0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"34707:6:6"},"nodeType":"YulFunctionCall","src":"34707:121:6"},"nodeType":"YulExpressionStatement","src":"34707:121:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"34869:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"34875:4:6","type":"","value":"0x5a"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"34865:3:6"},"nodeType":"YulFunctionCall","src":"34865:15:6"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"34905:4:6","type":"","value":"0x78"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"34915:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"34928:4:6","type":"","value":"0x62"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"34911:3:6"},"nodeType":"YulFunctionCall","src":"34911:22:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"34901:3:6"},"nodeType":"YulFunctionCall","src":"34901:33:6"},{"kind":"number","nodeType":"YulLiteral","src":"34936:38:6","type":"","value":"0x6100003d81600a3d39f336602c57343d527f"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"34898:2:6"},"nodeType":"YulFunctionCall","src":"34898:77:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"34841:6:6"},"nodeType":"YulFunctionCall","src":"34841:148:6"},"nodeType":"YulExpressionStatement","src":"34841:148:6"},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"35009:7:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"35022:4:6","type":"","value":"0xf0"},{"name":"extraLength","nodeType":"YulIdentifier","src":"35028:11:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"35018:3:6"},"nodeType":"YulFunctionCall","src":"35018:22:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35002:6:6"},"nodeType":"YulFunctionCall","src":"35002:39:6"},"nodeType":"YulExpressionStatement","src":"35002:39:6"},{"nodeType":"YulAssignment","src":"35107:58:6","value":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"35129:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"35135:4:6","type":"","value":"0x4c"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"35125:3:6"},"nodeType":"YulFunctionCall","src":"35125:15:6"},{"arguments":[{"name":"extraLength","nodeType":"YulIdentifier","src":"35146:11:6"},{"kind":"number","nodeType":"YulLiteral","src":"35159:4:6","type":"","value":"0x6c"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"35142:3:6"},"nodeType":"YulFunctionCall","src":"35142:22:6"}],"functionName":{"name":"keccak256","nodeType":"YulIdentifier","src":"35115:9:6"},"nodeType":"YulFunctionCall","src":"35115:50:6"},"variableNames":[{"name":"hash","nodeType":"YulIdentifier","src":"35107:4:6"}]},{"expression":{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"35252:7:6"},{"name":"mAfter1","nodeType":"YulIdentifier","src":"35261:7:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35245:6:6"},"nodeType":"YulFunctionCall","src":"35245:24:6"},"nodeType":"YulExpressionStatement","src":"35245:24:6"},{"expression":{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"35289:4:6"},{"name":"dataLength","nodeType":"YulIdentifier","src":"35295:10:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35282:6:6"},"nodeType":"YulFunctionCall","src":"35282:24:6"},"nodeType":"YulExpressionStatement","src":"35282:24:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"35330:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"35336:4:6","type":"","value":"0x20"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"35326:3:6"},"nodeType":"YulFunctionCall","src":"35326:15:6"},{"name":"mBefore1","nodeType":"YulIdentifier","src":"35343:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35319:6:6"},"nodeType":"YulFunctionCall","src":"35319:33:6"},"nodeType":"YulExpressionStatement","src":"35319:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"35376:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"35382:4:6","type":"","value":"0x40"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"35372:3:6"},"nodeType":"YulFunctionCall","src":"35372:15:6"},{"name":"mBefore2","nodeType":"YulIdentifier","src":"35389:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35365:6:6"},"nodeType":"YulFunctionCall","src":"35365:33:6"},"nodeType":"YulExpressionStatement","src":"35365:33:6"},{"expression":{"arguments":[{"arguments":[{"name":"data","nodeType":"YulIdentifier","src":"35422:4:6"},{"kind":"number","nodeType":"YulLiteral","src":"35428:4:6","type":"","value":"0x60"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"35418:3:6"},"nodeType":"YulFunctionCall","src":"35418:15:6"},{"name":"mBefore3","nodeType":"YulIdentifier","src":"35435:8:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"35411:6:6"},"nodeType":"YulFunctionCall","src":"35411:33:6"},"nodeType":"YulExpressionStatement","src":"35411:33:6"}]},"evmVersion":"paris","externalReferences":[{"declaration":2383,"isOffset":false,"isSlot":false,"src":"33566:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"33617:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"33668:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"33717:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"33758:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"34290:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"34405:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"34521:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"34735:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"34869:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"35129:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"35289:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"35330:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"35376:4:6","valueSize":1},{"declaration":2383,"isOffset":false,"isSlot":false,"src":"35422:4:6","valueSize":1},{"declaration":2386,"isOffset":false,"isSlot":false,"src":"35107:4:6","valueSize":1},{"declaration":2381,"isOffset":false,"isSlot":false,"src":"34418:14:6","valueSize":1}],"id":2388,"nodeType":"InlineAssembly","src":"33429:2025:6"}]},"documentation":{"id":2379,"nodeType":"StructuredDocumentation","src":"33092:192:6","text":"@dev Returns the initialization code hash of the clone of `implementation`\n using immutable arguments encoded in `data`.\n Used for mining vanity addresses with create2crunch."},"id":2390,"implemented":true,"kind":"function","modifiers":[],"name":"initCodeHash","nameLocation":"33298:12:6","nodeType":"FunctionDefinition","parameters":{"id":2384,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2381,"mutability":"mutable","name":"implementation","nameLocation":"33319:14:6","nodeType":"VariableDeclaration","scope":2390,"src":"33311:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2380,"name":"address","nodeType":"ElementaryTypeName","src":"33311:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2383,"mutability":"mutable","name":"data","nameLocation":"33348:4:6","nodeType":"VariableDeclaration","scope":2390,"src":"33335:17:6","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2382,"name":"bytes","nodeType":"ElementaryTypeName","src":"33335:5:6","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"}],"src":"33310:43:6"},"returnParameters":{"id":2387,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2386,"mutability":"mutable","name":"hash","nameLocation":"33409:4:6","nodeType":"VariableDeclaration","scope":2390,"src":"33401:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2385,"name":"bytes32","nodeType":"ElementaryTypeName","src":"33401:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"33400:14:6"},"scope":2443,"src":"33289:2171:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2419,"nodeType":"Block","src":"35912:137:6","statements":[{"assignments":[2405],"declarations":[{"constant":false,"id":2405,"mutability":"mutable","name":"hash","nameLocation":"35930:4:6","nodeType":"VariableDeclaration","scope":2419,"src":"35922:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2404,"name":"bytes32","nodeType":"ElementaryTypeName","src":"35922:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"id":2410,"initialValue":{"arguments":[{"id":2407,"name":"implementation","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2393,"src":"35950:14:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},{"id":2408,"name":"data","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2395,"src":"35966:4:6","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_address","typeString":"address"},{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes memory"}],"id":2406,"name":"initCodeHash","nodeType":"Identifier","overloadedDeclarations":[2266,2390],"referencedDeclaration":2390,"src":"35937:12:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_address_$_t_bytes_memory_ptr_$returns$_t_bytes32_$","typeString":"function (address,bytes memory) pure returns (bytes32)"}},"id":2409,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"35937:34:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"nodeType":"VariableDeclarationStatement","src":"35922:49:6"},{"expression":{"id":2417,"isConstant":false,"isLValue":false,"isPure":false,"lValueRequested":false,"leftHandSide":{"id":2411,"name":"predicted","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2402,"src":"35981:9:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"nodeType":"Assignment","operator":"=","rightHandSide":{"arguments":[{"id":2413,"name":"hash","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2405,"src":"36021:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2414,"name":"salt","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2397,"src":"36027:4:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},{"id":2415,"name":"deployer","nodeType":"Identifier","overloadedDeclarations":[],"referencedDeclaration":2399,"src":"36033:8:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}}],"expression":{"argumentTypes":[{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_bytes32","typeString":"bytes32"},{"typeIdentifier":"t_address","typeString":"address"}],"id":2412,"name":"predictDeterministicAddress","nodeType":"Identifier","overloadedDeclarations":[2293,2420,2434],"referencedDeclaration":2434,"src":"35993:27:6","typeDescriptions":{"typeIdentifier":"t_function_internal_pure$_t_bytes32_$_t_bytes32_$_t_address_$returns$_t_address_$","typeString":"function (bytes32,bytes32,address) pure returns (address)"}},"id":2416,"isConstant":false,"isLValue":false,"isPure":false,"kind":"functionCall","lValueRequested":false,"nameLocations":[],"names":[],"nodeType":"FunctionCall","src":"35993:49:6","tryCall":false,"typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"src":"35981:61:6","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"id":2418,"nodeType":"ExpressionStatement","src":"35981:61:6"}]},"documentation":{"id":2391,"nodeType":"StructuredDocumentation","src":"35466:249:6","text":"@dev Returns the address of the deterministic clone of\n `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n Note: The returned result has dirty upper 96 bits. Please clean if used in assembly."},"id":2420,"implemented":true,"kind":"function","modifiers":[],"name":"predictDeterministicAddress","nameLocation":"35729:27:6","nodeType":"FunctionDefinition","parameters":{"id":2400,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2393,"mutability":"mutable","name":"implementation","nameLocation":"35774:14:6","nodeType":"VariableDeclaration","scope":2420,"src":"35766:22:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2392,"name":"address","nodeType":"ElementaryTypeName","src":"35766:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"},{"constant":false,"id":2395,"mutability":"mutable","name":"data","nameLocation":"35811:4:6","nodeType":"VariableDeclaration","scope":2420,"src":"35798:17:6","stateVariable":false,"storageLocation":"memory","typeDescriptions":{"typeIdentifier":"t_bytes_memory_ptr","typeString":"bytes"},"typeName":{"id":2394,"name":"bytes","nodeType":"ElementaryTypeName","src":"35798:5:6","typeDescriptions":{"typeIdentifier":"t_bytes_storage_ptr","typeString":"bytes"}},"visibility":"internal"},{"constant":false,"id":2397,"mutability":"mutable","name":"salt","nameLocation":"35833:4:6","nodeType":"VariableDeclaration","scope":2420,"src":"35825:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2396,"name":"bytes32","nodeType":"ElementaryTypeName","src":"35825:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2399,"mutability":"mutable","name":"deployer","nameLocation":"35855:8:6","nodeType":"VariableDeclaration","scope":2420,"src":"35847:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2398,"name":"address","nodeType":"ElementaryTypeName","src":"35847:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"35756:113:6"},"returnParameters":{"id":2403,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2402,"mutability":"mutable","name":"predicted","nameLocation":"35901:9:6","nodeType":"VariableDeclaration","scope":2420,"src":"35893:17:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2401,"name":"address","nodeType":"ElementaryTypeName","src":"35893:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"35892:19:6"},"scope":2443,"src":"35720:329:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2433,"nodeType":"Block","src":"36720:451:6","statements":[{"AST":{"nodeType":"YulBlock","src":"36782:383:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36856:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"36862:4:6","type":"","value":"0xff"}],"functionName":{"name":"mstore8","nodeType":"YulIdentifier","src":"36848:7:6"},"nodeType":"YulFunctionCall","src":"36848:19:6"},"nodeType":"YulExpressionStatement","src":"36848:19:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36908:4:6","type":"","value":"0x35"},{"name":"hash","nodeType":"YulIdentifier","src":"36914:4:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"36901:6:6"},"nodeType":"YulFunctionCall","src":"36901:18:6"},"nodeType":"YulExpressionStatement","src":"36901:18:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36939:4:6","type":"","value":"0x01"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36949:2:6","type":"","value":"96"},{"name":"deployer","nodeType":"YulIdentifier","src":"36953:8:6"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"36945:3:6"},"nodeType":"YulFunctionCall","src":"36945:17:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"36932:6:6"},"nodeType":"YulFunctionCall","src":"36932:31:6"},"nodeType":"YulExpressionStatement","src":"36932:31:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"36983:4:6","type":"","value":"0x15"},{"name":"salt","nodeType":"YulIdentifier","src":"36989:4:6"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"36976:6:6"},"nodeType":"YulFunctionCall","src":"36976:18:6"},"nodeType":"YulExpressionStatement","src":"36976:18:6"},{"nodeType":"YulAssignment","src":"37007:34:6","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37030:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"37036:4:6","type":"","value":"0x55"}],"functionName":{"name":"keccak256","nodeType":"YulIdentifier","src":"37020:9:6"},"nodeType":"YulFunctionCall","src":"37020:21:6"},"variableNames":[{"name":"predicted","nodeType":"YulIdentifier","src":"37007:9:6"}]},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37147:4:6","type":"","value":"0x35"},{"kind":"number","nodeType":"YulLiteral","src":"37153:1:6","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"37140:6:6"},"nodeType":"YulFunctionCall","src":"37140:15:6"},"nodeType":"YulExpressionStatement","src":"37140:15:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2427,"isOffset":false,"isSlot":false,"src":"36953:8:6","valueSize":1},{"declaration":2423,"isOffset":false,"isSlot":false,"src":"36914:4:6","valueSize":1},{"declaration":2430,"isOffset":false,"isSlot":false,"src":"37007:9:6","valueSize":1},{"declaration":2425,"isOffset":false,"isSlot":false,"src":"36989:4:6","valueSize":1}],"id":2432,"nodeType":"InlineAssembly","src":"36773:392:6"}]},"documentation":{"id":2421,"nodeType":"StructuredDocumentation","src":"36338:224:6","text":"@dev Returns the address when a contract with initialization code hash,\n `hash`, is deployed with `salt`, by `deployer`.\n Note: The returned result has dirty upper 96 bits. Please clean if used in assembly."},"id":2434,"implemented":true,"kind":"function","modifiers":[],"name":"predictDeterministicAddress","nameLocation":"36576:27:6","nodeType":"FunctionDefinition","parameters":{"id":2428,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2423,"mutability":"mutable","name":"hash","nameLocation":"36612:4:6","nodeType":"VariableDeclaration","scope":2434,"src":"36604:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2422,"name":"bytes32","nodeType":"ElementaryTypeName","src":"36604:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2425,"mutability":"mutable","name":"salt","nameLocation":"36626:4:6","nodeType":"VariableDeclaration","scope":2434,"src":"36618:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2424,"name":"bytes32","nodeType":"ElementaryTypeName","src":"36618:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"},{"constant":false,"id":2427,"mutability":"mutable","name":"deployer","nameLocation":"36640:8:6","nodeType":"VariableDeclaration","scope":2434,"src":"36632:16:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2426,"name":"address","nodeType":"ElementaryTypeName","src":"36632:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"36603:46:6"},"returnParameters":{"id":2431,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2430,"mutability":"mutable","name":"predicted","nameLocation":"36705:9:6","nodeType":"VariableDeclaration","scope":2434,"src":"36697:17:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"},"typeName":{"id":2429,"name":"address","nodeType":"ElementaryTypeName","src":"36697:7:6","stateMutability":"nonpayable","typeDescriptions":{"typeIdentifier":"t_address","typeString":"address"}},"visibility":"internal"}],"src":"36696:19:6"},"scope":2443,"src":"36567:604:6","stateMutability":"pure","virtual":false,"visibility":"internal"},{"body":{"id":2441,"nodeType":"Block","src":"37326:457:6","statements":[{"AST":{"nodeType":"YulBlock","src":"37388:389:6","statements":[{"body":{"nodeType":"YulBlock","src":"37547:220:6","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37654:4:6","type":"","value":"0x00"},{"kind":"number","nodeType":"YulLiteral","src":"37660:10:6","type":"","value":"0x2f634836"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"37647:6:6"},"nodeType":"YulFunctionCall","src":"37647:24:6"},"nodeType":"YulExpressionStatement","src":"37647:24:6"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37742:4:6","type":"","value":"0x1c"},{"kind":"number","nodeType":"YulLiteral","src":"37748:4:6","type":"","value":"0x04"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"37735:6:6"},"nodeType":"YulFunctionCall","src":"37735:18:6"},"nodeType":"YulExpressionStatement","src":"37735:18:6"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37505:2:6","type":"","value":"96"},{"name":"salt","nodeType":"YulIdentifier","src":"37509:4:6"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"37501:3:6"},"nodeType":"YulFunctionCall","src":"37501:13:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"37494:6:6"},"nodeType":"YulFunctionCall","src":"37494:21:6"},{"arguments":[{"arguments":[],"functionName":{"name":"caller","nodeType":"YulIdentifier","src":"37520:6:6"},"nodeType":"YulFunctionCall","src":"37520:8:6"},{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"37534:2:6","type":"","value":"96"},{"name":"salt","nodeType":"YulIdentifier","src":"37538:4:6"}],"functionName":{"name":"shr","nodeType":"YulIdentifier","src":"37530:3:6"},"nodeType":"YulFunctionCall","src":"37530:13:6"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"37517:2:6"},"nodeType":"YulFunctionCall","src":"37517:27:6"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"37491:2:6"},"nodeType":"YulFunctionCall","src":"37491:54:6"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"37484:6:6"},"nodeType":"YulFunctionCall","src":"37484:62:6"},"nodeType":"YulIf","src":"37481:286:6"}]},"documentation":"@solidity memory-safe-assembly","evmVersion":"paris","externalReferences":[{"declaration":2437,"isOffset":false,"isSlot":false,"src":"37509:4:6","valueSize":1},{"declaration":2437,"isOffset":false,"isSlot":false,"src":"37538:4:6","valueSize":1}],"id":2440,"nodeType":"InlineAssembly","src":"37379:398:6"}]},"documentation":{"id":2435,"nodeType":"StructuredDocumentation","src":"37177:85:6","text":"@dev Reverts if `salt` does not start with either the zero address or the caller."},"id":2442,"implemented":true,"kind":"function","modifiers":[],"name":"checkStartsWithCaller","nameLocation":"37276:21:6","nodeType":"FunctionDefinition","parameters":{"id":2438,"nodeType":"ParameterList","parameters":[{"constant":false,"id":2437,"mutability":"mutable","name":"salt","nameLocation":"37306:4:6","nodeType":"VariableDeclaration","scope":2442,"src":"37298:12:6","stateVariable":false,"storageLocation":"default","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"},"typeName":{"id":2436,"name":"bytes32","nodeType":"ElementaryTypeName","src":"37298:7:6","typeDescriptions":{"typeIdentifier":"t_bytes32","typeString":"bytes32"}},"visibility":"internal"}],"src":"37297:14:6"},"returnParameters":{"id":2439,"nodeType":"ParameterList","parameters":[],"src":"37326:0:6"},"scope":2443,"src":"37267:516:6","stateMutability":"view","virtual":false,"visibility":"internal"}],"scope":2444,"src":"1500:36285:6","usedErrors":[2231,2234],"usedEvents":[]}],"src":"32:37754:6"},"id":6}},"contracts":{"FreshCryptoLib/FCL_Webauthn.sol":{"FCL_WebAuthn":{"abi":[{"inputs":[],"name":"InvalidAuthenticatorData","type":"error"},{"inputs":[],"name":"InvalidClientData","type":"error"},{"inputs":[],"name":"InvalidSignature","type":"error"}],"devdoc":{"kind":"dev","methods":{},"version":1},"evm":{"bytecode":{"functionDebugData":{},"generatedSources":[],"linkReferences":{},"object":"60566037600b82828239805160001a607314602a57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600080fdfea26469706673582212200263862a83cad763fa89c0fbc976522f2fe1f6f58aa8f116f81dd44d79ab837264736f6c63430008140033","opcodes":"PUSH1 0x56 PUSH1 0x37 PUSH1 0xB DUP3 DUP3 DUP3 CODECOPY DUP1 MLOAD PUSH1 0x0 BYTE PUSH1 0x73 EQ PUSH1 0x2A JUMPI PUSH4 0x4E487B71 PUSH1 0xE0 SHL PUSH1 0x0 MSTORE PUSH1 0x0 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST ADDRESS PUSH1 0x0 MSTORE PUSH1 0x73 DUP2 MSTORE8 DUP3 DUP2 RETURN INVALID PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 MUL PUSH4 0x862A83CA 0xD7 PUSH4 0xFA89C0FB 0xC9 PUSH23 0x522F2FE1F6F58AA8F116F81DD44D79AB837264736F6C63 NUMBER STOP ADDMOD EQ STOP CALLER ","sourceMap":"1356:4435:0:-:0;;;;;;;;;;;;;;;-1:-1:-1;;;1356:4435:0;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{},"generatedSources":[],"immutableReferences":{},"linkReferences":{},"object":"73000000000000000000000000000000000000000030146080604052600080fdfea26469706673582212200263862a83cad763fa89c0fbc976522f2fe1f6f58aa8f116f81dd44d79ab837264736f6c63430008140033","opcodes":"PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 MUL PUSH4 0x862A83CA 0xD7 PUSH4 0xFA89C0FB 0xC9 PUSH23 0x522F2FE1F6F58AA8F116F81DD44D79AB837264736F6C63 NUMBER STOP ADDMOD EQ STOP CALLER ","sourceMap":"1356:4435:0:-:0;;;;;;;;"},"gasEstimates":{"creation":{"codeDepositCost":"17200","executionCost":"103","totalCost":"17303"},"internal":{"WebAuthn_format(bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata)":"infinite","checkSignature(bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata,uint256[2] calldata)":"infinite","checkSignature_hackmem(bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata,uint256)":"infinite","checkSignature_prec(bytes calldata,bytes1,bytes calldata,bytes32,uint256,uint256[2] calldata,address)":"infinite"}},"methodIdentifiers":{}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"FreshCryptoLib/FCL_Webauthn.sol\":\"FCL_WebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"kind":"user","methods":{},"version":1}}},"FreshCryptoLib/FCL_elliptic.sol":{"FCL_Elliptic_ZZ":{"abi":[{"inputs":[{"internalType":"uint256","name":"alpha","type":"uint256"},{"internalType":"uint256","name":"x","type":"uint256"},{"internalType":"uint256","name":"y","type":"uint256"},{"internalType":"uint256","name":"zz","type":"uint256"},{"internalType":"uint256","name":"zzz","type":"uint256"}],"name":"ecZZ_Coronize","outputs":[{"internalType":"uint256","name":"x3","type":"uint256"},{"internalType":"uint256","name":"y3","type":"uint256"},{"internalType":"uint256","name":"zz3","type":"uint256"},{"internalType":"uint256","name":"zzz3","type":"uint256"}],"stateMutability":"pure","type":"function"},{"inputs":[{"internalType":"uint256","name":"h","type":"uint256"},{"internalType":"uint256","name":"v","type":"uint256"},{"internalType":"uint256","name":"r","type":"uint256"},{"internalType":"uint256","name":"s","type":"uint256"}],"name":"ec_recover_r1","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"message","type":"bytes32"},{"internalType":"uint256","name":"k","type":"uint256"},{"internalType":"uint256","name":"kpriv","type":"uint256"}],"name":"ecdsa_sign","outputs":[{"internalType":"uint256","name":"r","type":"uint256"},{"internalType":"uint256","name":"s","type":"uint256"}],"stateMutability":"view","type":"function"}],"devdoc":{"kind":"dev","methods":{},"version":1},"evm":{"bytecode":{"functionDebugData":{},"generatedSources":[],"linkReferences":{},"object":"61226761003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe730000000000000000000000000000000000000000301460806040526004361061004b5760003560e01c80635f67f323146100505780637f99d9601461008d578063e982f355146100c0575b600080fd5b61006361005e36600461215e565b6100e8565b60405173ffffffffffffffffffffffffffffffffffffffff90911681526020015b60405180910390f35b6100a061009b366004612190565b610264565b604080519485526020850193909352918301526060820152608001610084565b6100d36100ce3660046121cb565b61035b565b60408051928352602083019190915201610084565b600082158061011757507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518310155b80610120575081155b8061014b57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b156101585750600061025c565b600061016e84610169601b886121f7565b610406565b9050600061017b8561055b565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551827fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518a6000086101f0907fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325516121f7565b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551838709905060008061022a898786866105df565b604080516020808201949094528082019290925280518083038201815260609092019052805191012096505050505050505b949350505050565b6000808080807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8b0990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89820994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d090993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81880992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80828c09870991505095509550955095915050565b60008061036c600080866000611132565b91507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518260000891507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551807fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255185850987086103e68661055b565b0990508115806103f4575080155b156103fe57600080fd5b935093915050565b6000807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80858609850990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7fffffffff00000001000000000000000000000000fffffffffffffffffffffffc870983087f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0890506104c781611bf9565b91507fffffffff00000002000000000000000000000000ffffffffffffffffffffffff8203610519577fffffffff00000003000000000000000000000000ffffffffffffffffffffffff915050610555565b82600116826001161461055357610550827fffffffff00000001000000000000000000000000ffffffffffffffffffffffff6121f7565b91505b505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa6105d857600080fd5b5192915050565b600080808060ff6105ee612122565b6105f6612140565b88158015610602575087155b1561061857600080965096505050505050611129565b6106647f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d611cce565b6020830152815288831c600190811689851c90911b600216015b806106a05760018403935060018a851c1660018a861c1660011b01905061067e565b50600189841c16600189851c1660011b01945060018503610702577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f595505b60028503610711578a96508995505b600385036107255760208101519550805196505b60018303925060019450600193505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611011577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff866002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff88850997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89840998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c870908995060018d881c1660018d891c1660011b01905080610a1057897fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03995050505050611006565b60018103610a5f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610a6e578e93508d92505b60038103610a825784519350602085015192505b88610a9b57509198509650600195508594506110069050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c880908935080610dff5783610dff577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a82099950507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a850999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808c870985089a505050505050611006565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818b0999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838f097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089c50505050809a50505050505b600183039250610734565b83606083015260208252602080830152602060408301527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808301527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a083015260208260c0846005600019fa61108957600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8251870995507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8251860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff858809965050505050505b94509492505050565b600080808060ff818088158015611147575087155b1561115b576000965050505050505061025c565b6111a77f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d611cce565b8092508193505050600189841c16600189851c1660011b015b806111e25760018403935060018a851c1660018a861c1660011b0190506111c0565b50600189841c16600189851c1660011b01955060018603611244577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603611253578a96508993505b60038603611262578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611b49577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b0190508061154d57877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611b3e565b6001810361159c577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b600281036115ab578e93508d92505b600381036115ba578593508492505b896115d35750919850600197508796509450611b3e9050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d8809089350806119375783611937577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611b3e565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250611271565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa611bc457600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099c9b505050505050505050505050565b600060405160208152602080820152602060408201528260608201527f3fffffffc0000000400000000000000000000000400000000000000000000000608082015260a081017fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815260208160c0846005600019fa611c7757600080fd5b5191508290507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82830914611cc957507fffffffff00000002000000000000000000000000ffffffffffffffffffffffff5b919050565b600080808086611ce5578585935093505050611129565b84611cf7578787935093505050611129565b611d0688886001808a8a611d2b565b929a5090985092509050611d1c88888484611ff0565b93509350505094509492505050565b60008060008088600003611d4a57508492508391506001905080611fe3565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b6000806000611ffe846120a5565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6105d857600080fd5b6040518060c001604052806006906020820280368337509192915050565b60405180604001604052806002906020820280368337509192915050565b6000806000806080858703121561217457600080fd5b5050823594602084013594506040840135936060013592509050565b600080600080600060a086880312156121a857600080fd5b505083359560208501359550604085013594606081013594506080013592509050565b6000806000606084860312156121e057600080fd5b505081359360208301359350604090920135919050565b81810381811115610555577f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fdfea2646970667358221220e95d75cac5be2e930b8af42215213dbddb970eb865b0823981765d03ccbc4f6c64736f6c63430008140033","opcodes":"PUSH2 0x2267 PUSH2 0x3A PUSH1 0xB DUP3 DUP3 DUP3 CODECOPY DUP1 MLOAD PUSH1 0x0 BYTE PUSH1 0x73 EQ PUSH2 0x2D JUMPI PUSH4 0x4E487B71 PUSH1 0xE0 SHL PUSH1 0x0 MSTORE PUSH1 0x0 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST ADDRESS PUSH1 0x0 MSTORE PUSH1 0x73 DUP2 MSTORE8 DUP3 DUP2 RETURN INVALID PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x4 CALLDATASIZE LT PUSH2 0x4B JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x5F67F323 EQ PUSH2 0x50 JUMPI DUP1 PUSH4 0x7F99D960 EQ PUSH2 0x8D JUMPI DUP1 PUSH4 0xE982F355 EQ PUSH2 0xC0 JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x63 PUSH2 0x5E CALLDATASIZE PUSH1 0x4 PUSH2 0x215E JUMP JUMPDEST PUSH2 0xE8 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD JUMPDEST PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH2 0xA0 PUSH2 0x9B CALLDATASIZE PUSH1 0x4 PUSH2 0x2190 JUMP JUMPDEST PUSH2 0x264 JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP5 DUP6 MSTORE PUSH1 0x20 DUP6 ADD SWAP4 SWAP1 SWAP4 MSTORE SWAP2 DUP4 ADD MSTORE PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x80 ADD PUSH2 0x84 JUMP JUMPDEST PUSH2 0xD3 PUSH2 0xCE CALLDATASIZE PUSH1 0x4 PUSH2 0x21CB JUMP JUMPDEST PUSH2 0x35B JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP3 DUP4 MSTORE PUSH1 0x20 DUP4 ADD SWAP2 SWAP1 SWAP2 MSTORE ADD PUSH2 0x84 JUMP JUMPDEST PUSH1 0x0 DUP3 ISZERO DUP1 PUSH2 0x117 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 LT ISZERO JUMPDEST DUP1 PUSH2 0x120 JUMPI POP DUP2 ISZERO JUMPDEST DUP1 PUSH2 0x14B JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 LT ISZERO JUMPDEST ISZERO PUSH2 0x158 JUMPI POP PUSH1 0x0 PUSH2 0x25C JUMP JUMPDEST PUSH1 0x0 PUSH2 0x16E DUP5 PUSH2 0x169 PUSH1 0x1B DUP9 PUSH2 0x21F7 JUMP JUMPDEST PUSH2 0x406 JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH2 0x17B DUP6 PUSH2 0x55B JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP11 PUSH1 0x0 ADDMOD PUSH2 0x1F0 SWAP1 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH2 0x21F7 JUMP JUMPDEST MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 DUP8 MULMOD SWAP1 POP PUSH1 0x0 DUP1 PUSH2 0x22A DUP10 DUP8 DUP7 DUP7 PUSH2 0x5DF JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD PUSH1 0x20 DUP1 DUP3 ADD SWAP5 SWAP1 SWAP5 MSTORE DUP1 DUP3 ADD SWAP3 SWAP1 SWAP3 MSTORE DUP1 MLOAD DUP1 DUP4 SUB DUP3 ADD DUP2 MSTORE PUSH1 0x60 SWAP1 SWAP3 ADD SWAP1 MSTORE DUP1 MLOAD SWAP2 ADD KECCAK256 SWAP7 POP POP POP POP POP POP POP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP12 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP3 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP9 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 DUP13 MULMOD DUP8 MULMOD SWAP2 POP POP SWAP6 POP SWAP6 POP SWAP6 POP SWAP6 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH2 0x36C PUSH1 0x0 DUP1 DUP7 PUSH1 0x0 PUSH2 0x1132 JUMP JUMPDEST SWAP2 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 PUSH1 0x0 ADDMOD SWAP2 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP1 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP6 DUP6 MULMOD DUP8 ADDMOD PUSH2 0x3E6 DUP7 PUSH2 0x55B JUMP JUMPDEST MULMOD SWAP1 POP DUP2 ISZERO DUP1 PUSH2 0x3F4 JUMPI POP DUP1 ISZERO JUMPDEST ISZERO PUSH2 0x3FE JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 POP SWAP4 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP6 DUP7 MULMOD DUP6 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC DUP8 MULMOD DUP4 ADDMOD PUSH32 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B ADDMOD SWAP1 POP PUSH2 0x4C7 DUP2 PUSH2 0x1BF9 JUMP JUMPDEST SWAP2 POP PUSH32 0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 SUB PUSH2 0x519 JUMPI PUSH32 0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP2 POP POP PUSH2 0x555 JUMP JUMPDEST DUP3 PUSH1 0x1 AND DUP3 PUSH1 0x1 AND EQ PUSH2 0x553 JUMPI PUSH2 0x550 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH2 0x21F7 JUMP JUMPDEST SWAP2 POP JUMPDEST POP JUMPDEST SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x5D8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF PUSH2 0x5EE PUSH2 0x2122 JUMP JUMPDEST PUSH2 0x5F6 PUSH2 0x2140 JUMP JUMPDEST DUP9 ISZERO DUP1 ISZERO PUSH2 0x602 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x618 JUMPI PUSH1 0x0 DUP1 SWAP7 POP SWAP7 POP POP POP POP POP POP PUSH2 0x1129 JUMP JUMPDEST PUSH2 0x664 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x1CCE JUMP JUMPDEST PUSH1 0x20 DUP4 ADD MSTORE DUP2 MSTORE DUP9 DUP4 SHR PUSH1 0x1 SWAP1 DUP2 AND DUP10 DUP6 SHR SWAP1 SWAP2 SHL PUSH1 0x2 AND ADD JUMPDEST DUP1 PUSH2 0x6A0 JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x67E JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP5 POP PUSH1 0x1 DUP6 SUB PUSH2 0x702 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP6 POP JUMPDEST PUSH1 0x2 DUP6 SUB PUSH2 0x711 JUMPI DUP11 SWAP7 POP DUP10 SWAP6 POP JUMPDEST PUSH1 0x3 DUP6 SUB PUSH2 0x725 JUMPI PUSH1 0x20 DUP2 ADD MLOAD SWAP6 POP DUP1 MLOAD SWAP7 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP5 POP PUSH1 0x1 SWAP4 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1011 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 DUP6 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP5 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 DUP8 MULMOD ADDMOD SWAP10 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0xA10 JUMPI DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP10 POP POP POP POP POP PUSH2 0x1006 JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0xA5F JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0xA6E JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0xA82 JUMPI DUP5 MLOAD SWAP4 POP PUSH1 0x20 DUP6 ADD MLOAD SWAP3 POP JUMPDEST DUP9 PUSH2 0xA9B JUMPI POP SWAP2 SWAP9 POP SWAP7 POP PUSH1 0x1 SWAP6 POP DUP6 SWAP5 POP PUSH2 0x1006 SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0xDFF JUMPI DUP4 PUSH2 0xDFF JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP3 MULMOD SWAP10 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP6 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP13 DUP8 MULMOD DUP6 ADDMOD SWAP11 POP POP POP POP POP POP PUSH2 0x1006 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP12 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP16 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP13 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x734 JUMP JUMPDEST DUP4 PUSH1 0x60 DUP4 ADD MSTORE PUSH1 0x20 DUP3 MSTORE PUSH1 0x20 DUP1 DUP4 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP4 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP4 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP4 ADD MSTORE PUSH1 0x20 DUP3 PUSH1 0xC0 DUP5 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1089 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 MLOAD DUP8 MULMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 MLOAD DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP9 MULMOD SWAP7 POP POP POP POP POP POP JUMPDEST SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF DUP2 DUP1 DUP9 ISZERO DUP1 ISZERO PUSH2 0x1147 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x115B JUMPI PUSH1 0x0 SWAP7 POP POP POP POP POP POP POP PUSH2 0x25C JUMP JUMPDEST PUSH2 0x11A7 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x1CCE JUMP JUMPDEST DUP1 SWAP3 POP DUP2 SWAP4 POP POP POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD JUMPDEST DUP1 PUSH2 0x11E2 JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x11C0 JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP6 POP PUSH1 0x1 DUP7 SUB PUSH2 0x1244 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP4 POP JUMPDEST PUSH1 0x2 DUP7 SUB PUSH2 0x1253 JUMPI DUP11 SWAP7 POP DUP10 SWAP4 POP JUMPDEST PUSH1 0x3 DUP7 SUB PUSH2 0x1262 JUMPI DUP2 SWAP7 POP DUP1 SWAP4 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP6 POP PUSH1 0x1 SWAP5 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1B49 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP6 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP5 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP8 MULMOD ADDMOD SWAP8 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0x154D JUMPI DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP8 POP POP POP POP POP PUSH2 0x1B3E JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0x159C JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0x15AB JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0x15BA JUMPI DUP6 SWAP4 POP DUP5 SWAP3 POP JUMPDEST DUP10 PUSH2 0x15D3 JUMPI POP SWAP2 SWAP9 POP PUSH1 0x1 SWAP8 POP DUP8 SWAP7 POP SWAP5 POP PUSH2 0x1B3E SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP14 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0x1937 JUMPI DUP4 PUSH2 0x1937 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP3 MULMOD SWAP11 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP6 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP11 DUP8 MULMOD DUP6 ADDMOD SWAP9 POP POP POP POP POP POP PUSH2 0x1B3E JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP14 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP11 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x1271 JUMP JUMPDEST PUSH1 0x40 MLOAD DUP7 PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1BC4 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MLOAD DUP10 MULMOD SWAP13 SWAP12 POP POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0x3FFFFFFFC0000000400000000000000000000000400000000000000000000000 PUSH1 0x80 DUP3 ADD MSTORE PUSH1 0xA0 DUP2 ADD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP5 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1C77 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP2 POP DUP3 SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP4 MULMOD EQ PUSH2 0x1CC9 JUMPI POP PUSH32 0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF JUMPDEST SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP7 PUSH2 0x1CE5 JUMPI DUP6 DUP6 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1129 JUMP JUMPDEST DUP5 PUSH2 0x1CF7 JUMPI DUP8 DUP8 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1129 JUMP JUMPDEST PUSH2 0x1D06 DUP9 DUP9 PUSH1 0x1 DUP1 DUP11 DUP11 PUSH2 0x1D2B JUMP JUMPDEST SWAP3 SWAP11 POP SWAP1 SWAP9 POP SWAP3 POP SWAP1 POP PUSH2 0x1D1C DUP9 DUP9 DUP5 DUP5 PUSH2 0x1FF0 JUMP JUMPDEST SWAP4 POP SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP9 PUSH1 0x0 SUB PUSH2 0x1D4A JUMPI POP DUP5 SWAP3 POP DUP4 SWAP2 POP PUSH1 0x1 SWAP1 POP DUP1 PUSH2 0x1FE3 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP9 DUP10 SUB SWAP9 DUP10 DUP2 DUP10 DUP9 MULMOD ADDMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP10 MULMOD ADDMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP8 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP6 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP10 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP9 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP12 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 DUP12 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD MULMOD ADDMOD SWAP3 POP JUMPDEST SWAP7 POP SWAP7 POP SWAP7 POP SWAP7 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x1FFE DUP5 PUSH2 0x20A5 JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP8 MULMOD SWAP2 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP8 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP10 MULMOD SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x5D8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x40 MLOAD DUP1 PUSH1 0xC0 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x6 SWAP1 PUSH1 0x20 DUP3 MUL DUP1 CALLDATASIZE DUP4 CALLDATACOPY POP SWAP2 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x40 MLOAD DUP1 PUSH1 0x40 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x2 SWAP1 PUSH1 0x20 DUP3 MUL DUP1 CALLDATASIZE DUP4 CALLDATACOPY POP SWAP2 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x80 DUP6 DUP8 SUB SLT ISZERO PUSH2 0x2174 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP3 CALLDATALOAD SWAP5 PUSH1 0x20 DUP5 ADD CALLDATALOAD SWAP5 POP PUSH1 0x40 DUP5 ADD CALLDATALOAD SWAP4 PUSH1 0x60 ADD CALLDATALOAD SWAP3 POP SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 PUSH1 0xA0 DUP7 DUP9 SUB SLT ISZERO PUSH2 0x21A8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP4 CALLDATALOAD SWAP6 PUSH1 0x20 DUP6 ADD CALLDATALOAD SWAP6 POP PUSH1 0x40 DUP6 ADD CALLDATALOAD SWAP5 PUSH1 0x60 DUP2 ADD CALLDATALOAD SWAP5 POP PUSH1 0x80 ADD CALLDATALOAD SWAP3 POP SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH1 0x60 DUP5 DUP7 SUB SLT ISZERO PUSH2 0x21E0 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP2 CALLDATALOAD SWAP4 PUSH1 0x20 DUP4 ADD CALLDATALOAD SWAP4 POP PUSH1 0x40 SWAP1 SWAP3 ADD CALLDATALOAD SWAP2 SWAP1 POP JUMP JUMPDEST DUP2 DUP2 SUB DUP2 DUP2 GT ISZERO PUSH2 0x555 JUMPI PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x11 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xE9 0x5D PUSH22 0xCAC5BE2E930B8AF42215213DBDDB970EB865B0823981 PUSH23 0x5D03CCBC4F6C64736F6C63430008140033000000000000 ","sourceMap":"1212:41972:1:-:0;;;;;;;;;;;;;;;-1:-1:-1;;;1212:41972:1;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{"@FCL_nModInv_298":{"entryPoint":1371,"id":298,"parameterSlots":1,"returnSlots":1},"@FCL_pModInv_308":{"entryPoint":8357,"id":308,"parameterSlots":1,"returnSlots":1},"@SqrtMod_589":{"entryPoint":7161,"id":589,"parameterSlots":1,"returnSlots":1},"@ecAff_IsZero_890":{"entryPoint":null,"id":890,"parameterSlots":2,"returnSlots":1},"@ecAff_add_1024":{"entryPoint":7374,"id":1024,"parameterSlots":4,"returnSlots":2},"@ecZZ_AddN_823":{"entryPoint":7467,"id":823,"parameterSlots":6,"returnSlots":4},"@ecZZ_Coronize_384":{"entryPoint":612,"id":384,"parameterSlots":5,"returnSlots":4},"@ecZZ_SetAff_750":{"entryPoint":8176,"id":750,"parameterSlots":4,"returnSlots":2},"@ecZZ_mulmuladd_1157":{"entryPoint":1503,"id":1157,"parameterSlots":4,"returnSlots":2},"@ecZZ_mulmuladd_S_asm_1083":{"entryPoint":4402,"id":1083,"parameterSlots":4,"returnSlots":1},"@ec_Decompress_695":{"entryPoint":1030,"id":695,"parameterSlots":2,"returnSlots":1},"@ec_recover_r1_1821":{"entryPoint":232,"id":1821,"parameterSlots":4,"returnSlots":1},"@ecdsa_sign_1885":{"entryPoint":859,"id":1885,"parameterSlots":3,"returnSlots":2},"abi_decode_tuple_t_bytes32t_uint256t_uint256":{"entryPoint":8651,"id":null,"parameterSlots":2,"returnSlots":3},"abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256":{"entryPoint":8542,"id":null,"parameterSlots":2,"returnSlots":4},"abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256t_uint256":{"entryPoint":8592,"id":null,"parameterSlots":2,"returnSlots":5},"abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":3,"returnSlots":1},"abi_encode_tuple_t_address__to_t_address__fromStack_library_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_library_reversed":{"entryPoint":null,"id":null,"parameterSlots":3,"returnSlots":1},"abi_encode_tuple_t_uint256_t_uint256_t_uint256_t_uint256__to_t_uint256_t_uint256_t_uint256_t_uint256__fromStack_library_reversed":{"entryPoint":null,"id":null,"parameterSlots":5,"returnSlots":1},"checked_sub_t_uint256":{"entryPoint":8695,"id":null,"parameterSlots":2,"returnSlots":1},"panic_error_0x12":{"entryPoint":null,"id":null,"parameterSlots":0,"returnSlots":0},"panic_error_0x32":{"entryPoint":null,"id":null,"parameterSlots":0,"returnSlots":0}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:3002:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"135:264:7","statements":[{"body":{"nodeType":"YulBlock","src":"182:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"191:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"194:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"184:6:7"},"nodeType":"YulFunctionCall","src":"184:12:7"},"nodeType":"YulExpressionStatement","src":"184:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"156:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"165:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"152:3:7"},"nodeType":"YulFunctionCall","src":"152:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"177:3:7","type":"","value":"128"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"148:3:7"},"nodeType":"YulFunctionCall","src":"148:33:7"},"nodeType":"YulIf","src":"145:53:7"},{"nodeType":"YulAssignment","src":"207:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"230:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"217:12:7"},"nodeType":"YulFunctionCall","src":"217:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"207:6:7"}]},{"nodeType":"YulAssignment","src":"249:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"276:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"287:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"272:3:7"},"nodeType":"YulFunctionCall","src":"272:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"259:12:7"},"nodeType":"YulFunctionCall","src":"259:32:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"249:6:7"}]},{"nodeType":"YulAssignment","src":"300:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"327:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"338:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"323:3:7"},"nodeType":"YulFunctionCall","src":"323:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"310:12:7"},"nodeType":"YulFunctionCall","src":"310:32:7"},"variableNames":[{"name":"value2","nodeType":"YulIdentifier","src":"300:6:7"}]},{"nodeType":"YulAssignment","src":"351:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"378:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"389:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"374:3:7"},"nodeType":"YulFunctionCall","src":"374:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"361:12:7"},"nodeType":"YulFunctionCall","src":"361:32:7"},"variableNames":[{"name":"value3","nodeType":"YulIdentifier","src":"351:6:7"}]}]},"name":"abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"77:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"88:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"100:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"108:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"116:6:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"124:6:7","type":""}],"src":"14:385:7"},{"body":{"nodeType":"YulBlock","src":"513:125:7","statements":[{"nodeType":"YulAssignment","src":"523:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"535:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"546:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"531:3:7"},"nodeType":"YulFunctionCall","src":"531:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"523:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"565:9:7"},{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"580:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"588:42:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffff"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"576:3:7"},"nodeType":"YulFunctionCall","src":"576:55:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"558:6:7"},"nodeType":"YulFunctionCall","src":"558:74:7"},"nodeType":"YulExpressionStatement","src":"558:74:7"}]},"name":"abi_encode_tuple_t_address__to_t_address__fromStack_library_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"482:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"493:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"504:4:7","type":""}],"src":"404:234:7"},{"body":{"nodeType":"YulBlock","src":"781:316:7","statements":[{"body":{"nodeType":"YulBlock","src":"828:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"837:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"840:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"830:6:7"},"nodeType":"YulFunctionCall","src":"830:12:7"},"nodeType":"YulExpressionStatement","src":"830:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"802:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"811:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"798:3:7"},"nodeType":"YulFunctionCall","src":"798:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"823:3:7","type":"","value":"160"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"794:3:7"},"nodeType":"YulFunctionCall","src":"794:33:7"},"nodeType":"YulIf","src":"791:53:7"},{"nodeType":"YulAssignment","src":"853:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"876:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"863:12:7"},"nodeType":"YulFunctionCall","src":"863:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"853:6:7"}]},{"nodeType":"YulAssignment","src":"895:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"922:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"933:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"918:3:7"},"nodeType":"YulFunctionCall","src":"918:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"905:12:7"},"nodeType":"YulFunctionCall","src":"905:32:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"895:6:7"}]},{"nodeType":"YulAssignment","src":"946:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"973:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"984:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"969:3:7"},"nodeType":"YulFunctionCall","src":"969:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"956:12:7"},"nodeType":"YulFunctionCall","src":"956:32:7"},"variableNames":[{"name":"value2","nodeType":"YulIdentifier","src":"946:6:7"}]},{"nodeType":"YulAssignment","src":"997:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1024:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1035:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1020:3:7"},"nodeType":"YulFunctionCall","src":"1020:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1007:12:7"},"nodeType":"YulFunctionCall","src":"1007:32:7"},"variableNames":[{"name":"value3","nodeType":"YulIdentifier","src":"997:6:7"}]},{"nodeType":"YulAssignment","src":"1048:43:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1075:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1086:3:7","type":"","value":"128"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1071:3:7"},"nodeType":"YulFunctionCall","src":"1071:19:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1058:12:7"},"nodeType":"YulFunctionCall","src":"1058:33:7"},"variableNames":[{"name":"value4","nodeType":"YulIdentifier","src":"1048:6:7"}]}]},"name":"abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"715:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"726:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"738:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"746:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"754:6:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"762:6:7","type":""},{"name":"value4","nodeType":"YulTypedName","src":"770:6:7","type":""}],"src":"643:454:7"},{"body":{"nodeType":"YulBlock","src":"1295:206:7","statements":[{"nodeType":"YulAssignment","src":"1305:27:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1317:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1328:3:7","type":"","value":"128"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1313:3:7"},"nodeType":"YulFunctionCall","src":"1313:19:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"1305:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1348:9:7"},{"name":"value0","nodeType":"YulIdentifier","src":"1359:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1341:6:7"},"nodeType":"YulFunctionCall","src":"1341:25:7"},"nodeType":"YulExpressionStatement","src":"1341:25:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1386:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1397:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1382:3:7"},"nodeType":"YulFunctionCall","src":"1382:18:7"},{"name":"value1","nodeType":"YulIdentifier","src":"1402:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1375:6:7"},"nodeType":"YulFunctionCall","src":"1375:34:7"},"nodeType":"YulExpressionStatement","src":"1375:34:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1429:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1440:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1425:3:7"},"nodeType":"YulFunctionCall","src":"1425:18:7"},{"name":"value2","nodeType":"YulIdentifier","src":"1445:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1418:6:7"},"nodeType":"YulFunctionCall","src":"1418:34:7"},"nodeType":"YulExpressionStatement","src":"1418:34:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1472:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1483:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1468:3:7"},"nodeType":"YulFunctionCall","src":"1468:18:7"},{"name":"value3","nodeType":"YulIdentifier","src":"1488:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1461:6:7"},"nodeType":"YulFunctionCall","src":"1461:34:7"},"nodeType":"YulExpressionStatement","src":"1461:34:7"}]},"name":"abi_encode_tuple_t_uint256_t_uint256_t_uint256_t_uint256__to_t_uint256_t_uint256_t_uint256_t_uint256__fromStack_library_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"1240:9:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"1251:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"1259:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"1267:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"1275:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"1286:4:7","type":""}],"src":"1102:399:7"},{"body":{"nodeType":"YulBlock","src":"1610:212:7","statements":[{"body":{"nodeType":"YulBlock","src":"1656:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1665:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"1668:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"1658:6:7"},"nodeType":"YulFunctionCall","src":"1658:12:7"},"nodeType":"YulExpressionStatement","src":"1658:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"1631:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"1640:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"1627:3:7"},"nodeType":"YulFunctionCall","src":"1627:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"1652:2:7","type":"","value":"96"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"1623:3:7"},"nodeType":"YulFunctionCall","src":"1623:32:7"},"nodeType":"YulIf","src":"1620:52:7"},{"nodeType":"YulAssignment","src":"1681:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1704:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1691:12:7"},"nodeType":"YulFunctionCall","src":"1691:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"1681:6:7"}]},{"nodeType":"YulAssignment","src":"1723:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1750:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1761:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1746:3:7"},"nodeType":"YulFunctionCall","src":"1746:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1733:12:7"},"nodeType":"YulFunctionCall","src":"1733:32:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"1723:6:7"}]},{"nodeType":"YulAssignment","src":"1774:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1801:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1812:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1797:3:7"},"nodeType":"YulFunctionCall","src":"1797:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1784:12:7"},"nodeType":"YulFunctionCall","src":"1784:32:7"},"variableNames":[{"name":"value2","nodeType":"YulIdentifier","src":"1774:6:7"}]}]},"name":"abi_decode_tuple_t_bytes32t_uint256t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"1560:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"1571:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"1583:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"1591:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"1599:6:7","type":""}],"src":"1506:316:7"},{"body":{"nodeType":"YulBlock","src":"1964:119:7","statements":[{"nodeType":"YulAssignment","src":"1974:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1986:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1997:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1982:3:7"},"nodeType":"YulFunctionCall","src":"1982:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"1974:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2016:9:7"},{"name":"value0","nodeType":"YulIdentifier","src":"2027:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2009:6:7"},"nodeType":"YulFunctionCall","src":"2009:25:7"},"nodeType":"YulExpressionStatement","src":"2009:25:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2054:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"2065:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2050:3:7"},"nodeType":"YulFunctionCall","src":"2050:18:7"},{"name":"value1","nodeType":"YulIdentifier","src":"2070:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2043:6:7"},"nodeType":"YulFunctionCall","src":"2043:34:7"},"nodeType":"YulExpressionStatement","src":"2043:34:7"}]},"name":"abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_library_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"1925:9:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"1936:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"1944:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"1955:4:7","type":""}],"src":"1827:256:7"},{"body":{"nodeType":"YulBlock","src":"2137:233:7","statements":[{"nodeType":"YulAssignment","src":"2147:17:7","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"2159:1:7"},{"name":"y","nodeType":"YulIdentifier","src":"2162:1:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"2155:3:7"},"nodeType":"YulFunctionCall","src":"2155:9:7"},"variableNames":[{"name":"diff","nodeType":"YulIdentifier","src":"2147:4:7"}]},{"body":{"nodeType":"YulBlock","src":"2196:168:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2217:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2220:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2210:6:7"},"nodeType":"YulFunctionCall","src":"2210:88:7"},"nodeType":"YulExpressionStatement","src":"2210:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2318:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"2321:4:7","type":"","value":"0x11"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2311:6:7"},"nodeType":"YulFunctionCall","src":"2311:15:7"},"nodeType":"YulExpressionStatement","src":"2311:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2346:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2349:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2339:6:7"},"nodeType":"YulFunctionCall","src":"2339:15:7"},"nodeType":"YulExpressionStatement","src":"2339:15:7"}]},"condition":{"arguments":[{"name":"diff","nodeType":"YulIdentifier","src":"2179:4:7"},{"name":"x","nodeType":"YulIdentifier","src":"2185:1:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"2176:2:7"},"nodeType":"YulFunctionCall","src":"2176:11:7"},"nodeType":"YulIf","src":"2173:191:7"}]},"name":"checked_sub_t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"x","nodeType":"YulTypedName","src":"2119:1:7","type":""},{"name":"y","nodeType":"YulTypedName","src":"2122:1:7","type":""}],"returnVariables":[{"name":"diff","nodeType":"YulTypedName","src":"2128:4:7","type":""}],"src":"2088:282:7"},{"body":{"nodeType":"YulBlock","src":"2407:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2424:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2427:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2417:6:7"},"nodeType":"YulFunctionCall","src":"2417:88:7"},"nodeType":"YulExpressionStatement","src":"2417:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2521:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"2524:4:7","type":"","value":"0x12"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2514:6:7"},"nodeType":"YulFunctionCall","src":"2514:15:7"},"nodeType":"YulExpressionStatement","src":"2514:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2545:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2548:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2538:6:7"},"nodeType":"YulFunctionCall","src":"2538:15:7"},"nodeType":"YulExpressionStatement","src":"2538:15:7"}]},"name":"panic_error_0x12","nodeType":"YulFunctionDefinition","src":"2375:184:7"},{"body":{"nodeType":"YulBlock","src":"2711:100:7","statements":[{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2728:3:7"},{"name":"value0","nodeType":"YulIdentifier","src":"2733:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2721:6:7"},"nodeType":"YulFunctionCall","src":"2721:19:7"},"nodeType":"YulExpressionStatement","src":"2721:19:7"},{"expression":{"arguments":[{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2760:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"2765:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2756:3:7"},"nodeType":"YulFunctionCall","src":"2756:12:7"},{"name":"value1","nodeType":"YulIdentifier","src":"2770:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2749:6:7"},"nodeType":"YulFunctionCall","src":"2749:28:7"},"nodeType":"YulExpressionStatement","src":"2749:28:7"},{"nodeType":"YulAssignment","src":"2786:19:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2797:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"2802:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2793:3:7"},"nodeType":"YulFunctionCall","src":"2793:12:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"2786:3:7"}]}]},"name":"abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"pos","nodeType":"YulTypedName","src":"2679:3:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"2684:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"2692:6:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"2703:3:7","type":""}],"src":"2564:247:7"},{"body":{"nodeType":"YulBlock","src":"2848:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2865:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2868:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2858:6:7"},"nodeType":"YulFunctionCall","src":"2858:88:7"},"nodeType":"YulExpressionStatement","src":"2858:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2962:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"2965:4:7","type":"","value":"0x32"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2955:6:7"},"nodeType":"YulFunctionCall","src":"2955:15:7"},"nodeType":"YulExpressionStatement","src":"2955:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2986:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2989:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2979:6:7"},"nodeType":"YulFunctionCall","src":"2979:15:7"},"nodeType":"YulExpressionStatement","src":"2979:15:7"}]},"name":"panic_error_0x32","nodeType":"YulFunctionDefinition","src":"2816:184:7"}]},"contents":"{\n { }\n function abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256(headStart, dataEnd) -> value0, value1, value2, value3\n {\n if slt(sub(dataEnd, headStart), 128) { revert(0, 0) }\n value0 := calldataload(headStart)\n value1 := calldataload(add(headStart, 32))\n value2 := calldataload(add(headStart, 64))\n value3 := calldataload(add(headStart, 96))\n }\n function abi_encode_tuple_t_address__to_t_address__fromStack_library_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, and(value0, 0xffffffffffffffffffffffffffffffffffffffff))\n }\n function abi_decode_tuple_t_uint256t_uint256t_uint256t_uint256t_uint256(headStart, dataEnd) -> value0, value1, value2, value3, value4\n {\n if slt(sub(dataEnd, headStart), 160) { revert(0, 0) }\n value0 := calldataload(headStart)\n value1 := calldataload(add(headStart, 32))\n value2 := calldataload(add(headStart, 64))\n value3 := calldataload(add(headStart, 96))\n value4 := calldataload(add(headStart, 128))\n }\n function abi_encode_tuple_t_uint256_t_uint256_t_uint256_t_uint256__to_t_uint256_t_uint256_t_uint256_t_uint256__fromStack_library_reversed(headStart, value3, value2, value1, value0) -> tail\n {\n tail := add(headStart, 128)\n mstore(headStart, value0)\n mstore(add(headStart, 32), value1)\n mstore(add(headStart, 64), value2)\n mstore(add(headStart, 96), value3)\n }\n function abi_decode_tuple_t_bytes32t_uint256t_uint256(headStart, dataEnd) -> value0, value1, value2\n {\n if slt(sub(dataEnd, headStart), 96) { revert(0, 0) }\n value0 := calldataload(headStart)\n value1 := calldataload(add(headStart, 32))\n value2 := calldataload(add(headStart, 64))\n }\n function abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_library_reversed(headStart, value1, value0) -> tail\n {\n tail := add(headStart, 64)\n mstore(headStart, value0)\n mstore(add(headStart, 32), value1)\n }\n function checked_sub_t_uint256(x, y) -> diff\n {\n diff := sub(x, y)\n if gt(diff, x)\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x11)\n revert(0, 0x24)\n }\n }\n function panic_error_0x12()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x12)\n revert(0, 0x24)\n }\n function abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed(pos, value1, value0) -> end\n {\n mstore(pos, value0)\n mstore(add(pos, 32), value1)\n end := add(pos, 64)\n }\n function panic_error_0x32()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x32)\n revert(0, 0x24)\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"immutableReferences":{},"linkReferences":{},"object":"730000000000000000000000000000000000000000301460806040526004361061004b5760003560e01c80635f67f323146100505780637f99d9601461008d578063e982f355146100c0575b600080fd5b61006361005e36600461215e565b6100e8565b60405173ffffffffffffffffffffffffffffffffffffffff90911681526020015b60405180910390f35b6100a061009b366004612190565b610264565b604080519485526020850193909352918301526060820152608001610084565b6100d36100ce3660046121cb565b61035b565b60408051928352602083019190915201610084565b600082158061011757507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518310155b80610120575081155b8061014b57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b156101585750600061025c565b600061016e84610169601b886121f7565b610406565b9050600061017b8561055b565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551827fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518a6000086101f0907fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325516121f7565b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551838709905060008061022a898786866105df565b604080516020808201949094528082019290925280518083038201815260609092019052805191012096505050505050505b949350505050565b6000808080807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8b0990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89820994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d090993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81880992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80828c09870991505095509550955095915050565b60008061036c600080866000611132565b91507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518260000891507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551807fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255185850987086103e68661055b565b0990508115806103f4575080155b156103fe57600080fd5b935093915050565b6000807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80858609850990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7fffffffff00000001000000000000000000000000fffffffffffffffffffffffc870983087f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0890506104c781611bf9565b91507fffffffff00000002000000000000000000000000ffffffffffffffffffffffff8203610519577fffffffff00000003000000000000000000000000ffffffffffffffffffffffff915050610555565b82600116826001161461055357610550827fffffffff00000001000000000000000000000000ffffffffffffffffffffffff6121f7565b91505b505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa6105d857600080fd5b5192915050565b600080808060ff6105ee612122565b6105f6612140565b88158015610602575087155b1561061857600080965096505050505050611129565b6106647f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d611cce565b6020830152815288831c600190811689851c90911b600216015b806106a05760018403935060018a851c1660018a861c1660011b01905061067e565b50600189841c16600189851c1660011b01945060018503610702577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f595505b60028503610711578a96508995505b600385036107255760208101519550805196505b60018303925060019450600193505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611011577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff866002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff88850997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89840998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c870908995060018d881c1660018d891c1660011b01905080610a1057897fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03995050505050611006565b60018103610a5f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610a6e578e93508d92505b60038103610a825784519350602085015192505b88610a9b57509198509650600195508594506110069050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c880908935080610dff5783610dff577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a82099950507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a850999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808c870985089a505050505050611006565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818b0999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838f097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089c50505050809a50505050505b600183039250610734565b83606083015260208252602080830152602060408301527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808301527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a083015260208260c0846005600019fa61108957600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8251870995507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8251860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff858809965050505050505b94509492505050565b600080808060ff818088158015611147575087155b1561115b576000965050505050505061025c565b6111a77f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d611cce565b8092508193505050600189841c16600189851c1660011b015b806111e25760018403935060018a851c1660018a861c1660011b0190506111c0565b50600189841c16600189851c1660011b01955060018603611244577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603611253578a96508993505b60038603611262578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611b49577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b0190508061154d57877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611b3e565b6001810361159c577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b600281036115ab578e93508d92505b600381036115ba578593508492505b896115d35750919850600197508796509450611b3e9050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d8809089350806119375783611937577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611b3e565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250611271565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa611bc457600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099c9b505050505050505050505050565b600060405160208152602080820152602060408201528260608201527f3fffffffc0000000400000000000000000000000400000000000000000000000608082015260a081017fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815260208160c0846005600019fa611c7757600080fd5b5191508290507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82830914611cc957507fffffffff00000002000000000000000000000000ffffffffffffffffffffffff5b919050565b600080808086611ce5578585935093505050611129565b84611cf7578787935093505050611129565b611d0688886001808a8a611d2b565b929a5090985092509050611d1c88888484611ff0565b93509350505094509492505050565b60008060008088600003611d4a57508492508391506001905080611fe3565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b6000806000611ffe846120a5565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6105d857600080fd5b6040518060c001604052806006906020820280368337509192915050565b60405180604001604052806002906020820280368337509192915050565b6000806000806080858703121561217457600080fd5b5050823594602084013594506040840135936060013592509050565b600080600080600060a086880312156121a857600080fd5b505083359560208501359550604085013594606081013594506080013592509050565b6000806000606084860312156121e057600080fd5b505081359360208301359350604090920135919050565b81810381811115610555577f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fdfea2646970667358221220e95d75cac5be2e930b8af42215213dbddb970eb865b0823981765d03ccbc4f6c64736f6c63430008140033","opcodes":"PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x4 CALLDATASIZE LT PUSH2 0x4B JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x5F67F323 EQ PUSH2 0x50 JUMPI DUP1 PUSH4 0x7F99D960 EQ PUSH2 0x8D JUMPI DUP1 PUSH4 0xE982F355 EQ PUSH2 0xC0 JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x63 PUSH2 0x5E CALLDATASIZE PUSH1 0x4 PUSH2 0x215E JUMP JUMPDEST PUSH2 0xE8 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD JUMPDEST PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH2 0xA0 PUSH2 0x9B CALLDATASIZE PUSH1 0x4 PUSH2 0x2190 JUMP JUMPDEST PUSH2 0x264 JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP5 DUP6 MSTORE PUSH1 0x20 DUP6 ADD SWAP4 SWAP1 SWAP4 MSTORE SWAP2 DUP4 ADD MSTORE PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x80 ADD PUSH2 0x84 JUMP JUMPDEST PUSH2 0xD3 PUSH2 0xCE CALLDATASIZE PUSH1 0x4 PUSH2 0x21CB JUMP JUMPDEST PUSH2 0x35B JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP3 DUP4 MSTORE PUSH1 0x20 DUP4 ADD SWAP2 SWAP1 SWAP2 MSTORE ADD PUSH2 0x84 JUMP JUMPDEST PUSH1 0x0 DUP3 ISZERO DUP1 PUSH2 0x117 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 LT ISZERO JUMPDEST DUP1 PUSH2 0x120 JUMPI POP DUP2 ISZERO JUMPDEST DUP1 PUSH2 0x14B JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 LT ISZERO JUMPDEST ISZERO PUSH2 0x158 JUMPI POP PUSH1 0x0 PUSH2 0x25C JUMP JUMPDEST PUSH1 0x0 PUSH2 0x16E DUP5 PUSH2 0x169 PUSH1 0x1B DUP9 PUSH2 0x21F7 JUMP JUMPDEST PUSH2 0x406 JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH2 0x17B DUP6 PUSH2 0x55B JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP11 PUSH1 0x0 ADDMOD PUSH2 0x1F0 SWAP1 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH2 0x21F7 JUMP JUMPDEST MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 DUP8 MULMOD SWAP1 POP PUSH1 0x0 DUP1 PUSH2 0x22A DUP10 DUP8 DUP7 DUP7 PUSH2 0x5DF JUMP JUMPDEST PUSH1 0x40 DUP1 MLOAD PUSH1 0x20 DUP1 DUP3 ADD SWAP5 SWAP1 SWAP5 MSTORE DUP1 DUP3 ADD SWAP3 SWAP1 SWAP3 MSTORE DUP1 MLOAD DUP1 DUP4 SUB DUP3 ADD DUP2 MSTORE PUSH1 0x60 SWAP1 SWAP3 ADD SWAP1 MSTORE DUP1 MLOAD SWAP2 ADD KECCAK256 SWAP7 POP POP POP POP POP POP POP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP12 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP3 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP9 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 DUP13 MULMOD DUP8 MULMOD SWAP2 POP POP SWAP6 POP SWAP6 POP SWAP6 POP SWAP6 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH2 0x36C PUSH1 0x0 DUP1 DUP7 PUSH1 0x0 PUSH2 0x1132 JUMP JUMPDEST SWAP2 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 PUSH1 0x0 ADDMOD SWAP2 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP1 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP6 DUP6 MULMOD DUP8 ADDMOD PUSH2 0x3E6 DUP7 PUSH2 0x55B JUMP JUMPDEST MULMOD SWAP1 POP DUP2 ISZERO DUP1 PUSH2 0x3F4 JUMPI POP DUP1 ISZERO JUMPDEST ISZERO PUSH2 0x3FE JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 POP SWAP4 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP6 DUP7 MULMOD DUP6 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC DUP8 MULMOD DUP4 ADDMOD PUSH32 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B ADDMOD SWAP1 POP PUSH2 0x4C7 DUP2 PUSH2 0x1BF9 JUMP JUMPDEST SWAP2 POP PUSH32 0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 SUB PUSH2 0x519 JUMPI PUSH32 0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP2 POP POP PUSH2 0x555 JUMP JUMPDEST DUP3 PUSH1 0x1 AND DUP3 PUSH1 0x1 AND EQ PUSH2 0x553 JUMPI PUSH2 0x550 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH2 0x21F7 JUMP JUMPDEST SWAP2 POP JUMPDEST POP JUMPDEST SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x5D8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF PUSH2 0x5EE PUSH2 0x2122 JUMP JUMPDEST PUSH2 0x5F6 PUSH2 0x2140 JUMP JUMPDEST DUP9 ISZERO DUP1 ISZERO PUSH2 0x602 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x618 JUMPI PUSH1 0x0 DUP1 SWAP7 POP SWAP7 POP POP POP POP POP POP PUSH2 0x1129 JUMP JUMPDEST PUSH2 0x664 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x1CCE JUMP JUMPDEST PUSH1 0x20 DUP4 ADD MSTORE DUP2 MSTORE DUP9 DUP4 SHR PUSH1 0x1 SWAP1 DUP2 AND DUP10 DUP6 SHR SWAP1 SWAP2 SHL PUSH1 0x2 AND ADD JUMPDEST DUP1 PUSH2 0x6A0 JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x67E JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP5 POP PUSH1 0x1 DUP6 SUB PUSH2 0x702 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP6 POP JUMPDEST PUSH1 0x2 DUP6 SUB PUSH2 0x711 JUMPI DUP11 SWAP7 POP DUP10 SWAP6 POP JUMPDEST PUSH1 0x3 DUP6 SUB PUSH2 0x725 JUMPI PUSH1 0x20 DUP2 ADD MLOAD SWAP6 POP DUP1 MLOAD SWAP7 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP5 POP PUSH1 0x1 SWAP4 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1011 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 DUP6 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP5 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 DUP8 MULMOD ADDMOD SWAP10 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0xA10 JUMPI DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP10 POP POP POP POP POP PUSH2 0x1006 JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0xA5F JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0xA6E JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0xA82 JUMPI DUP5 MLOAD SWAP4 POP PUSH1 0x20 DUP6 ADD MLOAD SWAP3 POP JUMPDEST DUP9 PUSH2 0xA9B JUMPI POP SWAP2 SWAP9 POP SWAP7 POP PUSH1 0x1 SWAP6 POP DUP6 SWAP5 POP PUSH2 0x1006 SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0xDFF JUMPI DUP4 PUSH2 0xDFF JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP3 MULMOD SWAP10 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP6 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP13 DUP8 MULMOD DUP6 ADDMOD SWAP11 POP POP POP POP POP POP PUSH2 0x1006 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP12 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP16 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP13 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x734 JUMP JUMPDEST DUP4 PUSH1 0x60 DUP4 ADD MSTORE PUSH1 0x20 DUP3 MSTORE PUSH1 0x20 DUP1 DUP4 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP4 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP4 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP4 ADD MSTORE PUSH1 0x20 DUP3 PUSH1 0xC0 DUP5 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1089 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 MLOAD DUP8 MULMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 MLOAD DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP9 MULMOD SWAP7 POP POP POP POP POP POP JUMPDEST SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF DUP2 DUP1 DUP9 ISZERO DUP1 ISZERO PUSH2 0x1147 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x115B JUMPI PUSH1 0x0 SWAP7 POP POP POP POP POP POP POP PUSH2 0x25C JUMP JUMPDEST PUSH2 0x11A7 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x1CCE JUMP JUMPDEST DUP1 SWAP3 POP DUP2 SWAP4 POP POP POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD JUMPDEST DUP1 PUSH2 0x11E2 JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x11C0 JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP6 POP PUSH1 0x1 DUP7 SUB PUSH2 0x1244 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP4 POP JUMPDEST PUSH1 0x2 DUP7 SUB PUSH2 0x1253 JUMPI DUP11 SWAP7 POP DUP10 SWAP4 POP JUMPDEST PUSH1 0x3 DUP7 SUB PUSH2 0x1262 JUMPI DUP2 SWAP7 POP DUP1 SWAP4 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP6 POP PUSH1 0x1 SWAP5 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1B49 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP6 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP5 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP8 MULMOD ADDMOD SWAP8 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0x154D JUMPI DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP8 POP POP POP POP POP PUSH2 0x1B3E JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0x159C JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0x15AB JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0x15BA JUMPI DUP6 SWAP4 POP DUP5 SWAP3 POP JUMPDEST DUP10 PUSH2 0x15D3 JUMPI POP SWAP2 SWAP9 POP PUSH1 0x1 SWAP8 POP DUP8 SWAP7 POP SWAP5 POP PUSH2 0x1B3E SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP14 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0x1937 JUMPI DUP4 PUSH2 0x1937 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP3 MULMOD SWAP11 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP6 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP11 DUP8 MULMOD DUP6 ADDMOD SWAP9 POP POP POP POP POP POP PUSH2 0x1B3E JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP14 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP11 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x1271 JUMP JUMPDEST PUSH1 0x40 MLOAD DUP7 PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1BC4 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MLOAD DUP10 MULMOD SWAP13 SWAP12 POP POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0x3FFFFFFFC0000000400000000000000000000000400000000000000000000000 PUSH1 0x80 DUP3 ADD MSTORE PUSH1 0xA0 DUP2 ADD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP5 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x1C77 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP2 POP DUP3 SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP4 MULMOD EQ PUSH2 0x1CC9 JUMPI POP PUSH32 0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF JUMPDEST SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP7 PUSH2 0x1CE5 JUMPI DUP6 DUP6 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1129 JUMP JUMPDEST DUP5 PUSH2 0x1CF7 JUMPI DUP8 DUP8 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1129 JUMP JUMPDEST PUSH2 0x1D06 DUP9 DUP9 PUSH1 0x1 DUP1 DUP11 DUP11 PUSH2 0x1D2B JUMP JUMPDEST SWAP3 SWAP11 POP SWAP1 SWAP9 POP SWAP3 POP SWAP1 POP PUSH2 0x1D1C DUP9 DUP9 DUP5 DUP5 PUSH2 0x1FF0 JUMP JUMPDEST SWAP4 POP SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP9 PUSH1 0x0 SUB PUSH2 0x1D4A JUMPI POP DUP5 SWAP3 POP DUP4 SWAP2 POP PUSH1 0x1 SWAP1 POP DUP1 PUSH2 0x1FE3 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP9 DUP10 SUB SWAP9 DUP10 DUP2 DUP10 DUP9 MULMOD ADDMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP10 MULMOD ADDMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP8 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP6 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP10 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP9 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP12 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 DUP12 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD MULMOD ADDMOD SWAP3 POP JUMPDEST SWAP7 POP SWAP7 POP SWAP7 POP SWAP7 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x1FFE DUP5 PUSH2 0x20A5 JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP8 MULMOD SWAP2 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP8 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP10 MULMOD SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x5D8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x40 MLOAD DUP1 PUSH1 0xC0 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x6 SWAP1 PUSH1 0x20 DUP3 MUL DUP1 CALLDATASIZE DUP4 CALLDATACOPY POP SWAP2 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x40 MLOAD DUP1 PUSH1 0x40 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x2 SWAP1 PUSH1 0x20 DUP3 MUL DUP1 CALLDATASIZE DUP4 CALLDATACOPY POP SWAP2 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x80 DUP6 DUP8 SUB SLT ISZERO PUSH2 0x2174 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP3 CALLDATALOAD SWAP5 PUSH1 0x20 DUP5 ADD CALLDATALOAD SWAP5 POP PUSH1 0x40 DUP5 ADD CALLDATALOAD SWAP4 PUSH1 0x60 ADD CALLDATALOAD SWAP3 POP SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 PUSH1 0xA0 DUP7 DUP9 SUB SLT ISZERO PUSH2 0x21A8 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP4 CALLDATALOAD SWAP6 PUSH1 0x20 DUP6 ADD CALLDATALOAD SWAP6 POP PUSH1 0x40 DUP6 ADD CALLDATALOAD SWAP5 PUSH1 0x60 DUP2 ADD CALLDATALOAD SWAP5 POP PUSH1 0x80 ADD CALLDATALOAD SWAP3 POP SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH1 0x60 DUP5 DUP7 SUB SLT ISZERO PUSH2 0x21E0 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP2 CALLDATALOAD SWAP4 PUSH1 0x20 DUP4 ADD CALLDATALOAD SWAP4 POP PUSH1 0x40 SWAP1 SWAP3 ADD CALLDATALOAD SWAP2 SWAP1 POP JUMP JUMPDEST DUP2 DUP2 SUB DUP2 DUP2 GT ISZERO PUSH2 0x555 JUMPI PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x11 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xE9 0x5D PUSH22 0xCAC5BE2E930B8AF42215213DBDDB970EB865B0823981 PUSH23 0x5D03CCBC4F6C64736F6C63430008140033000000000000 ","sourceMap":"1212:41972:1:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;42062:552;;;;;;:::i;:::-;;:::i;:::-;;;588:42:7;576:55;;;558:74;;546:2;531:18;42062:552:1;;;;;;;;4800:480;;;;;;:::i;:::-;;:::i;:::-;;;;1341:25:7;;;1397:2;1382:18;;1375:34;;;;1425:18;;;1418:34;1483:2;1468:18;;1461:34;1328:3;1313:19;4800:480:1;1102:399:7;42759:422:1;;;;;;:::i;:::-;;:::i;:::-;;;;2009:25:7;;;2065:2;2050:18;;2043:34;;;;1982:18;42759:422:1;1827:256:7;42062:552:1;42150:7;42178:6;;;:16;;;2154:66;42188:1;:6;;42178:16;:26;;;-1:-1:-1;42198:6:1;;42178:26;:36;;;;2154:66;42208:1;:6;;42178:36;42174:84;;;-1:-1:-1;42245:1:1;42230:17;;42174:84;42267:9;42277:22;42291:1;42294:4;42296:2;42294:1;:4;:::i;:::-;42277:13;:22::i;:::-;42267:32;;42309:12;42322:14;42334:1;42322:11;:14::i;:::-;42309:27;-1:-1:-1;42346:10:1;2154:66;42381:4;2154:66;42375:1;42373;42366:13;42364:15;;2154:66;42364:15;:::i;:::-;42357:31;42346:42;-1:-1:-1;42406:10:1;2154:66;42427:4;42424:1;42417:17;42406:28;;42452:10;42472;42500:27;42515:1;42517;42520:2;42524;42500:14;:27::i;:::-;42579:24;;;;;;;2721:19:7;;;;2756:12;;;2749:28;;;;42579:24:1;;;;;;;;;2793:12:7;;;;42579:24:1;;42569:35;;;;;;-1:-1:-1;;;;;;;42062:552:1;;;;;;;:::o;4800:480::-;4908:10;;;;;1523:66;5008:5;5002;4995:21;4980:36;-1:-1:-1;1523:66:1;5052:1;5044:6;5037:19;5034:22;-1:-1:-1;1523:66:1;5114:1;1523:66;5103:6;5096:5;5089:23;5082:36;5079:39;-1:-1:-1;1523:66:1;5143:6;5140:2;5133:19;5129:23;-1:-1:-1;1523:66:1;;5204:6;5197:5;5190:23;5186:3;5179:37;5174:42;;5248:26;4800:480;;;;;;;;;;:::o;42759:422::-;42843:9;42854;42881:31;42902:1;42904;42907;42910;42881:20;:31::i;:::-;42879:33;-1:-1:-1;2154:66:1;42995:1;42993;42986:14;42984:16;-1:-1:-1;2154:66:1;;;43071:5;43068:1;43061:19;43051:7;43036:47;43020:14;43032:1;43020:11;:14::i;:::-;43013:73;43011:75;-1:-1:-1;43129:4:1;;;:10;;-1:-1:-1;43135:4:1;;43129:10;43126:47;;;43154:8;;;43126:47;42759:422;;;;;;:::o;8428:353::-;8500:9;;1523:66;;8551:1;8549;8542:13;8540:1;8533:25;8522:36;-1:-1:-1;1523:66:1;;;1658;8601:1;8594:13;8591:2;8584:26;1794:66;8575:38;8572:41;;8635:11;8643:2;8635:7;:11::i;:::-;8633:13;;2870:66;8659:1;:13;8656:59;;2971:66;8686:18;;;;;8656:59;8735:6;8742:1;8735:8;8728:1;8730;8728:3;8727:17;8724:51;;8761:3;8763:1;1523:66;8761:3;:::i;:::-;8759:5;;8724:51;8510:271;8428:353;;;;;:::o;3146:734::-;3201:14;3271:4;3265:11;3382:4;3373:7;3366:21;3427:4;3420;3411:7;3407:18;3400:32;3472:4;3465;3456:7;3452:18;3445:32;3576:1;3569:4;3560:7;3556:18;3549:29;3618:11;3611:4;3602:7;3598:18;3591:39;3670:1;3663:4;3654:7;3650:18;3643:29;3804:4;3795:7;3789:4;3780:7;3774:4;3770:1;3766:6;3755:54;3745:82;;3823:1;3820;3813:12;3745:82;3850:14;;3146:734;-1:-1:-1;;3146:734:1:o;20436:6519::-;20612:9;;;;20701:3;20714:19;;:::i;:::-;20743;;:::i;:::-;20802:13;;:30;;;;-1:-1:-1;20819:13:1;;20802:30;20798:48;;;20842:1;20844;20834:12;;;;;;;;;;;20798:48;20876:25;1930:66;2024;20894:2;20898;20876:9;:25::i;:::-;20862:4;20868;;20861:40;;;21059:20;;;20870:1;21055:28;;;21028:20;;;21017:36;;;;;21013:71;20997:263;21090:2;20997:263;;21139:1;21132:5;21128:13;21119:22;;21236:1;21225:8;21218:5;21214:20;21210:28;21205:1;21194:8;21187:5;21183:20;21179:28;21176:1;21172:36;21168:71;21162:77;;20997:263;;;21001:85;21351:1;21340:8;21333:5;21329:20;21325:28;21320:1;21309:8;21302:5;21298:20;21294:28;21291:1;21287:36;21283:71;21277:77;;21382:1;21378:2;21375:9;21372:88;;21412:2;21407:7;;21440:2;21435:7;;21372:88;21487:1;21483:2;21480:9;21477:88;;21517:2;21512:7;;21545:2;21540:7;;21477:88;21592:1;21588:2;21585:9;21582:108;;21634:2;21632:1;21628:9;21622:16;21617:21;;21670:1;21664:8;21659:13;;21582:108;21728:1;21721:5;21717:13;21708:22;;21753:1;21747:7;;21778:1;21771:8;;21797:4133;21816:5;21807:7;21804:18;21797:4133;;;21935:1;21932;21929;21922:15;22002:1;21998:2;21994;21987:17;22058:1;22054:2;22051:1;22044:16;22114:1;22110:2;22106;22099:17;22093:23;;22220:1;22216;22212;22208:2;22205:1;22198:16;22194:1;22189:2;22186:1;22182:10;22179:1;22172:24;22165:53;22162:1;22155:67;22290:1;22285:3;22281:2;22274:18;22267:25;;22348:1;22344:2;22340;22333:17;22327:23;;22447:1;22443;22439:2;22430:7;22423:22;22419:1;22415:2;22411;22404:17;22397:52;22392:57;;22525:1;22521;22516:2;22513:1;22509:10;22506:1;22499:24;22495:2;22488:39;22482:45;;22601:1;22597:2;22593:1;22590;22586:2;22579:16;22572:31;22567:36;;22830:1;22819:8;22812:5;22808:20;22804:28;22799:1;22788:8;22781:5;22777:20;22773:28;22770:1;22766:36;22762:71;22756:77;;22869:2;22859:148;;22915:1;22912;22908:9;22903:14;;22973:8;;;;;;22859:148;23055:1;23051:2;23048:9;23045:114;;23094:2;23088:8;;23131:2;23125:8;;23045:114;23194:1;23190:2;23187:9;23184:114;;23233:2;23227:8;;23270:2;23264:8;;23184:114;23333:1;23329:2;23326:9;23323:134;;23378:1;23372:8;23366:14;;23427:2;23425:1;23421:9;23415:16;23409:22;;23323:134;23492:2;23482:223;;-1:-1:-1;23531:2:1;;-1:-1:-1;23567:2:1;-1:-1:-1;23604:1:1;;-1:-1:-1;23604:1:1;;-1:-1:-1;23671:8:1;;-1:-1:-1;23671:8:1;23482:223;23888:1;23885;23881;23876:3;23872:2;23865:18;23858:32;23962:1;23958;23955;23951:9;23947:1;23943:2;23939;23932:17;23925:39;23919:45;;24189:2;24179:1131;;24233:2;24223:1061;;24296:1;24293;24284:7;24277:21;24271:27;;24371:1;24367:2;24363;24356:17;24350:23;;24435:1;24431:2;24428:1;24421:16;24415:22;;24504:1;24500:2;24496;24489:17;24483:23;;24567:1;24563:2;24560:1;24553:16;24547:22;;24642:1;24637:2;24634:1;24630:10;24627:1;24620:24;24706:1;24701:3;24697:2;24690:18;24684:24;;24776:1;24772:2;24769:1;24762:16;24756:22;;24840:1;24835:3;24830;24823:19;24816:26;;;24910:1;24906:2;24902;24895:17;24889:23;;25021:1;25017;25013:2;25004:7;24997:22;24993:1;24989:2;24985;24978:17;24971:52;24966:57;;25111:1;25107;25103;25100;25096:9;25092:2;25085:24;25081:2;25074:39;25068:45;;25191:1;25187;25184;25180:2;25173:16;25169:2;25162:31;25157:36;;25246:8;;;;;;;24223:1061;25357:1;25353:2;25349;25342:17;25336:23;;25415:1;25411:2;25407;25400:17;25531:1;25527:2;25523;25516:17;25510:23;;25582:1;25577:3;25572;25565:19;25558:26;;25646:1;25642:2;25639:1;25632:16;25754:1;25750;25745:3;25736:7;25729:23;25725:1;25719:3;25716:1;25712:11;25708:1;25704:2;25700;25693:17;25686:41;25679:77;25673:83;;25855:1;25851;25846:3;25843:1;25836:17;25832:1;25828:2;25824:1;25819:2;25816:1;25812:10;25807:3;25800:26;25793:41;25786:71;25781:76;;;;;25888:2;25883:7;;22689:3223;;;;21797:4133;21845:1;21838:5;21834:13;21825:22;;21797:4133;;;25979:3;25972:4;25969:1;25965:12;25958:25;26245:4;26242:1;26235:15;26288:4;26281;26278:1;26274:12;26267:26;26331:4;26324;26321:1;26317:12;26310:26;26485:7;26478:4;26475:1;26471:12;26464:29;26531:1;26524:4;26521:1;26517:12;26510:23;26661:4;26658:1;26652:4;26649:1;26643:4;26639:1;26635:6;26624:42;26614:70;;26680:1;26677;26670:12;26614:70;26723:1;26720;26714:8;26712:1;26705:20;26702:23;;26774:1;26771;26765:8;26761:2;26754:22;26749:27;;26817:1;26814:2;26811;26804:15;26799:20;;26862:1;26858:2;26855:1;26848:16;26843:21;;26936:12;;;;;20436:6519;;;;;;;;:::o;13739:6506::-;13921:9;;;;14018:3;13921:9;;14100:13;;:30;;;;-1:-1:-1;14117:13:1;;14100:30;14096:44;;;14139:1;14132:8;;;;;;;;;;14096:44;14166:25;1930:66;2024;14184:2;14188;14166:9;:25::i;:::-;14155:36;;;;;;;;14371:1;14360:8;14353:5;14349:20;14345:28;14340:1;14329:8;14322:5;14318:20;14314:28;14311:1;14307:36;14303:71;14287:263;14380:2;14287:263;;14429:1;14422:5;14418:13;14409:22;;14526:1;14515:8;14508:5;14504:20;14500:28;14495:1;14484:8;14477:5;14473:20;14469:28;14466:1;14462:36;14458:71;14452:77;;14287:263;;;14291:85;14641:1;14630:8;14623:5;14619:20;14615:28;14610:1;14599:8;14592:5;14588:20;14584:28;14581:1;14577:36;14573:71;14567:77;;14672:1;14668:2;14665:9;14662:88;;14702:2;14697:7;;14730:2;14725:7;;14662:88;14777:1;14773:2;14770:9;14767:88;;14807:2;14802:7;;14835:2;14830:7;;14767:88;14882:1;14878:2;14875:9;14872:88;;14912:2;14907:7;;14940:2;14935:7;;14872:88;14998:1;14991:5;14987:13;14978:22;;15023:1;15017:7;;15048:1;15041:8;;15067:4114;15086:5;15077:7;15074:18;15067:4114;;;15205:1;15202;15199;15192:15;15272:1;15268:2;15264;15257:17;15328:1;15324:2;15321:1;15314:16;15384:1;15380:2;15376;15369:17;15363:23;;15490:1;15486;15482;15478:2;15475:1;15468:16;15464:1;15459:2;15456:1;15452:10;15449:1;15442:24;15435:53;15432:1;15425:67;15560:1;15555:3;15551:2;15544:18;15537:25;;15618:1;15614:2;15610;15603:17;15597:23;;15717:1;15713;15709:2;15700:7;15693:22;15689:1;15685:2;15681;15674:17;15667:52;15662:57;;15795:1;15791;15786:2;15783:1;15779:10;15776:1;15769:24;15765:2;15758:39;15752:45;;15871:1;15867:2;15863:1;15860;15856:2;15849:16;15842:31;15837:36;;16100:1;16089:8;16082:5;16078:20;16074:28;16069:1;16058:8;16051:5;16047:20;16043:28;16040:1;16036:36;16032:71;16026:77;;16139:2;16129:148;;16185:1;16182;16178:9;16173:14;;16243:8;;;;;;16129:148;16325:1;16321:2;16318:9;16315:114;;16364:2;16358:8;;16401:2;16395:8;;16315:114;16464:1;16460:2;16457:9;16454:114;;16503:2;16497:8;;16540:2;16534:8;;16454:114;16603:1;16599:2;16596:9;16593:114;;16642:2;16636:8;;16679:2;16673:8;;16593:114;16742:2;16732:223;;-1:-1:-1;16781:2:1;;-1:-1:-1;16854:1:1;;-1:-1:-1;16854:1:1;;-1:-1:-1;16817:2:1;-1:-1:-1;16921:8:1;;-1:-1:-1;16921:8:1;16732:223;17138:1;17135;17131;17126:3;17122:2;17115:18;17108:32;17212:1;17208;17205;17201:9;17197:1;17193:2;17189;17182:17;17175:39;17169:45;;17439:2;17429:1132;;17483:2;17473:1062;;17546:1;17543;17534:7;17527:21;17521:27;;17621:1;17617:2;17613;17606:17;17600:23;;17685:1;17681:2;17678:1;17671:16;17665:22;;17754:1;17750:2;17746;17739:17;17733:23;;17817:1;17813:2;17810:1;17803:16;17797:22;;17893:1;17888:2;17885:1;17881:10;17878:1;17871:24;17957:1;17952:3;17948:2;17941:18;17935:24;;18027:1;18023:2;18020:1;18013:16;18007:22;;18091:1;18086:3;18081;18074:19;18067:26;;;18161:1;18157:2;18153;18146:17;18140:23;;18272:1;18268;18264:2;18255:7;18248:22;18244:1;18240:2;18236;18229:17;18222:52;18217:57;;18362:1;18358;18354;18351;18347:9;18343:2;18336:24;18332:2;18325:39;18319:45;;18442:1;18438;18435;18431:2;18424:16;18420:2;18413:31;18408:36;;18497:8;;;;;;;17473:1062;18608:1;18604:2;18600;18593:17;18587:23;;18666:1;18662:2;18658;18651:17;18782:1;18778:2;18774;18767:17;18761:23;;18833:1;18828:3;18823;18816:19;18809:26;;18897:1;18893:2;18890:1;18883:16;19005:1;19001;18996:3;18987:7;18980:23;18976:1;18970:3;18967:1;18963:11;18959:1;18955:2;18951;18944:17;18937:41;18930:77;18924:83;;19106:1;19102;19097:3;19094:1;19087:17;19083:1;19079:2;19075:1;19070:2;19067:1;19063:10;19058:3;19051:26;19044:41;19037:71;19032:76;;;;;19139:2;19134:7;;15959:3204;;;;15067:4114;15115:1;15108:5;15104:13;15095:22;;15067:4114;;;19224:4;19218:11;19267:2;19260:4;19257:1;19253:12;19246:24;19532:4;19529:1;19522:15;19575:4;19568;19565:1;19561:12;19554:26;19618:4;19611;19608:1;19604:12;19597:26;19772:7;19765:4;19762:1;19758:12;19751:29;19818:1;19811:4;19808:1;19804:12;19797:23;19948:4;19945:1;19939:4;19936:1;19930:4;19926:1;19922:6;19911:42;19901:70;;19967:1;19964;19957:12;19901:70;20156:1;20152;20146:8;20143:1;20136:22;20131:27;13739:6506;-1:-1:-1;;;;;;;;;;;;13739:6506:1:o;6622:1501::-;6676:14;6796:4;6790:11;6868:4;6859:7;6852:21;6953:4;6946;6937:7;6933:18;6926:32;7037:4;7030;7021:7;7017:18;7010:32;7115:4;7108;7099:7;7095:18;7088:32;7191:7;7184:4;7175:7;7171:18;7164:35;7414:4;7405:7;7401:18;7478:1;7469:7;7462:18;7903:4;7808:7;7759:4;7720:7;7675:17;7630:1;7626:6;7598:345;7575:395;;7966:1;7963;7956:12;7575:395;7984:14;;-1:-1:-1;8065:4:1;;-1:-1:-1;1523:66:1;8054:6;8047;8040:23;:29;8037:63;;-1:-1:-1;2870:66:1;8037:63;6622:1501;;;:::o;13194:373::-;13284:7;;;;12525:6;13356:41;;13390:2;13394;13382:15;;;;;;;;13356:41;12525:6;13407:41;;13441:2;13445;13433:15;;;;;;;;13407:41;13481:31;13491:2;13495;13499:1;13502;13505:2;13509;13481:9;:31::i;:::-;13459:53;;-1:-1:-1;13459:53:1;;-1:-1:-1;13459:53:1;-1:-1:-1;13459:53:1;-1:-1:-1;13530:30:1;13459:53;;;;13530:11;:30::i;:::-;13523:37;;;;;;13194:373;;;;;;;:::o;10549:1073::-;10690:10;10702;10714;10726;10780:2;10786:1;10780:7;10776:67;;-1:-1:-1;10815:2:1;;-1:-1:-1;10819:2:1;;-1:-1:-1;10823:1:1;;-1:-1:-1;10823:1:1;10807:21;;10776:67;10894:1;10890:10;;;;;10894:1;10941:4;10937:2;10930:19;10923:34;10917:40;;11019:1;11014:2;11011:1;11007:10;11003:1;10998:3;10994:2;10987:18;10980:41;10974:47;;11059:1;11055:2;11051;11044:17;11038:23;;11110:1;11106:2;11102;11095:17;11089:23;;11164:1;11160:2;11155:3;11148:18;11142:24;;11223:1;11219:2;11213:4;11206:19;11200:25;;11284:1;11280:2;11276;11269:17;11262:24;;11395:1;11391;11386:3;11377:7;11370:23;11366:1;11361:2;11358:1;11354:10;11350:1;11346:2;11342;11335:17;11328:40;11321:76;11315:82;;11503:1;11499;11495:2;11491;11484:17;11480:1;11476:2;11472:1;11467:2;11464:1;11460:10;11455:3;11448:26;11441:41;11434:71;11428:77;;10549:1073;;;;;;;;;;;;:::o;8944:351::-;9035:10;9047;9069:14;9086:16;9098:3;9086:11;:16::i;:::-;9069:33;-1:-1:-1;1523:66:1;9135:6;9132:1;9125:20;9120:25;-1:-1:-1;9163:10:1;1523:66;9187:6;9183:2;9176:21;9163:34;-1:-1:-1;1523:66:1;9233:2;9229;9222:17;9213:26;-1:-1:-1;1523:66:1;9271:6;9268:1;9261:20;9256:25;;9059:236;;8944:351;;;;;;;:::o;3992:730::-;4047:14;4117:4;4111:11;4228:4;4219:7;4212:21;4273:4;4266;4257:7;4253:18;4246:32;4318:4;4311;4302:7;4298:18;4291:32;4422:1;4415:4;4406:7;4402:18;4395:29;4464:7;4457:4;4448:7;4444:18;4437:35;4512:1;4505:4;4496:7;4492:18;4485:29;4646:4;4637:7;4631:4;4622:7;4616:4;4612:1;4608:6;4597:54;4587:82;;4665:1;4662;4655:12;-1:-1:-1;;;;;;;;;;;;;;;;;;;;;;;;:::o;:::-;;;;;;;;;;;;;;;;;;;;;;;;:::o;14:385:7:-;100:6;108;116;124;177:3;165:9;156:7;152:23;148:33;145:53;;;194:1;191;184:12;145:53;-1:-1:-1;;217:23:7;;;287:2;272:18;;259:32;;-1:-1:-1;338:2:7;323:18;;310:32;;389:2;374:18;361:32;;-1:-1:-1;14:385:7;-1:-1:-1;14:385:7:o;643:454::-;738:6;746;754;762;770;823:3;811:9;802:7;798:23;794:33;791:53;;;840:1;837;830:12;791:53;-1:-1:-1;;863:23:7;;;933:2;918:18;;905:32;;-1:-1:-1;984:2:7;969:18;;956:32;;1035:2;1020:18;;1007:32;;-1:-1:-1;1086:3:7;1071:19;1058:33;;-1:-1:-1;643:454:7;-1:-1:-1;643:454:7:o;1506:316::-;1583:6;1591;1599;1652:2;1640:9;1631:7;1627:23;1623:32;1620:52;;;1668:1;1665;1658:12;1620:52;-1:-1:-1;;1691:23:7;;;1761:2;1746:18;;1733:32;;-1:-1:-1;1812:2:7;1797:18;;;1784:32;;1506:316;-1:-1:-1;1506:316:7:o;2088:282::-;2155:9;;;2176:11;;;2173:191;;;2220:77;2217:1;2210:88;2321:4;2318:1;2311:15;2349:4;2346:1;2339:15"},"gasEstimates":{"creation":{"codeDepositCost":"1761400","executionCost":"1886","totalCost":"1763286"},"external":{"ecZZ_Coronize(uint256,uint256,uint256,uint256,uint256)":"579","ec_recover_r1(uint256,uint256,uint256,uint256)":"infinite","ecdsa_sign(bytes32,uint256,uint256)":"infinite"},"internal":{"FCL_nModInv(uint256)":"infinite","FCL_pModInv(uint256)":"infinite","SqrtMod(uint256)":"infinite","ecAff_IsZero(uint256,uint256)":"infinite","ecAff_SetZZ(uint256,uint256)":"infinite","ecAff_SetZero()":"infinite","ecAff_add(uint256,uint256,uint256,uint256)":"infinite","ecAff_isOnCurve(uint256,uint256)":"infinite","ecZZ_Add(uint256,uint256,uint256,uint256,uint256,uint256,uint256,uint256)":"infinite","ecZZ_AddN(uint256,uint256,uint256,uint256,uint256,uint256)":"412","ecZZ_Dbl(uint256,uint256,uint256,uint256)":"infinite","ecZZ_IsZero(uint256,uint256,uint256,uint256)":"infinite","ecZZ_SetAff(uint256,uint256,uint256,uint256)":"infinite","ecZZ_SetZero()":"infinite","ecZZ_mulmuladd(uint256,uint256,uint256,uint256)":"infinite","ecZZ_mulmuladd_S8_extcode(uint256,uint256,address)":"infinite","ecZZ_mulmuladd_S8_hackmem(uint256,uint256,uint256)":"infinite","ecZZ_mulmuladd_S_asm(uint256,uint256,uint256,uint256)":"infinite","ec_Decompress(uint256,uint256)":"infinite","ecdsa_precomputed_hackmem(bytes32,uint256[2] calldata,uint256)":"infinite","ecdsa_precomputed_verify(bytes32,uint256[2] calldata,address)":"infinite","ecdsa_verify(bytes32,uint256[2] calldata,uint256[2] calldata)":"infinite"}},"methodIdentifiers":{"ecZZ_Coronize(uint256,uint256,uint256,uint256,uint256)":"7f99d960","ec_recover_r1(uint256,uint256,uint256,uint256)":"5f67f323","ecdsa_sign(bytes32,uint256,uint256)":"e982f355"}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"alpha\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"zz\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"zzz\",\"type\":\"uint256\"}],\"name\":\"ecZZ_Coronize\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"x3\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y3\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"zz3\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"zzz3\",\"type\":\"uint256\"}],\"stateMutability\":\"pure\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"h\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"v\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"r\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"s\",\"type\":\"uint256\"}],\"name\":\"ec_recover_r1\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"message\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"k\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"kpriv\",\"type\":\"uint256\"}],\"name\":\"ecdsa_sign\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"r\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"s\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"FreshCryptoLib/FCL_elliptic.sol\":\"FCL_Elliptic_ZZ\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"kind":"user","methods":{},"version":1}}},"FreshCryptoLib/utils/Base64Url.sol":{"Base64Url":{"abi":[],"devdoc":{"author":"evmbrahmin, adapted from hiromin's Base64URL libraries","details":"Encode (without '=' padding) ","kind":"dev","methods":{},"stateVariables":{"ENCODING_TABLE":{"details":"Base64Url Encoding Table"}},"version":1},"evm":{"bytecode":{"functionDebugData":{},"generatedSources":[],"linkReferences":{},"object":"60566037600b82828239805160001a607314602a57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600080fdfea2646970667358221220dd0fb3e368a541ad90e70b9ff44a2b95cab5a3874a7a68ec142b3bf9a4e367c664736f6c63430008140033","opcodes":"PUSH1 0x56 PUSH1 0x37 PUSH1 0xB DUP3 DUP3 DUP3 CODECOPY DUP1 MLOAD PUSH1 0x0 BYTE PUSH1 0x73 EQ PUSH1 0x2A JUMPI PUSH4 0x4E487B71 PUSH1 0xE0 SHL PUSH1 0x0 MSTORE PUSH1 0x0 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST ADDRESS PUSH1 0x0 MSTORE PUSH1 0x73 DUP2 MSTORE8 DUP3 DUP2 RETURN INVALID PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xDD 0xF 0xB3 0xE3 PUSH9 0xA541AD90E70B9FF44A 0x2B SWAP6 0xCA 0xB5 LOG3 DUP8 0x4A PUSH27 0x68EC142B3BF9A4E367C664736F6C63430008140033000000000000 ","sourceMap":"176:2116:2:-:0;;;;;;;;;;;;;;;-1:-1:-1;;;176:2116:2;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{},"generatedSources":[],"immutableReferences":{},"linkReferences":{},"object":"73000000000000000000000000000000000000000030146080604052600080fdfea2646970667358221220dd0fb3e368a541ad90e70b9ff44a2b95cab5a3874a7a68ec142b3bf9a4e367c664736f6c63430008140033","opcodes":"PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xDD 0xF 0xB3 0xE3 PUSH9 0xA541AD90E70B9FF44A 0x2B SWAP6 0xCA 0xB5 LOG3 DUP8 0x4A PUSH27 0x68EC142B3BF9A4E367C664736F6C63430008140033000000000000 ","sourceMap":"176:2116:2:-:0;;;;;;;;"},"gasEstimates":{"creation":{"codeDepositCost":"17200","executionCost":"103","totalCost":"17303"},"internal":{"encode(bytes memory)":"infinite"}},"methodIdentifiers":{}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[],\"devdoc\":{\"author\":\"evmbrahmin, adapted from hiromin's Base64URL libraries\",\"details\":\"Encode (without '=' padding) \",\"kind\":\"dev\",\"methods\":{},\"stateVariables\":{\"ENCODING_TABLE\":{\"details\":\"Base64Url Encoding Table\"}},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"FreshCryptoLib/utils/Base64Url.sol\":\"Base64Url\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"kind":"user","methods":{},"version":1}}},"contracts/FCL/WrapperFCLWebAuthn.sol":{"WrapperFCLWebAuthn":{"abi":[{"inputs":[],"name":"InvalidAuthenticatorData","type":"error"},{"inputs":[],"name":"InvalidClientData","type":"error"},{"inputs":[{"internalType":"bytes","name":"authenticatorData","type":"bytes"},{"internalType":"bytes1","name":"authenticatorDataFlagMask","type":"bytes1"},{"internalType":"bytes","name":"clientData","type":"bytes"},{"internalType":"bytes32","name":"clientChallenge","type":"bytes32"},{"internalType":"uint256","name":"clientChallengeDataOffset","type":"uint256"},{"internalType":"uint256[2]","name":"rs","type":"uint256[2]"},{"internalType":"uint256[2]","name":"Q","type":"uint256[2]"}],"name":"checkSignature","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"}],"devdoc":{"details":"This contract is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the library is not compatible with memory and only works with calldata.","kind":"dev","methods":{},"title":"WrapperFCLWebAuthn","version":1},"evm":{"bytecode":{"functionDebugData":{},"generatedSources":[],"linkReferences":{},"object":"608060405234801561001057600080fd5b50611a32806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80630d5efec914610030575b600080fd5b61004361003e366004611793565b610057565b604051901515815260200160405180910390f35b600061006a8a8a8a8a8a8a8a8a8a610078565b9a9950505050505050505050565b60008061008b8b8b8b8b8b8b8b8b6100aa565b9050600061009a82868661034d565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100e3576100e3611872565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610147576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60006101738560405160200161015f91815260200190565b6040516020818303038152906040526104af565b90506000815167ffffffffffffffff811115610191576101916118a1565b6040519080825280601f01601f1916602001820160405280156101bb576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101e591906118d0565b6040516020818303038152906040528051906020012014610232576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5060009150610244905089602061192e565b67ffffffffffffffff81111561025c5761025c6118a1565b6040519080825280601f01601f191660200182016040528015610286576020820181803683370190505b509050888a60208301376000600288886040516102a4929190611941565b602060405180830381855afa1580156102c1573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102e49190611951565b90508060208b018301526002826040516102fe91906118d0565b602060405180830381855afa15801561031b573d6000803e3d6000fd5b5050506040513d601f19601f8201168201806040525081019061033e9190611951565b9b9a5050505050505050505050565b60008235602084013581158061038357507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b8061038c575080155b806103b757507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103c7576000925050506104a8565b833560208501356103d8828261061e565b6103e95760009450505050506104a8565b60006103f484610797565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551838809905060006104548686858561081b565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104ce57505060408051602081019091526000815290565b60006040518060600160405280604081526020016119bd60409139905060006003845160026104fd919061192e565b610507919061196a565b6105129060046119a5565b67ffffffffffffffff81111561052a5761052a6118a1565b6040519080825280601f01601f191660200182016040528015610554576020820181803683370190505b509050600182016020820185865187015b808210156105c0576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f8116850151845350600183019250610565565b50506003865106600181146105dc57600281146105e7576105ee565b6002820391506105ee565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061064c57507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b80610655575081155b8061067f57507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b1561068c57506000610791565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081457600080fd5b5192915050565b600080808060ff818088158015610830575087155b1561084457600096505050505050506112dc565b6108907f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112e4565b8092508193505050600189841c16600189851c1660011b015b806108cb5760018403935060018a851c1660018a861c1660011b0190506108a9565b50600189841c16600189851c1660011b0195506001860361092d577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b6002860361093c578a96508993505b6003860361094b578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611232577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c3657877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611227565b60018103610c85577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c94578e93508d92505b60038103610ca3578593508492505b89610cbc57509198506001975087965094506112279050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d8809089350806110205783611020577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611227565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b60018303925061095a565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112ad57600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b6000808080866112fb578585935093505050611339565b8461130d578787935093505050611339565b61131c88886001808a8a611342565b929a509098509250905061133288888484611607565b9350935050505b94509492505050565b60008060008088600003611361575084925083915060019050806115fa565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b6000806000611615846116bc565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081457600080fd5b60008083601f84011261174b57600080fd5b50813567ffffffffffffffff81111561176357600080fd5b60208301915083602082850101111561177b57600080fd5b9250929050565b806040810183101561079157600080fd5b60008060008060008060008060006101208a8c0312156117b257600080fd5b893567ffffffffffffffff808211156117ca57600080fd5b6117d68d838e01611739565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181057600080fd5b90975060408b0135908082111561182657600080fd5b506118338c828d01611739565b90975095505060608a0135935060808a013592506118548b60a08c01611782565b91506118638b60e08c01611782565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118f157602081860181015185830152016118d7565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b80820180821115610791576107916118ff565b8183823760009101908152919050565b60006020828403121561196357600080fd5b5051919050565b6000826119a0577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b8082028115828204841417610791576107916118ff56fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa264697066735822122091354706679fa8e7c4c9fcbca93b173f20b08cd1e89df681d02ad32480ff696f64736f6c63430008140033","opcodes":"PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH2 0x1A32 DUP1 PUSH2 0x20 PUSH1 0x0 CODECOPY PUSH1 0x0 RETURN INVALID PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x2B JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0xD5EFEC9 EQ PUSH2 0x30 JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x43 PUSH2 0x3E CALLDATASIZE PUSH1 0x4 PUSH2 0x1793 JUMP JUMPDEST PUSH2 0x57 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 ISZERO ISZERO DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH1 0x0 PUSH2 0x6A DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 PUSH2 0x78 JUMP JUMPDEST SWAP11 SWAP10 POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH2 0x8B DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 PUSH2 0xAA JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH2 0x9A DUP3 DUP7 DUP7 PUSH2 0x34D JUMP JUMPDEST SWAP13 SWAP12 POP POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP8 AND DUP8 DUP11 DUP11 PUSH1 0x20 DUP2 DUP2 LT PUSH2 0xE3 JUMPI PUSH2 0xE3 PUSH2 0x1872 JUMP JUMPDEST SWAP1 POP ADD CALLDATALOAD PUSH1 0xF8 SHR PUSH1 0xF8 SHL AND PUSH31 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF NOT AND EQ PUSH2 0x147 JUMPI PUSH1 0x40 MLOAD PUSH32 0xFC93479200000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST PUSH1 0x0 PUSH2 0x173 DUP6 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x15F SWAP2 DUP2 MSTORE PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE PUSH2 0x4AF JUMP JUMPDEST SWAP1 POP PUSH1 0x0 DUP2 MLOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x191 JUMPI PUSH2 0x191 PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x1BB JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP DUP1 MLOAD DUP6 DUP10 ADD PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 DUP2 MLOAD PUSH1 0x20 DUP4 ADD KECCAK256 SWAP1 POP DUP1 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x1E5 SWAP2 SWAP1 PUSH2 0x18D0 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 EQ PUSH2 0x232 JUMPI PUSH1 0x40 MLOAD PUSH32 0xEBAB5D2900000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST POP PUSH1 0x0 SWAP2 POP PUSH2 0x244 SWAP1 POP DUP10 PUSH1 0x20 PUSH2 0x192E JUMP JUMPDEST PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x25C JUMPI PUSH2 0x25C PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x286 JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP DUP9 DUP11 PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 PUSH1 0x2 DUP9 DUP9 PUSH1 0x40 MLOAD PUSH2 0x2A4 SWAP3 SWAP2 SWAP1 PUSH2 0x1941 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP6 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x2C1 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x2E4 SWAP2 SWAP1 PUSH2 0x1951 JUMP JUMPDEST SWAP1 POP DUP1 PUSH1 0x20 DUP12 ADD DUP4 ADD MSTORE PUSH1 0x2 DUP3 PUSH1 0x40 MLOAD PUSH2 0x2FE SWAP2 SWAP1 PUSH2 0x18D0 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP6 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x31B JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x33E SWAP2 SWAP1 PUSH2 0x1951 JUMP JUMPDEST SWAP12 SWAP11 POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP3 CALLDATALOAD PUSH1 0x20 DUP5 ADD CALLDATALOAD DUP2 ISZERO DUP1 PUSH2 0x383 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 LT ISZERO JUMPDEST DUP1 PUSH2 0x38C JUMPI POP DUP1 ISZERO JUMPDEST DUP1 PUSH2 0x3B7 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP2 LT ISZERO JUMPDEST ISZERO PUSH2 0x3C7 JUMPI PUSH1 0x0 SWAP3 POP POP POP PUSH2 0x4A8 JUMP JUMPDEST DUP4 CALLDATALOAD PUSH1 0x20 DUP6 ADD CALLDATALOAD PUSH2 0x3D8 DUP3 DUP3 PUSH2 0x61E JUMP JUMPDEST PUSH2 0x3E9 JUMPI PUSH1 0x0 SWAP5 POP POP POP POP POP PUSH2 0x4A8 JUMP JUMPDEST PUSH1 0x0 PUSH2 0x3F4 DUP5 PUSH2 0x797 JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 DUP12 MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 DUP9 MULMOD SWAP1 POP PUSH1 0x0 PUSH2 0x454 DUP7 DUP7 DUP6 DUP6 PUSH2 0x81B JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP9 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 SUB DUP3 ADDMOD ISZERO SWAP9 POP POP POP POP POP POP POP POP POP JUMPDEST SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x60 DUP2 MLOAD PUSH1 0x0 SUB PUSH2 0x4CE JUMPI POP POP PUSH1 0x40 DUP1 MLOAD PUSH1 0x20 DUP2 ADD SWAP1 SWAP2 MSTORE PUSH1 0x0 DUP2 MSTORE SWAP1 JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD DUP1 PUSH1 0x60 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x40 DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x19BD PUSH1 0x40 SWAP2 CODECOPY SWAP1 POP PUSH1 0x0 PUSH1 0x3 DUP5 MLOAD PUSH1 0x2 PUSH2 0x4FD SWAP2 SWAP1 PUSH2 0x192E JUMP JUMPDEST PUSH2 0x507 SWAP2 SWAP1 PUSH2 0x196A JUMP JUMPDEST PUSH2 0x512 SWAP1 PUSH1 0x4 PUSH2 0x19A5 JUMP JUMPDEST PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x52A JUMPI PUSH2 0x52A PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x554 JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP PUSH1 0x1 DUP3 ADD PUSH1 0x20 DUP3 ADD DUP6 DUP7 MLOAD DUP8 ADD JUMPDEST DUP1 DUP3 LT ISZERO PUSH2 0x5C0 JUMPI PUSH1 0x3 DUP3 ADD SWAP2 POP DUP2 MLOAD PUSH1 0x3F DUP2 PUSH1 0x12 SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 PUSH1 0xC SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 PUSH1 0x6 SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 AND DUP6 ADD MLOAD DUP5 MSTORE8 POP PUSH1 0x1 DUP4 ADD SWAP3 POP PUSH2 0x565 JUMP JUMPDEST POP POP PUSH1 0x3 DUP7 MLOAD MOD PUSH1 0x1 DUP2 EQ PUSH2 0x5DC JUMPI PUSH1 0x2 DUP2 EQ PUSH2 0x5E7 JUMPI PUSH2 0x5EE JUMP JUMPDEST PUSH1 0x2 DUP3 SUB SWAP2 POP PUSH2 0x5EE JUMP JUMPDEST PUSH1 0x1 DUP3 SUB SWAP2 POP JUMPDEST POP DUP3 SWAP1 SUB PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 ADD DUP3 MSTORE POP SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP3 ISZERO DUP1 PUSH2 0x64C JUMPI POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 EQ JUMPDEST DUP1 PUSH2 0x655 JUMPI POP DUP2 ISZERO JUMPDEST DUP1 PUSH2 0x67F JUMPI POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 EQ JUMPDEST ISZERO PUSH2 0x68C JUMPI POP PUSH1 0x0 PUSH2 0x791 JUMP JUMPDEST PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC DUP8 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD MULMOD ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH32 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B DUP3 ADDMOD SWAP2 SWAP1 SWAP2 EQ SWAP2 POP POP JUMPDEST SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x814 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF DUP2 DUP1 DUP9 ISZERO DUP1 ISZERO PUSH2 0x830 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x844 JUMPI PUSH1 0x0 SWAP7 POP POP POP POP POP POP POP PUSH2 0x12DC JUMP JUMPDEST PUSH2 0x890 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x12E4 JUMP JUMPDEST DUP1 SWAP3 POP DUP2 SWAP4 POP POP POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD JUMPDEST DUP1 PUSH2 0x8CB JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x8A9 JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP6 POP PUSH1 0x1 DUP7 SUB PUSH2 0x92D JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP4 POP JUMPDEST PUSH1 0x2 DUP7 SUB PUSH2 0x93C JUMPI DUP11 SWAP7 POP DUP10 SWAP4 POP JUMPDEST PUSH1 0x3 DUP7 SUB PUSH2 0x94B JUMPI DUP2 SWAP7 POP DUP1 SWAP4 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP6 POP PUSH1 0x1 SWAP5 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1232 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP6 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP5 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP8 MULMOD ADDMOD SWAP8 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0xC36 JUMPI DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP8 POP POP POP POP POP PUSH2 0x1227 JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0xC85 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0xC94 JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0xCA3 JUMPI DUP6 SWAP4 POP DUP5 SWAP3 POP JUMPDEST DUP10 PUSH2 0xCBC JUMPI POP SWAP2 SWAP9 POP PUSH1 0x1 SWAP8 POP DUP8 SWAP7 POP SWAP5 POP PUSH2 0x1227 SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP14 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0x1020 JUMPI DUP4 PUSH2 0x1020 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP3 MULMOD SWAP11 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP6 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP11 DUP8 MULMOD DUP6 ADDMOD SWAP9 POP POP POP POP POP POP PUSH2 0x1227 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP14 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP11 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x95A JUMP JUMPDEST PUSH1 0x40 MLOAD DUP7 PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x12AD JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MLOAD DUP10 MULMOD SWAP8 POP POP POP POP POP POP POP POP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP7 PUSH2 0x12FB JUMPI DUP6 DUP6 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1339 JUMP JUMPDEST DUP5 PUSH2 0x130D JUMPI DUP8 DUP8 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1339 JUMP JUMPDEST PUSH2 0x131C DUP9 DUP9 PUSH1 0x1 DUP1 DUP11 DUP11 PUSH2 0x1342 JUMP JUMPDEST SWAP3 SWAP11 POP SWAP1 SWAP9 POP SWAP3 POP SWAP1 POP PUSH2 0x1332 DUP9 DUP9 DUP5 DUP5 PUSH2 0x1607 JUMP JUMPDEST SWAP4 POP SWAP4 POP POP POP JUMPDEST SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP9 PUSH1 0x0 SUB PUSH2 0x1361 JUMPI POP DUP5 SWAP3 POP DUP4 SWAP2 POP PUSH1 0x1 SWAP1 POP DUP1 PUSH2 0x15FA JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP9 DUP10 SUB SWAP9 DUP10 DUP2 DUP10 DUP9 MULMOD ADDMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP10 MULMOD ADDMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP8 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP6 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP10 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP9 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP12 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 DUP12 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD MULMOD ADDMOD SWAP3 POP JUMPDEST SWAP7 POP SWAP7 POP SWAP7 POP SWAP7 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x1615 DUP5 PUSH2 0x16BC JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP8 MULMOD SWAP2 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP8 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP10 MULMOD SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x814 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x0 DUP1 DUP4 PUSH1 0x1F DUP5 ADD SLT PUSH2 0x174B JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP DUP2 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x1763 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x20 DUP4 ADD SWAP2 POP DUP4 PUSH1 0x20 DUP3 DUP6 ADD ADD GT ISZERO PUSH2 0x177B JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP3 POP SWAP3 SWAP1 POP JUMP JUMPDEST DUP1 PUSH1 0x40 DUP2 ADD DUP4 LT ISZERO PUSH2 0x791 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x120 DUP11 DUP13 SUB SLT ISZERO PUSH2 0x17B2 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP10 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x17CA JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x17D6 DUP14 DUP4 DUP15 ADD PUSH2 0x1739 JUMP JUMPDEST SWAP1 SWAP12 POP SWAP10 POP PUSH1 0x20 DUP13 ADD CALLDATALOAD SWAP2 POP PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP3 AND DUP3 EQ PUSH2 0x1810 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP1 SWAP8 POP PUSH1 0x40 DUP12 ADD CALLDATALOAD SWAP1 DUP1 DUP3 GT ISZERO PUSH2 0x1826 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH2 0x1833 DUP13 DUP3 DUP14 ADD PUSH2 0x1739 JUMP JUMPDEST SWAP1 SWAP8 POP SWAP6 POP POP PUSH1 0x60 DUP11 ADD CALLDATALOAD SWAP4 POP PUSH1 0x80 DUP11 ADD CALLDATALOAD SWAP3 POP PUSH2 0x1854 DUP12 PUSH1 0xA0 DUP13 ADD PUSH2 0x1782 JUMP JUMPDEST SWAP2 POP PUSH2 0x1863 DUP12 PUSH1 0xE0 DUP13 ADD PUSH2 0x1782 JUMP JUMPDEST SWAP1 POP SWAP3 SWAP6 SWAP9 POP SWAP3 SWAP6 SWAP9 POP SWAP3 SWAP6 SWAP9 JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x32 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x41 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH1 0x0 DUP3 MLOAD PUSH1 0x0 JUMPDEST DUP2 DUP2 LT ISZERO PUSH2 0x18F1 JUMPI PUSH1 0x20 DUP2 DUP7 ADD DUP2 ADD MLOAD DUP6 DUP4 ADD MSTORE ADD PUSH2 0x18D7 JUMP JUMPDEST POP PUSH1 0x0 SWAP3 ADD SWAP2 DUP3 MSTORE POP SWAP2 SWAP1 POP JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x11 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST DUP1 DUP3 ADD DUP1 DUP3 GT ISZERO PUSH2 0x791 JUMPI PUSH2 0x791 PUSH2 0x18FF JUMP JUMPDEST DUP2 DUP4 DUP3 CALLDATACOPY PUSH1 0x0 SWAP2 ADD SWAP1 DUP2 MSTORE SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x1963 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP MLOAD SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH2 0x19A0 JUMPI PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x12 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST POP DIV SWAP1 JUMP JUMPDEST DUP1 DUP3 MUL DUP2 ISZERO DUP3 DUP3 DIV DUP5 EQ OR PUSH2 0x791 JUMPI PUSH2 0x791 PUSH2 0x18FF JUMP INVALID COINBASE TIMESTAMP NUMBER PREVRANDAO GASLIMIT CHAINID SELFBALANCE BASEFEE 0x49 0x4A 0x4B 0x4C 0x4D 0x4E 0x4F POP MLOAD MSTORE MSTORE8 SLOAD SSTORE JUMP JUMPI PC MSIZE GAS PUSH2 0x6263 PUSH5 0x6566676869 PUSH11 0x6B6C6D6E6F707172737475 PUSH23 0x7778797A303132333435363738392D5FA2646970667358 0x22 SLT KECCAK256 SWAP2 CALLDATALOAD SELFBALANCE MOD PUSH8 0x9FA8E7C4C9FCBCA9 EXTCODESIZE OR EXTCODEHASH KECCAK256 0xB0 DUP13 0xD1 0xE8 SWAP14 0xF6 DUP2 0xD0 0x2A 0xD3 0x24 DUP1 SELFDESTRUCT PUSH10 0x6F64736F6C6343000814 STOP CALLER ","sourceMap":"491:607:3:-:0;;;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{"@FCL_nModInv_298":{"entryPoint":1943,"id":298,"parameterSlots":1,"returnSlots":1},"@FCL_pModInv_308":{"entryPoint":5820,"id":308,"parameterSlots":1,"returnSlots":1},"@WebAuthn_format_109":{"entryPoint":170,"id":109,"parameterSlots":8,"returnSlots":1},"@checkSignature_156":{"entryPoint":120,"id":156,"parameterSlots":9,"returnSlots":1},"@checkSignature_1972":{"entryPoint":87,"id":1972,"parameterSlots":9,"returnSlots":1},"@ecAff_IsZero_890":{"entryPoint":null,"id":890,"parameterSlots":2,"returnSlots":1},"@ecAff_add_1024":{"entryPoint":4836,"id":1024,"parameterSlots":4,"returnSlots":2},"@ecAff_isOnCurve_961":{"entryPoint":1566,"id":961,"parameterSlots":2,"returnSlots":1},"@ecZZ_AddN_823":{"entryPoint":4930,"id":823,"parameterSlots":6,"returnSlots":4},"@ecZZ_SetAff_750":{"entryPoint":5639,"id":750,"parameterSlots":4,"returnSlots":2},"@ecZZ_mulmuladd_S_asm_1083":{"entryPoint":2075,"id":1083,"parameterSlots":4,"returnSlots":1},"@ecdsa_verify_1556":{"entryPoint":845,"id":1556,"parameterSlots":3,"returnSlots":1},"@encode_1931":{"entryPoint":1199,"id":1931,"parameterSlots":1,"returnSlots":1},"abi_decode_array_uint256_calldata":{"entryPoint":6018,"id":null,"parameterSlots":2,"returnSlots":1},"abi_decode_bytes_calldata":{"entryPoint":5945,"id":null,"parameterSlots":2,"returnSlots":2},"abi_decode_tuple_t_bytes32_fromMemory":{"entryPoint":6481,"id":null,"parameterSlots":2,"returnSlots":1},"abi_decode_tuple_t_bytes_calldata_ptrt_bytes1t_bytes_calldata_ptrt_bytes32t_uint256t_array$_t_uint256_$2_calldata_ptrt_array$_t_uint256_$2_calldata_ptr":{"entryPoint":6035,"id":null,"parameterSlots":2,"returnSlots":9},"abi_encode_tuple_packed_t_bytes32__to_t_bytes32__nonPadded_inplace_fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_packed_t_bytes_calldata_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed":{"entryPoint":6465,"id":null,"parameterSlots":3,"returnSlots":1},"abi_encode_tuple_packed_t_bytes_memory_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed":{"entryPoint":6352,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"checked_add_t_uint256":{"entryPoint":6446,"id":null,"parameterSlots":2,"returnSlots":1},"checked_div_t_uint256":{"entryPoint":6506,"id":null,"parameterSlots":2,"returnSlots":1},"checked_mul_t_uint256":{"entryPoint":6565,"id":null,"parameterSlots":2,"returnSlots":1},"panic_error_0x11":{"entryPoint":6399,"id":null,"parameterSlots":0,"returnSlots":0},"panic_error_0x12":{"entryPoint":null,"id":null,"parameterSlots":0,"returnSlots":0},"panic_error_0x32":{"entryPoint":6258,"id":null,"parameterSlots":0,"returnSlots":0},"panic_error_0x41":{"entryPoint":6305,"id":null,"parameterSlots":0,"returnSlots":0}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:4454:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"86:275:7","statements":[{"body":{"nodeType":"YulBlock","src":"135:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"144:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"147:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"137:6:7"},"nodeType":"YulFunctionCall","src":"137:12:7"},"nodeType":"YulExpressionStatement","src":"137:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"114:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"122:4:7","type":"","value":"0x1f"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"110:3:7"},"nodeType":"YulFunctionCall","src":"110:17:7"},{"name":"end","nodeType":"YulIdentifier","src":"129:3:7"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"106:3:7"},"nodeType":"YulFunctionCall","src":"106:27:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"99:6:7"},"nodeType":"YulFunctionCall","src":"99:35:7"},"nodeType":"YulIf","src":"96:55:7"},{"nodeType":"YulAssignment","src":"160:30:7","value":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"183:6:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"170:12:7"},"nodeType":"YulFunctionCall","src":"170:20:7"},"variableNames":[{"name":"length","nodeType":"YulIdentifier","src":"160:6:7"}]},{"body":{"nodeType":"YulBlock","src":"233:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"242:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"245:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"235:6:7"},"nodeType":"YulFunctionCall","src":"235:12:7"},"nodeType":"YulExpressionStatement","src":"235:12:7"}]},"condition":{"arguments":[{"name":"length","nodeType":"YulIdentifier","src":"205:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"213:18:7","type":"","value":"0xffffffffffffffff"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"202:2:7"},"nodeType":"YulFunctionCall","src":"202:30:7"},"nodeType":"YulIf","src":"199:50:7"},{"nodeType":"YulAssignment","src":"258:29:7","value":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"274:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"282:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"270:3:7"},"nodeType":"YulFunctionCall","src":"270:17:7"},"variableNames":[{"name":"arrayPos","nodeType":"YulIdentifier","src":"258:8:7"}]},{"body":{"nodeType":"YulBlock","src":"339:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"348:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"351:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"341:6:7"},"nodeType":"YulFunctionCall","src":"341:12:7"},"nodeType":"YulExpressionStatement","src":"341:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"310:6:7"},{"name":"length","nodeType":"YulIdentifier","src":"318:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"306:3:7"},"nodeType":"YulFunctionCall","src":"306:19:7"},{"kind":"number","nodeType":"YulLiteral","src":"327:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"302:3:7"},"nodeType":"YulFunctionCall","src":"302:30:7"},{"name":"end","nodeType":"YulIdentifier","src":"334:3:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"299:2:7"},"nodeType":"YulFunctionCall","src":"299:39:7"},"nodeType":"YulIf","src":"296:59:7"}]},"name":"abi_decode_bytes_calldata","nodeType":"YulFunctionDefinition","parameters":[{"name":"offset","nodeType":"YulTypedName","src":"49:6:7","type":""},{"name":"end","nodeType":"YulTypedName","src":"57:3:7","type":""}],"returnVariables":[{"name":"arrayPos","nodeType":"YulTypedName","src":"65:8:7","type":""},{"name":"length","nodeType":"YulTypedName","src":"75:6:7","type":""}],"src":"14:347:7"},{"body":{"nodeType":"YulBlock","src":"438:87:7","statements":[{"nodeType":"YulAssignment","src":"448:18:7","value":{"name":"offset","nodeType":"YulIdentifier","src":"460:6:7"},"variableNames":[{"name":"arrayPos","nodeType":"YulIdentifier","src":"448:8:7"}]},{"body":{"nodeType":"YulBlock","src":"503:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"512:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"515:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"505:6:7"},"nodeType":"YulFunctionCall","src":"505:12:7"},"nodeType":"YulExpressionStatement","src":"505:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"485:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"493:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"481:3:7"},"nodeType":"YulFunctionCall","src":"481:15:7"},{"name":"end","nodeType":"YulIdentifier","src":"498:3:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"478:2:7"},"nodeType":"YulFunctionCall","src":"478:24:7"},"nodeType":"YulIf","src":"475:44:7"}]},"name":"abi_decode_array_uint256_calldata","nodeType":"YulFunctionDefinition","parameters":[{"name":"offset","nodeType":"YulTypedName","src":"409:6:7","type":""},{"name":"end","nodeType":"YulTypedName","src":"417:3:7","type":""}],"returnVariables":[{"name":"arrayPos","nodeType":"YulTypedName","src":"425:8:7","type":""}],"src":"366:159:7"},{"body":{"nodeType":"YulBlock","src":"789:1064:7","statements":[{"body":{"nodeType":"YulBlock","src":"836:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"845:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"848:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"838:6:7"},"nodeType":"YulFunctionCall","src":"838:12:7"},"nodeType":"YulExpressionStatement","src":"838:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"810:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"819:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"806:3:7"},"nodeType":"YulFunctionCall","src":"806:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"831:3:7","type":"","value":"288"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"802:3:7"},"nodeType":"YulFunctionCall","src":"802:33:7"},"nodeType":"YulIf","src":"799:53:7"},{"nodeType":"YulVariableDeclaration","src":"861:37:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"888:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"875:12:7"},"nodeType":"YulFunctionCall","src":"875:23:7"},"variables":[{"name":"offset","nodeType":"YulTypedName","src":"865:6:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"907:28:7","value":{"kind":"number","nodeType":"YulLiteral","src":"917:18:7","type":"","value":"0xffffffffffffffff"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"911:2:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"962:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"971:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"974:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"964:6:7"},"nodeType":"YulFunctionCall","src":"964:12:7"},"nodeType":"YulExpressionStatement","src":"964:12:7"}]},"condition":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"950:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"958:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"947:2:7"},"nodeType":"YulFunctionCall","src":"947:14:7"},"nodeType":"YulIf","src":"944:34:7"},{"nodeType":"YulVariableDeclaration","src":"987:84:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1043:9:7"},{"name":"offset","nodeType":"YulIdentifier","src":"1054:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1039:3:7"},"nodeType":"YulFunctionCall","src":"1039:22:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"1063:7:7"}],"functionName":{"name":"abi_decode_bytes_calldata","nodeType":"YulIdentifier","src":"1013:25:7"},"nodeType":"YulFunctionCall","src":"1013:58:7"},"variables":[{"name":"value0_1","nodeType":"YulTypedName","src":"991:8:7","type":""},{"name":"value1_1","nodeType":"YulTypedName","src":"1001:8:7","type":""}]},{"nodeType":"YulAssignment","src":"1080:18:7","value":{"name":"value0_1","nodeType":"YulIdentifier","src":"1090:8:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"1080:6:7"}]},{"nodeType":"YulAssignment","src":"1107:18:7","value":{"name":"value1_1","nodeType":"YulIdentifier","src":"1117:8:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"1107:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"1134:45:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1164:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1175:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1160:3:7"},"nodeType":"YulFunctionCall","src":"1160:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1147:12:7"},"nodeType":"YulFunctionCall","src":"1147:32:7"},"variables":[{"name":"value","nodeType":"YulTypedName","src":"1138:5:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"1289:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1298:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"1301:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"1291:6:7"},"nodeType":"YulFunctionCall","src":"1291:12:7"},"nodeType":"YulExpressionStatement","src":"1291:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"1201:5:7"},{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"1212:5:7"},{"kind":"number","nodeType":"YulLiteral","src":"1219:66:7","type":"","value":"0xff00000000000000000000000000000000000000000000000000000000000000"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1208:3:7"},"nodeType":"YulFunctionCall","src":"1208:78:7"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"1198:2:7"},"nodeType":"YulFunctionCall","src":"1198:89:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"1191:6:7"},"nodeType":"YulFunctionCall","src":"1191:97:7"},"nodeType":"YulIf","src":"1188:117:7"},{"nodeType":"YulAssignment","src":"1314:15:7","value":{"name":"value","nodeType":"YulIdentifier","src":"1324:5:7"},"variableNames":[{"name":"value2","nodeType":"YulIdentifier","src":"1314:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"1338:48:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1371:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1382:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1367:3:7"},"nodeType":"YulFunctionCall","src":"1367:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1354:12:7"},"nodeType":"YulFunctionCall","src":"1354:32:7"},"variables":[{"name":"offset_1","nodeType":"YulTypedName","src":"1342:8:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"1415:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1424:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"1427:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"1417:6:7"},"nodeType":"YulFunctionCall","src":"1417:12:7"},"nodeType":"YulExpressionStatement","src":"1417:12:7"}]},"condition":{"arguments":[{"name":"offset_1","nodeType":"YulIdentifier","src":"1401:8:7"},{"name":"_1","nodeType":"YulIdentifier","src":"1411:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"1398:2:7"},"nodeType":"YulFunctionCall","src":"1398:16:7"},"nodeType":"YulIf","src":"1395:36:7"},{"nodeType":"YulVariableDeclaration","src":"1440:86:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1496:9:7"},{"name":"offset_1","nodeType":"YulIdentifier","src":"1507:8:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1492:3:7"},"nodeType":"YulFunctionCall","src":"1492:24:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"1518:7:7"}],"functionName":{"name":"abi_decode_bytes_calldata","nodeType":"YulIdentifier","src":"1466:25:7"},"nodeType":"YulFunctionCall","src":"1466:60:7"},"variables":[{"name":"value3_1","nodeType":"YulTypedName","src":"1444:8:7","type":""},{"name":"value4_1","nodeType":"YulTypedName","src":"1454:8:7","type":""}]},{"nodeType":"YulAssignment","src":"1535:18:7","value":{"name":"value3_1","nodeType":"YulIdentifier","src":"1545:8:7"},"variableNames":[{"name":"value3","nodeType":"YulIdentifier","src":"1535:6:7"}]},{"nodeType":"YulAssignment","src":"1562:18:7","value":{"name":"value4_1","nodeType":"YulIdentifier","src":"1572:8:7"},"variableNames":[{"name":"value4","nodeType":"YulIdentifier","src":"1562:6:7"}]},{"nodeType":"YulAssignment","src":"1589:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1616:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1627:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1612:3:7"},"nodeType":"YulFunctionCall","src":"1612:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1599:12:7"},"nodeType":"YulFunctionCall","src":"1599:32:7"},"variableNames":[{"name":"value5","nodeType":"YulIdentifier","src":"1589:6:7"}]},{"nodeType":"YulAssignment","src":"1640:43:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1667:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1678:3:7","type":"","value":"128"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1663:3:7"},"nodeType":"YulFunctionCall","src":"1663:19:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1650:12:7"},"nodeType":"YulFunctionCall","src":"1650:33:7"},"variableNames":[{"name":"value6","nodeType":"YulIdentifier","src":"1640:6:7"}]},{"nodeType":"YulAssignment","src":"1692:73:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1740:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1751:3:7","type":"","value":"160"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1736:3:7"},"nodeType":"YulFunctionCall","src":"1736:19:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"1757:7:7"}],"functionName":{"name":"abi_decode_array_uint256_calldata","nodeType":"YulIdentifier","src":"1702:33:7"},"nodeType":"YulFunctionCall","src":"1702:63:7"},"variableNames":[{"name":"value7","nodeType":"YulIdentifier","src":"1692:6:7"}]},{"nodeType":"YulAssignment","src":"1774:73:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1822:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1833:3:7","type":"","value":"224"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1818:3:7"},"nodeType":"YulFunctionCall","src":"1818:19:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"1839:7:7"}],"functionName":{"name":"abi_decode_array_uint256_calldata","nodeType":"YulIdentifier","src":"1784:33:7"},"nodeType":"YulFunctionCall","src":"1784:63:7"},"variableNames":[{"name":"value8","nodeType":"YulIdentifier","src":"1774:6:7"}]}]},"name":"abi_decode_tuple_t_bytes_calldata_ptrt_bytes1t_bytes_calldata_ptrt_bytes32t_uint256t_array$_t_uint256_$2_calldata_ptrt_array$_t_uint256_$2_calldata_ptr","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"691:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"702:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"714:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"722:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"730:6:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"738:6:7","type":""},{"name":"value4","nodeType":"YulTypedName","src":"746:6:7","type":""},{"name":"value5","nodeType":"YulTypedName","src":"754:6:7","type":""},{"name":"value6","nodeType":"YulTypedName","src":"762:6:7","type":""},{"name":"value7","nodeType":"YulTypedName","src":"770:6:7","type":""},{"name":"value8","nodeType":"YulTypedName","src":"778:6:7","type":""}],"src":"530:1323:7"},{"body":{"nodeType":"YulBlock","src":"1953:92:7","statements":[{"nodeType":"YulAssignment","src":"1963:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"1975:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"1986:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1971:3:7"},"nodeType":"YulFunctionCall","src":"1971:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"1963:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2005:9:7"},{"arguments":[{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"2030:6:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"2023:6:7"},"nodeType":"YulFunctionCall","src":"2023:14:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"2016:6:7"},"nodeType":"YulFunctionCall","src":"2016:22:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1998:6:7"},"nodeType":"YulFunctionCall","src":"1998:41:7"},"nodeType":"YulExpressionStatement","src":"1998:41:7"}]},"name":"abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"1922:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"1933:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"1944:4:7","type":""}],"src":"1858:187:7"},{"body":{"nodeType":"YulBlock","src":"2082:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2099:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2102:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2092:6:7"},"nodeType":"YulFunctionCall","src":"2092:88:7"},"nodeType":"YulExpressionStatement","src":"2092:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2196:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"2199:4:7","type":"","value":"0x32"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2189:6:7"},"nodeType":"YulFunctionCall","src":"2189:15:7"},"nodeType":"YulExpressionStatement","src":"2189:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2220:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2223:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2213:6:7"},"nodeType":"YulFunctionCall","src":"2213:15:7"},"nodeType":"YulExpressionStatement","src":"2213:15:7"}]},"name":"panic_error_0x32","nodeType":"YulFunctionDefinition","src":"2050:184:7"},{"body":{"nodeType":"YulBlock","src":"2358:63:7","statements":[{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2375:3:7"},{"name":"value0","nodeType":"YulIdentifier","src":"2380:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2368:6:7"},"nodeType":"YulFunctionCall","src":"2368:19:7"},"nodeType":"YulExpressionStatement","src":"2368:19:7"},{"nodeType":"YulAssignment","src":"2396:19:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2407:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"2412:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2403:3:7"},"nodeType":"YulFunctionCall","src":"2403:12:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"2396:3:7"}]}]},"name":"abi_encode_tuple_packed_t_bytes32__to_t_bytes32__nonPadded_inplace_fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"pos","nodeType":"YulTypedName","src":"2334:3:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"2339:6:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"2350:3:7","type":""}],"src":"2239:182:7"},{"body":{"nodeType":"YulBlock","src":"2458:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2475:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2478:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2468:6:7"},"nodeType":"YulFunctionCall","src":"2468:88:7"},"nodeType":"YulExpressionStatement","src":"2468:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2572:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"2575:4:7","type":"","value":"0x41"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2565:6:7"},"nodeType":"YulFunctionCall","src":"2565:15:7"},"nodeType":"YulExpressionStatement","src":"2565:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2596:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2599:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2589:6:7"},"nodeType":"YulFunctionCall","src":"2589:15:7"},"nodeType":"YulExpressionStatement","src":"2589:15:7"}]},"name":"panic_error_0x41","nodeType":"YulFunctionDefinition","src":"2426:184:7"},{"body":{"nodeType":"YulBlock","src":"2752:275:7","statements":[{"nodeType":"YulVariableDeclaration","src":"2762:27:7","value":{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"2782:6:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"2776:5:7"},"nodeType":"YulFunctionCall","src":"2776:13:7"},"variables":[{"name":"length","nodeType":"YulTypedName","src":"2766:6:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"2798:10:7","value":{"kind":"number","nodeType":"YulLiteral","src":"2807:1:7","type":"","value":"0"},"variables":[{"name":"i","nodeType":"YulTypedName","src":"2802:1:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"2869:77:7","statements":[{"expression":{"arguments":[{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2894:3:7"},{"name":"i","nodeType":"YulIdentifier","src":"2899:1:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2890:3:7"},"nodeType":"YulFunctionCall","src":"2890:11:7"},{"arguments":[{"arguments":[{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"2917:6:7"},{"name":"i","nodeType":"YulIdentifier","src":"2925:1:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2913:3:7"},"nodeType":"YulFunctionCall","src":"2913:14:7"},{"kind":"number","nodeType":"YulLiteral","src":"2929:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2909:3:7"},"nodeType":"YulFunctionCall","src":"2909:25:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"2903:5:7"},"nodeType":"YulFunctionCall","src":"2903:32:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2883:6:7"},"nodeType":"YulFunctionCall","src":"2883:53:7"},"nodeType":"YulExpressionStatement","src":"2883:53:7"}]},"condition":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"2828:1:7"},{"name":"length","nodeType":"YulIdentifier","src":"2831:6:7"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"2825:2:7"},"nodeType":"YulFunctionCall","src":"2825:13:7"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"2839:21:7","statements":[{"nodeType":"YulAssignment","src":"2841:17:7","value":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"2850:1:7"},{"kind":"number","nodeType":"YulLiteral","src":"2853:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2846:3:7"},"nodeType":"YulFunctionCall","src":"2846:12:7"},"variableNames":[{"name":"i","nodeType":"YulIdentifier","src":"2841:1:7"}]}]},"pre":{"nodeType":"YulBlock","src":"2821:3:7","statements":[]},"src":"2817:129:7"},{"nodeType":"YulVariableDeclaration","src":"2955:26:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"2969:3:7"},{"name":"length","nodeType":"YulIdentifier","src":"2974:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2965:3:7"},"nodeType":"YulFunctionCall","src":"2965:16:7"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"2959:2:7","type":""}]},{"expression":{"arguments":[{"name":"_1","nodeType":"YulIdentifier","src":"2997:2:7"},{"kind":"number","nodeType":"YulLiteral","src":"3001:1:7","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2990:6:7"},"nodeType":"YulFunctionCall","src":"2990:13:7"},"nodeType":"YulExpressionStatement","src":"2990:13:7"},{"nodeType":"YulAssignment","src":"3012:9:7","value":{"name":"_1","nodeType":"YulIdentifier","src":"3019:2:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"3012:3:7"}]}]},"name":"abi_encode_tuple_packed_t_bytes_memory_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"pos","nodeType":"YulTypedName","src":"2728:3:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"2733:6:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"2744:3:7","type":""}],"src":"2615:412:7"},{"body":{"nodeType":"YulBlock","src":"3064:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3081:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3084:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3074:6:7"},"nodeType":"YulFunctionCall","src":"3074:88:7"},"nodeType":"YulExpressionStatement","src":"3074:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3178:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"3181:4:7","type":"","value":"0x11"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3171:6:7"},"nodeType":"YulFunctionCall","src":"3171:15:7"},"nodeType":"YulExpressionStatement","src":"3171:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3202:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3205:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"3195:6:7"},"nodeType":"YulFunctionCall","src":"3195:15:7"},"nodeType":"YulExpressionStatement","src":"3195:15:7"}]},"name":"panic_error_0x11","nodeType":"YulFunctionDefinition","src":"3032:184:7"},{"body":{"nodeType":"YulBlock","src":"3269:77:7","statements":[{"nodeType":"YulAssignment","src":"3279:16:7","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"3290:1:7"},{"name":"y","nodeType":"YulIdentifier","src":"3293:1:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3286:3:7"},"nodeType":"YulFunctionCall","src":"3286:9:7"},"variableNames":[{"name":"sum","nodeType":"YulIdentifier","src":"3279:3:7"}]},{"body":{"nodeType":"YulBlock","src":"3318:22:7","statements":[{"expression":{"arguments":[],"functionName":{"name":"panic_error_0x11","nodeType":"YulIdentifier","src":"3320:16:7"},"nodeType":"YulFunctionCall","src":"3320:18:7"},"nodeType":"YulExpressionStatement","src":"3320:18:7"}]},"condition":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"3310:1:7"},{"name":"sum","nodeType":"YulIdentifier","src":"3313:3:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"3307:2:7"},"nodeType":"YulFunctionCall","src":"3307:10:7"},"nodeType":"YulIf","src":"3304:36:7"}]},"name":"checked_add_t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"x","nodeType":"YulTypedName","src":"3252:1:7","type":""},{"name":"y","nodeType":"YulTypedName","src":"3255:1:7","type":""}],"returnVariables":[{"name":"sum","nodeType":"YulTypedName","src":"3261:3:7","type":""}],"src":"3221:125:7"},{"body":{"nodeType":"YulBlock","src":"3498:124:7","statements":[{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"3521:3:7"},{"name":"value0","nodeType":"YulIdentifier","src":"3526:6:7"},{"name":"value1","nodeType":"YulIdentifier","src":"3534:6:7"}],"functionName":{"name":"calldatacopy","nodeType":"YulIdentifier","src":"3508:12:7"},"nodeType":"YulFunctionCall","src":"3508:33:7"},"nodeType":"YulExpressionStatement","src":"3508:33:7"},{"nodeType":"YulVariableDeclaration","src":"3550:26:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"3564:3:7"},{"name":"value1","nodeType":"YulIdentifier","src":"3569:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3560:3:7"},"nodeType":"YulFunctionCall","src":"3560:16:7"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"3554:2:7","type":""}]},{"expression":{"arguments":[{"name":"_1","nodeType":"YulIdentifier","src":"3592:2:7"},{"kind":"number","nodeType":"YulLiteral","src":"3596:1:7","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3585:6:7"},"nodeType":"YulFunctionCall","src":"3585:13:7"},"nodeType":"YulExpressionStatement","src":"3585:13:7"},{"nodeType":"YulAssignment","src":"3607:9:7","value":{"name":"_1","nodeType":"YulIdentifier","src":"3614:2:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"3607:3:7"}]}]},"name":"abi_encode_tuple_packed_t_bytes_calldata_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"pos","nodeType":"YulTypedName","src":"3466:3:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"3471:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"3479:6:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"3490:3:7","type":""}],"src":"3351:271:7"},{"body":{"nodeType":"YulBlock","src":"3708:103:7","statements":[{"body":{"nodeType":"YulBlock","src":"3754:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3763:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3766:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"3756:6:7"},"nodeType":"YulFunctionCall","src":"3756:12:7"},"nodeType":"YulExpressionStatement","src":"3756:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"3729:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"3738:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"3725:3:7"},"nodeType":"YulFunctionCall","src":"3725:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"3750:2:7","type":"","value":"32"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"3721:3:7"},"nodeType":"YulFunctionCall","src":"3721:32:7"},"nodeType":"YulIf","src":"3718:52:7"},{"nodeType":"YulAssignment","src":"3779:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3795:9:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"3789:5:7"},"nodeType":"YulFunctionCall","src":"3789:16:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"3779:6:7"}]}]},"name":"abi_decode_tuple_t_bytes32_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"3674:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"3685:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"3697:6:7","type":""}],"src":"3627:184:7"},{"body":{"nodeType":"YulBlock","src":"3848:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3865:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3868:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3858:6:7"},"nodeType":"YulFunctionCall","src":"3858:88:7"},"nodeType":"YulExpressionStatement","src":"3858:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3962:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"3965:4:7","type":"","value":"0x12"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3955:6:7"},"nodeType":"YulFunctionCall","src":"3955:15:7"},"nodeType":"YulExpressionStatement","src":"3955:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3986:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3989:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"3979:6:7"},"nodeType":"YulFunctionCall","src":"3979:15:7"},"nodeType":"YulExpressionStatement","src":"3979:15:7"}]},"name":"panic_error_0x12","nodeType":"YulFunctionDefinition","src":"3816:184:7"},{"body":{"nodeType":"YulBlock","src":"4051:228:7","statements":[{"body":{"nodeType":"YulBlock","src":"4082:168:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4103:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4106:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4096:6:7"},"nodeType":"YulFunctionCall","src":"4096:88:7"},"nodeType":"YulExpressionStatement","src":"4096:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4204:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"4207:4:7","type":"","value":"0x12"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4197:6:7"},"nodeType":"YulFunctionCall","src":"4197:15:7"},"nodeType":"YulExpressionStatement","src":"4197:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4232:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4235:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4225:6:7"},"nodeType":"YulFunctionCall","src":"4225:15:7"},"nodeType":"YulExpressionStatement","src":"4225:15:7"}]},"condition":{"arguments":[{"name":"y","nodeType":"YulIdentifier","src":"4071:1:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"4064:6:7"},"nodeType":"YulFunctionCall","src":"4064:9:7"},"nodeType":"YulIf","src":"4061:189:7"},{"nodeType":"YulAssignment","src":"4259:14:7","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"4268:1:7"},{"name":"y","nodeType":"YulIdentifier","src":"4271:1:7"}],"functionName":{"name":"div","nodeType":"YulIdentifier","src":"4264:3:7"},"nodeType":"YulFunctionCall","src":"4264:9:7"},"variableNames":[{"name":"r","nodeType":"YulIdentifier","src":"4259:1:7"}]}]},"name":"checked_div_t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"x","nodeType":"YulTypedName","src":"4036:1:7","type":""},{"name":"y","nodeType":"YulTypedName","src":"4039:1:7","type":""}],"returnVariables":[{"name":"r","nodeType":"YulTypedName","src":"4045:1:7","type":""}],"src":"4005:274:7"},{"body":{"nodeType":"YulBlock","src":"4336:116:7","statements":[{"nodeType":"YulAssignment","src":"4346:20:7","value":{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"4361:1:7"},{"name":"y","nodeType":"YulIdentifier","src":"4364:1:7"}],"functionName":{"name":"mul","nodeType":"YulIdentifier","src":"4357:3:7"},"nodeType":"YulFunctionCall","src":"4357:9:7"},"variableNames":[{"name":"product","nodeType":"YulIdentifier","src":"4346:7:7"}]},{"body":{"nodeType":"YulBlock","src":"4424:22:7","statements":[{"expression":{"arguments":[],"functionName":{"name":"panic_error_0x11","nodeType":"YulIdentifier","src":"4426:16:7"},"nodeType":"YulFunctionCall","src":"4426:18:7"},"nodeType":"YulExpressionStatement","src":"4426:18:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"x","nodeType":"YulIdentifier","src":"4395:1:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"4388:6:7"},"nodeType":"YulFunctionCall","src":"4388:9:7"},{"arguments":[{"name":"y","nodeType":"YulIdentifier","src":"4402:1:7"},{"arguments":[{"name":"product","nodeType":"YulIdentifier","src":"4409:7:7"},{"name":"x","nodeType":"YulIdentifier","src":"4418:1:7"}],"functionName":{"name":"div","nodeType":"YulIdentifier","src":"4405:3:7"},"nodeType":"YulFunctionCall","src":"4405:15:7"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"4399:2:7"},"nodeType":"YulFunctionCall","src":"4399:22:7"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"4385:2:7"},"nodeType":"YulFunctionCall","src":"4385:37:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"4378:6:7"},"nodeType":"YulFunctionCall","src":"4378:45:7"},"nodeType":"YulIf","src":"4375:71:7"}]},"name":"checked_mul_t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"x","nodeType":"YulTypedName","src":"4315:1:7","type":""},{"name":"y","nodeType":"YulTypedName","src":"4318:1:7","type":""}],"returnVariables":[{"name":"product","nodeType":"YulTypedName","src":"4324:7:7","type":""}],"src":"4284:168:7"}]},"contents":"{\n { }\n function abi_decode_bytes_calldata(offset, end) -> arrayPos, length\n {\n if iszero(slt(add(offset, 0x1f), end)) { revert(0, 0) }\n length := calldataload(offset)\n if gt(length, 0xffffffffffffffff) { revert(0, 0) }\n arrayPos := add(offset, 0x20)\n if gt(add(add(offset, length), 0x20), end) { revert(0, 0) }\n }\n function abi_decode_array_uint256_calldata(offset, end) -> arrayPos\n {\n arrayPos := offset\n if gt(add(offset, 64), end) { revert(0, 0) }\n }\n function abi_decode_tuple_t_bytes_calldata_ptrt_bytes1t_bytes_calldata_ptrt_bytes32t_uint256t_array$_t_uint256_$2_calldata_ptrt_array$_t_uint256_$2_calldata_ptr(headStart, dataEnd) -> value0, value1, value2, value3, value4, value5, value6, value7, value8\n {\n if slt(sub(dataEnd, headStart), 288) { revert(0, 0) }\n let offset := calldataload(headStart)\n let _1 := 0xffffffffffffffff\n if gt(offset, _1) { revert(0, 0) }\n let value0_1, value1_1 := abi_decode_bytes_calldata(add(headStart, offset), dataEnd)\n value0 := value0_1\n value1 := value1_1\n let value := calldataload(add(headStart, 32))\n if iszero(eq(value, and(value, 0xff00000000000000000000000000000000000000000000000000000000000000))) { revert(0, 0) }\n value2 := value\n let offset_1 := calldataload(add(headStart, 64))\n if gt(offset_1, _1) { revert(0, 0) }\n let value3_1, value4_1 := abi_decode_bytes_calldata(add(headStart, offset_1), dataEnd)\n value3 := value3_1\n value4 := value4_1\n value5 := calldataload(add(headStart, 96))\n value6 := calldataload(add(headStart, 128))\n value7 := abi_decode_array_uint256_calldata(add(headStart, 160), dataEnd)\n value8 := abi_decode_array_uint256_calldata(add(headStart, 224), dataEnd)\n }\n function abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, iszero(iszero(value0)))\n }\n function panic_error_0x32()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x32)\n revert(0, 0x24)\n }\n function abi_encode_tuple_packed_t_bytes32__to_t_bytes32__nonPadded_inplace_fromStack_reversed(pos, value0) -> end\n {\n mstore(pos, value0)\n end := add(pos, 32)\n }\n function panic_error_0x41()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x41)\n revert(0, 0x24)\n }\n function abi_encode_tuple_packed_t_bytes_memory_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed(pos, value0) -> end\n {\n let length := mload(value0)\n let i := 0\n for { } lt(i, length) { i := add(i, 0x20) }\n {\n mstore(add(pos, i), mload(add(add(value0, i), 0x20)))\n }\n let _1 := add(pos, length)\n mstore(_1, 0)\n end := _1\n }\n function panic_error_0x11()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x11)\n revert(0, 0x24)\n }\n function checked_add_t_uint256(x, y) -> sum\n {\n sum := add(x, y)\n if gt(x, sum) { panic_error_0x11() }\n }\n function abi_encode_tuple_packed_t_bytes_calldata_ptr__to_t_bytes_memory_ptr__nonPadded_inplace_fromStack_reversed(pos, value1, value0) -> end\n {\n calldatacopy(pos, value0, value1)\n let _1 := add(pos, value1)\n mstore(_1, 0)\n end := _1\n }\n function abi_decode_tuple_t_bytes32_fromMemory(headStart, dataEnd) -> value0\n {\n if slt(sub(dataEnd, headStart), 32) { revert(0, 0) }\n value0 := mload(headStart)\n }\n function panic_error_0x12()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x12)\n revert(0, 0x24)\n }\n function checked_div_t_uint256(x, y) -> r\n {\n if iszero(y)\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x12)\n revert(0, 0x24)\n }\n r := div(x, y)\n }\n function checked_mul_t_uint256(x, y) -> product\n {\n product := mul(x, y)\n if iszero(or(iszero(x), eq(y, div(product, x)))) { panic_error_0x11() }\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"immutableReferences":{},"linkReferences":{},"object":"608060405234801561001057600080fd5b506004361061002b5760003560e01c80630d5efec914610030575b600080fd5b61004361003e366004611793565b610057565b604051901515815260200160405180910390f35b600061006a8a8a8a8a8a8a8a8a8a610078565b9a9950505050505050505050565b60008061008b8b8b8b8b8b8b8b8b6100aa565b9050600061009a82868661034d565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100e3576100e3611872565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610147576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b60006101738560405160200161015f91815260200190565b6040516020818303038152906040526104af565b90506000815167ffffffffffffffff811115610191576101916118a1565b6040519080825280601f01601f1916602001820160405280156101bb576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101e591906118d0565b6040516020818303038152906040528051906020012014610232576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5060009150610244905089602061192e565b67ffffffffffffffff81111561025c5761025c6118a1565b6040519080825280601f01601f191660200182016040528015610286576020820181803683370190505b509050888a60208301376000600288886040516102a4929190611941565b602060405180830381855afa1580156102c1573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102e49190611951565b90508060208b018301526002826040516102fe91906118d0565b602060405180830381855afa15801561031b573d6000803e3d6000fd5b5050506040513d601f19601f8201168201806040525081019061033e9190611951565b9b9a5050505050505050505050565b60008235602084013581158061038357507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b8061038c575080155b806103b757507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103c7576000925050506104a8565b833560208501356103d8828261061e565b6103e95760009450505050506104a8565b60006103f484610797565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551838809905060006104548686858561081b565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104ce57505060408051602081019091526000815290565b60006040518060600160405280604081526020016119bd60409139905060006003845160026104fd919061192e565b610507919061196a565b6105129060046119a5565b67ffffffffffffffff81111561052a5761052a6118a1565b6040519080825280601f01601f191660200182016040528015610554576020820181803683370190505b509050600182016020820185865187015b808210156105c0576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f8116850151845350600183019250610565565b50506003865106600181146105dc57600281146105e7576105ee565b6002820391506105ee565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061064c57507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b80610655575081155b8061067f57507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b1561068c57506000610791565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081457600080fd5b5192915050565b600080808060ff818088158015610830575087155b1561084457600096505050505050506112dc565b6108907f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112e4565b8092508193505050600189841c16600189851c1660011b015b806108cb5760018403935060018a851c1660018a861c1660011b0190506108a9565b50600189841c16600189851c1660011b0195506001860361092d577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b6002860361093c578a96508993505b6003860361094b578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1115611232577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c3657877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611227565b60018103610c85577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c94578e93508d92505b60038103610ca3578593508492505b89610cbc57509198506001975087965094506112279050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d8809089350806110205783611020577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611227565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b60018303925061095a565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112ad57600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b6000808080866112fb578585935093505050611339565b8461130d578787935093505050611339565b61131c88886001808a8a611342565b929a509098509250905061133288888484611607565b9350935050505b94509492505050565b60008060008088600003611361575084925083915060019050806115fa565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b6000806000611615846116bc565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081457600080fd5b60008083601f84011261174b57600080fd5b50813567ffffffffffffffff81111561176357600080fd5b60208301915083602082850101111561177b57600080fd5b9250929050565b806040810183101561079157600080fd5b60008060008060008060008060006101208a8c0312156117b257600080fd5b893567ffffffffffffffff808211156117ca57600080fd5b6117d68d838e01611739565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181057600080fd5b90975060408b0135908082111561182657600080fd5b506118338c828d01611739565b90975095505060608a0135935060808a013592506118548b60a08c01611782565b91506118638b60e08c01611782565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118f157602081860181015185830152016118d7565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b80820180821115610791576107916118ff565b8183823760009101908152919050565b60006020828403121561196357600080fd5b5051919050565b6000826119a0577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b8082028115828204841417610791576107916118ff56fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa264697066735822122091354706679fa8e7c4c9fcbca93b173f20b08cd1e89df681d02ad32480ff696f64736f6c63430008140033","opcodes":"PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x2B JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0xD5EFEC9 EQ PUSH2 0x30 JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x43 PUSH2 0x3E CALLDATASIZE PUSH1 0x4 PUSH2 0x1793 JUMP JUMPDEST PUSH2 0x57 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 ISZERO ISZERO DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH1 0x0 PUSH2 0x6A DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 DUP11 PUSH2 0x78 JUMP JUMPDEST SWAP11 SWAP10 POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH2 0x8B DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 DUP12 PUSH2 0xAA JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH2 0x9A DUP3 DUP7 DUP7 PUSH2 0x34D JUMP JUMPDEST SWAP13 SWAP12 POP POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP8 AND DUP8 DUP11 DUP11 PUSH1 0x20 DUP2 DUP2 LT PUSH2 0xE3 JUMPI PUSH2 0xE3 PUSH2 0x1872 JUMP JUMPDEST SWAP1 POP ADD CALLDATALOAD PUSH1 0xF8 SHR PUSH1 0xF8 SHL AND PUSH31 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF NOT AND EQ PUSH2 0x147 JUMPI PUSH1 0x40 MLOAD PUSH32 0xFC93479200000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST PUSH1 0x0 PUSH2 0x173 DUP6 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x15F SWAP2 DUP2 MSTORE PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE PUSH2 0x4AF JUMP JUMPDEST SWAP1 POP PUSH1 0x0 DUP2 MLOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x191 JUMPI PUSH2 0x191 PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x1BB JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP DUP1 MLOAD DUP6 DUP10 ADD PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 DUP2 MLOAD PUSH1 0x20 DUP4 ADD KECCAK256 SWAP1 POP DUP1 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x1E5 SWAP2 SWAP1 PUSH2 0x18D0 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 EQ PUSH2 0x232 JUMPI PUSH1 0x40 MLOAD PUSH32 0xEBAB5D2900000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST POP PUSH1 0x0 SWAP2 POP PUSH2 0x244 SWAP1 POP DUP10 PUSH1 0x20 PUSH2 0x192E JUMP JUMPDEST PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x25C JUMPI PUSH2 0x25C PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x286 JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP DUP9 DUP11 PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 PUSH1 0x2 DUP9 DUP9 PUSH1 0x40 MLOAD PUSH2 0x2A4 SWAP3 SWAP2 SWAP1 PUSH2 0x1941 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP6 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x2C1 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x2E4 SWAP2 SWAP1 PUSH2 0x1951 JUMP JUMPDEST SWAP1 POP DUP1 PUSH1 0x20 DUP12 ADD DUP4 ADD MSTORE PUSH1 0x2 DUP3 PUSH1 0x40 MLOAD PUSH2 0x2FE SWAP2 SWAP1 PUSH2 0x18D0 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP6 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x31B JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x33E SWAP2 SWAP1 PUSH2 0x1951 JUMP JUMPDEST SWAP12 SWAP11 POP POP POP POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP3 CALLDATALOAD PUSH1 0x20 DUP5 ADD CALLDATALOAD DUP2 ISZERO DUP1 PUSH2 0x383 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 LT ISZERO JUMPDEST DUP1 PUSH2 0x38C JUMPI POP DUP1 ISZERO JUMPDEST DUP1 PUSH2 0x3B7 JUMPI POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP2 LT ISZERO JUMPDEST ISZERO PUSH2 0x3C7 JUMPI PUSH1 0x0 SWAP3 POP POP POP PUSH2 0x4A8 JUMP JUMPDEST DUP4 CALLDATALOAD PUSH1 0x20 DUP6 ADD CALLDATALOAD PUSH2 0x3D8 DUP3 DUP3 PUSH2 0x61E JUMP JUMPDEST PUSH2 0x3E9 JUMPI PUSH1 0x0 SWAP5 POP POP POP POP POP PUSH2 0x4A8 JUMP JUMPDEST PUSH1 0x0 PUSH2 0x3F4 DUP5 PUSH2 0x797 JUMP JUMPDEST SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP3 DUP12 MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP4 DUP9 MULMOD SWAP1 POP PUSH1 0x0 PUSH2 0x454 DUP7 DUP7 DUP6 DUP6 PUSH2 0x81B JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 DUP9 PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 SUB DUP3 ADDMOD ISZERO SWAP9 POP POP POP POP POP POP POP POP POP JUMPDEST SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x60 DUP2 MLOAD PUSH1 0x0 SUB PUSH2 0x4CE JUMPI POP POP PUSH1 0x40 DUP1 MLOAD PUSH1 0x20 DUP2 ADD SWAP1 SWAP2 MSTORE PUSH1 0x0 DUP2 MSTORE SWAP1 JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD DUP1 PUSH1 0x60 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x40 DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x19BD PUSH1 0x40 SWAP2 CODECOPY SWAP1 POP PUSH1 0x0 PUSH1 0x3 DUP5 MLOAD PUSH1 0x2 PUSH2 0x4FD SWAP2 SWAP1 PUSH2 0x192E JUMP JUMPDEST PUSH2 0x507 SWAP2 SWAP1 PUSH2 0x196A JUMP JUMPDEST PUSH2 0x512 SWAP1 PUSH1 0x4 PUSH2 0x19A5 JUMP JUMPDEST PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x52A JUMPI PUSH2 0x52A PUSH2 0x18A1 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP1 DUP3 MSTORE DUP1 PUSH1 0x1F ADD PUSH1 0x1F NOT AND PUSH1 0x20 ADD DUP3 ADD PUSH1 0x40 MSTORE DUP1 ISZERO PUSH2 0x554 JUMPI PUSH1 0x20 DUP3 ADD DUP2 DUP1 CALLDATASIZE DUP4 CALLDATACOPY ADD SWAP1 POP JUMPDEST POP SWAP1 POP PUSH1 0x1 DUP3 ADD PUSH1 0x20 DUP3 ADD DUP6 DUP7 MLOAD DUP8 ADD JUMPDEST DUP1 DUP3 LT ISZERO PUSH2 0x5C0 JUMPI PUSH1 0x3 DUP3 ADD SWAP2 POP DUP2 MLOAD PUSH1 0x3F DUP2 PUSH1 0x12 SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 PUSH1 0xC SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 PUSH1 0x6 SHR AND DUP6 ADD MLOAD DUP5 MSTORE8 PUSH1 0x1 DUP5 ADD SWAP4 POP PUSH1 0x3F DUP2 AND DUP6 ADD MLOAD DUP5 MSTORE8 POP PUSH1 0x1 DUP4 ADD SWAP3 POP PUSH2 0x565 JUMP JUMPDEST POP POP PUSH1 0x3 DUP7 MLOAD MOD PUSH1 0x1 DUP2 EQ PUSH2 0x5DC JUMPI PUSH1 0x2 DUP2 EQ PUSH2 0x5E7 JUMPI PUSH2 0x5EE JUMP JUMPDEST PUSH1 0x2 DUP3 SUB SWAP2 POP PUSH2 0x5EE JUMP JUMPDEST PUSH1 0x1 DUP3 SUB SWAP2 POP JUMPDEST POP DUP3 SWAP1 SUB PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 ADD DUP3 MSTORE POP SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP3 ISZERO DUP1 PUSH2 0x64C JUMPI POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 EQ JUMPDEST DUP1 PUSH2 0x655 JUMPI POP DUP2 ISZERO JUMPDEST DUP1 PUSH2 0x67F JUMPI POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 EQ JUMPDEST ISZERO PUSH2 0x68C JUMPI POP PUSH1 0x0 PUSH2 0x791 JUMP JUMPDEST PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD SWAP1 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC DUP8 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD MULMOD ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH32 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B DUP3 ADDMOD SWAP2 SWAP1 SWAP2 EQ SWAP2 POP POP JUMPDEST SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551 PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x814 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST MLOAD SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 PUSH1 0xFF DUP2 DUP1 DUP9 ISZERO DUP1 ISZERO PUSH2 0x830 JUMPI POP DUP8 ISZERO JUMPDEST ISZERO PUSH2 0x844 JUMPI PUSH1 0x0 SWAP7 POP POP POP POP POP POP POP PUSH2 0x12DC JUMP JUMPDEST PUSH2 0x890 PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 DUP14 DUP14 PUSH2 0x12E4 JUMP JUMPDEST DUP1 SWAP3 POP DUP2 SWAP4 POP POP POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD JUMPDEST DUP1 PUSH2 0x8CB JUMPI PUSH1 0x1 DUP5 SUB SWAP4 POP PUSH1 0x1 DUP11 DUP6 SHR AND PUSH1 0x1 DUP11 DUP7 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP PUSH2 0x8A9 JUMP JUMPDEST POP PUSH1 0x1 DUP10 DUP5 SHR AND PUSH1 0x1 DUP10 DUP6 SHR AND PUSH1 0x1 SHL ADD SWAP6 POP PUSH1 0x1 DUP7 SUB PUSH2 0x92D JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP7 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP4 POP JUMPDEST PUSH1 0x2 DUP7 SUB PUSH2 0x93C JUMPI DUP11 SWAP7 POP DUP10 SWAP4 POP JUMPDEST PUSH1 0x3 DUP7 SUB PUSH2 0x94B JUMPI DUP2 SWAP7 POP DUP1 SWAP4 POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH1 0x1 SWAP6 POP PUSH1 0x1 SWAP5 POP JUMPDEST DUP3 PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF GT ISZERO PUSH2 0x1232 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH1 0x2 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP11 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP5 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP15 ADDMOD MULMOD PUSH1 0x3 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP6 MULMOD SWAP9 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP5 MULMOD SWAP10 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP5 MULMOD ADDMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD DUP3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP8 MULMOD ADDMOD SWAP8 POP PUSH1 0x1 DUP14 DUP9 SHR AND PUSH1 0x1 DUP14 DUP10 SHR AND PUSH1 0x1 SHL ADD SWAP1 POP DUP1 PUSH2 0xC36 JUMPI DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB SWAP8 POP POP POP POP POP PUSH2 0x1227 JUMP JUMPDEST PUSH1 0x1 DUP2 SUB PUSH2 0xC85 JUMPI PUSH32 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 SWAP4 POP PUSH32 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 SWAP3 POP JUMPDEST PUSH1 0x2 DUP2 SUB PUSH2 0xC94 JUMPI DUP15 SWAP4 POP DUP14 SWAP3 POP JUMPDEST PUSH1 0x3 DUP2 SUB PUSH2 0xCA3 JUMPI DUP6 SWAP4 POP DUP5 SWAP3 POP JUMPDEST DUP10 PUSH2 0xCBC JUMPI POP SWAP2 SWAP9 POP PUSH1 0x1 SWAP8 POP DUP8 SWAP7 POP SWAP5 POP PUSH2 0x1227 SWAP1 POP JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP7 MULMOD ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP13 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP14 DUP9 MULMOD ADDMOD SWAP4 POP DUP1 PUSH2 0x1020 JUMPI DUP4 PUSH2 0x1020 JUMPI PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 DUP7 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP14 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP7 MULMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP14 ADDMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP4 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 PUSH1 0x3 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP3 MULMOD SWAP11 POP POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP12 DUP6 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD ADDMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP14 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP6 ADDMOD DUP4 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP11 DUP8 MULMOD DUP6 ADDMOD SWAP9 POP POP POP POP POP POP PUSH2 0x1227 JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP6 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP4 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP14 MULMOD SWAP12 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP13 MULMOD SWAP11 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP15 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP3 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 DUP9 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP4 DUP14 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP7 ADDMOD MULMOD ADDMOD SWAP11 POP POP POP POP DUP1 SWAP11 POP POP POP POP POP JUMPDEST PUSH1 0x1 DUP4 SUB SWAP3 POP PUSH2 0x95A JUMP JUMPDEST PUSH1 0x40 MLOAD DUP7 PUSH1 0x60 DUP3 ADD MSTORE PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x12AD JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 MLOAD DUP10 MULMOD SWAP8 POP POP POP POP POP POP POP POP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 DUP1 DUP1 DUP7 PUSH2 0x12FB JUMPI DUP6 DUP6 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1339 JUMP JUMPDEST DUP5 PUSH2 0x130D JUMPI DUP8 DUP8 SWAP4 POP SWAP4 POP POP POP PUSH2 0x1339 JUMP JUMPDEST PUSH2 0x131C DUP9 DUP9 PUSH1 0x1 DUP1 DUP11 DUP11 PUSH2 0x1342 JUMP JUMPDEST SWAP3 SWAP11 POP SWAP1 SWAP9 POP SWAP3 POP SWAP1 POP PUSH2 0x1332 DUP9 DUP9 DUP5 DUP5 PUSH2 0x1607 JUMP JUMPDEST SWAP4 POP SWAP4 POP POP POP JUMPDEST SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP9 PUSH1 0x0 SUB PUSH2 0x1361 JUMPI POP DUP5 SWAP3 POP DUP4 SWAP2 POP PUSH1 0x1 SWAP1 POP DUP1 PUSH2 0x15FA JUMP JUMPDEST PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SWAP9 DUP10 SUB SWAP9 DUP10 DUP2 DUP10 DUP9 MULMOD ADDMOD SWAP5 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP11 DUP10 MULMOD ADDMOD SWAP6 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP8 MULMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP7 DUP6 MULMOD SWAP3 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP10 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP4 DUP9 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP5 DUP12 MULMOD SWAP8 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP10 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP6 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP10 DUP11 MULMOD ADDMOD ADDMOD SWAP4 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP1 DUP5 DUP12 MULMOD PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP8 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP9 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF SUB DUP14 ADDMOD MULMOD ADDMOD SWAP3 POP JUMPDEST SWAP7 POP SWAP7 POP SWAP7 POP SWAP7 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x1615 DUP5 PUSH2 0x16BC JUMP JUMPDEST SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP8 MULMOD SWAP2 POP PUSH1 0x0 PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP8 MULMOD SWAP1 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP2 DUP3 MULMOD SWAP2 POP PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF DUP3 DUP10 MULMOD SWAP4 POP POP POP SWAP5 POP SWAP5 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 MSTORE PUSH1 0x20 DUP1 DUP3 ADD MSTORE PUSH1 0x20 PUSH1 0x40 DUP3 ADD MSTORE DUP3 PUSH1 0x60 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD PUSH1 0x80 DUP3 ADD MSTORE PUSH32 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF PUSH1 0xA0 DUP3 ADD MSTORE PUSH1 0x20 DUP2 PUSH1 0xC0 DUP4 PUSH1 0x5 PUSH1 0x0 NOT STATICCALL PUSH2 0x814 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x0 DUP1 DUP4 PUSH1 0x1F DUP5 ADD SLT PUSH2 0x174B JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP DUP2 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x1763 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x20 DUP4 ADD SWAP2 POP DUP4 PUSH1 0x20 DUP3 DUP6 ADD ADD GT ISZERO PUSH2 0x177B JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP3 POP SWAP3 SWAP1 POP JUMP JUMPDEST DUP1 PUSH1 0x40 DUP2 ADD DUP4 LT ISZERO PUSH2 0x791 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0x0 PUSH2 0x120 DUP11 DUP13 SUB SLT ISZERO PUSH2 0x17B2 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP10 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x17CA JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x17D6 DUP14 DUP4 DUP15 ADD PUSH2 0x1739 JUMP JUMPDEST SWAP1 SWAP12 POP SWAP10 POP PUSH1 0x20 DUP13 ADD CALLDATALOAD SWAP2 POP PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP3 AND DUP3 EQ PUSH2 0x1810 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP1 SWAP8 POP PUSH1 0x40 DUP12 ADD CALLDATALOAD SWAP1 DUP1 DUP3 GT ISZERO PUSH2 0x1826 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH2 0x1833 DUP13 DUP3 DUP14 ADD PUSH2 0x1739 JUMP JUMPDEST SWAP1 SWAP8 POP SWAP6 POP POP PUSH1 0x60 DUP11 ADD CALLDATALOAD SWAP4 POP PUSH1 0x80 DUP11 ADD CALLDATALOAD SWAP3 POP PUSH2 0x1854 DUP12 PUSH1 0xA0 DUP13 ADD PUSH2 0x1782 JUMP JUMPDEST SWAP2 POP PUSH2 0x1863 DUP12 PUSH1 0xE0 DUP13 ADD PUSH2 0x1782 JUMP JUMPDEST SWAP1 POP SWAP3 SWAP6 SWAP9 POP SWAP3 SWAP6 SWAP9 POP SWAP3 SWAP6 SWAP9 JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x32 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x41 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH1 0x0 DUP3 MLOAD PUSH1 0x0 JUMPDEST DUP2 DUP2 LT ISZERO PUSH2 0x18F1 JUMPI PUSH1 0x20 DUP2 DUP7 ADD DUP2 ADD MLOAD DUP6 DUP4 ADD MSTORE ADD PUSH2 0x18D7 JUMP JUMPDEST POP PUSH1 0x0 SWAP3 ADD SWAP2 DUP3 MSTORE POP SWAP2 SWAP1 POP JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x11 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST DUP1 DUP3 ADD DUP1 DUP3 GT ISZERO PUSH2 0x791 JUMPI PUSH2 0x791 PUSH2 0x18FF JUMP JUMPDEST DUP2 DUP4 DUP3 CALLDATACOPY PUSH1 0x0 SWAP2 ADD SWAP1 DUP2 MSTORE SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x1963 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP MLOAD SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH2 0x19A0 JUMPI PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x12 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST POP DIV SWAP1 JUMP JUMPDEST DUP1 DUP3 MUL DUP2 ISZERO DUP3 DUP3 DIV DUP5 EQ OR PUSH2 0x791 JUMPI PUSH2 0x791 PUSH2 0x18FF JUMP INVALID COINBASE TIMESTAMP NUMBER PREVRANDAO GASLIMIT CHAINID SELFBALANCE BASEFEE 0x49 0x4A 0x4B 0x4C 0x4D 0x4E 0x4F POP MLOAD MSTORE MSTORE8 SLOAD SSTORE JUMP JUMPI PC MSIZE GAS PUSH2 0x6263 PUSH5 0x6566676869 PUSH11 0x6B6C6D6E6F707172737475 PUSH23 0x7778797A303132333435363738392D5FA2646970667358 0x22 SLT KECCAK256 SWAP2 CALLDATALOAD SELFBALANCE MOD PUSH8 0x9FA8E7C4C9FCBCA9 EXTCODESIZE OR EXTCODEHASH KECCAK256 0xB0 DUP13 0xD1 0xE8 SWAP14 0xF6 DUP2 0xD0 0x2A 0xD3 0x24 DUP1 SELFDESTRUCT PUSH10 0x6F64736F6C6343000814 STOP CALLER ","sourceMap":"491:607:3:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;525:571;;;;;;:::i;:::-;;:::i;:::-;;;2023:14:7;;2016:22;1998:41;;1986:2;1971:18;525:571:3;;;;;;;;836:4;859:230;900:17;;931:25;970:10;;994:15;1023:25;1062:2;1078:1;859:27;:230::i;:::-;852:237;525:571;-1:-1:-1;;;;;;;;;;525:571:3:o;3570:696:0:-;3883:4;3992:15;4010:156;4052:17;;4071:25;4098:10;;4110:15;4127:25;4154:2;4010:28;:156::i;:::-;3992:174;;4177:11;4191:44;4220:7;4229:2;4233:1;4191:28;:44::i;:::-;4177:58;3570:696;-1:-1:-1;;;;;;;;;;;;3570:696:0:o;1483:2081::-;1767:14;1903:80;;;1958:25;1904:17;;1922:2;1904:21;;;;;;;:::i;:::-;;;;;;;;;:49;1903:80;;;;1899:152;;2010:26;;;;;;;;;;;;;;1899:152;2248:30;2281:51;2315:15;2298:33;;;;;;2368:19:7;;2412:2;2403:12;;2239:182;2298:33:0;;;;;;;;;;;;;2281:16;:51::i;:::-;2248:84;;2346:31;2409:16;2403:30;2380:63;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;2380:63:0;;2346:97;;2645:18;2639:25;2591;2572:17;2568:49;2543:2;2523:18;2519:27;2485:197;2710:16;2876:18;2870:25;2865:2;2845:18;2841:27;2831:65;2819:77;;2984:8;2961:16;2938:41;;;;;;;;:::i;:::-;;;;;;;;;;;;;2928:52;;;;;;:64;2924:129;;3019:19;;;;;;;;;;;;;;2924:129;-1:-1:-1;3177:23:0;;-1:-1:-1;3213:29:0;;-1:-1:-1;3213:17:0;3240:2;3213:29;:::i;:::-;3203:40;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;3203:40:0;;3177:66;;3337:24;3311;3306:2;3294:10;3290:19;3277:85;3382:12;3397:18;3404:10;;3397:18;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;3382:33;;3507:4;3501:2;3475:24;3471:33;3459:10;3455:50;3448:64;3539:18;3546:10;3539:18;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;3532:25;1483:2081;-1:-1:-1;;;;;;;;;;;1483:2081:0:o;39212:748:1:-;39321:4;39349:5;;;39376;;;39395:6;;;:16;;;2154:66;39405:1;:6;;39395:16;:26;;;-1:-1:-1;39415:6:1;;39395:26;:36;;;;2154:66;39425:1;:6;;39395:36;39391:79;;;39454:5;39447:12;;;;;;39391:79;39492:4;;;39519;;;39538:23;39492:4;39519;39538:15;:23::i;:::-;39533:67;;39584:5;39577:12;;;;;;;;39533:67;39610:12;39625:14;39637:1;39625:11;:14::i;:::-;39610:29;-1:-1:-1;39650:16:1;2154:66;39694:4;39684:7;39669:33;39650:52;-1:-1:-1;39712:16:1;2154:66;39741:4;39738:1;39731:18;39712:37;;39759:10;39785:48;39806:2;39810;39814:8;39824;39785:20;:48::i;:::-;39780:53;;39895:1;39891;39888;39884:9;39880:2;39873:24;39946:7;;-1:-1:-1;;;;;;;;;39212:748:1;;;;;;:::o;376:1914:2:-;434:13;463:4;:11;478:1;463:16;459:31;;-1:-1:-1;;481:9:2;;;;;;;;;-1:-1:-1;481:9:2;;;376:1914::o;459:31::-;539:19;561:14;;;;;;;;;;;;;;;;;539:36;;586:20;645:1;626:4;:11;640:1;626:15;;;;:::i;:::-;625:21;;;;:::i;:::-;620:27;;:1;:27;:::i;:::-;609:39;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;609:39:2;;586:62;;751:1;744:5;740:13;795:2;787:6;783:15;849:4;900;894:11;888:4;884:22;812:940;933:6;924:7;921:19;812:940;;;1000:1;991:7;987:15;976:26;;1038:7;1032:14;1164:4;1156:5;1152:2;1148:14;1144:25;1134:8;1130:40;1124:47;1093:9;1064:125;1234:1;1223:9;1219:17;1206:30;;1354:4;1346:5;1342:2;1338:14;1334:25;1324:8;1320:40;1314:47;1283:9;1254:125;1424:1;1413:9;1409:17;1396:30;;1543:4;1535:5;1532:1;1528:13;1524:24;1514:8;1510:39;1504:46;1473:9;1444:124;1613:1;1602:9;1598:17;1585:30;;1683:4;1676:5;1672:16;1662:8;1658:31;1652:38;1641:9;1633:58;;1736:1;1725:9;1721:17;1708:30;;812:940;;;816:104;;1841:1;1834:4;1828:11;1824:19;1861:1;1856:121;;;;1995:1;1990:126;;;;1817:299;;1856:121;1961:1;1950:9;1946:17;1933:30;;1856:121;;1990:126;2100:1;2089:9;2085:17;2072:30;;1817:299;-1:-1:-1;2216:31:2;;;;;2201:47;;-1:-1:-1;2216:31:2;2235:6;-1:-1:-1;;;376:1914:2:o;12674:432:1:-;12744:4;12764:6;;;:16;;;1523:66;12774:1;:6;12764:16;:26;;;-1:-1:-1;12784:6:1;;12764:26;:36;;;;1523:66;12794:1;:6;12764:36;12760:79;;;-1:-1:-1;12823:5:1;12816:12;;12760:79;12872:11;1523:66;12896:1;12893;12886:15;12872:29;-1:-1:-1;12922:11:1;1523:66;;1658;12981:1;12974:15;1523:66;12967:1;1523:66;12960:1;12957;12950:15;12943:29;12936:57;12922:71;-1:-1:-1;1523:66:1;1794;13030:3;13023:17;13079:10;;;;;-1:-1:-1;;12674:432:1;;;;;:::o;3146:734::-;3201:14;3271:4;3265:11;3382:4;3373:7;3366:21;3427:4;3420;3411:7;3407:18;3400:32;3472:4;3465;3456:7;3452:18;3445:32;3576:1;3569:4;3560:7;3556:18;3549:29;3618:11;3611:4;3602:7;3598:18;3591:39;3670:1;3663:4;3654:7;3650:18;3643:29;3804:4;3795:7;3789:4;3780:7;3774:4;3770:1;3766:6;3755:54;3745:82;;3823:1;3820;3813:12;3745:82;3850:14;;3146:734;-1:-1:-1;;3146:734:1:o;13739:6506::-;13921:9;;;;14018:3;13921:9;;14100:13;;:30;;;;-1:-1:-1;14117:13:1;;14100:30;14096:44;;;14139:1;14132:8;;;;;;;;;;14096:44;14166:25;1930:66;2024;14184:2;14188;14166:9;:25::i;:::-;14155:36;;;;;;;;14371:1;14360:8;14353:5;14349:20;14345:28;14340:1;14329:8;14322:5;14318:20;14314:28;14311:1;14307:36;14303:71;14287:263;14380:2;14287:263;;14429:1;14422:5;14418:13;14409:22;;14526:1;14515:8;14508:5;14504:20;14500:28;14495:1;14484:8;14477:5;14473:20;14469:28;14466:1;14462:36;14458:71;14452:77;;14287:263;;;14291:85;14641:1;14630:8;14623:5;14619:20;14615:28;14610:1;14599:8;14592:5;14588:20;14584:28;14581:1;14577:36;14573:71;14567:77;;14672:1;14668:2;14665:9;14662:88;;14702:2;14697:7;;14730:2;14725:7;;14662:88;14777:1;14773:2;14770:9;14767:88;;14807:2;14802:7;;14835:2;14830:7;;14767:88;14882:1;14878:2;14875:9;14872:88;;14912:2;14907:7;;14940:2;14935:7;;14872:88;14998:1;14991:5;14987:13;14978:22;;15023:1;15017:7;;15048:1;15041:8;;15067:4114;15086:5;15077:7;15074:18;15067:4114;;;15205:1;15202;15199;15192:15;15272:1;15268:2;15264;15257:17;15328:1;15324:2;15321:1;15314:16;15384:1;15380:2;15376;15369:17;15363:23;;15490:1;15486;15482;15478:2;15475:1;15468:16;15464:1;15459:2;15456:1;15452:10;15449:1;15442:24;15435:53;15432:1;15425:67;15560:1;15555:3;15551:2;15544:18;15537:25;;15618:1;15614:2;15610;15603:17;15597:23;;15717:1;15713;15709:2;15700:7;15693:22;15689:1;15685:2;15681;15674:17;15667:52;15662:57;;15795:1;15791;15786:2;15783:1;15779:10;15776:1;15769:24;15765:2;15758:39;15752:45;;15871:1;15867:2;15863:1;15860;15856:2;15849:16;15842:31;15837:36;;16100:1;16089:8;16082:5;16078:20;16074:28;16069:1;16058:8;16051:5;16047:20;16043:28;16040:1;16036:36;16032:71;16026:77;;16139:2;16129:148;;16185:1;16182;16178:9;16173:14;;16243:8;;;;;;16129:148;16325:1;16321:2;16318:9;16315:114;;16364:2;16358:8;;16401:2;16395:8;;16315:114;16464:1;16460:2;16457:9;16454:114;;16503:2;16497:8;;16540:2;16534:8;;16454:114;16603:1;16599:2;16596:9;16593:114;;16642:2;16636:8;;16679:2;16673:8;;16593:114;16742:2;16732:223;;-1:-1:-1;16781:2:1;;-1:-1:-1;16854:1:1;;-1:-1:-1;16854:1:1;;-1:-1:-1;16817:2:1;-1:-1:-1;16921:8:1;;-1:-1:-1;16921:8:1;16732:223;17138:1;17135;17131;17126:3;17122:2;17115:18;17108:32;17212:1;17208;17205;17201:9;17197:1;17193:2;17189;17182:17;17175:39;17169:45;;17439:2;17429:1132;;17483:2;17473:1062;;17546:1;17543;17534:7;17527:21;17521:27;;17621:1;17617:2;17613;17606:17;17600:23;;17685:1;17681:2;17678:1;17671:16;17665:22;;17754:1;17750:2;17746;17739:17;17733:23;;17817:1;17813:2;17810:1;17803:16;17797:22;;17893:1;17888:2;17885:1;17881:10;17878:1;17871:24;17957:1;17952:3;17948:2;17941:18;17935:24;;18027:1;18023:2;18020:1;18013:16;18007:22;;18091:1;18086:3;18081;18074:19;18067:26;;;18161:1;18157:2;18153;18146:17;18140:23;;18272:1;18268;18264:2;18255:7;18248:22;18244:1;18240:2;18236;18229:17;18222:52;18217:57;;18362:1;18358;18354;18351;18347:9;18343:2;18336:24;18332:2;18325:39;18319:45;;18442:1;18438;18435;18431:2;18424:16;18420:2;18413:31;18408:36;;18497:8;;;;;;;17473:1062;18608:1;18604:2;18600;18593:17;18587:23;;18666:1;18662:2;18658;18651:17;18782:1;18778:2;18774;18767:17;18761:23;;18833:1;18828:3;18823;18816:19;18809:26;;18897:1;18893:2;18890:1;18883:16;19005:1;19001;18996:3;18987:7;18980:23;18976:1;18970:3;18967:1;18963:11;18959:1;18955:2;18951;18944:17;18937:41;18930:77;18924:83;;19106:1;19102;19097:3;19094:1;19087:17;19083:1;19079:2;19075:1;19070:2;19067:1;19063:10;19058:3;19051:26;19044:41;19037:71;19032:76;;;;;19139:2;19134:7;;15959:3204;;;;15067:4114;15115:1;15108:5;15104:13;15095:22;;15067:4114;;;19224:4;19218:11;19267:2;19260:4;19257:1;19253:12;19246:24;19532:4;19529:1;19522:15;19575:4;19568;19565:1;19561:12;19554:26;19618:4;19611;19608:1;19604:12;19597:26;19772:7;19765:4;19762:1;19758:12;19751:29;19818:1;19811:4;19808:1;19804:12;19797:23;19948:4;19945:1;19939:4;19936:1;19930:4;19926:1;19922:6;19911:42;19901:70;;19967:1;19964;19957:12;19901:70;20156:1;20152;20146:8;20143:1;20136:22;20131:27;;;20230:8;;;;;;13739:6506;;;;;;;:::o;13194:373::-;13284:7;;;;12525:6;13356:41;;13390:2;13394;13382:15;;;;;;;;13356:41;12525:6;13407:41;;13441:2;13445;13433:15;;;;;;;;13407:41;13481:31;13491:2;13495;13499:1;13502;13505:2;13509;13481:9;:31::i;:::-;13459:53;;-1:-1:-1;13459:53:1;;-1:-1:-1;13459:53:1;-1:-1:-1;13459:53:1;-1:-1:-1;13530:30:1;13459:53;;;;13530:11;:30::i;:::-;13523:37;;;;;;13194:373;;;;;;;;:::o;10549:1073::-;10690:10;10702;10714;10726;10780:2;10786:1;10780:7;10776:67;;-1:-1:-1;10815:2:1;;-1:-1:-1;10819:2:1;;-1:-1:-1;10823:1:1;;-1:-1:-1;10823:1:1;10807:21;;10776:67;10894:1;10890:10;;;;;10894:1;10941:4;10937:2;10930:19;10923:34;10917:40;;11019:1;11014:2;11011:1;11007:10;11003:1;10998:3;10994:2;10987:18;10980:41;10974:47;;11059:1;11055:2;11051;11044:17;11038:23;;11110:1;11106:2;11102;11095:17;11089:23;;11164:1;11160:2;11155:3;11148:18;11142:24;;11223:1;11219:2;11213:4;11206:19;11200:25;;11284:1;11280:2;11276;11269:17;11262:24;;11395:1;11391;11386:3;11377:7;11370:23;11366:1;11361:2;11358:1;11354:10;11350:1;11346:2;11342;11335:17;11328:40;11321:76;11315:82;;11503:1;11499;11495:2;11491;11484:17;11480:1;11476:2;11472:1;11467:2;11464:1;11460:10;11455:3;11448:26;11441:41;11434:71;11428:77;;10549:1073;;;;;;;;;;;;:::o;8944:351::-;9035:10;9047;9069:14;9086:16;9098:3;9086:11;:16::i;:::-;9069:33;-1:-1:-1;1523:66:1;9135:6;9132:1;9125:20;9120:25;-1:-1:-1;9163:10:1;1523:66;9187:6;9183:2;9176:21;9163:34;-1:-1:-1;1523:66:1;9233:2;9229;9222:17;9213:26;-1:-1:-1;1523:66:1;9271:6;9268:1;9261:20;9256:25;;9059:236;;8944:351;;;;;;;:::o;3992:730::-;4047:14;4117:4;4111:11;4228:4;4219:7;4212:21;4273:4;4266;4257:7;4253:18;4246:32;4318:4;4311;4302:7;4298:18;4291:32;4422:1;4415:4;4406:7;4402:18;4395:29;4464:7;4457:4;4448:7;4444:18;4437:35;4512:1;4505:4;4496:7;4492:18;4485:29;4646:4;4637:7;4631:4;4622:7;4616:4;4612:1;4608:6;4597:54;4587:82;;4665:1;4662;4655:12;14:347:7;65:8;75:6;129:3;122:4;114:6;110:17;106:27;96:55;;147:1;144;137:12;96:55;-1:-1:-1;170:20:7;;213:18;202:30;;199:50;;;245:1;242;235:12;199:50;282:4;274:6;270:17;258:29;;334:3;327:4;318:6;310;306:19;302:30;299:39;296:59;;;351:1;348;341:12;296:59;14:347;;;;;:::o;366:159::-;460:6;493:2;481:15;;478:24;-1:-1:-1;475:44:7;;;515:1;512;505:12;530:1323;714:6;722;730;738;746;754;762;770;778;831:3;819:9;810:7;806:23;802:33;799:53;;;848:1;845;838:12;799:53;888:9;875:23;917:18;958:2;950:6;947:14;944:34;;;974:1;971;964:12;944:34;1013:58;1063:7;1054:6;1043:9;1039:22;1013:58;:::i;:::-;1090:8;;-1:-1:-1;987:84:7;-1:-1:-1;1175:2:7;1160:18;;1147:32;;-1:-1:-1;1219:66:7;1208:78;;1198:89;;1188:117;;1301:1;1298;1291:12;1188:117;1324:5;;-1:-1:-1;1382:2:7;1367:18;;1354:32;;1398:16;;;1395:36;;;1427:1;1424;1417:12;1395:36;;1466:60;1518:7;1507:8;1496:9;1492:24;1466:60;:::i;:::-;1545:8;;-1:-1:-1;1440:86:7;-1:-1:-1;;1627:2:7;1612:18;;1599:32;;-1:-1:-1;1678:3:7;1663:19;;1650:33;;-1:-1:-1;1702:63:7;1757:7;1751:3;1736:19;;1702:63;:::i;:::-;1692:73;;1784:63;1839:7;1833:3;1822:9;1818:19;1784:63;:::i;:::-;1774:73;;530:1323;;;;;;;;;;;:::o;2050:184::-;2102:77;2099:1;2092:88;2199:4;2196:1;2189:15;2223:4;2220:1;2213:15;2426:184;2478:77;2475:1;2468:88;2575:4;2572:1;2565:15;2599:4;2596:1;2589:15;2615:412;2744:3;2782:6;2776:13;2807:1;2817:129;2831:6;2828:1;2825:13;2817:129;;;2929:4;2913:14;;;2909:25;;2903:32;2890:11;;;2883:53;2846:12;2817:129;;;-1:-1:-1;3001:1:7;2965:16;;2990:13;;;-1:-1:-1;2965:16:7;2615:412;-1:-1:-1;2615:412:7:o;3032:184::-;3084:77;3081:1;3074:88;3181:4;3178:1;3171:15;3205:4;3202:1;3195:15;3221:125;3286:9;;;3307:10;;;3304:36;;;3320:18;;:::i;3351:271::-;3534:6;3526;3521:3;3508:33;3490:3;3560:16;;3585:13;;;3560:16;3351:271;-1:-1:-1;3351:271:7:o;3627:184::-;3697:6;3750:2;3738:9;3729:7;3725:23;3721:32;3718:52;;;3766:1;3763;3756:12;3718:52;-1:-1:-1;3789:16:7;;3627:184;-1:-1:-1;3627:184:7:o;4005:274::-;4045:1;4071;4061:189;;4106:77;4103:1;4096:88;4207:4;4204:1;4197:15;4235:4;4232:1;4225:15;4061:189;-1:-1:-1;4264:9:7;;4005:274::o;4284:168::-;4357:9;;;4388;;4405:15;;;4399:22;;4385:37;4375:71;;4426:18;;:::i"},"gasEstimates":{"creation":{"codeDepositCost":"1341200","executionCost":"1397","totalCost":"1342597"},"external":{"checkSignature(bytes,bytes1,bytes,bytes32,uint256,uint256[2],uint256[2])":"infinite"}},"methodIdentifiers":{"checkSignature(bytes,bytes1,bytes,bytes32,uint256,uint256[2],uint256[2])":"0d5efec9"}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the library is not compatible with memory and only works with calldata.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the library is not compatible with\\n/// memory and only works with calldata.\\ncontract WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0xea2be4de9daccb2dea0c07cde48acff08ddefe4525b7d67b7ae218099fabb4a5\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"kind":"user","methods":{},"notice":"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.","version":1}}},"contracts/P256Signer.sol":{"P256Signer":{"abi":[{"inputs":[{"internalType":"address","name":"FCLWebAuthn_","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"inputs":[],"name":"AlreadyInitialized","type":"error"},{"inputs":[],"name":"InvalidHash","type":"error"},{"inputs":[],"name":"InvalidSignature","type":"error"},{"inputs":[],"name":"FCLWebAuthn","outputs":[{"internalType":"contract WrapperFCLWebAuthn","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"x_","type":"uint256"},{"internalType":"uint256","name":"y_","type":"uint256"}],"name":"initialize","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"initialized","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_hash","type":"bytes32"},{"internalType":"bytes","name":"_signature","type":"bytes"}],"name":"isValidSignature","outputs":[{"internalType":"bytes4","name":"","type":"bytes4"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes","name":"_hash","type":"bytes"},{"internalType":"bytes","name":"_signature","type":"bytes"}],"name":"isValidSignature","outputs":[{"internalType":"bytes4","name":"","type":"bytes4"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"x","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"y","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"}],"devdoc":{"details":"This contract is the implementation. It is meant to be used through proxy clone.","kind":"dev","methods":{"initialize(uint256,uint256)":{"details":"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.","params":{"x_":"The x coordinate of the public key","y_":"The y coordinate of the public key"}},"isValidSignature(bytes,bytes)":{"details":"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32","params":{"_hash":"The hash of the data signed","_signature":"The signature"},"returns":{"_0":"The EIP-1271 magic value"}},"isValidSignature(bytes32,bytes)":{"params":{"_hash":"The hash of the data signed","_signature":"The signature"},"returns":{"_0":"The EIP-1271 magic value"}}},"title":"P256Signer","version":1},"evm":{"bytecode":{"functionDebugData":{"@_2023":{"entryPoint":null,"id":2023,"parameterSlots":1,"returnSlots":0},"abi_decode_tuple_t_address_fromMemory":{"entryPoint":77,"id":null,"parameterSlots":2,"returnSlots":1}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:306:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"95:209:7","statements":[{"body":{"nodeType":"YulBlock","src":"141:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"150:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"153:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"143:6:7"},"nodeType":"YulFunctionCall","src":"143:12:7"},"nodeType":"YulExpressionStatement","src":"143:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"116:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"125:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"112:3:7"},"nodeType":"YulFunctionCall","src":"112:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"137:2:7","type":"","value":"32"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"108:3:7"},"nodeType":"YulFunctionCall","src":"108:32:7"},"nodeType":"YulIf","src":"105:52:7"},{"nodeType":"YulVariableDeclaration","src":"166:29:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"185:9:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"179:5:7"},"nodeType":"YulFunctionCall","src":"179:16:7"},"variables":[{"name":"value","nodeType":"YulTypedName","src":"170:5:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"258:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"267:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"270:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"260:6:7"},"nodeType":"YulFunctionCall","src":"260:12:7"},"nodeType":"YulExpressionStatement","src":"260:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"217:5:7"},{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"228:5:7"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"243:3:7","type":"","value":"160"},{"kind":"number","nodeType":"YulLiteral","src":"248:1:7","type":"","value":"1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"239:3:7"},"nodeType":"YulFunctionCall","src":"239:11:7"},{"kind":"number","nodeType":"YulLiteral","src":"252:1:7","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"235:3:7"},"nodeType":"YulFunctionCall","src":"235:19:7"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"224:3:7"},"nodeType":"YulFunctionCall","src":"224:31:7"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"214:2:7"},"nodeType":"YulFunctionCall","src":"214:42:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"207:6:7"},"nodeType":"YulFunctionCall","src":"207:50:7"},"nodeType":"YulIf","src":"204:70:7"},{"nodeType":"YulAssignment","src":"283:15:7","value":{"name":"value","nodeType":"YulIdentifier","src":"293:5:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"283:6:7"}]}]},"name":"abi_decode_tuple_t_address_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"61:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"72:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"84:6:7","type":""}],"src":"14:290:7"}]},"contents":"{\n { }\n function abi_decode_tuple_t_address_fromMemory(headStart, dataEnd) -> value0\n {\n if slt(sub(dataEnd, headStart), 32) { revert(0, 0) }\n let value := mload(headStart)\n if iszero(eq(value, and(value, sub(shl(160, 1), 1)))) { revert(0, 0) }\n value0 := value\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"linkReferences":{},"object":"60a060405234801561001057600080fd5b506040516108d93803806108d983398101604081905261002f9161004d565b6000805460ff191660011790556001600160a01b031660805261007d565b60006020828403121561005f57600080fd5b81516001600160a01b038116811461007657600080fd5b9392505050565b60805161083a61009f6000396000818161012001526102ab015261083a6000f3fe608060405234801561001057600080fd5b506004361061007d5760003560e01c806320c13b0b1161005b57806320c13b0b146100ff578063a56dfe4a14610112578063c71187f01461011b578063e4a301161461016757600080fd5b80630c55699c14610082578063158ef93e1461009e5780631626ba7e146100bb575b600080fd5b61008b60015481565b6040519081526020015b60405180910390f35b6000546100ab9060ff1681565b6040519015158152602001610095565b6100ce6100c93660046104ee565b61017c565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610095565b6100ce61010d366004610535565b6101d1565b61008b60025481565b6101427f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff9091168152602001610095565b61017a61017536600461058f565b610205565b005b60006101a98360405160200161019491815260200190565b60405160208183030381529060405283610279565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101dd8383610279565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff1615610242576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061029f9190610622565b935093509350935060007f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff16630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016103279796959493929190610753565b602060405180830381865afa158015610344573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061036891906107db565b9050806103a1576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff811182821017156103fd576103fd6103ab565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561044a5761044a6103ab565b604052919050565b600067ffffffffffffffff82111561046c5761046c6103ab565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126104a957600080fd5b81356104bc6104b782610452565b610403565b8181528460208386010111156104d157600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561050157600080fd5b82359150602083013567ffffffffffffffff81111561051f57600080fd5b61052b85828601610498565b9150509250929050565b6000806040838503121561054857600080fd5b823567ffffffffffffffff8082111561056057600080fd5b61056c86838701610498565b9350602085013591508082111561058257600080fd5b5061052b85828601610498565b600080604083850312156105a257600080fd5b50508035926020909101359150565b60005b838110156105cc5781810151838201526020016105b4565b50506000910152565b600082601f8301126105e657600080fd5b81516105f46104b782610452565b81815284602083860101111561060957600080fd5b61061a8260208301602087016105b1565b949350505050565b60008060008060a0858703121561063857600080fd5b845167ffffffffffffffff8082111561065057600080fd5b61065c888389016105d5565b955060209150818701518181111561067357600080fd5b61067f89828a016105d5565b955050506040860151925086607f87011261069957600080fd5b6106a16103da565b8060a08801898111156106b357600080fd5b606089015b818110156106cf57805184529284019284016106b8565b505080935050505092959194509250565b600081518084526106f88160208601602086016105b1565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561074d57815184526020938401939091019060010161072e565b50505050565b60006101208083526107678184018b6106e0565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526107a681896106e0565b9150508560608301528460808301526107c260a083018561072a565b6107cf60e083018461072a565b98975050505050505050565b6000602082840312156107ed57600080fd5b815180151581146107fd57600080fd5b939250505056fea2646970667358221220e2459884096b6098f1ab893e1294550f8a6f46ac1414f13f4ba4f26cfbfbffe664736f6c63430008140033","opcodes":"PUSH1 0xA0 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x40 MLOAD PUSH2 0x8D9 CODESIZE SUB DUP1 PUSH2 0x8D9 DUP4 CODECOPY DUP2 ADD PUSH1 0x40 DUP2 SWAP1 MSTORE PUSH2 0x2F SWAP2 PUSH2 0x4D JUMP JUMPDEST PUSH1 0x0 DUP1 SLOAD PUSH1 0xFF NOT AND PUSH1 0x1 OR SWAP1 SSTORE PUSH1 0x1 PUSH1 0x1 PUSH1 0xA0 SHL SUB AND PUSH1 0x80 MSTORE PUSH2 0x7D JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x5F JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD PUSH1 0x1 PUSH1 0x1 PUSH1 0xA0 SHL SUB DUP2 AND DUP2 EQ PUSH2 0x76 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x80 MLOAD PUSH2 0x83A PUSH2 0x9F PUSH1 0x0 CODECOPY PUSH1 0x0 DUP2 DUP2 PUSH2 0x120 ADD MSTORE PUSH2 0x2AB ADD MSTORE PUSH2 0x83A PUSH1 0x0 RETURN INVALID PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x7D JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x20C13B0B GT PUSH2 0x5B JUMPI DUP1 PUSH4 0x20C13B0B EQ PUSH2 0xFF JUMPI DUP1 PUSH4 0xA56DFE4A EQ PUSH2 0x112 JUMPI DUP1 PUSH4 0xC71187F0 EQ PUSH2 0x11B JUMPI DUP1 PUSH4 0xE4A30116 EQ PUSH2 0x167 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP1 PUSH4 0xC55699C EQ PUSH2 0x82 JUMPI DUP1 PUSH4 0x158EF93E EQ PUSH2 0x9E JUMPI DUP1 PUSH4 0x1626BA7E EQ PUSH2 0xBB JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x8B PUSH1 0x1 SLOAD DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP2 MSTORE PUSH1 0x20 ADD JUMPDEST PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH1 0x0 SLOAD PUSH2 0xAB SWAP1 PUSH1 0xFF AND DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 ISZERO ISZERO DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0xCE PUSH2 0xC9 CALLDATASIZE PUSH1 0x4 PUSH2 0x4EE JUMP JUMPDEST PUSH2 0x17C JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH32 0xFFFFFFFF00000000000000000000000000000000000000000000000000000000 SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0xCE PUSH2 0x10D CALLDATASIZE PUSH1 0x4 PUSH2 0x535 JUMP JUMPDEST PUSH2 0x1D1 JUMP JUMPDEST PUSH2 0x8B PUSH1 0x2 SLOAD DUP2 JUMP JUMPDEST PUSH2 0x142 PUSH32 0x0 DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0x17A PUSH2 0x175 CALLDATASIZE PUSH1 0x4 PUSH2 0x58F JUMP JUMPDEST PUSH2 0x205 JUMP JUMPDEST STOP JUMPDEST PUSH1 0x0 PUSH2 0x1A9 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x194 SWAP2 DUP2 MSTORE PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP4 PUSH2 0x279 JUMP JUMPDEST POP PUSH32 0x1626BA7E00000000000000000000000000000000000000000000000000000000 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH2 0x1DD DUP4 DUP4 PUSH2 0x279 JUMP JUMPDEST POP PUSH32 0x20C13B0B00000000000000000000000000000000000000000000000000000000 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 SLOAD PUSH1 0xFF AND ISZERO PUSH2 0x242 JUMPI PUSH1 0x40 MLOAD PUSH32 0xDC149F000000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST PUSH1 0x0 DUP1 SLOAD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00 AND PUSH1 0x1 SWAP1 DUP2 OR SWAP1 SWAP2 SSTORE SWAP2 SWAP1 SWAP2 SSTORE PUSH1 0x2 SSTORE JUMP JUMPDEST PUSH1 0x0 DUP3 DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 SWAP1 POP PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP6 DUP1 PUSH1 0x20 ADD SWAP1 MLOAD DUP2 ADD SWAP1 PUSH2 0x29F SWAP2 SWAP1 PUSH2 0x622 JUMP JUMPDEST SWAP4 POP SWAP4 POP SWAP4 POP SWAP4 POP PUSH1 0x0 PUSH32 0x0 PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF AND PUSH4 0xD5EFEC9 DUP7 PUSH1 0x1 DUP8 DUP11 DUP9 DUP9 PUSH1 0x40 MLOAD DUP1 PUSH1 0x40 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x1 SLOAD DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x2 SLOAD DUP2 MSTORE POP PUSH1 0x40 MLOAD DUP9 PUSH4 0xFFFFFFFF AND PUSH1 0xE0 SHL DUP2 MSTORE PUSH1 0x4 ADD PUSH2 0x327 SWAP8 SWAP7 SWAP6 SWAP5 SWAP4 SWAP3 SWAP2 SWAP1 PUSH2 0x753 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP7 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x344 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x368 SWAP2 SWAP1 PUSH2 0x7DB JUMP JUMPDEST SWAP1 POP DUP1 PUSH2 0x3A1 JUMPI PUSH1 0x40 MLOAD PUSH32 0x8BAA579F00000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x41 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP1 DUP2 ADD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT DUP3 DUP3 LT OR ISZERO PUSH2 0x3FD JUMPI PUSH2 0x3FD PUSH2 0x3AB JUMP JUMPDEST PUSH1 0x40 MSTORE SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x1F DUP3 ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND DUP2 ADD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT DUP3 DUP3 LT OR ISZERO PUSH2 0x44A JUMPI PUSH2 0x44A PUSH2 0x3AB JUMP JUMPDEST PUSH1 0x40 MSTORE SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 PUSH8 0xFFFFFFFFFFFFFFFF DUP3 GT ISZERO PUSH2 0x46C JUMPI PUSH2 0x46C PUSH2 0x3AB JUMP JUMPDEST POP PUSH1 0x1F ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH1 0x1F DUP4 ADD SLT PUSH2 0x4A9 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 CALLDATALOAD PUSH2 0x4BC PUSH2 0x4B7 DUP3 PUSH2 0x452 JUMP JUMPDEST PUSH2 0x403 JUMP JUMPDEST DUP2 DUP2 MSTORE DUP5 PUSH1 0x20 DUP4 DUP7 ADD ADD GT ISZERO PUSH2 0x4D1 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 PUSH1 0x20 DUP6 ADD PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 SWAP2 DUP2 ADD PUSH1 0x20 ADD SWAP2 SWAP1 SWAP2 MSTORE SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x501 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP3 CALLDATALOAD SWAP2 POP PUSH1 0x20 DUP4 ADD CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x51F JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x52B DUP6 DUP3 DUP7 ADD PUSH2 0x498 JUMP JUMPDEST SWAP2 POP POP SWAP3 POP SWAP3 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x548 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP3 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x560 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x56C DUP7 DUP4 DUP8 ADD PUSH2 0x498 JUMP JUMPDEST SWAP4 POP PUSH1 0x20 DUP6 ADD CALLDATALOAD SWAP2 POP DUP1 DUP3 GT ISZERO PUSH2 0x582 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH2 0x52B DUP6 DUP3 DUP7 ADD PUSH2 0x498 JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x5A2 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP1 CALLDATALOAD SWAP3 PUSH1 0x20 SWAP1 SWAP2 ADD CALLDATALOAD SWAP2 POP JUMP JUMPDEST PUSH1 0x0 JUMPDEST DUP4 DUP2 LT ISZERO PUSH2 0x5CC JUMPI DUP2 DUP2 ADD MLOAD DUP4 DUP3 ADD MSTORE PUSH1 0x20 ADD PUSH2 0x5B4 JUMP JUMPDEST POP POP PUSH1 0x0 SWAP2 ADD MSTORE JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH1 0x1F DUP4 ADD SLT PUSH2 0x5E6 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD PUSH2 0x5F4 PUSH2 0x4B7 DUP3 PUSH2 0x452 JUMP JUMPDEST DUP2 DUP2 MSTORE DUP5 PUSH1 0x20 DUP4 DUP7 ADD ADD GT ISZERO PUSH2 0x609 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x61A DUP3 PUSH1 0x20 DUP4 ADD PUSH1 0x20 DUP8 ADD PUSH2 0x5B1 JUMP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0xA0 DUP6 DUP8 SUB SLT ISZERO PUSH2 0x638 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP5 MLOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x650 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x65C DUP9 DUP4 DUP10 ADD PUSH2 0x5D5 JUMP JUMPDEST SWAP6 POP PUSH1 0x20 SWAP2 POP DUP2 DUP8 ADD MLOAD DUP2 DUP2 GT ISZERO PUSH2 0x673 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x67F DUP10 DUP3 DUP11 ADD PUSH2 0x5D5 JUMP JUMPDEST SWAP6 POP POP POP PUSH1 0x40 DUP7 ADD MLOAD SWAP3 POP DUP7 PUSH1 0x7F DUP8 ADD SLT PUSH2 0x699 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x6A1 PUSH2 0x3DA JUMP JUMPDEST DUP1 PUSH1 0xA0 DUP9 ADD DUP10 DUP2 GT ISZERO PUSH2 0x6B3 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x60 DUP10 ADD JUMPDEST DUP2 DUP2 LT ISZERO PUSH2 0x6CF JUMPI DUP1 MLOAD DUP5 MSTORE SWAP3 DUP5 ADD SWAP3 DUP5 ADD PUSH2 0x6B8 JUMP JUMPDEST POP POP DUP1 SWAP4 POP POP POP POP SWAP3 SWAP6 SWAP2 SWAP5 POP SWAP3 POP JUMP JUMPDEST PUSH1 0x0 DUP2 MLOAD DUP1 DUP5 MSTORE PUSH2 0x6F8 DUP2 PUSH1 0x20 DUP7 ADD PUSH1 0x20 DUP7 ADD PUSH2 0x5B1 JUMP JUMPDEST PUSH1 0x1F ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND SWAP3 SWAP1 SWAP3 ADD PUSH1 0x20 ADD SWAP3 SWAP2 POP POP JUMP JUMPDEST DUP1 PUSH1 0x0 JUMPDEST PUSH1 0x2 DUP2 LT ISZERO PUSH2 0x74D JUMPI DUP2 MLOAD DUP5 MSTORE PUSH1 0x20 SWAP4 DUP5 ADD SWAP4 SWAP1 SWAP2 ADD SWAP1 PUSH1 0x1 ADD PUSH2 0x72E JUMP JUMPDEST POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH2 0x120 DUP1 DUP4 MSTORE PUSH2 0x767 DUP2 DUP5 ADD DUP12 PUSH2 0x6E0 JUMP JUMPDEST SWAP1 POP PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP10 PUSH1 0xF8 SHL AND PUSH1 0x20 DUP5 ADD MSTORE DUP3 DUP2 SUB PUSH1 0x40 DUP5 ADD MSTORE PUSH2 0x7A6 DUP2 DUP10 PUSH2 0x6E0 JUMP JUMPDEST SWAP2 POP POP DUP6 PUSH1 0x60 DUP4 ADD MSTORE DUP5 PUSH1 0x80 DUP4 ADD MSTORE PUSH2 0x7C2 PUSH1 0xA0 DUP4 ADD DUP6 PUSH2 0x72A JUMP JUMPDEST PUSH2 0x7CF PUSH1 0xE0 DUP4 ADD DUP5 PUSH2 0x72A JUMP JUMPDEST SWAP9 SWAP8 POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x7ED JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD DUP1 ISZERO ISZERO DUP2 EQ PUSH2 0x7FD JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 SWAP3 POP POP POP JUMP INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xE2 GASLIMIT SWAP9 DUP5 MULMOD PUSH12 0x6098F1AB893E1294550F8A6F CHAINID 0xAC EQ EQ CALL EXTCODEHASH 0x4B LOG4 CALLCODE PUSH13 0xFBFBFFE664736F6C6343000814 STOP CALLER ","sourceMap":"333:2972:4:-:0;;;1208:125;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;1252:11;:18;;-1:-1:-1;;1252:18:4;1266:4;1252:18;;;-1:-1:-1;;;;;1280:46:4;;;333:2972;;14:290:7;84:6;137:2;125:9;116:7;112:23;108:32;105:52;;;153:1;150;143:12;105:52;179:16;;-1:-1:-1;;;;;224:31:7;;214:42;;204:70;;270:1;267;260:12;204:70;293:5;14:290;-1:-1:-1;;;14:290:7:o;:::-;333:2972:4;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{"@FCLWebAuthn_1989":{"entryPoint":null,"id":1989,"parameterSlots":0,"returnSlots":0},"@_validate_2124":{"entryPoint":633,"id":2124,"parameterSlots":2,"returnSlots":0},"@initialize_2150":{"entryPoint":517,"id":2150,"parameterSlots":2,"returnSlots":0},"@initialized_1992":{"entryPoint":null,"id":1992,"parameterSlots":0,"returnSlots":0},"@isValidSignature_2044":{"entryPoint":380,"id":2044,"parameterSlots":2,"returnSlots":1},"@isValidSignature_2062":{"entryPoint":465,"id":2062,"parameterSlots":2,"returnSlots":1},"@x_1995":{"entryPoint":null,"id":1995,"parameterSlots":0,"returnSlots":0},"@y_1998":{"entryPoint":null,"id":1998,"parameterSlots":0,"returnSlots":0},"abi_decode_bytes":{"entryPoint":1176,"id":null,"parameterSlots":2,"returnSlots":1},"abi_decode_bytes_fromMemory":{"entryPoint":1493,"id":null,"parameterSlots":2,"returnSlots":1},"abi_decode_tuple_t_bool_fromMemory":{"entryPoint":2011,"id":null,"parameterSlots":2,"returnSlots":1},"abi_decode_tuple_t_bytes32t_bytes_memory_ptr":{"entryPoint":1262,"id":null,"parameterSlots":2,"returnSlots":2},"abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptr":{"entryPoint":1333,"id":null,"parameterSlots":2,"returnSlots":2},"abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptrt_uint256t_array$_t_uint256_$2_memory_ptr_fromMemory":{"entryPoint":1570,"id":null,"parameterSlots":2,"returnSlots":4},"abi_decode_tuple_t_uint256t_uint256":{"entryPoint":1423,"id":null,"parameterSlots":2,"returnSlots":2},"abi_encode_array_uint256":{"entryPoint":1834,"id":null,"parameterSlots":2,"returnSlots":0},"abi_encode_bytes":{"entryPoint":1760,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_bytes32__to_t_bytes32__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_bytes4__to_t_bytes4__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_bytes_memory_ptr_t_rational_1_by_1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__to_t_bytes_memory_ptr_t_bytes1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__fromStack_reversed":{"entryPoint":1875,"id":null,"parameterSlots":8,"returnSlots":1},"abi_encode_tuple_t_contract$_WrapperFCLWebAuthn_$1973__to_t_address__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_uint256__to_t_uint256__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"allocate_memory":{"entryPoint":1027,"id":null,"parameterSlots":1,"returnSlots":1},"allocate_memory_957":{"entryPoint":986,"id":null,"parameterSlots":0,"returnSlots":1},"array_allocation_size_bytes":{"entryPoint":1106,"id":null,"parameterSlots":1,"returnSlots":1},"copy_memory_to_memory_with_cleanup":{"entryPoint":1457,"id":null,"parameterSlots":3,"returnSlots":0},"panic_error_0x41":{"entryPoint":939,"id":null,"parameterSlots":0,"returnSlots":0}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:7514:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"115:76:7","statements":[{"nodeType":"YulAssignment","src":"125:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"137:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"148:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"133:3:7"},"nodeType":"YulFunctionCall","src":"133:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"125:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"167:9:7"},{"name":"value0","nodeType":"YulIdentifier","src":"178:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"160:6:7"},"nodeType":"YulFunctionCall","src":"160:25:7"},"nodeType":"YulExpressionStatement","src":"160:25:7"}]},"name":"abi_encode_tuple_t_uint256__to_t_uint256__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"84:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"95:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"106:4:7","type":""}],"src":"14:177:7"},{"body":{"nodeType":"YulBlock","src":"291:92:7","statements":[{"nodeType":"YulAssignment","src":"301:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"313:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"324:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"309:3:7"},"nodeType":"YulFunctionCall","src":"309:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"301:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"343:9:7"},{"arguments":[{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"368:6:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"361:6:7"},"nodeType":"YulFunctionCall","src":"361:14:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"354:6:7"},"nodeType":"YulFunctionCall","src":"354:22:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"336:6:7"},"nodeType":"YulFunctionCall","src":"336:41:7"},"nodeType":"YulExpressionStatement","src":"336:41:7"}]},"name":"abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"260:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"271:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"282:4:7","type":""}],"src":"196:187:7"},{"body":{"nodeType":"YulBlock","src":"420:152:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"437:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"440:77:7","type":"","value":"35408467139433450592217433187231851964531694900788300625387963629091585785856"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"430:6:7"},"nodeType":"YulFunctionCall","src":"430:88:7"},"nodeType":"YulExpressionStatement","src":"430:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"534:1:7","type":"","value":"4"},{"kind":"number","nodeType":"YulLiteral","src":"537:4:7","type":"","value":"0x41"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"527:6:7"},"nodeType":"YulFunctionCall","src":"527:15:7"},"nodeType":"YulExpressionStatement","src":"527:15:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"558:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"561:4:7","type":"","value":"0x24"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"551:6:7"},"nodeType":"YulFunctionCall","src":"551:15:7"},"nodeType":"YulExpressionStatement","src":"551:15:7"}]},"name":"panic_error_0x41","nodeType":"YulFunctionDefinition","src":"388:184:7"},{"body":{"nodeType":"YulBlock","src":"622:205:7","statements":[{"nodeType":"YulAssignment","src":"632:19:7","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"648:2:7","type":"","value":"64"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"642:5:7"},"nodeType":"YulFunctionCall","src":"642:9:7"},"variableNames":[{"name":"memPtr","nodeType":"YulIdentifier","src":"632:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"660:33:7","value":{"arguments":[{"name":"memPtr","nodeType":"YulIdentifier","src":"682:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"690:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"678:3:7"},"nodeType":"YulFunctionCall","src":"678:15:7"},"variables":[{"name":"newFreePtr","nodeType":"YulTypedName","src":"664:10:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"768:22:7","statements":[{"expression":{"arguments":[],"functionName":{"name":"panic_error_0x41","nodeType":"YulIdentifier","src":"770:16:7"},"nodeType":"YulFunctionCall","src":"770:18:7"},"nodeType":"YulExpressionStatement","src":"770:18:7"}]},"condition":{"arguments":[{"arguments":[{"name":"newFreePtr","nodeType":"YulIdentifier","src":"711:10:7"},{"kind":"number","nodeType":"YulLiteral","src":"723:18:7","type":"","value":"0xffffffffffffffff"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"708:2:7"},"nodeType":"YulFunctionCall","src":"708:34:7"},{"arguments":[{"name":"newFreePtr","nodeType":"YulIdentifier","src":"747:10:7"},{"name":"memPtr","nodeType":"YulIdentifier","src":"759:6:7"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"744:2:7"},"nodeType":"YulFunctionCall","src":"744:22:7"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"705:2:7"},"nodeType":"YulFunctionCall","src":"705:62:7"},"nodeType":"YulIf","src":"702:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"806:2:7","type":"","value":"64"},{"name":"newFreePtr","nodeType":"YulIdentifier","src":"810:10:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"799:6:7"},"nodeType":"YulFunctionCall","src":"799:22:7"},"nodeType":"YulExpressionStatement","src":"799:22:7"}]},"name":"allocate_memory_957","nodeType":"YulFunctionDefinition","returnVariables":[{"name":"memPtr","nodeType":"YulTypedName","src":"611:6:7","type":""}],"src":"577:250:7"},{"body":{"nodeType":"YulBlock","src":"877:289:7","statements":[{"nodeType":"YulAssignment","src":"887:19:7","value":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"903:2:7","type":"","value":"64"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"897:5:7"},"nodeType":"YulFunctionCall","src":"897:9:7"},"variableNames":[{"name":"memPtr","nodeType":"YulIdentifier","src":"887:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"915:117:7","value":{"arguments":[{"name":"memPtr","nodeType":"YulIdentifier","src":"937:6:7"},{"arguments":[{"arguments":[{"name":"size","nodeType":"YulIdentifier","src":"953:4:7"},{"kind":"number","nodeType":"YulLiteral","src":"959:2:7","type":"","value":"31"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"949:3:7"},"nodeType":"YulFunctionCall","src":"949:13:7"},{"kind":"number","nodeType":"YulLiteral","src":"964:66:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"945:3:7"},"nodeType":"YulFunctionCall","src":"945:86:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"933:3:7"},"nodeType":"YulFunctionCall","src":"933:99:7"},"variables":[{"name":"newFreePtr","nodeType":"YulTypedName","src":"919:10:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"1107:22:7","statements":[{"expression":{"arguments":[],"functionName":{"name":"panic_error_0x41","nodeType":"YulIdentifier","src":"1109:16:7"},"nodeType":"YulFunctionCall","src":"1109:18:7"},"nodeType":"YulExpressionStatement","src":"1109:18:7"}]},"condition":{"arguments":[{"arguments":[{"name":"newFreePtr","nodeType":"YulIdentifier","src":"1050:10:7"},{"kind":"number","nodeType":"YulLiteral","src":"1062:18:7","type":"","value":"0xffffffffffffffff"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"1047:2:7"},"nodeType":"YulFunctionCall","src":"1047:34:7"},{"arguments":[{"name":"newFreePtr","nodeType":"YulIdentifier","src":"1086:10:7"},{"name":"memPtr","nodeType":"YulIdentifier","src":"1098:6:7"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"1083:2:7"},"nodeType":"YulFunctionCall","src":"1083:22:7"}],"functionName":{"name":"or","nodeType":"YulIdentifier","src":"1044:2:7"},"nodeType":"YulFunctionCall","src":"1044:62:7"},"nodeType":"YulIf","src":"1041:88:7"},{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1145:2:7","type":"","value":"64"},{"name":"newFreePtr","nodeType":"YulIdentifier","src":"1149:10:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1138:6:7"},"nodeType":"YulFunctionCall","src":"1138:22:7"},"nodeType":"YulExpressionStatement","src":"1138:22:7"}]},"name":"allocate_memory","nodeType":"YulFunctionDefinition","parameters":[{"name":"size","nodeType":"YulTypedName","src":"857:4:7","type":""}],"returnVariables":[{"name":"memPtr","nodeType":"YulTypedName","src":"866:6:7","type":""}],"src":"832:334:7"},{"body":{"nodeType":"YulBlock","src":"1228:188:7","statements":[{"body":{"nodeType":"YulBlock","src":"1272:22:7","statements":[{"expression":{"arguments":[],"functionName":{"name":"panic_error_0x41","nodeType":"YulIdentifier","src":"1274:16:7"},"nodeType":"YulFunctionCall","src":"1274:18:7"},"nodeType":"YulExpressionStatement","src":"1274:18:7"}]},"condition":{"arguments":[{"name":"length","nodeType":"YulIdentifier","src":"1244:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"1252:18:7","type":"","value":"0xffffffffffffffff"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"1241:2:7"},"nodeType":"YulFunctionCall","src":"1241:30:7"},"nodeType":"YulIf","src":"1238:56:7"},{"nodeType":"YulAssignment","src":"1303:107:7","value":{"arguments":[{"arguments":[{"arguments":[{"name":"length","nodeType":"YulIdentifier","src":"1323:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"1331:2:7","type":"","value":"31"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1319:3:7"},"nodeType":"YulFunctionCall","src":"1319:15:7"},{"kind":"number","nodeType":"YulLiteral","src":"1336:66:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"1315:3:7"},"nodeType":"YulFunctionCall","src":"1315:88:7"},{"kind":"number","nodeType":"YulLiteral","src":"1405:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1311:3:7"},"nodeType":"YulFunctionCall","src":"1311:99:7"},"variableNames":[{"name":"size","nodeType":"YulIdentifier","src":"1303:4:7"}]}]},"name":"array_allocation_size_bytes","nodeType":"YulFunctionDefinition","parameters":[{"name":"length","nodeType":"YulTypedName","src":"1208:6:7","type":""}],"returnVariables":[{"name":"size","nodeType":"YulTypedName","src":"1219:4:7","type":""}],"src":"1171:245:7"},{"body":{"nodeType":"YulBlock","src":"1473:410:7","statements":[{"body":{"nodeType":"YulBlock","src":"1522:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1531:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"1534:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"1524:6:7"},"nodeType":"YulFunctionCall","src":"1524:12:7"},"nodeType":"YulExpressionStatement","src":"1524:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"1501:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"1509:4:7","type":"","value":"0x1f"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1497:3:7"},"nodeType":"YulFunctionCall","src":"1497:17:7"},{"name":"end","nodeType":"YulIdentifier","src":"1516:3:7"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"1493:3:7"},"nodeType":"YulFunctionCall","src":"1493:27:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"1486:6:7"},"nodeType":"YulFunctionCall","src":"1486:35:7"},"nodeType":"YulIf","src":"1483:55:7"},{"nodeType":"YulVariableDeclaration","src":"1547:30:7","value":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"1570:6:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"1557:12:7"},"nodeType":"YulFunctionCall","src":"1557:20:7"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"1551:2:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"1586:63:7","value":{"arguments":[{"arguments":[{"name":"_1","nodeType":"YulIdentifier","src":"1645:2:7"}],"functionName":{"name":"array_allocation_size_bytes","nodeType":"YulIdentifier","src":"1617:27:7"},"nodeType":"YulFunctionCall","src":"1617:31:7"}],"functionName":{"name":"allocate_memory","nodeType":"YulIdentifier","src":"1601:15:7"},"nodeType":"YulFunctionCall","src":"1601:48:7"},"variables":[{"name":"array_1","nodeType":"YulTypedName","src":"1590:7:7","type":""}]},{"expression":{"arguments":[{"name":"array_1","nodeType":"YulIdentifier","src":"1665:7:7"},{"name":"_1","nodeType":"YulIdentifier","src":"1674:2:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1658:6:7"},"nodeType":"YulFunctionCall","src":"1658:19:7"},"nodeType":"YulExpressionStatement","src":"1658:19:7"},{"body":{"nodeType":"YulBlock","src":"1725:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"1734:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"1737:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"1727:6:7"},"nodeType":"YulFunctionCall","src":"1727:12:7"},"nodeType":"YulExpressionStatement","src":"1727:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"1700:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"1708:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1696:3:7"},"nodeType":"YulFunctionCall","src":"1696:15:7"},{"kind":"number","nodeType":"YulLiteral","src":"1713:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1692:3:7"},"nodeType":"YulFunctionCall","src":"1692:26:7"},{"name":"end","nodeType":"YulIdentifier","src":"1720:3:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"1689:2:7"},"nodeType":"YulFunctionCall","src":"1689:35:7"},"nodeType":"YulIf","src":"1686:55:7"},{"expression":{"arguments":[{"arguments":[{"name":"array_1","nodeType":"YulIdentifier","src":"1767:7:7"},{"kind":"number","nodeType":"YulLiteral","src":"1776:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1763:3:7"},"nodeType":"YulFunctionCall","src":"1763:18:7"},{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"1787:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"1795:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1783:3:7"},"nodeType":"YulFunctionCall","src":"1783:17:7"},{"name":"_1","nodeType":"YulIdentifier","src":"1802:2:7"}],"functionName":{"name":"calldatacopy","nodeType":"YulIdentifier","src":"1750:12:7"},"nodeType":"YulFunctionCall","src":"1750:55:7"},"nodeType":"YulExpressionStatement","src":"1750:55:7"},{"expression":{"arguments":[{"arguments":[{"arguments":[{"name":"array_1","nodeType":"YulIdentifier","src":"1829:7:7"},{"name":"_1","nodeType":"YulIdentifier","src":"1838:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1825:3:7"},"nodeType":"YulFunctionCall","src":"1825:16:7"},{"kind":"number","nodeType":"YulLiteral","src":"1843:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"1821:3:7"},"nodeType":"YulFunctionCall","src":"1821:27:7"},{"kind":"number","nodeType":"YulLiteral","src":"1850:1:7","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"1814:6:7"},"nodeType":"YulFunctionCall","src":"1814:38:7"},"nodeType":"YulExpressionStatement","src":"1814:38:7"},{"nodeType":"YulAssignment","src":"1861:16:7","value":{"name":"array_1","nodeType":"YulIdentifier","src":"1870:7:7"},"variableNames":[{"name":"array","nodeType":"YulIdentifier","src":"1861:5:7"}]}]},"name":"abi_decode_bytes","nodeType":"YulFunctionDefinition","parameters":[{"name":"offset","nodeType":"YulTypedName","src":"1447:6:7","type":""},{"name":"end","nodeType":"YulTypedName","src":"1455:3:7","type":""}],"returnVariables":[{"name":"array","nodeType":"YulTypedName","src":"1463:5:7","type":""}],"src":"1421:462:7"},{"body":{"nodeType":"YulBlock","src":"1984:292:7","statements":[{"body":{"nodeType":"YulBlock","src":"2030:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2039:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2042:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2032:6:7"},"nodeType":"YulFunctionCall","src":"2032:12:7"},"nodeType":"YulExpressionStatement","src":"2032:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"2005:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"2014:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"2001:3:7"},"nodeType":"YulFunctionCall","src":"2001:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"2026:2:7","type":"","value":"64"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"1997:3:7"},"nodeType":"YulFunctionCall","src":"1997:32:7"},"nodeType":"YulIf","src":"1994:52:7"},{"nodeType":"YulAssignment","src":"2055:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2078:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"2065:12:7"},"nodeType":"YulFunctionCall","src":"2065:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"2055:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"2097:46:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2128:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"2139:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2124:3:7"},"nodeType":"YulFunctionCall","src":"2124:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"2111:12:7"},"nodeType":"YulFunctionCall","src":"2111:32:7"},"variables":[{"name":"offset","nodeType":"YulTypedName","src":"2101:6:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"2186:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2195:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2198:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2188:6:7"},"nodeType":"YulFunctionCall","src":"2188:12:7"},"nodeType":"YulExpressionStatement","src":"2188:12:7"}]},"condition":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"2158:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"2166:18:7","type":"","value":"0xffffffffffffffff"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"2155:2:7"},"nodeType":"YulFunctionCall","src":"2155:30:7"},"nodeType":"YulIf","src":"2152:50:7"},{"nodeType":"YulAssignment","src":"2211:59:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2242:9:7"},{"name":"offset","nodeType":"YulIdentifier","src":"2253:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2238:3:7"},"nodeType":"YulFunctionCall","src":"2238:22:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"2262:7:7"}],"functionName":{"name":"abi_decode_bytes","nodeType":"YulIdentifier","src":"2221:16:7"},"nodeType":"YulFunctionCall","src":"2221:49:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"2211:6:7"}]}]},"name":"abi_decode_tuple_t_bytes32t_bytes_memory_ptr","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"1942:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"1953:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"1965:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"1973:6:7","type":""}],"src":"1888:388:7"},{"body":{"nodeType":"YulBlock","src":"2380:149:7","statements":[{"nodeType":"YulAssignment","src":"2390:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2402:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"2413:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2398:3:7"},"nodeType":"YulFunctionCall","src":"2398:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"2390:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2432:9:7"},{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"2447:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"2455:66:7","type":"","value":"0xffffffff00000000000000000000000000000000000000000000000000000000"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"2443:3:7"},"nodeType":"YulFunctionCall","src":"2443:79:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"2425:6:7"},"nodeType":"YulFunctionCall","src":"2425:98:7"},"nodeType":"YulExpressionStatement","src":"2425:98:7"}]},"name":"abi_encode_tuple_t_bytes4__to_t_bytes4__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"2349:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"2360:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"2371:4:7","type":""}],"src":"2281:248:7"},{"body":{"nodeType":"YulBlock","src":"2639:434:7","statements":[{"body":{"nodeType":"YulBlock","src":"2685:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2694:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2697:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2687:6:7"},"nodeType":"YulFunctionCall","src":"2687:12:7"},"nodeType":"YulExpressionStatement","src":"2687:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"2660:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"2669:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"2656:3:7"},"nodeType":"YulFunctionCall","src":"2656:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"2681:2:7","type":"","value":"64"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"2652:3:7"},"nodeType":"YulFunctionCall","src":"2652:32:7"},"nodeType":"YulIf","src":"2649:52:7"},{"nodeType":"YulVariableDeclaration","src":"2710:37:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2737:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"2724:12:7"},"nodeType":"YulFunctionCall","src":"2724:23:7"},"variables":[{"name":"offset","nodeType":"YulTypedName","src":"2714:6:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"2756:28:7","value":{"kind":"number","nodeType":"YulLiteral","src":"2766:18:7","type":"","value":"0xffffffffffffffff"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"2760:2:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"2811:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2820:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2823:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2813:6:7"},"nodeType":"YulFunctionCall","src":"2813:12:7"},"nodeType":"YulExpressionStatement","src":"2813:12:7"}]},"condition":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"2799:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"2807:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"2796:2:7"},"nodeType":"YulFunctionCall","src":"2796:14:7"},"nodeType":"YulIf","src":"2793:34:7"},{"nodeType":"YulAssignment","src":"2836:59:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2867:9:7"},{"name":"offset","nodeType":"YulIdentifier","src":"2878:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2863:3:7"},"nodeType":"YulFunctionCall","src":"2863:22:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"2887:7:7"}],"functionName":{"name":"abi_decode_bytes","nodeType":"YulIdentifier","src":"2846:16:7"},"nodeType":"YulFunctionCall","src":"2846:49:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"2836:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"2904:48:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"2937:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"2948:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"2933:3:7"},"nodeType":"YulFunctionCall","src":"2933:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"2920:12:7"},"nodeType":"YulFunctionCall","src":"2920:32:7"},"variables":[{"name":"offset_1","nodeType":"YulTypedName","src":"2908:8:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"2981:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"2990:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"2993:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"2983:6:7"},"nodeType":"YulFunctionCall","src":"2983:12:7"},"nodeType":"YulExpressionStatement","src":"2983:12:7"}]},"condition":{"arguments":[{"name":"offset_1","nodeType":"YulIdentifier","src":"2967:8:7"},{"name":"_1","nodeType":"YulIdentifier","src":"2977:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"2964:2:7"},"nodeType":"YulFunctionCall","src":"2964:16:7"},"nodeType":"YulIf","src":"2961:36:7"},{"nodeType":"YulAssignment","src":"3006:61:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3037:9:7"},{"name":"offset_1","nodeType":"YulIdentifier","src":"3048:8:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3033:3:7"},"nodeType":"YulFunctionCall","src":"3033:24:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"3059:7:7"}],"functionName":{"name":"abi_decode_bytes","nodeType":"YulIdentifier","src":"3016:16:7"},"nodeType":"YulFunctionCall","src":"3016:51:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"3006:6:7"}]}]},"name":"abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptr","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"2597:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"2608:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"2620:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"2628:6:7","type":""}],"src":"2534:539:7"},{"body":{"nodeType":"YulBlock","src":"3206:125:7","statements":[{"nodeType":"YulAssignment","src":"3216:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3228:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"3239:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3224:3:7"},"nodeType":"YulFunctionCall","src":"3224:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"3216:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3258:9:7"},{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"3273:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"3281:42:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffff"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"3269:3:7"},"nodeType":"YulFunctionCall","src":"3269:55:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3251:6:7"},"nodeType":"YulFunctionCall","src":"3251:74:7"},"nodeType":"YulExpressionStatement","src":"3251:74:7"}]},"name":"abi_encode_tuple_t_contract$_WrapperFCLWebAuthn_$1973__to_t_address__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"3175:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"3186:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"3197:4:7","type":""}],"src":"3078:253:7"},{"body":{"nodeType":"YulBlock","src":"3423:161:7","statements":[{"body":{"nodeType":"YulBlock","src":"3469:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"3478:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"3481:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"3471:6:7"},"nodeType":"YulFunctionCall","src":"3471:12:7"},"nodeType":"YulExpressionStatement","src":"3471:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"3444:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"3453:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"3440:3:7"},"nodeType":"YulFunctionCall","src":"3440:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"3465:2:7","type":"","value":"64"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"3436:3:7"},"nodeType":"YulFunctionCall","src":"3436:32:7"},"nodeType":"YulIf","src":"3433:52:7"},{"nodeType":"YulAssignment","src":"3494:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3517:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"3504:12:7"},"nodeType":"YulFunctionCall","src":"3504:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"3494:6:7"}]},{"nodeType":"YulAssignment","src":"3536:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3563:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"3574:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3559:3:7"},"nodeType":"YulFunctionCall","src":"3559:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"3546:12:7"},"nodeType":"YulFunctionCall","src":"3546:32:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"3536:6:7"}]}]},"name":"abi_decode_tuple_t_uint256t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"3381:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"3392:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"3404:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"3412:6:7","type":""}],"src":"3336:248:7"},{"body":{"nodeType":"YulBlock","src":"3690:76:7","statements":[{"nodeType":"YulAssignment","src":"3700:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3712:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"3723:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3708:3:7"},"nodeType":"YulFunctionCall","src":"3708:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"3700:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"3742:9:7"},{"name":"value0","nodeType":"YulIdentifier","src":"3753:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3735:6:7"},"nodeType":"YulFunctionCall","src":"3735:25:7"},"nodeType":"YulExpressionStatement","src":"3735:25:7"}]},"name":"abi_encode_tuple_t_bytes32__to_t_bytes32__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"3659:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"3670:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"3681:4:7","type":""}],"src":"3589:177:7"},{"body":{"nodeType":"YulBlock","src":"3837:184:7","statements":[{"nodeType":"YulVariableDeclaration","src":"3847:10:7","value":{"kind":"number","nodeType":"YulLiteral","src":"3856:1:7","type":"","value":"0"},"variables":[{"name":"i","nodeType":"YulTypedName","src":"3851:1:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"3916:63:7","statements":[{"expression":{"arguments":[{"arguments":[{"name":"dst","nodeType":"YulIdentifier","src":"3941:3:7"},{"name":"i","nodeType":"YulIdentifier","src":"3946:1:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3937:3:7"},"nodeType":"YulFunctionCall","src":"3937:11:7"},{"arguments":[{"arguments":[{"name":"src","nodeType":"YulIdentifier","src":"3960:3:7"},{"name":"i","nodeType":"YulIdentifier","src":"3965:1:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3956:3:7"},"nodeType":"YulFunctionCall","src":"3956:11:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"3950:5:7"},"nodeType":"YulFunctionCall","src":"3950:18:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3930:6:7"},"nodeType":"YulFunctionCall","src":"3930:39:7"},"nodeType":"YulExpressionStatement","src":"3930:39:7"}]},"condition":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"3877:1:7"},{"name":"length","nodeType":"YulIdentifier","src":"3880:6:7"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"3874:2:7"},"nodeType":"YulFunctionCall","src":"3874:13:7"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"3888:19:7","statements":[{"nodeType":"YulAssignment","src":"3890:15:7","value":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"3899:1:7"},{"kind":"number","nodeType":"YulLiteral","src":"3902:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3895:3:7"},"nodeType":"YulFunctionCall","src":"3895:10:7"},"variableNames":[{"name":"i","nodeType":"YulIdentifier","src":"3890:1:7"}]}]},"pre":{"nodeType":"YulBlock","src":"3870:3:7","statements":[]},"src":"3866:113:7"},{"expression":{"arguments":[{"arguments":[{"name":"dst","nodeType":"YulIdentifier","src":"3999:3:7"},{"name":"length","nodeType":"YulIdentifier","src":"4004:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"3995:3:7"},"nodeType":"YulFunctionCall","src":"3995:16:7"},{"kind":"number","nodeType":"YulLiteral","src":"4013:1:7","type":"","value":"0"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"3988:6:7"},"nodeType":"YulFunctionCall","src":"3988:27:7"},"nodeType":"YulExpressionStatement","src":"3988:27:7"}]},"name":"copy_memory_to_memory_with_cleanup","nodeType":"YulFunctionDefinition","parameters":[{"name":"src","nodeType":"YulTypedName","src":"3815:3:7","type":""},{"name":"dst","nodeType":"YulTypedName","src":"3820:3:7","type":""},{"name":"length","nodeType":"YulTypedName","src":"3825:6:7","type":""}],"src":"3771:250:7"},{"body":{"nodeType":"YulBlock","src":"4089:378:7","statements":[{"body":{"nodeType":"YulBlock","src":"4138:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4147:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4150:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4140:6:7"},"nodeType":"YulFunctionCall","src":"4140:12:7"},"nodeType":"YulExpressionStatement","src":"4140:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"4117:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"4125:4:7","type":"","value":"0x1f"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4113:3:7"},"nodeType":"YulFunctionCall","src":"4113:17:7"},{"name":"end","nodeType":"YulIdentifier","src":"4132:3:7"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"4109:3:7"},"nodeType":"YulFunctionCall","src":"4109:27:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"4102:6:7"},"nodeType":"YulFunctionCall","src":"4102:35:7"},"nodeType":"YulIf","src":"4099:55:7"},{"nodeType":"YulVariableDeclaration","src":"4163:23:7","value":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"4179:6:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"4173:5:7"},"nodeType":"YulFunctionCall","src":"4173:13:7"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"4167:2:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"4195:63:7","value":{"arguments":[{"arguments":[{"name":"_1","nodeType":"YulIdentifier","src":"4254:2:7"}],"functionName":{"name":"array_allocation_size_bytes","nodeType":"YulIdentifier","src":"4226:27:7"},"nodeType":"YulFunctionCall","src":"4226:31:7"}],"functionName":{"name":"allocate_memory","nodeType":"YulIdentifier","src":"4210:15:7"},"nodeType":"YulFunctionCall","src":"4210:48:7"},"variables":[{"name":"array_1","nodeType":"YulTypedName","src":"4199:7:7","type":""}]},{"expression":{"arguments":[{"name":"array_1","nodeType":"YulIdentifier","src":"4274:7:7"},{"name":"_1","nodeType":"YulIdentifier","src":"4283:2:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"4267:6:7"},"nodeType":"YulFunctionCall","src":"4267:19:7"},"nodeType":"YulExpressionStatement","src":"4267:19:7"},{"body":{"nodeType":"YulBlock","src":"4334:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4343:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4346:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4336:6:7"},"nodeType":"YulFunctionCall","src":"4336:12:7"},"nodeType":"YulExpressionStatement","src":"4336:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"4309:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"4317:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4305:3:7"},"nodeType":"YulFunctionCall","src":"4305:15:7"},{"kind":"number","nodeType":"YulLiteral","src":"4322:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4301:3:7"},"nodeType":"YulFunctionCall","src":"4301:26:7"},{"name":"end","nodeType":"YulIdentifier","src":"4329:3:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"4298:2:7"},"nodeType":"YulFunctionCall","src":"4298:35:7"},"nodeType":"YulIf","src":"4295:55:7"},{"expression":{"arguments":[{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"4398:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"4406:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4394:3:7"},"nodeType":"YulFunctionCall","src":"4394:17:7"},{"arguments":[{"name":"array_1","nodeType":"YulIdentifier","src":"4417:7:7"},{"kind":"number","nodeType":"YulLiteral","src":"4426:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4413:3:7"},"nodeType":"YulFunctionCall","src":"4413:18:7"},{"name":"_1","nodeType":"YulIdentifier","src":"4433:2:7"}],"functionName":{"name":"copy_memory_to_memory_with_cleanup","nodeType":"YulIdentifier","src":"4359:34:7"},"nodeType":"YulFunctionCall","src":"4359:77:7"},"nodeType":"YulExpressionStatement","src":"4359:77:7"},{"nodeType":"YulAssignment","src":"4445:16:7","value":{"name":"array_1","nodeType":"YulIdentifier","src":"4454:7:7"},"variableNames":[{"name":"array","nodeType":"YulIdentifier","src":"4445:5:7"}]}]},"name":"abi_decode_bytes_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"offset","nodeType":"YulTypedName","src":"4063:6:7","type":""},{"name":"end","nodeType":"YulTypedName","src":"4071:3:7","type":""}],"returnVariables":[{"name":"array","nodeType":"YulTypedName","src":"4079:5:7","type":""}],"src":"4026:441:7"},{"body":{"nodeType":"YulBlock","src":"4645:940:7","statements":[{"body":{"nodeType":"YulBlock","src":"4692:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4701:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4704:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4694:6:7"},"nodeType":"YulFunctionCall","src":"4694:12:7"},"nodeType":"YulExpressionStatement","src":"4694:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"4666:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"4675:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"4662:3:7"},"nodeType":"YulFunctionCall","src":"4662:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"4687:3:7","type":"","value":"160"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"4658:3:7"},"nodeType":"YulFunctionCall","src":"4658:33:7"},"nodeType":"YulIf","src":"4655:53:7"},{"nodeType":"YulVariableDeclaration","src":"4717:30:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"4737:9:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"4731:5:7"},"nodeType":"YulFunctionCall","src":"4731:16:7"},"variables":[{"name":"offset","nodeType":"YulTypedName","src":"4721:6:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"4756:28:7","value":{"kind":"number","nodeType":"YulLiteral","src":"4766:18:7","type":"","value":"0xffffffffffffffff"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"4760:2:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"4811:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"4820:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"4823:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"4813:6:7"},"nodeType":"YulFunctionCall","src":"4813:12:7"},"nodeType":"YulExpressionStatement","src":"4813:12:7"}]},"condition":{"arguments":[{"name":"offset","nodeType":"YulIdentifier","src":"4799:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"4807:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"4796:2:7"},"nodeType":"YulFunctionCall","src":"4796:14:7"},"nodeType":"YulIf","src":"4793:34:7"},{"nodeType":"YulAssignment","src":"4836:70:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"4878:9:7"},{"name":"offset","nodeType":"YulIdentifier","src":"4889:6:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4874:3:7"},"nodeType":"YulFunctionCall","src":"4874:22:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"4898:7:7"}],"functionName":{"name":"abi_decode_bytes_fromMemory","nodeType":"YulIdentifier","src":"4846:27:7"},"nodeType":"YulFunctionCall","src":"4846:60:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"4836:6:7"}]},{"nodeType":"YulVariableDeclaration","src":"4915:12:7","value":{"kind":"number","nodeType":"YulLiteral","src":"4925:2:7","type":"","value":"32"},"variables":[{"name":"_2","nodeType":"YulTypedName","src":"4919:2:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"4936:41:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"4962:9:7"},{"name":"_2","nodeType":"YulIdentifier","src":"4973:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"4958:3:7"},"nodeType":"YulFunctionCall","src":"4958:18:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"4952:5:7"},"nodeType":"YulFunctionCall","src":"4952:25:7"},"variables":[{"name":"offset_1","nodeType":"YulTypedName","src":"4940:8:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"5006:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"5015:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"5018:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"5008:6:7"},"nodeType":"YulFunctionCall","src":"5008:12:7"},"nodeType":"YulExpressionStatement","src":"5008:12:7"}]},"condition":{"arguments":[{"name":"offset_1","nodeType":"YulIdentifier","src":"4992:8:7"},{"name":"_1","nodeType":"YulIdentifier","src":"5002:2:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"4989:2:7"},"nodeType":"YulFunctionCall","src":"4989:16:7"},"nodeType":"YulIf","src":"4986:36:7"},{"nodeType":"YulAssignment","src":"5031:72:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"5073:9:7"},{"name":"offset_1","nodeType":"YulIdentifier","src":"5084:8:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5069:3:7"},"nodeType":"YulFunctionCall","src":"5069:24:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"5095:7:7"}],"functionName":{"name":"abi_decode_bytes_fromMemory","nodeType":"YulIdentifier","src":"5041:27:7"},"nodeType":"YulFunctionCall","src":"5041:62:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"5031:6:7"}]},{"nodeType":"YulAssignment","src":"5112:35:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"5132:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"5143:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5128:3:7"},"nodeType":"YulFunctionCall","src":"5128:18:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"5122:5:7"},"nodeType":"YulFunctionCall","src":"5122:25:7"},"variableNames":[{"name":"value2","nodeType":"YulIdentifier","src":"5112:6:7"}]},{"body":{"nodeType":"YulBlock","src":"5201:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"5210:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"5213:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"5203:6:7"},"nodeType":"YulFunctionCall","src":"5203:12:7"},"nodeType":"YulExpressionStatement","src":"5203:12:7"}]},"condition":{"arguments":[{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"5174:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"5185:3:7","type":"","value":"127"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5170:3:7"},"nodeType":"YulFunctionCall","src":"5170:19:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"5191:7:7"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"5166:3:7"},"nodeType":"YulFunctionCall","src":"5166:33:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"5159:6:7"},"nodeType":"YulFunctionCall","src":"5159:41:7"},"nodeType":"YulIf","src":"5156:61:7"},{"nodeType":"YulVariableDeclaration","src":"5226:32:7","value":{"arguments":[],"functionName":{"name":"allocate_memory_957","nodeType":"YulIdentifier","src":"5237:19:7"},"nodeType":"YulFunctionCall","src":"5237:21:7"},"variables":[{"name":"dst","nodeType":"YulTypedName","src":"5230:3:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"5267:16:7","value":{"name":"dst","nodeType":"YulIdentifier","src":"5280:3:7"},"variables":[{"name":"dst_1","nodeType":"YulTypedName","src":"5271:5:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"5292:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"5310:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"5321:3:7","type":"","value":"160"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5306:3:7"},"nodeType":"YulFunctionCall","src":"5306:19:7"},"variables":[{"name":"srcEnd","nodeType":"YulTypedName","src":"5296:6:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"5357:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"5366:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"5369:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"5359:6:7"},"nodeType":"YulFunctionCall","src":"5359:12:7"},"nodeType":"YulExpressionStatement","src":"5359:12:7"}]},"condition":{"arguments":[{"name":"srcEnd","nodeType":"YulIdentifier","src":"5340:6:7"},{"name":"dataEnd","nodeType":"YulIdentifier","src":"5348:7:7"}],"functionName":{"name":"gt","nodeType":"YulIdentifier","src":"5337:2:7"},"nodeType":"YulFunctionCall","src":"5337:19:7"},"nodeType":"YulIf","src":"5334:39:7"},{"nodeType":"YulVariableDeclaration","src":"5382:29:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"5397:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"5408:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5393:3:7"},"nodeType":"YulFunctionCall","src":"5393:18:7"},"variables":[{"name":"src","nodeType":"YulTypedName","src":"5386:3:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"5476:79:7","statements":[{"expression":{"arguments":[{"name":"dst","nodeType":"YulIdentifier","src":"5497:3:7"},{"arguments":[{"name":"src","nodeType":"YulIdentifier","src":"5508:3:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"5502:5:7"},"nodeType":"YulFunctionCall","src":"5502:10:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"5490:6:7"},"nodeType":"YulFunctionCall","src":"5490:23:7"},"nodeType":"YulExpressionStatement","src":"5490:23:7"},{"nodeType":"YulAssignment","src":"5526:19:7","value":{"arguments":[{"name":"dst","nodeType":"YulIdentifier","src":"5537:3:7"},{"name":"_2","nodeType":"YulIdentifier","src":"5542:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5533:3:7"},"nodeType":"YulFunctionCall","src":"5533:12:7"},"variableNames":[{"name":"dst","nodeType":"YulIdentifier","src":"5526:3:7"}]}]},"condition":{"arguments":[{"name":"src","nodeType":"YulIdentifier","src":"5431:3:7"},{"name":"srcEnd","nodeType":"YulIdentifier","src":"5436:6:7"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"5428:2:7"},"nodeType":"YulFunctionCall","src":"5428:15:7"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"5444:23:7","statements":[{"nodeType":"YulAssignment","src":"5446:19:7","value":{"arguments":[{"name":"src","nodeType":"YulIdentifier","src":"5457:3:7"},{"name":"_2","nodeType":"YulIdentifier","src":"5462:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5453:3:7"},"nodeType":"YulFunctionCall","src":"5453:12:7"},"variableNames":[{"name":"src","nodeType":"YulIdentifier","src":"5446:3:7"}]}]},"pre":{"nodeType":"YulBlock","src":"5424:3:7","statements":[]},"src":"5420:135:7"},{"nodeType":"YulAssignment","src":"5564:15:7","value":{"name":"dst_1","nodeType":"YulIdentifier","src":"5574:5:7"},"variableNames":[{"name":"value3","nodeType":"YulIdentifier","src":"5564:6:7"}]}]},"name":"abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptrt_uint256t_array$_t_uint256_$2_memory_ptr_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"4587:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"4598:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"4610:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"4618:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"4626:6:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"4634:6:7","type":""}],"src":"4472:1113:7"},{"body":{"nodeType":"YulBlock","src":"5639:280:7","statements":[{"nodeType":"YulVariableDeclaration","src":"5649:26:7","value":{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"5669:5:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"5663:5:7"},"nodeType":"YulFunctionCall","src":"5663:12:7"},"variables":[{"name":"length","nodeType":"YulTypedName","src":"5653:6:7","type":""}]},{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"5691:3:7"},{"name":"length","nodeType":"YulIdentifier","src":"5696:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"5684:6:7"},"nodeType":"YulFunctionCall","src":"5684:19:7"},"nodeType":"YulExpressionStatement","src":"5684:19:7"},{"expression":{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"5751:5:7"},{"kind":"number","nodeType":"YulLiteral","src":"5758:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5747:3:7"},"nodeType":"YulFunctionCall","src":"5747:16:7"},{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"5769:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"5774:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5765:3:7"},"nodeType":"YulFunctionCall","src":"5765:14:7"},{"name":"length","nodeType":"YulIdentifier","src":"5781:6:7"}],"functionName":{"name":"copy_memory_to_memory_with_cleanup","nodeType":"YulIdentifier","src":"5712:34:7"},"nodeType":"YulFunctionCall","src":"5712:76:7"},"nodeType":"YulExpressionStatement","src":"5712:76:7"},{"nodeType":"YulAssignment","src":"5797:116:7","value":{"arguments":[{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"5812:3:7"},{"arguments":[{"arguments":[{"name":"length","nodeType":"YulIdentifier","src":"5825:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"5833:2:7","type":"","value":"31"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5821:3:7"},"nodeType":"YulFunctionCall","src":"5821:15:7"},{"kind":"number","nodeType":"YulLiteral","src":"5838:66:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"5817:3:7"},"nodeType":"YulFunctionCall","src":"5817:88:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5808:3:7"},"nodeType":"YulFunctionCall","src":"5808:98:7"},{"kind":"number","nodeType":"YulLiteral","src":"5908:4:7","type":"","value":"0x20"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"5804:3:7"},"nodeType":"YulFunctionCall","src":"5804:109:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"5797:3:7"}]}]},"name":"abi_encode_bytes","nodeType":"YulFunctionDefinition","parameters":[{"name":"value","nodeType":"YulTypedName","src":"5616:5:7","type":""},{"name":"pos","nodeType":"YulTypedName","src":"5623:3:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"5631:3:7","type":""}],"src":"5590:329:7"},{"body":{"nodeType":"YulBlock","src":"5974:276:7","statements":[{"nodeType":"YulAssignment","src":"5984:10:7","value":{"name":"pos","nodeType":"YulIdentifier","src":"5991:3:7"},"variableNames":[{"name":"pos","nodeType":"YulIdentifier","src":"5984:3:7"}]},{"nodeType":"YulVariableDeclaration","src":"6003:19:7","value":{"name":"value","nodeType":"YulIdentifier","src":"6017:5:7"},"variables":[{"name":"srcPtr","nodeType":"YulTypedName","src":"6007:6:7","type":""}]},{"nodeType":"YulVariableDeclaration","src":"6031:10:7","value":{"kind":"number","nodeType":"YulLiteral","src":"6040:1:7","type":"","value":"0"},"variables":[{"name":"i","nodeType":"YulTypedName","src":"6035:1:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"6097:147:7","statements":[{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"6118:3:7"},{"arguments":[{"name":"srcPtr","nodeType":"YulIdentifier","src":"6129:6:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"6123:5:7"},"nodeType":"YulFunctionCall","src":"6123:13:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6111:6:7"},"nodeType":"YulFunctionCall","src":"6111:26:7"},"nodeType":"YulExpressionStatement","src":"6111:26:7"},{"nodeType":"YulVariableDeclaration","src":"6150:14:7","value":{"kind":"number","nodeType":"YulLiteral","src":"6160:4:7","type":"","value":"0x20"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"6154:2:7","type":""}]},{"nodeType":"YulAssignment","src":"6177:19:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"6188:3:7"},{"name":"_1","nodeType":"YulIdentifier","src":"6193:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6184:3:7"},"nodeType":"YulFunctionCall","src":"6184:12:7"},"variableNames":[{"name":"pos","nodeType":"YulIdentifier","src":"6177:3:7"}]},{"nodeType":"YulAssignment","src":"6209:25:7","value":{"arguments":[{"name":"srcPtr","nodeType":"YulIdentifier","src":"6223:6:7"},{"name":"_1","nodeType":"YulIdentifier","src":"6231:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6219:3:7"},"nodeType":"YulFunctionCall","src":"6219:15:7"},"variableNames":[{"name":"srcPtr","nodeType":"YulIdentifier","src":"6209:6:7"}]}]},"condition":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"6061:1:7"},{"kind":"number","nodeType":"YulLiteral","src":"6064:4:7","type":"","value":"0x02"}],"functionName":{"name":"lt","nodeType":"YulIdentifier","src":"6058:2:7"},"nodeType":"YulFunctionCall","src":"6058:11:7"},"nodeType":"YulForLoop","post":{"nodeType":"YulBlock","src":"6070:18:7","statements":[{"nodeType":"YulAssignment","src":"6072:14:7","value":{"arguments":[{"name":"i","nodeType":"YulIdentifier","src":"6081:1:7"},{"kind":"number","nodeType":"YulLiteral","src":"6084:1:7","type":"","value":"1"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6077:3:7"},"nodeType":"YulFunctionCall","src":"6077:9:7"},"variableNames":[{"name":"i","nodeType":"YulIdentifier","src":"6072:1:7"}]}]},"pre":{"nodeType":"YulBlock","src":"6054:3:7","statements":[]},"src":"6050:194:7"}]},"name":"abi_encode_array_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"value","nodeType":"YulTypedName","src":"5958:5:7","type":""},{"name":"pos","nodeType":"YulTypedName","src":"5965:3:7","type":""}],"src":"5924:326:7"},{"body":{"nodeType":"YulBlock","src":"6659:571:7","statements":[{"nodeType":"YulVariableDeclaration","src":"6669:13:7","value":{"kind":"number","nodeType":"YulLiteral","src":"6679:3:7","type":"","value":"288"},"variables":[{"name":"_1","nodeType":"YulTypedName","src":"6673:2:7","type":""}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"6698:9:7"},{"name":"_1","nodeType":"YulIdentifier","src":"6709:2:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6691:6:7"},"nodeType":"YulFunctionCall","src":"6691:21:7"},"nodeType":"YulExpressionStatement","src":"6691:21:7"},{"nodeType":"YulVariableDeclaration","src":"6721:58:7","value":{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"6752:6:7"},{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"6764:9:7"},{"name":"_1","nodeType":"YulIdentifier","src":"6775:2:7"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6760:3:7"},"nodeType":"YulFunctionCall","src":"6760:18:7"}],"functionName":{"name":"abi_encode_bytes","nodeType":"YulIdentifier","src":"6735:16:7"},"nodeType":"YulFunctionCall","src":"6735:44:7"},"variables":[{"name":"tail_1","nodeType":"YulTypedName","src":"6725:6:7","type":""}]},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"6799:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"6810:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6795:3:7"},"nodeType":"YulFunctionCall","src":"6795:18:7"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"6823:3:7","type":"","value":"248"},{"name":"value1","nodeType":"YulIdentifier","src":"6828:6:7"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"6819:3:7"},"nodeType":"YulFunctionCall","src":"6819:16:7"},{"kind":"number","nodeType":"YulLiteral","src":"6837:66:7","type":"","value":"0xff00000000000000000000000000000000000000000000000000000000000000"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"6815:3:7"},"nodeType":"YulFunctionCall","src":"6815:89:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6788:6:7"},"nodeType":"YulFunctionCall","src":"6788:117:7"},"nodeType":"YulExpressionStatement","src":"6788:117:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"6925:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"6936:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"6921:3:7"},"nodeType":"YulFunctionCall","src":"6921:18:7"},{"arguments":[{"name":"tail_1","nodeType":"YulIdentifier","src":"6945:6:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"6953:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"6941:3:7"},"nodeType":"YulFunctionCall","src":"6941:22:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"6914:6:7"},"nodeType":"YulFunctionCall","src":"6914:50:7"},"nodeType":"YulExpressionStatement","src":"6914:50:7"},{"nodeType":"YulAssignment","src":"6973:40:7","value":{"arguments":[{"name":"value2","nodeType":"YulIdentifier","src":"6998:6:7"},{"name":"tail_1","nodeType":"YulIdentifier","src":"7006:6:7"}],"functionName":{"name":"abi_encode_bytes","nodeType":"YulIdentifier","src":"6981:16:7"},"nodeType":"YulFunctionCall","src":"6981:32:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"6973:4:7"}]},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"7033:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"7044:2:7","type":"","value":"96"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7029:3:7"},"nodeType":"YulFunctionCall","src":"7029:18:7"},{"name":"value3","nodeType":"YulIdentifier","src":"7049:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7022:6:7"},"nodeType":"YulFunctionCall","src":"7022:34:7"},"nodeType":"YulExpressionStatement","src":"7022:34:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"7076:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"7087:3:7","type":"","value":"128"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7072:3:7"},"nodeType":"YulFunctionCall","src":"7072:19:7"},{"name":"value4","nodeType":"YulIdentifier","src":"7093:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"7065:6:7"},"nodeType":"YulFunctionCall","src":"7065:35:7"},"nodeType":"YulExpressionStatement","src":"7065:35:7"},{"expression":{"arguments":[{"name":"value5","nodeType":"YulIdentifier","src":"7134:6:7"},{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"7146:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"7157:3:7","type":"","value":"160"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7142:3:7"},"nodeType":"YulFunctionCall","src":"7142:19:7"}],"functionName":{"name":"abi_encode_array_uint256","nodeType":"YulIdentifier","src":"7109:24:7"},"nodeType":"YulFunctionCall","src":"7109:53:7"},"nodeType":"YulExpressionStatement","src":"7109:53:7"},{"expression":{"arguments":[{"name":"value6","nodeType":"YulIdentifier","src":"7196:6:7"},{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"7208:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"7219:3:7","type":"","value":"224"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"7204:3:7"},"nodeType":"YulFunctionCall","src":"7204:19:7"}],"functionName":{"name":"abi_encode_array_uint256","nodeType":"YulIdentifier","src":"7171:24:7"},"nodeType":"YulFunctionCall","src":"7171:53:7"},"nodeType":"YulExpressionStatement","src":"7171:53:7"}]},"name":"abi_encode_tuple_t_bytes_memory_ptr_t_rational_1_by_1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__to_t_bytes_memory_ptr_t_bytes1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"6580:9:7","type":""},{"name":"value6","nodeType":"YulTypedName","src":"6591:6:7","type":""},{"name":"value5","nodeType":"YulTypedName","src":"6599:6:7","type":""},{"name":"value4","nodeType":"YulTypedName","src":"6607:6:7","type":""},{"name":"value3","nodeType":"YulTypedName","src":"6615:6:7","type":""},{"name":"value2","nodeType":"YulTypedName","src":"6623:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"6631:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"6639:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"6650:4:7","type":""}],"src":"6255:975:7"},{"body":{"nodeType":"YulBlock","src":"7313:199:7","statements":[{"body":{"nodeType":"YulBlock","src":"7359:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7368:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"7371:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"7361:6:7"},"nodeType":"YulFunctionCall","src":"7361:12:7"},"nodeType":"YulExpressionStatement","src":"7361:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"7334:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"7343:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"7330:3:7"},"nodeType":"YulFunctionCall","src":"7330:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"7355:2:7","type":"","value":"32"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"7326:3:7"},"nodeType":"YulFunctionCall","src":"7326:32:7"},"nodeType":"YulIf","src":"7323:52:7"},{"nodeType":"YulVariableDeclaration","src":"7384:29:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"7403:9:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"7397:5:7"},"nodeType":"YulFunctionCall","src":"7397:16:7"},"variables":[{"name":"value","nodeType":"YulTypedName","src":"7388:5:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"7466:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"7475:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"7478:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"7468:6:7"},"nodeType":"YulFunctionCall","src":"7468:12:7"},"nodeType":"YulExpressionStatement","src":"7468:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"7435:5:7"},{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"7456:5:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"7449:6:7"},"nodeType":"YulFunctionCall","src":"7449:13:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"7442:6:7"},"nodeType":"YulFunctionCall","src":"7442:21:7"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"7432:2:7"},"nodeType":"YulFunctionCall","src":"7432:32:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"7425:6:7"},"nodeType":"YulFunctionCall","src":"7425:40:7"},"nodeType":"YulIf","src":"7422:60:7"},{"nodeType":"YulAssignment","src":"7491:15:7","value":{"name":"value","nodeType":"YulIdentifier","src":"7501:5:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"7491:6:7"}]}]},"name":"abi_decode_tuple_t_bool_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"7279:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"7290:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"7302:6:7","type":""}],"src":"7235:277:7"}]},"contents":"{\n { }\n function abi_encode_tuple_t_uint256__to_t_uint256__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, value0)\n }\n function abi_encode_tuple_t_bool__to_t_bool__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, iszero(iszero(value0)))\n }\n function panic_error_0x41()\n {\n mstore(0, 35408467139433450592217433187231851964531694900788300625387963629091585785856)\n mstore(4, 0x41)\n revert(0, 0x24)\n }\n function allocate_memory_957() -> memPtr\n {\n memPtr := mload(64)\n let newFreePtr := add(memPtr, 64)\n if or(gt(newFreePtr, 0xffffffffffffffff), lt(newFreePtr, memPtr)) { panic_error_0x41() }\n mstore(64, newFreePtr)\n }\n function allocate_memory(size) -> memPtr\n {\n memPtr := mload(64)\n let newFreePtr := add(memPtr, and(add(size, 31), 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0))\n if or(gt(newFreePtr, 0xffffffffffffffff), lt(newFreePtr, memPtr)) { panic_error_0x41() }\n mstore(64, newFreePtr)\n }\n function array_allocation_size_bytes(length) -> size\n {\n if gt(length, 0xffffffffffffffff) { panic_error_0x41() }\n size := add(and(add(length, 31), 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0), 0x20)\n }\n function abi_decode_bytes(offset, end) -> array\n {\n if iszero(slt(add(offset, 0x1f), end)) { revert(0, 0) }\n let _1 := calldataload(offset)\n let array_1 := allocate_memory(array_allocation_size_bytes(_1))\n mstore(array_1, _1)\n if gt(add(add(offset, _1), 0x20), end) { revert(0, 0) }\n calldatacopy(add(array_1, 0x20), add(offset, 0x20), _1)\n mstore(add(add(array_1, _1), 0x20), 0)\n array := array_1\n }\n function abi_decode_tuple_t_bytes32t_bytes_memory_ptr(headStart, dataEnd) -> value0, value1\n {\n if slt(sub(dataEnd, headStart), 64) { revert(0, 0) }\n value0 := calldataload(headStart)\n let offset := calldataload(add(headStart, 32))\n if gt(offset, 0xffffffffffffffff) { revert(0, 0) }\n value1 := abi_decode_bytes(add(headStart, offset), dataEnd)\n }\n function abi_encode_tuple_t_bytes4__to_t_bytes4__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, and(value0, 0xffffffff00000000000000000000000000000000000000000000000000000000))\n }\n function abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptr(headStart, dataEnd) -> value0, value1\n {\n if slt(sub(dataEnd, headStart), 64) { revert(0, 0) }\n let offset := calldataload(headStart)\n let _1 := 0xffffffffffffffff\n if gt(offset, _1) { revert(0, 0) }\n value0 := abi_decode_bytes(add(headStart, offset), dataEnd)\n let offset_1 := calldataload(add(headStart, 32))\n if gt(offset_1, _1) { revert(0, 0) }\n value1 := abi_decode_bytes(add(headStart, offset_1), dataEnd)\n }\n function abi_encode_tuple_t_contract$_WrapperFCLWebAuthn_$1973__to_t_address__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, and(value0, 0xffffffffffffffffffffffffffffffffffffffff))\n }\n function abi_decode_tuple_t_uint256t_uint256(headStart, dataEnd) -> value0, value1\n {\n if slt(sub(dataEnd, headStart), 64) { revert(0, 0) }\n value0 := calldataload(headStart)\n value1 := calldataload(add(headStart, 32))\n }\n function abi_encode_tuple_t_bytes32__to_t_bytes32__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, value0)\n }\n function copy_memory_to_memory_with_cleanup(src, dst, length)\n {\n let i := 0\n for { } lt(i, length) { i := add(i, 32) }\n {\n mstore(add(dst, i), mload(add(src, i)))\n }\n mstore(add(dst, length), 0)\n }\n function abi_decode_bytes_fromMemory(offset, end) -> array\n {\n if iszero(slt(add(offset, 0x1f), end)) { revert(0, 0) }\n let _1 := mload(offset)\n let array_1 := allocate_memory(array_allocation_size_bytes(_1))\n mstore(array_1, _1)\n if gt(add(add(offset, _1), 0x20), end) { revert(0, 0) }\n copy_memory_to_memory_with_cleanup(add(offset, 0x20), add(array_1, 0x20), _1)\n array := array_1\n }\n function abi_decode_tuple_t_bytes_memory_ptrt_bytes_memory_ptrt_uint256t_array$_t_uint256_$2_memory_ptr_fromMemory(headStart, dataEnd) -> value0, value1, value2, value3\n {\n if slt(sub(dataEnd, headStart), 160) { revert(0, 0) }\n let offset := mload(headStart)\n let _1 := 0xffffffffffffffff\n if gt(offset, _1) { revert(0, 0) }\n value0 := abi_decode_bytes_fromMemory(add(headStart, offset), dataEnd)\n let _2 := 32\n let offset_1 := mload(add(headStart, _2))\n if gt(offset_1, _1) { revert(0, 0) }\n value1 := abi_decode_bytes_fromMemory(add(headStart, offset_1), dataEnd)\n value2 := mload(add(headStart, 64))\n if iszero(slt(add(headStart, 127), dataEnd)) { revert(0, 0) }\n let dst := allocate_memory_957()\n let dst_1 := dst\n let srcEnd := add(headStart, 160)\n if gt(srcEnd, dataEnd) { revert(0, 0) }\n let src := add(headStart, 96)\n for { } lt(src, srcEnd) { src := add(src, _2) }\n {\n mstore(dst, mload(src))\n dst := add(dst, _2)\n }\n value3 := dst_1\n }\n function abi_encode_bytes(value, pos) -> end\n {\n let length := mload(value)\n mstore(pos, length)\n copy_memory_to_memory_with_cleanup(add(value, 0x20), add(pos, 0x20), length)\n end := add(add(pos, and(add(length, 31), 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0)), 0x20)\n }\n function abi_encode_array_uint256(value, pos)\n {\n pos := pos\n let srcPtr := value\n let i := 0\n for { } lt(i, 0x02) { i := add(i, 1) }\n {\n mstore(pos, mload(srcPtr))\n let _1 := 0x20\n pos := add(pos, _1)\n srcPtr := add(srcPtr, _1)\n }\n }\n function abi_encode_tuple_t_bytes_memory_ptr_t_rational_1_by_1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__to_t_bytes_memory_ptr_t_bytes1_t_bytes_memory_ptr_t_bytes32_t_uint256_t_array$_t_uint256_$2_memory_ptr_t_array$_t_uint256_$2_memory_ptr__fromStack_reversed(headStart, value6, value5, value4, value3, value2, value1, value0) -> tail\n {\n let _1 := 288\n mstore(headStart, _1)\n let tail_1 := abi_encode_bytes(value0, add(headStart, _1))\n mstore(add(headStart, 32), and(shl(248, value1), 0xff00000000000000000000000000000000000000000000000000000000000000))\n mstore(add(headStart, 64), sub(tail_1, headStart))\n tail := abi_encode_bytes(value2, tail_1)\n mstore(add(headStart, 96), value3)\n mstore(add(headStart, 128), value4)\n abi_encode_array_uint256(value5, add(headStart, 160))\n abi_encode_array_uint256(value6, add(headStart, 224))\n }\n function abi_decode_tuple_t_bool_fromMemory(headStart, dataEnd) -> value0\n {\n if slt(sub(dataEnd, headStart), 32) { revert(0, 0) }\n let value := mload(headStart)\n if iszero(eq(value, iszero(iszero(value)))) { revert(0, 0) }\n value0 := value\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"immutableReferences":{"1989":[{"length":32,"start":288},{"length":32,"start":683}]},"linkReferences":{},"object":"608060405234801561001057600080fd5b506004361061007d5760003560e01c806320c13b0b1161005b57806320c13b0b146100ff578063a56dfe4a14610112578063c71187f01461011b578063e4a301161461016757600080fd5b80630c55699c14610082578063158ef93e1461009e5780631626ba7e146100bb575b600080fd5b61008b60015481565b6040519081526020015b60405180910390f35b6000546100ab9060ff1681565b6040519015158152602001610095565b6100ce6100c93660046104ee565b61017c565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610095565b6100ce61010d366004610535565b6101d1565b61008b60025481565b6101427f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff9091168152602001610095565b61017a61017536600461058f565b610205565b005b60006101a98360405160200161019491815260200190565b60405160208183030381529060405283610279565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101dd8383610279565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff1615610242576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061029f9190610622565b935093509350935060007f000000000000000000000000000000000000000000000000000000000000000073ffffffffffffffffffffffffffffffffffffffff16630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016103279796959493929190610753565b602060405180830381865afa158015610344573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061036891906107db565b9050806103a1576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff811182821017156103fd576103fd6103ab565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561044a5761044a6103ab565b604052919050565b600067ffffffffffffffff82111561046c5761046c6103ab565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126104a957600080fd5b81356104bc6104b782610452565b610403565b8181528460208386010111156104d157600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561050157600080fd5b82359150602083013567ffffffffffffffff81111561051f57600080fd5b61052b85828601610498565b9150509250929050565b6000806040838503121561054857600080fd5b823567ffffffffffffffff8082111561056057600080fd5b61056c86838701610498565b9350602085013591508082111561058257600080fd5b5061052b85828601610498565b600080604083850312156105a257600080fd5b50508035926020909101359150565b60005b838110156105cc5781810151838201526020016105b4565b50506000910152565b600082601f8301126105e657600080fd5b81516105f46104b782610452565b81815284602083860101111561060957600080fd5b61061a8260208301602087016105b1565b949350505050565b60008060008060a0858703121561063857600080fd5b845167ffffffffffffffff8082111561065057600080fd5b61065c888389016105d5565b955060209150818701518181111561067357600080fd5b61067f89828a016105d5565b955050506040860151925086607f87011261069957600080fd5b6106a16103da565b8060a08801898111156106b357600080fd5b606089015b818110156106cf57805184529284019284016106b8565b505080935050505092959194509250565b600081518084526106f88160208601602086016105b1565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561074d57815184526020938401939091019060010161072e565b50505050565b60006101208083526107678184018b6106e0565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526107a681896106e0565b9150508560608301528460808301526107c260a083018561072a565b6107cf60e083018461072a565b98975050505050505050565b6000602082840312156107ed57600080fd5b815180151581146107fd57600080fd5b939250505056fea2646970667358221220e2459884096b6098f1ab893e1294550f8a6f46ac1414f13f4ba4f26cfbfbffe664736f6c63430008140033","opcodes":"PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x7D JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x20C13B0B GT PUSH2 0x5B JUMPI DUP1 PUSH4 0x20C13B0B EQ PUSH2 0xFF JUMPI DUP1 PUSH4 0xA56DFE4A EQ PUSH2 0x112 JUMPI DUP1 PUSH4 0xC71187F0 EQ PUSH2 0x11B JUMPI DUP1 PUSH4 0xE4A30116 EQ PUSH2 0x167 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP1 PUSH4 0xC55699C EQ PUSH2 0x82 JUMPI DUP1 PUSH4 0x158EF93E EQ PUSH2 0x9E JUMPI DUP1 PUSH4 0x1626BA7E EQ PUSH2 0xBB JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x8B PUSH1 0x1 SLOAD DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 DUP2 MSTORE PUSH1 0x20 ADD JUMPDEST PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH1 0x0 SLOAD PUSH2 0xAB SWAP1 PUSH1 0xFF AND DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD SWAP1 ISZERO ISZERO DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0xCE PUSH2 0xC9 CALLDATASIZE PUSH1 0x4 PUSH2 0x4EE JUMP JUMPDEST PUSH2 0x17C JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH32 0xFFFFFFFF00000000000000000000000000000000000000000000000000000000 SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0xCE PUSH2 0x10D CALLDATASIZE PUSH1 0x4 PUSH2 0x535 JUMP JUMPDEST PUSH2 0x1D1 JUMP JUMPDEST PUSH2 0x8B PUSH1 0x2 SLOAD DUP2 JUMP JUMPDEST PUSH2 0x142 PUSH32 0x0 DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH2 0x95 JUMP JUMPDEST PUSH2 0x17A PUSH2 0x175 CALLDATASIZE PUSH1 0x4 PUSH2 0x58F JUMP JUMPDEST PUSH2 0x205 JUMP JUMPDEST STOP JUMPDEST PUSH1 0x0 PUSH2 0x1A9 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0x194 SWAP2 DUP2 MSTORE PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP4 PUSH2 0x279 JUMP JUMPDEST POP PUSH32 0x1626BA7E00000000000000000000000000000000000000000000000000000000 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 PUSH2 0x1DD DUP4 DUP4 PUSH2 0x279 JUMP JUMPDEST POP PUSH32 0x20C13B0B00000000000000000000000000000000000000000000000000000000 SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 SLOAD PUSH1 0xFF AND ISZERO PUSH2 0x242 JUMPI PUSH1 0x40 MLOAD PUSH32 0xDC149F000000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST PUSH1 0x0 DUP1 SLOAD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00 AND PUSH1 0x1 SWAP1 DUP2 OR SWAP1 SWAP2 SSTORE SWAP2 SWAP1 SWAP2 SSTORE PUSH1 0x2 SSTORE JUMP JUMPDEST PUSH1 0x0 DUP3 DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 SWAP1 POP PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 DUP6 DUP1 PUSH1 0x20 ADD SWAP1 MLOAD DUP2 ADD SWAP1 PUSH2 0x29F SWAP2 SWAP1 PUSH2 0x622 JUMP JUMPDEST SWAP4 POP SWAP4 POP SWAP4 POP SWAP4 POP PUSH1 0x0 PUSH32 0x0 PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF AND PUSH4 0xD5EFEC9 DUP7 PUSH1 0x1 DUP8 DUP11 DUP9 DUP9 PUSH1 0x40 MLOAD DUP1 PUSH1 0x40 ADD PUSH1 0x40 MSTORE DUP1 PUSH1 0x1 SLOAD DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x2 SLOAD DUP2 MSTORE POP PUSH1 0x40 MLOAD DUP9 PUSH4 0xFFFFFFFF AND PUSH1 0xE0 SHL DUP2 MSTORE PUSH1 0x4 ADD PUSH2 0x327 SWAP8 SWAP7 SWAP6 SWAP5 SWAP4 SWAP3 SWAP2 SWAP1 PUSH2 0x753 JUMP JUMPDEST PUSH1 0x20 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 DUP7 GAS STATICCALL ISZERO DUP1 ISZERO PUSH2 0x344 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP POP POP PUSH1 0x40 MLOAD RETURNDATASIZE PUSH1 0x1F NOT PUSH1 0x1F DUP3 ADD AND DUP3 ADD DUP1 PUSH1 0x40 MSTORE POP DUP2 ADD SWAP1 PUSH2 0x368 SWAP2 SWAP1 PUSH2 0x7DB JUMP JUMPDEST SWAP1 POP DUP1 PUSH2 0x3A1 JUMPI PUSH1 0x40 MLOAD PUSH32 0x8BAA579F00000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 REVERT JUMPDEST POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH32 0x4E487B7100000000000000000000000000000000000000000000000000000000 PUSH1 0x0 MSTORE PUSH1 0x41 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST PUSH1 0x40 DUP1 MLOAD SWAP1 DUP2 ADD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT DUP3 DUP3 LT OR ISZERO PUSH2 0x3FD JUMPI PUSH2 0x3FD PUSH2 0x3AB JUMP JUMPDEST PUSH1 0x40 MSTORE SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x1F DUP3 ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND DUP2 ADD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT DUP3 DUP3 LT OR ISZERO PUSH2 0x44A JUMPI PUSH2 0x44A PUSH2 0x3AB JUMP JUMPDEST PUSH1 0x40 MSTORE SWAP2 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 PUSH8 0xFFFFFFFFFFFFFFFF DUP3 GT ISZERO PUSH2 0x46C JUMPI PUSH2 0x46C PUSH2 0x3AB JUMP JUMPDEST POP PUSH1 0x1F ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND PUSH1 0x20 ADD SWAP1 JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH1 0x1F DUP4 ADD SLT PUSH2 0x4A9 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 CALLDATALOAD PUSH2 0x4BC PUSH2 0x4B7 DUP3 PUSH2 0x452 JUMP JUMPDEST PUSH2 0x403 JUMP JUMPDEST DUP2 DUP2 MSTORE DUP5 PUSH1 0x20 DUP4 DUP7 ADD ADD GT ISZERO PUSH2 0x4D1 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 PUSH1 0x20 DUP6 ADD PUSH1 0x20 DUP4 ADD CALLDATACOPY PUSH1 0x0 SWAP2 DUP2 ADD PUSH1 0x20 ADD SWAP2 SWAP1 SWAP2 MSTORE SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x501 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP3 CALLDATALOAD SWAP2 POP PUSH1 0x20 DUP4 ADD CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP2 GT ISZERO PUSH2 0x51F JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x52B DUP6 DUP3 DUP7 ADD PUSH2 0x498 JUMP JUMPDEST SWAP2 POP POP SWAP3 POP SWAP3 SWAP1 POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x548 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP3 CALLDATALOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x560 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x56C DUP7 DUP4 DUP8 ADD PUSH2 0x498 JUMP JUMPDEST SWAP4 POP PUSH1 0x20 DUP6 ADD CALLDATALOAD SWAP2 POP DUP1 DUP3 GT ISZERO PUSH2 0x582 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH2 0x52B DUP6 DUP3 DUP7 ADD PUSH2 0x498 JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x5A2 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP1 CALLDATALOAD SWAP3 PUSH1 0x20 SWAP1 SWAP2 ADD CALLDATALOAD SWAP2 POP JUMP JUMPDEST PUSH1 0x0 JUMPDEST DUP4 DUP2 LT ISZERO PUSH2 0x5CC JUMPI DUP2 DUP2 ADD MLOAD DUP4 DUP3 ADD MSTORE PUSH1 0x20 ADD PUSH2 0x5B4 JUMP JUMPDEST POP POP PUSH1 0x0 SWAP2 ADD MSTORE JUMP JUMPDEST PUSH1 0x0 DUP3 PUSH1 0x1F DUP4 ADD SLT PUSH2 0x5E6 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD PUSH2 0x5F4 PUSH2 0x4B7 DUP3 PUSH2 0x452 JUMP JUMPDEST DUP2 DUP2 MSTORE DUP5 PUSH1 0x20 DUP4 DUP7 ADD ADD GT ISZERO PUSH2 0x609 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x61A DUP3 PUSH1 0x20 DUP4 ADD PUSH1 0x20 DUP8 ADD PUSH2 0x5B1 JUMP JUMPDEST SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x0 DUP1 PUSH1 0xA0 DUP6 DUP8 SUB SLT ISZERO PUSH2 0x638 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP5 MLOAD PUSH8 0xFFFFFFFFFFFFFFFF DUP1 DUP3 GT ISZERO PUSH2 0x650 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x65C DUP9 DUP4 DUP10 ADD PUSH2 0x5D5 JUMP JUMPDEST SWAP6 POP PUSH1 0x20 SWAP2 POP DUP2 DUP8 ADD MLOAD DUP2 DUP2 GT ISZERO PUSH2 0x673 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x67F DUP10 DUP3 DUP11 ADD PUSH2 0x5D5 JUMP JUMPDEST SWAP6 POP POP POP PUSH1 0x40 DUP7 ADD MLOAD SWAP3 POP DUP7 PUSH1 0x7F DUP8 ADD SLT PUSH2 0x699 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x6A1 PUSH2 0x3DA JUMP JUMPDEST DUP1 PUSH1 0xA0 DUP9 ADD DUP10 DUP2 GT ISZERO PUSH2 0x6B3 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x60 DUP10 ADD JUMPDEST DUP2 DUP2 LT ISZERO PUSH2 0x6CF JUMPI DUP1 MLOAD DUP5 MSTORE SWAP3 DUP5 ADD SWAP3 DUP5 ADD PUSH2 0x6B8 JUMP JUMPDEST POP POP DUP1 SWAP4 POP POP POP POP SWAP3 SWAP6 SWAP2 SWAP5 POP SWAP3 POP JUMP JUMPDEST PUSH1 0x0 DUP2 MLOAD DUP1 DUP5 MSTORE PUSH2 0x6F8 DUP2 PUSH1 0x20 DUP7 ADD PUSH1 0x20 DUP7 ADD PUSH2 0x5B1 JUMP JUMPDEST PUSH1 0x1F ADD PUSH32 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE0 AND SWAP3 SWAP1 SWAP3 ADD PUSH1 0x20 ADD SWAP3 SWAP2 POP POP JUMP JUMPDEST DUP1 PUSH1 0x0 JUMPDEST PUSH1 0x2 DUP2 LT ISZERO PUSH2 0x74D JUMPI DUP2 MLOAD DUP5 MSTORE PUSH1 0x20 SWAP4 DUP5 ADD SWAP4 SWAP1 SWAP2 ADD SWAP1 PUSH1 0x1 ADD PUSH2 0x72E JUMP JUMPDEST POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH2 0x120 DUP1 DUP4 MSTORE PUSH2 0x767 DUP2 DUP5 ADD DUP12 PUSH2 0x6E0 JUMP JUMPDEST SWAP1 POP PUSH32 0xFF00000000000000000000000000000000000000000000000000000000000000 DUP10 PUSH1 0xF8 SHL AND PUSH1 0x20 DUP5 ADD MSTORE DUP3 DUP2 SUB PUSH1 0x40 DUP5 ADD MSTORE PUSH2 0x7A6 DUP2 DUP10 PUSH2 0x6E0 JUMP JUMPDEST SWAP2 POP POP DUP6 PUSH1 0x60 DUP4 ADD MSTORE DUP5 PUSH1 0x80 DUP4 ADD MSTORE PUSH2 0x7C2 PUSH1 0xA0 DUP4 ADD DUP6 PUSH2 0x72A JUMP JUMPDEST PUSH2 0x7CF PUSH1 0xE0 DUP4 ADD DUP5 PUSH2 0x72A JUMP JUMPDEST SWAP9 SWAP8 POP POP POP POP POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x7ED JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD DUP1 ISZERO ISZERO DUP2 EQ PUSH2 0x7FD JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 SWAP3 POP POP POP JUMP INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 0xE2 GASLIMIT SWAP9 DUP5 MULMOD PUSH12 0x6098F1AB893E1294550F8A6F CHAINID 0xAC EQ EQ CALL EXTCODEHASH 0x4B LOG4 CALLCODE PUSH13 0xFBFBFFE664736F6C6343000814 STOP CALLER ","sourceMap":"333:2972:4:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;825:16;;;;;;;;;160:25:7;;;148:2;133:18;825:16:4;;;;;;;;734:23;;;;;;;;;;;;361:14:7;;354:22;336:41;;324:2;309:18;734:23:4;196:187:7;1552::4;;;;;;:::i;:::-;;:::i;:::-;;;2455:66:7;2443:79;;;2425:98;;2413:2;2398:18;1552:187:4;2281:248:7;2074:184:4;;;;;;:::i;:::-;;:::i;909:16::-;;;;;;622:47;;;;;;;;3281:42:7;3269:55;;;3251:74;;3239:2;3224:18;622:47:4;3078:253:7;3129:174:4;;;;;;:::i;:::-;;:::i;:::-;;1552:187;1639:6;1657:40;1678:5;1667:17;;;;;;160:25:7;;148:2;133:18;;14:177;1667:17:4;;;;;;;;;;;;;1686:10;1657:9;:40::i;:::-;-1:-1:-1;1714:18:4;1552:187;;;;:::o;2074:184::-;2166:6;2184:28;2194:5;2201:10;2184:9;:28::i;:::-;-1:-1:-1;2229:22:4;2074:184;;;;:::o;3129:174::-;3196:11;;;;3192:44;;;3216:20;;;;;;;;;;;;;;3192:44;3246:11;:18;;;;3260:4;3246:18;;;;;;3274:6;;;;3290:1;:6;3129:174::o;2380:483::-;2466:13;2492:4;2482:15;;;;;;2466:31;;2508:30;2540:23;2565;2590:20;2637:10;2626:59;;;;;;;;;;;;:::i;:::-;2507:178;;;;;;;;2696:10;2709:11;:26;;;2736:17;2755:4;2761:10;2773:5;2780:15;2797:2;2709:99;;;;;;;;2802:1;;2709:99;;;;2805:1;;2709:99;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;2696:112;;2824:5;2819:37;;2838:18;;;;;;;;;;;;;;2819:37;2456:407;;;;;;2380:483;;:::o;388:184:7:-;440:77;437:1;430:88;537:4;534:1;527:15;561:4;558:1;551:15;577:250;648:2;642:9;;;678:15;;723:18;708:34;;744:22;;;705:62;702:88;;;770:18;;:::i;:::-;806:2;799:22;577:250;:::o;832:334::-;903:2;897:9;959:2;949:13;;964:66;945:86;933:99;;1062:18;1047:34;;1083:22;;;1044:62;1041:88;;;1109:18;;:::i;:::-;1145:2;1138:22;832:334;;-1:-1:-1;832:334:7:o;1171:245::-;1219:4;1252:18;1244:6;1241:30;1238:56;;;1274:18;;:::i;:::-;-1:-1:-1;1331:2:7;1319:15;1336:66;1315:88;1405:4;1311:99;;1171:245::o;1421:462::-;1463:5;1516:3;1509:4;1501:6;1497:17;1493:27;1483:55;;1534:1;1531;1524:12;1483:55;1570:6;1557:20;1601:48;1617:31;1645:2;1617:31;:::i;:::-;1601:48;:::i;:::-;1674:2;1665:7;1658:19;1720:3;1713:4;1708:2;1700:6;1696:15;1692:26;1689:35;1686:55;;;1737:1;1734;1727:12;1686:55;1802:2;1795:4;1787:6;1783:17;1776:4;1767:7;1763:18;1750:55;1850:1;1825:16;;;1843:4;1821:27;1814:38;;;;1829:7;1421:462;-1:-1:-1;;;1421:462:7:o;1888:388::-;1965:6;1973;2026:2;2014:9;2005:7;2001:23;1997:32;1994:52;;;2042:1;2039;2032:12;1994:52;2078:9;2065:23;2055:33;;2139:2;2128:9;2124:18;2111:32;2166:18;2158:6;2155:30;2152:50;;;2198:1;2195;2188:12;2152:50;2221:49;2262:7;2253:6;2242:9;2238:22;2221:49;:::i;:::-;2211:59;;;1888:388;;;;;:::o;2534:539::-;2620:6;2628;2681:2;2669:9;2660:7;2656:23;2652:32;2649:52;;;2697:1;2694;2687:12;2649:52;2737:9;2724:23;2766:18;2807:2;2799:6;2796:14;2793:34;;;2823:1;2820;2813:12;2793:34;2846:49;2887:7;2878:6;2867:9;2863:22;2846:49;:::i;:::-;2836:59;;2948:2;2937:9;2933:18;2920:32;2904:48;;2977:2;2967:8;2964:16;2961:36;;;2993:1;2990;2983:12;2961:36;;3016:51;3059:7;3048:8;3037:9;3033:24;3016:51;:::i;3336:248::-;3404:6;3412;3465:2;3453:9;3444:7;3440:23;3436:32;3433:52;;;3481:1;3478;3471:12;3433:52;-1:-1:-1;;3504:23:7;;;3574:2;3559:18;;;3546:32;;-1:-1:-1;3336:248:7:o;3771:250::-;3856:1;3866:113;3880:6;3877:1;3874:13;3866:113;;;3956:11;;;3950:18;3937:11;;;3930:39;3902:2;3895:10;3866:113;;;-1:-1:-1;;4013:1:7;3995:16;;3988:27;3771:250::o;4026:441::-;4079:5;4132:3;4125:4;4117:6;4113:17;4109:27;4099:55;;4150:1;4147;4140:12;4099:55;4179:6;4173:13;4210:48;4226:31;4254:2;4226:31;:::i;4210:48::-;4283:2;4274:7;4267:19;4329:3;4322:4;4317:2;4309:6;4305:15;4301:26;4298:35;4295:55;;;4346:1;4343;4336:12;4295:55;4359:77;4433:2;4426:4;4417:7;4413:18;4406:4;4398:6;4394:17;4359:77;:::i;:::-;4454:7;4026:441;-1:-1:-1;;;;4026:441:7:o;4472:1113::-;4610:6;4618;4626;4634;4687:3;4675:9;4666:7;4662:23;4658:33;4655:53;;;4704:1;4701;4694:12;4655:53;4737:9;4731:16;4766:18;4807:2;4799:6;4796:14;4793:34;;;4823:1;4820;4813:12;4793:34;4846:60;4898:7;4889:6;4878:9;4874:22;4846:60;:::i;:::-;4836:70;;4925:2;4915:12;;4973:2;4962:9;4958:18;4952:25;5002:2;4992:8;4989:16;4986:36;;;5018:1;5015;5008:12;4986:36;5041:62;5095:7;5084:8;5073:9;5069:24;5041:62;:::i;:::-;5031:72;;;;5143:2;5132:9;5128:18;5122:25;5112:35;;5191:7;5185:3;5174:9;5170:19;5166:33;5156:61;;5213:1;5210;5203:12;5156:61;5237:21;;:::i;:::-;5280:3;5321;5310:9;5306:19;5348:7;5340:6;5337:19;5334:39;;;5369:1;5366;5359:12;5334:39;5408:2;5397:9;5393:18;5420:135;5436:6;5431:3;5428:15;5420:135;;;5502:10;;5490:23;;5533:12;;;;5453;;5420:135;;;5424:3;;5574:5;5564:15;;;;;4472:1113;;;;;;;:::o;5590:329::-;5631:3;5669:5;5663:12;5696:6;5691:3;5684:19;5712:76;5781:6;5774:4;5769:3;5765:14;5758:4;5751:5;5747:16;5712:76;:::i;:::-;5833:2;5821:15;5838:66;5817:88;5808:98;;;;5908:4;5804:109;;5590:329;-1:-1:-1;;5590:329:7:o;5924:326::-;6017:5;6040:1;6050:194;6064:4;6061:1;6058:11;6050:194;;;6123:13;;6111:26;;6160:4;6184:12;;;;6219:15;;;;6084:1;6077:9;6050:194;;;6054:3;;5924:326;;:::o;6255:975::-;6650:4;6679:3;6709:2;6698:9;6691:21;6735:44;6775:2;6764:9;6760:18;6752:6;6735:44;:::i;:::-;6721:58;;6837:66;6828:6;6823:3;6819:16;6815:89;6810:2;6799:9;6795:18;6788:117;6953:9;6945:6;6941:22;6936:2;6925:9;6921:18;6914:50;6981:32;7006:6;6998;6981:32;:::i;:::-;6973:40;;;7049:6;7044:2;7033:9;7029:18;7022:34;7093:6;7087:3;7076:9;7072:19;7065:35;7109:53;7157:3;7146:9;7142:19;7134:6;7109:53;:::i;:::-;7171;7219:3;7208:9;7204:19;7196:6;7171:53;:::i;:::-;6255:975;;;;;;;;;;:::o;7235:277::-;7302:6;7355:2;7343:9;7334:7;7330:23;7326:32;7323:52;;;7371:1;7368;7361:12;7323:52;7403:9;7397:16;7456:5;7449:13;7442:21;7435:5;7432:32;7422:60;;7478:1;7475;7468:12;7422:60;7501:5;7235:277;-1:-1:-1;;;7235:277:7:o"},"gasEstimates":{"creation":{"codeDepositCost":"421200","executionCost":"infinite","totalCost":"infinite"},"external":{"FCLWebAuthn()":"infinite","initialize(uint256,uint256)":"70878","initialized()":"2333","isValidSignature(bytes,bytes)":"infinite","isValidSignature(bytes32,bytes)":"infinite","x()":"2285","y()":"2306"},"internal":{"_validate(bytes memory,bytes memory)":"infinite"}},"methodIdentifiers":{"FCLWebAuthn()":"c71187f0","initialize(uint256,uint256)":"e4a30116","initialized()":"158ef93e","isValidSignature(bytes,bytes)":"20c13b0b","isValidSignature(bytes32,bytes)":"1626ba7e","x()":"0c55699c","y()":"a56dfe4a"}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"FCLWebAuthn_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"FCLWebAuthn\",\"outputs\":[{\"internalType\":\"contract WrapperFCLWebAuthn\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the library is not compatible with\\n/// memory and only works with calldata.\\ncontract WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0xea2be4de9daccb2dea0c07cde48acff08ddefe4525b7d67b7ae218099fabb4a5\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n // The address of the FCLWebAuthn contract\\n WrapperFCLWebAuthn public immutable FCLWebAuthn;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor(address FCLWebAuthn_) {\\n initialized = true;\\n FCLWebAuthn = WrapperFCLWebAuthn(FCLWebAuthn_);\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = FCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x6f4526c6da139d9870e8fc166d7907fe37824e23e1478217281c0486c83816c3\"}},\"version\":1}","storageLayout":{"storage":[{"astId":1992,"contract":"contracts/P256Signer.sol:P256Signer","label":"initialized","offset":0,"slot":"0","type":"t_bool"},{"astId":1995,"contract":"contracts/P256Signer.sol:P256Signer","label":"x","offset":0,"slot":"1","type":"t_uint256"},{"astId":1998,"contract":"contracts/P256Signer.sol:P256Signer","label":"y","offset":0,"slot":"2","type":"t_uint256"}],"types":{"t_bool":{"encoding":"inplace","label":"bool","numberOfBytes":"1"},"t_uint256":{"encoding":"inplace","label":"uint256","numberOfBytes":"32"}}},"userdoc":{"errors":{"AlreadyInitialized()":[{"notice":"Error message when the contract is already initialized"}],"InvalidHash()":[{"notice":"Error message when the hash is invalid"}],"InvalidSignature()":[{"notice":"Error message when the signature is invalid"}]},"kind":"user","methods":{"initialized()":{"notice":"Whether the contract has been initialized"},"isValidSignature(bytes,bytes)":{"notice":"Verifies that the signer is the owner of the secp256r1 public key."},"isValidSignature(bytes32,bytes)":{"notice":"Verifies that the signer is the owner of the secp256r1 public key."},"x()":{"notice":"The x coordinate of the secp256r1 public key"},"y()":{"notice":"The y coordinate of the secp256r1 public key"}},"notice":"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.","version":1}}},"contracts/P256SignerFactory.sol":{"P256SignerFactory":{"abi":[{"inputs":[{"internalType":"address","name":"implementation_","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint256","name":"x","type":"uint256"},{"indexed":true,"internalType":"uint256","name":"y","type":"uint256"},{"indexed":false,"internalType":"address","name":"signer","type":"address"}],"name":"NewSignerCreated","type":"event"},{"inputs":[{"internalType":"uint256","name":"x","type":"uint256"},{"internalType":"uint256","name":"y","type":"uint256"}],"name":"create","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"implementation","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"}],"devdoc":{"kind":"dev","methods":{"create(uint256,uint256)":{"params":{"x":"The x coordinate of the public key","y":"The y coordinate of the public key"}}},"title":"P256SignerFactory","version":1},"evm":{"bytecode":{"functionDebugData":{"@_2170":{"entryPoint":null,"id":2170,"parameterSlots":1,"returnSlots":0},"abi_decode_tuple_t_address_fromMemory":{"entryPoint":64,"id":null,"parameterSlots":2,"returnSlots":1}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:306:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"95:209:7","statements":[{"body":{"nodeType":"YulBlock","src":"141:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"150:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"153:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"143:6:7"},"nodeType":"YulFunctionCall","src":"143:12:7"},"nodeType":"YulExpressionStatement","src":"143:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"116:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"125:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"112:3:7"},"nodeType":"YulFunctionCall","src":"112:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"137:2:7","type":"","value":"32"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"108:3:7"},"nodeType":"YulFunctionCall","src":"108:32:7"},"nodeType":"YulIf","src":"105:52:7"},{"nodeType":"YulVariableDeclaration","src":"166:29:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"185:9:7"}],"functionName":{"name":"mload","nodeType":"YulIdentifier","src":"179:5:7"},"nodeType":"YulFunctionCall","src":"179:16:7"},"variables":[{"name":"value","nodeType":"YulTypedName","src":"170:5:7","type":""}]},{"body":{"nodeType":"YulBlock","src":"258:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"267:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"270:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"260:6:7"},"nodeType":"YulFunctionCall","src":"260:12:7"},"nodeType":"YulExpressionStatement","src":"260:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"217:5:7"},{"arguments":[{"name":"value","nodeType":"YulIdentifier","src":"228:5:7"},{"arguments":[{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"243:3:7","type":"","value":"160"},{"kind":"number","nodeType":"YulLiteral","src":"248:1:7","type":"","value":"1"}],"functionName":{"name":"shl","nodeType":"YulIdentifier","src":"239:3:7"},"nodeType":"YulFunctionCall","src":"239:11:7"},{"kind":"number","nodeType":"YulLiteral","src":"252:1:7","type":"","value":"1"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"235:3:7"},"nodeType":"YulFunctionCall","src":"235:19:7"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"224:3:7"},"nodeType":"YulFunctionCall","src":"224:31:7"}],"functionName":{"name":"eq","nodeType":"YulIdentifier","src":"214:2:7"},"nodeType":"YulFunctionCall","src":"214:42:7"}],"functionName":{"name":"iszero","nodeType":"YulIdentifier","src":"207:6:7"},"nodeType":"YulFunctionCall","src":"207:50:7"},"nodeType":"YulIf","src":"204:70:7"},{"nodeType":"YulAssignment","src":"283:15:7","value":{"name":"value","nodeType":"YulIdentifier","src":"293:5:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"283:6:7"}]}]},"name":"abi_decode_tuple_t_address_fromMemory","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"61:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"72:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"84:6:7","type":""}],"src":"14:290:7"}]},"contents":"{\n { }\n function abi_decode_tuple_t_address_fromMemory(headStart, dataEnd) -> value0\n {\n if slt(sub(dataEnd, headStart), 32) { revert(0, 0) }\n let value := mload(headStart)\n if iszero(eq(value, and(value, sub(shl(160, 1), 1)))) { revert(0, 0) }\n value0 := value\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"linkReferences":{},"object":"60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea26469706673582212200b16003cad048554060f9356ca22cbf7771270636d87ea3b98dde56af82ff5e864736f6c63430008140033","opcodes":"PUSH1 0xA0 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x40 MLOAD PUSH2 0x31A CODESIZE SUB DUP1 PUSH2 0x31A DUP4 CODECOPY DUP2 ADD PUSH1 0x40 DUP2 SWAP1 MSTORE PUSH2 0x2F SWAP2 PUSH2 0x40 JUMP JUMPDEST PUSH1 0x1 PUSH1 0x1 PUSH1 0xA0 SHL SUB AND PUSH1 0x80 MSTORE PUSH2 0x70 JUMP JUMPDEST PUSH1 0x0 PUSH1 0x20 DUP3 DUP5 SUB SLT ISZERO PUSH2 0x52 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST DUP2 MLOAD PUSH1 0x1 PUSH1 0x1 PUSH1 0xA0 SHL SUB DUP2 AND DUP2 EQ PUSH2 0x69 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST SWAP4 SWAP3 POP POP POP JUMP JUMPDEST PUSH1 0x80 MLOAD PUSH2 0x28A PUSH2 0x90 PUSH1 0x0 CODECOPY PUSH1 0x0 DUP2 DUP2 PUSH1 0x40 ADD MSTORE PUSH1 0xD7 ADD MSTORE PUSH2 0x28A PUSH1 0x0 RETURN INVALID PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x36 JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x5C60DA1B EQ PUSH2 0x3B JUMPI DUP1 PUSH4 0x9F7B4579 EQ PUSH2 0x8B JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x62 PUSH32 0x0 DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH2 0x62 PUSH2 0x99 CALLDATASIZE PUSH1 0x4 PUSH2 0x232 JUMP JUMPDEST PUSH1 0x0 DUP1 DUP4 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0xB8 SWAP3 SWAP2 SWAP1 SWAP2 DUP3 MSTORE PUSH1 0x20 DUP3 ADD MSTORE PUSH1 0x40 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 SWAP1 POP PUSH1 0x0 PUSH2 0xFC PUSH32 0x0 DUP4 PUSH2 0x1DB JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH32 0xE4A3011600000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 DUP2 ADD DUP8 SWAP1 MSTORE PUSH1 0x24 DUP2 ADD DUP7 SWAP1 MSTORE SWAP1 SWAP2 POP PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DUP3 AND SWAP1 PUSH4 0xE4A30116 SWAP1 PUSH1 0x44 ADD PUSH1 0x0 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 PUSH1 0x0 DUP8 DUP1 EXTCODESIZE ISZERO DUP1 ISZERO PUSH2 0x16E JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP GAS CALL ISZERO DUP1 ISZERO PUSH2 0x182 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DUP5 AND DUP2 MSTORE DUP7 SWAP3 POP DUP8 SWAP2 POP PUSH32 0x33B61205835E3063EB8935CAC4B29D7FC333AD80D6CB11893BA4758ADF8CDDE1 SWAP1 PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 LOG3 SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH13 0x5AF43D3D93803E602A57FD5BF3 PUSH1 0x21 MSTORE DUP3 PUSH1 0x14 MSTORE PUSH20 0x602C3D8160093D39F33D3D3D3D363D3D37363D73 PUSH1 0x0 MSTORE DUP2 PUSH1 0x35 PUSH1 0xC PUSH1 0x0 CREATE2 SWAP1 POP DUP1 PUSH2 0x227 JUMPI PUSH4 0x30116425 PUSH1 0x0 MSTORE PUSH1 0x4 PUSH1 0x1C REVERT JUMPDEST PUSH1 0x0 PUSH1 0x21 MSTORE SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x245 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP1 CALLDATALOAD SWAP3 PUSH1 0x20 SWAP1 SWAP2 ADD CALLDATALOAD SWAP2 POP JUMP INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 SIGNEXTEND AND STOP EXTCODECOPY 0xAD DIV DUP6 SLOAD MOD 0xF SWAP4 JUMP 0xCA 0x22 0xCB 0xF7 PUSH24 0x1270636D87EA3B98DDE56AF82FF5E864736F6C6343000814 STOP CALLER ","sourceMap":"205:877:5:-:0;;;354:86;;;;;;;;;;;;;;;;;;;;;;;;;;;;:::i;:::-;-1:-1:-1;;;;;401:32:5;;;205:877;;14:290:7;84:6;137:2;125:9;116:7;112:23;108:32;105:52;;;153:1;150;143:12;105:52;179:16;;-1:-1:-1;;;;;224:31:7;;214:42;;204:70;;270:1;267;260:12;204:70;293:5;14:290;-1:-1:-1;;;14:290:7:o;:::-;205:877:5;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{"@cloneDeterministic_2256":{"entryPoint":475,"id":2256,"parameterSlots":2,"returnSlots":1},"@create_2224":{"entryPoint":null,"id":2224,"parameterSlots":2,"returnSlots":1},"@implementation_2160":{"entryPoint":null,"id":2160,"parameterSlots":0,"returnSlots":0},"abi_decode_tuple_t_uint256t_uint256":{"entryPoint":562,"id":null,"parameterSlots":2,"returnSlots":2},"abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":3,"returnSlots":1},"abi_encode_tuple_t_address__to_t_address__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":2,"returnSlots":1},"abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_reversed":{"entryPoint":null,"id":null,"parameterSlots":3,"returnSlots":1}},"generatedSources":[{"ast":{"nodeType":"YulBlock","src":"0:1000:7","statements":[{"nodeType":"YulBlock","src":"6:3:7","statements":[]},{"body":{"nodeType":"YulBlock","src":"115:125:7","statements":[{"nodeType":"YulAssignment","src":"125:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"137:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"148:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"133:3:7"},"nodeType":"YulFunctionCall","src":"133:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"125:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"167:9:7"},{"arguments":[{"name":"value0","nodeType":"YulIdentifier","src":"182:6:7"},{"kind":"number","nodeType":"YulLiteral","src":"190:42:7","type":"","value":"0xffffffffffffffffffffffffffffffffffffffff"}],"functionName":{"name":"and","nodeType":"YulIdentifier","src":"178:3:7"},"nodeType":"YulFunctionCall","src":"178:55:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"160:6:7"},"nodeType":"YulFunctionCall","src":"160:74:7"},"nodeType":"YulExpressionStatement","src":"160:74:7"}]},"name":"abi_encode_tuple_t_address__to_t_address__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"84:9:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"95:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"106:4:7","type":""}],"src":"14:226:7"},{"body":{"nodeType":"YulBlock","src":"332:161:7","statements":[{"body":{"nodeType":"YulBlock","src":"378:16:7","statements":[{"expression":{"arguments":[{"kind":"number","nodeType":"YulLiteral","src":"387:1:7","type":"","value":"0"},{"kind":"number","nodeType":"YulLiteral","src":"390:1:7","type":"","value":"0"}],"functionName":{"name":"revert","nodeType":"YulIdentifier","src":"380:6:7"},"nodeType":"YulFunctionCall","src":"380:12:7"},"nodeType":"YulExpressionStatement","src":"380:12:7"}]},"condition":{"arguments":[{"arguments":[{"name":"dataEnd","nodeType":"YulIdentifier","src":"353:7:7"},{"name":"headStart","nodeType":"YulIdentifier","src":"362:9:7"}],"functionName":{"name":"sub","nodeType":"YulIdentifier","src":"349:3:7"},"nodeType":"YulFunctionCall","src":"349:23:7"},{"kind":"number","nodeType":"YulLiteral","src":"374:2:7","type":"","value":"64"}],"functionName":{"name":"slt","nodeType":"YulIdentifier","src":"345:3:7"},"nodeType":"YulFunctionCall","src":"345:32:7"},"nodeType":"YulIf","src":"342:52:7"},{"nodeType":"YulAssignment","src":"403:33:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"426:9:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"413:12:7"},"nodeType":"YulFunctionCall","src":"413:23:7"},"variableNames":[{"name":"value0","nodeType":"YulIdentifier","src":"403:6:7"}]},{"nodeType":"YulAssignment","src":"445:42:7","value":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"472:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"483:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"468:3:7"},"nodeType":"YulFunctionCall","src":"468:18:7"}],"functionName":{"name":"calldataload","nodeType":"YulIdentifier","src":"455:12:7"},"nodeType":"YulFunctionCall","src":"455:32:7"},"variableNames":[{"name":"value1","nodeType":"YulIdentifier","src":"445:6:7"}]}]},"name":"abi_decode_tuple_t_uint256t_uint256","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"290:9:7","type":""},{"name":"dataEnd","nodeType":"YulTypedName","src":"301:7:7","type":""}],"returnVariables":[{"name":"value0","nodeType":"YulTypedName","src":"313:6:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"321:6:7","type":""}],"src":"245:248:7"},{"body":{"nodeType":"YulBlock","src":"645:100:7","statements":[{"expression":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"662:3:7"},{"name":"value0","nodeType":"YulIdentifier","src":"667:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"655:6:7"},"nodeType":"YulFunctionCall","src":"655:19:7"},"nodeType":"YulExpressionStatement","src":"655:19:7"},{"expression":{"arguments":[{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"694:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"699:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"690:3:7"},"nodeType":"YulFunctionCall","src":"690:12:7"},{"name":"value1","nodeType":"YulIdentifier","src":"704:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"683:6:7"},"nodeType":"YulFunctionCall","src":"683:28:7"},"nodeType":"YulExpressionStatement","src":"683:28:7"},{"nodeType":"YulAssignment","src":"720:19:7","value":{"arguments":[{"name":"pos","nodeType":"YulIdentifier","src":"731:3:7"},{"kind":"number","nodeType":"YulLiteral","src":"736:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"727:3:7"},"nodeType":"YulFunctionCall","src":"727:12:7"},"variableNames":[{"name":"end","nodeType":"YulIdentifier","src":"720:3:7"}]}]},"name":"abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"pos","nodeType":"YulTypedName","src":"613:3:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"618:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"626:6:7","type":""}],"returnVariables":[{"name":"end","nodeType":"YulTypedName","src":"637:3:7","type":""}],"src":"498:247:7"},{"body":{"nodeType":"YulBlock","src":"879:119:7","statements":[{"nodeType":"YulAssignment","src":"889:26:7","value":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"901:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"912:2:7","type":"","value":"64"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"897:3:7"},"nodeType":"YulFunctionCall","src":"897:18:7"},"variableNames":[{"name":"tail","nodeType":"YulIdentifier","src":"889:4:7"}]},{"expression":{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"931:9:7"},{"name":"value0","nodeType":"YulIdentifier","src":"942:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"924:6:7"},"nodeType":"YulFunctionCall","src":"924:25:7"},"nodeType":"YulExpressionStatement","src":"924:25:7"},{"expression":{"arguments":[{"arguments":[{"name":"headStart","nodeType":"YulIdentifier","src":"969:9:7"},{"kind":"number","nodeType":"YulLiteral","src":"980:2:7","type":"","value":"32"}],"functionName":{"name":"add","nodeType":"YulIdentifier","src":"965:3:7"},"nodeType":"YulFunctionCall","src":"965:18:7"},{"name":"value1","nodeType":"YulIdentifier","src":"985:6:7"}],"functionName":{"name":"mstore","nodeType":"YulIdentifier","src":"958:6:7"},"nodeType":"YulFunctionCall","src":"958:34:7"},"nodeType":"YulExpressionStatement","src":"958:34:7"}]},"name":"abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_reversed","nodeType":"YulFunctionDefinition","parameters":[{"name":"headStart","nodeType":"YulTypedName","src":"840:9:7","type":""},{"name":"value1","nodeType":"YulTypedName","src":"851:6:7","type":""},{"name":"value0","nodeType":"YulTypedName","src":"859:6:7","type":""}],"returnVariables":[{"name":"tail","nodeType":"YulTypedName","src":"870:4:7","type":""}],"src":"750:248:7"}]},"contents":"{\n { }\n function abi_encode_tuple_t_address__to_t_address__fromStack_reversed(headStart, value0) -> tail\n {\n tail := add(headStart, 32)\n mstore(headStart, and(value0, 0xffffffffffffffffffffffffffffffffffffffff))\n }\n function abi_decode_tuple_t_uint256t_uint256(headStart, dataEnd) -> value0, value1\n {\n if slt(sub(dataEnd, headStart), 64) { revert(0, 0) }\n value0 := calldataload(headStart)\n value1 := calldataload(add(headStart, 32))\n }\n function abi_encode_tuple_packed_t_uint256_t_uint256__to_t_uint256_t_uint256__nonPadded_inplace_fromStack_reversed(pos, value1, value0) -> end\n {\n mstore(pos, value0)\n mstore(add(pos, 32), value1)\n end := add(pos, 64)\n }\n function abi_encode_tuple_t_uint256_t_uint256__to_t_uint256_t_uint256__fromStack_reversed(headStart, value1, value0) -> tail\n {\n tail := add(headStart, 64)\n mstore(headStart, value0)\n mstore(add(headStart, 32), value1)\n }\n}","id":7,"language":"Yul","name":"#utility.yul"}],"immutableReferences":{"2160":[{"length":32,"start":64},{"length":32,"start":215}]},"linkReferences":{},"object":"608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea26469706673582212200b16003cad048554060f9356ca22cbf7771270636d87ea3b98dde56af82ff5e864736f6c63430008140033","opcodes":"PUSH1 0x80 PUSH1 0x40 MSTORE CALLVALUE DUP1 ISZERO PUSH2 0x10 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP PUSH1 0x4 CALLDATASIZE LT PUSH2 0x36 JUMPI PUSH1 0x0 CALLDATALOAD PUSH1 0xE0 SHR DUP1 PUSH4 0x5C60DA1B EQ PUSH2 0x3B JUMPI DUP1 PUSH4 0x9F7B4579 EQ PUSH2 0x8B JUMPI JUMPDEST PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH2 0x62 PUSH32 0x0 DUP2 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF SWAP1 SWAP2 AND DUP2 MSTORE PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 RETURN JUMPDEST PUSH2 0x62 PUSH2 0x99 CALLDATASIZE PUSH1 0x4 PUSH2 0x232 JUMP JUMPDEST PUSH1 0x0 DUP1 DUP4 DUP4 PUSH1 0x40 MLOAD PUSH1 0x20 ADD PUSH2 0xB8 SWAP3 SWAP2 SWAP1 SWAP2 DUP3 MSTORE PUSH1 0x20 DUP3 ADD MSTORE PUSH1 0x40 ADD SWAP1 JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH1 0x20 DUP2 DUP4 SUB SUB DUP2 MSTORE SWAP1 PUSH1 0x40 MSTORE DUP1 MLOAD SWAP1 PUSH1 0x20 ADD KECCAK256 SWAP1 POP PUSH1 0x0 PUSH2 0xFC PUSH32 0x0 DUP4 PUSH2 0x1DB JUMP JUMPDEST PUSH1 0x40 MLOAD PUSH32 0xE4A3011600000000000000000000000000000000000000000000000000000000 DUP2 MSTORE PUSH1 0x4 DUP2 ADD DUP8 SWAP1 MSTORE PUSH1 0x24 DUP2 ADD DUP7 SWAP1 MSTORE SWAP1 SWAP2 POP PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DUP3 AND SWAP1 PUSH4 0xE4A30116 SWAP1 PUSH1 0x44 ADD PUSH1 0x0 PUSH1 0x40 MLOAD DUP1 DUP4 SUB DUP2 PUSH1 0x0 DUP8 DUP1 EXTCODESIZE ISZERO DUP1 ISZERO PUSH2 0x16E JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP GAS CALL ISZERO DUP1 ISZERO PUSH2 0x182 JUMPI RETURNDATASIZE PUSH1 0x0 DUP1 RETURNDATACOPY RETURNDATASIZE PUSH1 0x0 REVERT JUMPDEST POP POP PUSH1 0x40 MLOAD PUSH20 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF DUP5 AND DUP2 MSTORE DUP7 SWAP3 POP DUP8 SWAP2 POP PUSH32 0x33B61205835E3063EB8935CAC4B29D7FC333AD80D6CB11893BA4758ADF8CDDE1 SWAP1 PUSH1 0x20 ADD PUSH1 0x40 MLOAD DUP1 SWAP2 SUB SWAP1 LOG3 SWAP5 SWAP4 POP POP POP POP JUMP JUMPDEST PUSH1 0x0 PUSH13 0x5AF43D3D93803E602A57FD5BF3 PUSH1 0x21 MSTORE DUP3 PUSH1 0x14 MSTORE PUSH20 0x602C3D8160093D39F33D3D3D3D363D3D37363D73 PUSH1 0x0 MSTORE DUP2 PUSH1 0x35 PUSH1 0xC PUSH1 0x0 CREATE2 SWAP1 POP DUP1 PUSH2 0x227 JUMPI PUSH4 0x30116425 PUSH1 0x0 MSTORE PUSH1 0x4 PUSH1 0x1C REVERT JUMPDEST PUSH1 0x0 PUSH1 0x21 MSTORE SWAP3 SWAP2 POP POP JUMP JUMPDEST PUSH1 0x0 DUP1 PUSH1 0x40 DUP4 DUP6 SUB SLT ISZERO PUSH2 0x245 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST POP POP DUP1 CALLDATALOAD SWAP3 PUSH1 0x20 SWAP1 SWAP2 ADD CALLDATALOAD SWAP2 POP JUMP INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 SIGNEXTEND AND STOP EXTCODECOPY 0xAD DIV DUP6 SLOAD MOD 0xF SWAP4 JUMP 0xCA 0x22 0xCB 0xF7 PUSH24 0x1270636D87EA3B98DDE56AF82FF5E864736F6C6343000814 STOP CALLER ","sourceMap":"205:877:5:-:0;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;308:39;;;;;;;;190:42:7;178:55;;;160:74;;148:2;133:18;308:39:5;;;;;;;761:319;;;;;;:::i;:::-;817:7;836:12;878:1;881;861:22;;;;;;;;655:19:7;;;699:2;690:12;;683:28;736:2;727:12;;498:247;861:22:5;;;;;;;;;;;;;851:33;;;;;;836:48;;894:14;911:49;939:14;955:4;911:27;:49::i;:::-;970:35;;;;;;;;924:25:7;;;965:18;;;958:34;;;894:66:5;;-1:-1:-1;970:29:5;;;;;;897:18:7;;970:35:5;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;-1:-1:-1;;1020:30:5;;190:42:7;178:55;;160:74;;1040:1:5;;-1:-1:-1;1037:1:5;;-1:-1:-1;1020:30:5;;148:2:7;133:18;1020:30:5;;;;;;;1067:6;761:319;-1:-1:-1;;;;761:319:5:o;8126:822:6:-;8226:16;8337:28;8331:4;8324:42;8392:14;8386:4;8379:28;8433:42;8427:4;8420:56;8524:4;8518;8512;8509:1;8501:28;8489:40;;8598:8;8588:230;;8711:10;8705:4;8698:24;8799:4;8793;8786:18;8588:230;8930:1;8924:4;8917:15;8126:822;;;;:::o;245:248:7:-;313:6;321;374:2;362:9;353:7;349:23;345:32;342:52;;;390:1;387;380:12;342:52;-1:-1:-1;;413:23:7;;;483:2;468:18;;;455:32;;-1:-1:-1;245:248:7:o"},"gasEstimates":{"creation":{"codeDepositCost":"130000","executionCost":"infinite","totalCost":"infinite"},"external":{"create(uint256,uint256)":"infinite","implementation()":"infinite"}},"methodIdentifiers":{"create(uint256,uint256)":"9f7b4579","implementation()":"5c60da1b"}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the library is not compatible with\\n/// memory and only works with calldata.\\ncontract WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0xea2be4de9daccb2dea0c07cde48acff08ddefe4525b7d67b7ae218099fabb4a5\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n // The address of the FCLWebAuthn contract\\n WrapperFCLWebAuthn public immutable FCLWebAuthn;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor(address FCLWebAuthn_) {\\n initialized = true;\\n FCLWebAuthn = WrapperFCLWebAuthn(FCLWebAuthn_);\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = FCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x6f4526c6da139d9870e8fc166d7907fe37824e23e1478217281c0486c83816c3\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"events":{"NewSignerCreated(uint256,uint256,address)":{"notice":"Emitted when a new P256Signer proxy contract is created"}},"kind":"user","methods":{"create(uint256,uint256)":{"notice":"Creates a new P256Signer proxy contract"},"implementation()":{"notice":"The implementation address of the P256Signer contract"}},"notice":"Factory contract for creating proxies for P256Signer","version":1}}},"solady/src/utils/LibClone.sol":{"LibClone":{"abi":[{"inputs":[],"name":"DeploymentFailed","type":"error"},{"inputs":[],"name":"SaltDoesNotStartWithCaller","type":"error"}],"devdoc":{"author":"Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)Minimal proxy by 0age (https://github.com/0age)Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)","details":"Minimal proxy: Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime, it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern, which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.Minimal proxy (PUSH0 variant): This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai. It is optimized first for minimal runtime gas, then for minimal bytecode. The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as many EVM chains may not support the PUSH0 opcode in the early months after Shanghai. Please use with caution.Clones with immutable args (CWIA): The implementation of CWIA here implements a `receive()` method that emits the `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata, enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards composability. The minimal proxy implementation does not offer this feature.","errors":{"DeploymentFailed()":[{"details":"Unable to deploy the clone."}],"SaltDoesNotStartWithCaller()":[{"details":"The salt must start with either the zero address or the caller."}]},"kind":"dev","methods":{},"version":1},"evm":{"bytecode":{"functionDebugData":{},"generatedSources":[],"linkReferences":{},"object":"60566037600b82828239805160001a607314602a57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600080fdfea26469706673582212201b29770ebfd9f20c56f183e6554d507ec6d536d6e6814af6e0744e59bb355dc864736f6c63430008140033","opcodes":"PUSH1 0x56 PUSH1 0x37 PUSH1 0xB DUP3 DUP3 DUP3 CODECOPY DUP1 MLOAD PUSH1 0x0 BYTE PUSH1 0x73 EQ PUSH1 0x2A JUMPI PUSH4 0x4E487B71 PUSH1 0xE0 SHL PUSH1 0x0 MSTORE PUSH1 0x0 PUSH1 0x4 MSTORE PUSH1 0x24 PUSH1 0x0 REVERT JUMPDEST ADDRESS PUSH1 0x0 MSTORE PUSH1 0x73 DUP2 MSTORE8 DUP3 DUP2 RETURN INVALID PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 SHL 0x29 PUSH24 0xEBFD9F20C56F183E6554D507EC6D536D6E6814AF6E0744E MSIZE 0xBB CALLDATALOAD 0x5D 0xC8 PUSH5 0x736F6C6343 STOP ADDMOD EQ STOP CALLER ","sourceMap":"1500:36285:6:-:0;;;;;;;;;;;;;;;-1:-1:-1;;;1500:36285:6;;;;;;;;;;;;;;;;;"},"deployedBytecode":{"functionDebugData":{},"generatedSources":[],"immutableReferences":{},"linkReferences":{},"object":"73000000000000000000000000000000000000000030146080604052600080fdfea26469706673582212201b29770ebfd9f20c56f183e6554d507ec6d536d6e6814af6e0744e59bb355dc864736f6c63430008140033","opcodes":"PUSH20 0x0 ADDRESS EQ PUSH1 0x80 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT INVALID LOG2 PUSH5 0x6970667358 0x22 SLT KECCAK256 SHL 0x29 PUSH24 0xEBFD9F20C56F183E6554D507EC6D536D6E6814AF6E0744E MSIZE 0xBB CALLDATALOAD 0x5D 0xC8 PUSH5 0x736F6C6343 STOP ADDMOD EQ STOP CALLER ","sourceMap":"1500:36285:6:-:0;;;;;;;;"},"gasEstimates":{"creation":{"codeDepositCost":"17200","executionCost":"103","totalCost":"17303"},"internal":{"checkStartsWithCaller(bytes32)":"infinite","clone(address)":"infinite","clone(address,bytes memory)":"infinite","cloneDeterministic(address,bytes memory,bytes32)":"infinite","cloneDeterministic(address,bytes32)":"infinite","cloneDeterministic_PUSH0(address,bytes32)":"infinite","clone_PUSH0(address)":"infinite","initCodeHash(address)":"infinite","initCodeHash(address,bytes memory)":"infinite","initCodeHash_PUSH0(address)":"infinite","predictDeterministicAddress(address,bytes memory,bytes32,address)":"infinite","predictDeterministicAddress(address,bytes32,address)":"infinite","predictDeterministicAddress(bytes32,bytes32,address)":"infinite","predictDeterministicAddress_PUSH0(address,bytes32,address)":"infinite"}},"methodIdentifiers":{}},"metadata":"{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"DeploymentFailed\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"SaltDoesNotStartWithCaller\",\"type\":\"error\"}],\"devdoc\":{\"author\":\"Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)Minimal proxy by 0age (https://github.com/0age)Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\",\"details\":\"Minimal proxy: Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime, it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern, which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.Minimal proxy (PUSH0 variant): This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai. It is optimized first for minimal runtime gas, then for minimal bytecode. The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as many EVM chains may not support the PUSH0 opcode in the early months after Shanghai. Please use with caution.Clones with immutable args (CWIA): The implementation of CWIA here implements a `receive()` method that emits the `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata, enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards composability. The minimal proxy implementation does not offer this feature.\",\"errors\":{\"DeploymentFailed()\":[{\"details\":\"Unable to deploy the clone.\"}],\"SaltDoesNotStartWithCaller()\":[{\"details\":\"The salt must start with either the zero address or the caller.\"}]},\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"Minimal proxy library.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"solady/src/utils/LibClone.sol\":\"LibClone\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}","storageLayout":{"storage":[],"types":null},"userdoc":{"kind":"user","methods":{},"notice":"Minimal proxy library.","version":1}}}}}} \ No newline at end of file diff --git a/artifacts/solady/src/utils/LibClone.sol/LibClone.dbg.json b/artifacts/solady/src/utils/LibClone.sol/LibClone.dbg.json index bbab52f..43ce112 100644 --- a/artifacts/solady/src/utils/LibClone.sol/LibClone.dbg.json +++ b/artifacts/solady/src/utils/LibClone.sol/LibClone.dbg.json @@ -1,4 +1,4 @@ { "_format": "hh-sol-dbg-1", - "buildInfo": "../../../../build-info/8090c592d47f7920e2577cbef109eb65.json" + "buildInfo": "../../../../build-info/fd068d5ca84930c6ffb69a4def64cf81.json" } diff --git a/deploy/deploy.js b/deploy/deploy.js index 6bfa01c..914588c 100644 --- a/deploy/deploy.js +++ b/deploy/deploy.js @@ -33,7 +33,10 @@ const deploy = async (hre) => { WrapperFCLWebAuthn: wrapperFCLWebAuthn.address, }, }); - await run("verify:verify", { address: factory.address }); + await run("verify:verify", { + address: factory.address, + constructorArguments: [P256Signer.address], + }); }; module.exports = deploy; diff --git a/deployments/avalanche/P256Signer.json b/deployments/avalanche/P256Signer.json new file mode 100644 index 0000000..c5e4697 --- /dev/null +++ b/deployments/avalanche/P256Signer.json @@ -0,0 +1,268 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0x00c7a9582e39d7e4549b5ff30c0c2ec172ce1efeb2bcc2a495708caf44f4c6ce", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 49, + "gasUsed": "502749", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x0e5196e3ad46fea05826dcd7843384ee29ed63ea52d090dc8b1600dedfdea36f", + "transactionHash": "0x00c7a9582e39d7e4549b5ff30c0c2ec172ce1efeb2bcc2a495708caf44f4c6ce", + "logs": [], + "blockNumber": 39203620, + "cumulativeGasUsed": "1736504", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073B15bb4dE71bF6fbB91913872dB9F18E6C8897E9F630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/avalanche/P256SignerFactory.json b/deployments/avalanche/P256SignerFactory.json index 34c8972..2296e44 100644 --- a/deployments/avalanche/P256SignerFactory.json +++ b/deployments/avalanche/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,44 +51,83 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "transactionHash": "0x2fcf9078b6722dde5058aea5dba30e8b2299f070c668470129e2542a68058eb3", + "transactionHash": "0x6b79999a0e274c565aafb54557ac779e65dd53670d2c816a81839059a97109fe", "receipt": { "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", - "from": "0xbcE1ECDf21a8B27ddDd23d0F07827925299b9C39", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", "contractAddress": null, - "transactionIndex": 10, - "gasUsed": "563835", + "transactionIndex": 68, + "gasUsed": "195400", "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", - "blockHash": "0xc2116c1f3378c9ff33abaa521864b014aa390a54ace2beba508f16ffc0bfbfc0", - "transactionHash": "0x2fcf9078b6722dde5058aea5dba30e8b2299f070c668470129e2542a68058eb3", + "blockHash": "0xee4565412f82e7209100b53344e87d524bd564fcdf0793b589e51ccc3aa5ddb9", + "transactionHash": "0x6b79999a0e274c565aafb54557ac779e65dd53670d2c816a81839059a97109fe", "logs": [], - "blockNumber": 35681596, - "cumulativeGasUsed": "2571234", + "blockNumber": 39203718, + "cumulativeGasUsed": "2344443", "status": 1, "byzantium": true }, - "args": [], - "numDeployments": 1, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b935093509350935060007304641D72fbE21Db00c1d2f04d19E8206fB8D1eD3630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 2, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/avalanche/WrapperFCLWebAuthn.json b/deployments/avalanche/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..d367dea --- /dev/null +++ b/deployments/avalanche/WrapperFCLWebAuthn.json @@ -0,0 +1,103 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0x3613492cf06bdfd7a3bdd5ce920f51b753c1416b4d2f22b35750e120a6577711", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 79, + "gasUsed": "1488101", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x9696011752cdd17ac05643c99dbd33dd224167079d9cf9874b5ccbe62dbbde74", + "transactionHash": "0x3613492cf06bdfd7a3bdd5ce920f51b753c1416b4d2f22b35750e120a6577711", + "logs": [], + "blockNumber": 39203612, + "cumulativeGasUsed": "3626362", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/avalanche/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/avalanche/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/avalanche/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/chiado/P256Signer.json b/deployments/chiado/P256Signer.json new file mode 100644 index 0000000..82f194a --- /dev/null +++ b/deployments/chiado/P256Signer.json @@ -0,0 +1,268 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0xc6b1a12f7125038d06ecdb74ea289b10acee1a6fce966306912087ad897d4859", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 1, + "gasUsed": "502877", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x96554234f7adfeaa1811e31740e23ea3ebe71ce1a4b056978af2fd3910b38f17", + "transactionHash": "0xc6b1a12f7125038d06ecdb74ea289b10acee1a6fce966306912087ad897d4859", + "logs": [], + "blockNumber": 7411487, + "cumulativeGasUsed": "854139", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073B15bb4dE71bF6fbB91913872dB9F18E6C8897E9F630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/chiado/P256SignerFactory.json b/deployments/chiado/P256SignerFactory.json index c9a2c65..ece5f03 100644 --- a/deployments/chiado/P256SignerFactory.json +++ b/deployments/chiado/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,44 +51,83 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "transactionHash": "0xfd3dcb2b8a56feec7e3dd7829fbae670fe7ad8253b13ab0457599515e4782fc1", + "transactionHash": "0x9dc1c869ff075d38d880e33247b87cc0514bfb6af8ce926a7d2597e4f35c0791", "receipt": { "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", - "from": "0xbcE1ECDf21a8B27ddDd23d0F07827925299b9C39", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", "contractAddress": null, - "transactionIndex": 1, - "gasUsed": "563987", + "transactionIndex": 3, + "gasUsed": "195452", "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", - "blockHash": "0x322039bc248e8acf5935a7ae89652ce4cc649fd156285fe0c536db9ff49dc224", - "transactionHash": "0xfd3dcb2b8a56feec7e3dd7829fbae670fe7ad8253b13ab0457599515e4782fc1", + "blockHash": "0x73c56f7ae7d01153bf262df8770582ce1fa049b5957331be66100b26de137855", + "transactionHash": "0x9dc1c869ff075d38d880e33247b87cc0514bfb6af8ce926a7d2597e4f35c0791", "logs": [], - "blockNumber": 6241880, - "cumulativeGasUsed": "589995", + "blockNumber": 7411490, + "cumulativeGasUsed": "334658", "status": 1, "byzantium": true }, - "args": [], - "numDeployments": 1, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b935093509350935060007304641D72fbE21Db00c1d2f04d19E8206fB8D1eD3630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 2, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/chiado/WrapperFCLWebAuthn.json b/deployments/chiado/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..98da4ac --- /dev/null +++ b/deployments/chiado/WrapperFCLWebAuthn.json @@ -0,0 +1,103 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0xd5a6ffa7cd22bb2f925aea610f3cb3bd5290d3eee185f17588349a9ff2f0d0b7", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 5, + "gasUsed": "1488525", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0xdc6da04e52d145eecb2683720fb364f2e4288f68350a28c0420bf88143fe7fab", + "transactionHash": "0xd5a6ffa7cd22bb2f925aea610f3cb3bd5290d3eee185f17588349a9ff2f0d0b7", + "logs": [], + "blockNumber": 7411485, + "cumulativeGasUsed": "2929541", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/chiado/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/chiado/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/chiado/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/fuji/P256Signer.json b/deployments/fuji/P256Signer.json new file mode 100644 index 0000000..bf34622 --- /dev/null +++ b/deployments/fuji/P256Signer.json @@ -0,0 +1,268 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0x75f57d8a45f621b442a160dbb807a7ffa05189078dea8541495c78810f5f2a6c", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 1, + "gasUsed": "502749", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x63f151719f4da58b9bb05ec33bc3e7bf5a9ec33b63f0473e238d38c5ac333d93", + "transactionHash": "0x75f57d8a45f621b442a160dbb807a7ffa05189078dea8541495c78810f5f2a6c", + "logs": [], + "blockNumber": 28654654, + "cumulativeGasUsed": "560595", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073B15bb4dE71bF6fbB91913872dB9F18E6C8897E9F630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/fuji/P256SignerFactory.json b/deployments/fuji/P256SignerFactory.json index 275c599..d182638 100644 --- a/deployments/fuji/P256SignerFactory.json +++ b/deployments/fuji/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,44 +51,83 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "transactionHash": "0xf1f1a57994b45eca3ee61154f2b9fb97aecaebb1f8bdc536f856cda17494d7d2", + "transactionHash": "0xf9d9a2580ab6e329239841bc58a8430816da261274d3e9c0bf1ac22981f82f40", "receipt": { "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", - "from": "0xbcE1ECDf21a8B27ddDd23d0F07827925299b9C39", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", "contractAddress": null, - "transactionIndex": 2, - "gasUsed": "563835", + "transactionIndex": 0, + "gasUsed": "195400", "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", - "blockHash": "0x4e4352dc9ad27f47951a329c77f887c94a82b859e61b22a65a76684b126b2a2d", - "transactionHash": "0xf1f1a57994b45eca3ee61154f2b9fb97aecaebb1f8bdc536f856cda17494d7d2", + "blockHash": "0xf1d854d731fb307c1ba4e86847b49e9ca48562c07b25dc64e22863a75aa10cc9", + "transactionHash": "0xf9d9a2580ab6e329239841bc58a8430816da261274d3e9c0bf1ac22981f82f40", "logs": [], - "blockNumber": 26220636, - "cumulativeGasUsed": "738671", + "blockNumber": 28654656, + "cumulativeGasUsed": "195400", "status": 1, "byzantium": true }, - "args": [], - "numDeployments": 1, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b935093509350935060007304641D72fbE21Db00c1d2f04d19E8206fB8D1eD3630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 2, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/fuji/WrapperFCLWebAuthn.json b/deployments/fuji/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..b304764 --- /dev/null +++ b/deployments/fuji/WrapperFCLWebAuthn.json @@ -0,0 +1,103 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0xf7d6dee89e7cd8218bcdd6457be6050a650fd483574d2171dbb17c770bb55619", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 0, + "gasUsed": "1488101", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x887a3b5e1aec8f33cb3d95fa9a04ad6e38a93fc440dfcd7cc897fcb4b4267c7b", + "transactionHash": "0xf7d6dee89e7cd8218bcdd6457be6050a650fd483574d2171dbb17c770bb55619", + "logs": [], + "blockNumber": 28654651, + "cumulativeGasUsed": "1488101", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/fuji/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/fuji/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/fuji/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/gnosischain/P256Signer.json b/deployments/gnosischain/P256Signer.json new file mode 100644 index 0000000..b592821 --- /dev/null +++ b/deployments/gnosischain/P256Signer.json @@ -0,0 +1,252 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/gnosischain/P256SignerFactory.json b/deployments/gnosischain/P256SignerFactory.json index 06217b4..a87bd34 100644 --- a/deployments/gnosischain/P256SignerFactory.json +++ b/deployments/gnosischain/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,44 +51,67 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "transactionHash": "0xcb75164b32f368738634fdecf8f078c7d3daa45d4afa11c09710a04cf7cb1141", - "receipt": { - "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", - "from": "0x7F1c3D46E52A2Fcef4B28BCfeEB11030A4544EFd", - "contractAddress": null, - "transactionIndex": 0, - "gasUsed": "563987", - "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", - "blockHash": "0xa72ff3f9faa392bf65dff1c80d2dc1c26e0264c8174454f92a40a86e7eafe98f", - "transactionHash": "0xcb75164b32f368738634fdecf8f078c7d3daa45d4afa11c09710a04cf7cb1141", - "logs": [], - "blockNumber": 30160852, - "cumulativeGasUsed": "563987", - "status": 1, - "byzantium": true - }, - "args": [], - "numDeployments": 2, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b935093509350935060007304641D72fbE21Db00c1d2f04d19E8206fB8D1eD3630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 3, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/gnosischain/WrapperFCLWebAuthn.json b/deployments/gnosischain/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..e7e242f --- /dev/null +++ b/deployments/gnosischain/WrapperFCLWebAuthn.json @@ -0,0 +1,87 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/gnosischain/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/gnosischain/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/gnosischain/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/mumbai/P256Signer.json b/deployments/mumbai/P256Signer.json new file mode 100644 index 0000000..b592821 --- /dev/null +++ b/deployments/mumbai/P256Signer.json @@ -0,0 +1,252 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/mumbai/P256SignerFactory.json b/deployments/mumbai/P256SignerFactory.json index 81eff5f..0e6141c 100644 --- a/deployments/mumbai/P256SignerFactory.json +++ b/deployments/mumbai/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,28 +51,67 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "args": [], - "numDeployments": 3, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 4, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/mumbai/WrapperFCLWebAuthn.json b/deployments/mumbai/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..e7e242f --- /dev/null +++ b/deployments/mumbai/WrapperFCLWebAuthn.json @@ -0,0 +1,87 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/mumbai/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/mumbai/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/mumbai/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/muster_testnet/P256Signer.json b/deployments/muster_testnet/P256Signer.json new file mode 100644 index 0000000..bd04d3b --- /dev/null +++ b/deployments/muster_testnet/P256Signer.json @@ -0,0 +1,268 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0xe1c54e2f3f83069d8315bb3454377cd3add32bebd6707572da6f40f30c76c950", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 1, + "gasUsed": "606731", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0xec702787a5226937931efbf56cfe514e6650f85f06d9a784e0a919466d7f98b0", + "transactionHash": "0xe1c54e2f3f83069d8315bb3454377cd3add32bebd6707572da6f40f30c76c950", + "logs": [], + "blockNumber": 9064, + "cumulativeGasUsed": "606731", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073B15bb4dE71bF6fbB91913872dB9F18E6C8897E9F630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/muster_testnet/P256SignerFactory.json b/deployments/muster_testnet/P256SignerFactory.json index 4c1572b..bd99251 100644 --- a/deployments/muster_testnet/P256SignerFactory.json +++ b/deployments/muster_testnet/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,44 +51,83 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "transactionHash": "0x307349578ba60c852d52ccc8c85408f49847061d7899cbd6a25829746df69800", + "transactionHash": "0xd42c33c486f9e513f8fede42c2370a188a6683a91aad548412dc941d292c38d3", "receipt": { "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", - "from": "0xbcE1ECDf21a8B27ddDd23d0F07827925299b9C39", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", "contractAddress": null, "transactionIndex": 1, - "gasUsed": "653992", + "gasUsed": "253418", "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", - "blockHash": "0x53116a6f60eb0537a68cd65c3cf9d3e56e08b1be866c730da361b70fdbd64a5d", - "transactionHash": "0x307349578ba60c852d52ccc8c85408f49847061d7899cbd6a25829746df69800", + "blockHash": "0xf9f27497ff5e0d83fcc3683a3bd75a7ee275817d0fb3da17add41c4e0da54a21", + "transactionHash": "0xd42c33c486f9e513f8fede42c2370a188a6683a91aad548412dc941d292c38d3", "logs": [], - "blockNumber": 87, - "cumulativeGasUsed": "653992", + "blockNumber": 9065, + "cumulativeGasUsed": "253418", "status": 1, "byzantium": true }, - "args": [], - "numDeployments": 1, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b935093509350935060007304641D72fbE21Db00c1d2f04d19E8206fB8D1eD3630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 2, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/muster_testnet/WrapperFCLWebAuthn.json b/deployments/muster_testnet/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..cce69be --- /dev/null +++ b/deployments/muster_testnet/WrapperFCLWebAuthn.json @@ -0,0 +1,103 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "transactionHash": "0x5ea3ad18018735438ea8df0a8b9c2900b809472b10c79b97214ff3acb5de9b52", + "receipt": { + "to": "0x6A78a27E52fa669C0a5246574Ece2e9a64c483B1", + "from": "0x65245F19c92ac5Adce53244406Ad126398EF203A", + "contractAddress": null, + "transactionIndex": 1, + "gasUsed": "1685561", + "logsBloom": "0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "blockHash": "0x7fdde1064fedfd02428d10a359303d52df59efefbfacdfab2d107f08f09ed587", + "transactionHash": "0x5ea3ad18018735438ea8df0a8b9c2900b809472b10c79b97214ff3acb5de9b52", + "logs": [], + "blockNumber": 9063, + "cumulativeGasUsed": "1685561", + "status": 1, + "byzantium": true + }, + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/muster_testnet/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/muster_testnet/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/muster_testnet/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/deployments/polygon/P256Signer.json b/deployments/polygon/P256Signer.json new file mode 100644 index 0000000..b592821 --- /dev/null +++ b/deployments/polygon/P256Signer.json @@ -0,0 +1,252 @@ +{ + "address": "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8", + "abi": [ + { + "inputs": [], + "stateMutability": "nonpayable", + "type": "constructor" + }, + { + "inputs": [], + "name": "AlreadyInitialized", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidHash", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidSignature", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "uint256", + "name": "x_", + "type": "uint256" + }, + { + "internalType": "uint256", + "name": "y_", + "type": "uint256" + } + ], + "name": "initialize", + "outputs": [], + "stateMutability": "nonpayable", + "type": "function" + }, + { + "inputs": [], + "name": "initialized", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes32", + "name": "_hash", + "type": "bytes32" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "_hash", + "type": "bytes" + }, + { + "internalType": "bytes", + "name": "_signature", + "type": "bytes" + } + ], + "name": "isValidSignature", + "outputs": [ + { + "internalType": "bytes4", + "name": "", + "type": "bytes4" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "x", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + }, + { + "inputs": [], + "name": "y", + "outputs": [ + { + "internalType": "uint256", + "name": "", + "type": "uint256" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"inputs\":[],\"name\":\"AlreadyInitialized\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidHash\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidSignature\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x_\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y_\",\"type\":\"uint256\"}],\"name\":\"initialize\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"initialized\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes32\",\"name\":\"_hash\",\"type\":\"bytes32\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"_hash\",\"type\":\"bytes\"},{\"internalType\":\"bytes\",\"name\":\"_signature\",\"type\":\"bytes\"}],\"name\":\"isValidSignature\",\"outputs\":[{\"internalType\":\"bytes4\",\"name\":\"\",\"type\":\"bytes4\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"x\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"y\",\"outputs\":[{\"internalType\":\"uint256\",\"name\":\"\",\"type\":\"uint256\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This contract is the implementation. It is meant to be used through proxy clone.\",\"kind\":\"dev\",\"methods\":{\"initialize(uint256,uint256)\":{\"details\":\"This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.\",\"params\":{\"x_\":\"The x coordinate of the public key\",\"y_\":\"The y coordinate of the public key\"}},\"isValidSignature(bytes,bytes)\":{\"details\":\"This is the old version of the function of EIP-1271 using bytes memory instead of bytes32\",\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}},\"isValidSignature(bytes32,bytes)\":{\"params\":{\"_hash\":\"The hash of the data signed\",\"_signature\":\"The signature\"},\"returns\":{\"_0\":\"The EIP-1271 magic value\"}}},\"title\":\"P256Signer\",\"version\":1},\"userdoc\":{\"errors\":{\"AlreadyInitialized()\":[{\"notice\":\"Error message when the contract is already initialized\"}],\"InvalidHash()\":[{\"notice\":\"Error message when the hash is invalid\"}],\"InvalidSignature()\":[{\"notice\":\"Error message when the signature is invalid\"}]},\"kind\":\"user\",\"methods\":{\"initialized()\":{\"notice\":\"Whether the contract has been initialized\"},\"isValidSignature(bytes,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"isValidSignature(bytes32,bytes)\":{\"notice\":\"Verifies that the signer is the owner of the secp256r1 public key.\"},\"x()\":{\"notice\":\"The x coordinate of the secp256r1 public key\"},\"y()\":{\"notice\":\"The y coordinate of the secp256r1 public key\"}},\"notice\":\"A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256Signer.sol\":\"P256Signer\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"}},\"version\":1}", + "bytecode": "0x608060405234801561001057600080fd5b506000805460ff191660011790556107c18061002d6000396000f3fe608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100725760003560e01c806320c13b0b1161005057806320c13b0b146100f4578063a56dfe4a14610107578063e4a301161461011057600080fd5b80630c55699c14610077578063158ef93e146100935780631626ba7e146100b0575b600080fd5b61008060015481565b6040519081526020015b60405180910390f35b6000546100a09060ff1681565b604051901515815260200161008a565b6100c36100be366004610475565b610125565b6040517fffffffff00000000000000000000000000000000000000000000000000000000909116815260200161008a565b6100c36101023660046104bc565b61017a565b61008060025481565b61012361011e366004610516565b6101ae565b005b60006101528360405160200161013d91815260200190565b60405160208183030381529060405283610222565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b60006101868383610222565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b60005460ff16156101eb576040517f0dc149f000000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600080547fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0016600190811790915591909155600255565b6000828051906020012090506000806000808580602001905181019061024891906105a9565b9350935093509350600073__$d89787f8caa2dcaf364e9349db6aeaba37$__630d5efec9866001878a8888604051806040016040528060015481526020016002548152506040518863ffffffff1660e01b81526004016102ae97969594939291906106da565b602060405180830381865af41580156102cb573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906102ef9190610762565b905080610328576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff8111828210171561038457610384610332565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff811182821017156103d1576103d1610332565b604052919050565b600067ffffffffffffffff8211156103f3576103f3610332565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f83011261043057600080fd5b813561044361043e826103d9565b61038a565b81815284602083860101111561045857600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561048857600080fd5b82359150602083013567ffffffffffffffff8111156104a657600080fd5b6104b28582860161041f565b9150509250929050565b600080604083850312156104cf57600080fd5b823567ffffffffffffffff808211156104e757600080fd5b6104f38683870161041f565b9350602085013591508082111561050957600080fd5b506104b28582860161041f565b6000806040838503121561052957600080fd5b50508035926020909101359150565b60005b8381101561055357818101518382015260200161053b565b50506000910152565b600082601f83011261056d57600080fd5b815161057b61043e826103d9565b81815284602083860101111561059057600080fd5b6105a1826020830160208701610538565b949350505050565b60008060008060a085870312156105bf57600080fd5b845167ffffffffffffffff808211156105d757600080fd5b6105e38883890161055c565b95506020915081870151818111156105fa57600080fd5b61060689828a0161055c565b955050506040860151925086607f87011261062057600080fd5b610628610361565b8060a088018981111561063a57600080fd5b606089015b81811015610656578051845292840192840161063f565b505080935050505092959194509250565b6000815180845261067f816020860160208601610538565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b60028110156106d45781518452602093840193909101906001016106b5565b50505050565b60006101208083526106ee8184018b610667565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b166020840152828103604084015261072d8189610667565b91505085606083015284608083015261074960a08301856106b1565b61075660e08301846106b1565b98975050505050505050565b60006020828403121561077457600080fd5b8151801515811461078457600080fd5b939250505056fea26469706673582212207cd1278d2c8b4857225fb653cc9b5ae2215dc6321928bc580a16e6fac9c293ec64736f6c63430008140033", + "libraries": { + "WrapperFCLWebAuthn": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F" + }, + "devdoc": { + "details": "This contract is the implementation. It is meant to be used through proxy clone.", + "kind": "dev", + "methods": { + "initialize(uint256,uint256)": { + "details": "This function is only callable once and needs to be called immediately after deployment by the factory in the same transaction.", + "params": { + "x_": "The x coordinate of the public key", + "y_": "The y coordinate of the public key" + } + }, + "isValidSignature(bytes,bytes)": { + "details": "This is the old version of the function of EIP-1271 using bytes memory instead of bytes32", + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + }, + "isValidSignature(bytes32,bytes)": { + "params": { + "_hash": "The hash of the data signed", + "_signature": "The signature" + }, + "returns": { + "_0": "The EIP-1271 magic value" + } + } + }, + "title": "P256Signer", + "version": 1 + }, + "userdoc": { + "errors": { + "AlreadyInitialized()": [ + { + "notice": "Error message when the contract is already initialized" + } + ], + "InvalidHash()": [ + { + "notice": "Error message when the hash is invalid" + } + ], + "InvalidSignature()": [ + { + "notice": "Error message when the signature is invalid" + } + ] + }, + "kind": "user", + "methods": { + "initialized()": { + "notice": "Whether the contract has been initialized" + }, + "isValidSignature(bytes,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "isValidSignature(bytes32,bytes)": { + "notice": "Verifies that the signer is the owner of the secp256r1 public key." + }, + "x()": { + "notice": "The x coordinate of the secp256r1 public key" + }, + "y()": { + "notice": "The y coordinate of the secp256r1 public key" + } + }, + "notice": "A contract used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [ + { + "astId": 1989, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "initialized", + "offset": 0, + "slot": "0", + "type": "t_bool" + }, + { + "astId": 1992, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "x", + "offset": 0, + "slot": "1", + "type": "t_uint256" + }, + { + "astId": 1995, + "contract": "contracts/P256Signer.sol:P256Signer", + "label": "y", + "offset": 0, + "slot": "2", + "type": "t_uint256" + } + ], + "types": { + "t_bool": { + "encoding": "inplace", + "label": "bool", + "numberOfBytes": "1" + }, + "t_uint256": { + "encoding": "inplace", + "label": "uint256", + "numberOfBytes": "32" + } + } + } +} \ No newline at end of file diff --git a/deployments/polygon/P256SignerFactory.json b/deployments/polygon/P256SignerFactory.json index 81eff5f..0e6141c 100644 --- a/deployments/polygon/P256SignerFactory.json +++ b/deployments/polygon/P256SignerFactory.json @@ -1,6 +1,17 @@ { - "address": "0x9Ac319aB147b4f27950676Da741D6184cc305894", + "address": "0x8072CB92Bd6EF882683cAaC8F28985F216ae9d6f", "abi": [ + { + "inputs": [ + { + "internalType": "address", + "name": "implementation_", + "type": "address" + } + ], + "stateMutability": "nonpayable", + "type": "constructor" + }, { "anonymous": false, "inputs": [ @@ -40,28 +51,67 @@ } ], "name": "create", - "outputs": [], + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], "stateMutability": "nonpayable", "type": "function" + }, + { + "inputs": [], + "name": "implementation", + "outputs": [ + { + "internalType": "address", + "name": "", + "type": "address" + } + ], + "stateMutability": "view", + "type": "function" } ], - "args": [], - "numDeployments": 3, - "solcInputHash": "5775f6fb0e5df41b1e0121d96a0fbccf", - "metadata": "{\"compiler\":{\"version\":\"0.8.17+commit.8df45f5f\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[],\"stateMutability\":\"nonpayable\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{},\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"london\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"contracts/Base64URL.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\n// from OpenZeppelin Contracts (last updated v4.7.0) (utils/Base64.sol)\\n\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Provides a set of functions to operate with Base64 strings.\\n *\\n * _Available since v4.5._\\n */\\nlibrary Base64URL {\\n /**\\n * @dev Base64 Encoding/Decoding Table\\n */\\n string internal constant _TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n /**\\n * @dev Converts a `bytes` to its Bytes64 `string` representation.\\n */\\n function encode32(bytes memory data) internal pure returns (string memory) {\\n /**\\n * Inspired by Brecht Devos (Brechtpd) implementation - MIT licence\\n * https://github.com/Brechtpd/base64/blob/e78d9fd951e7b0977ddca77d92dc85183770daf4/base64.sol\\n */\\n if (data.length == 0) return \\\"\\\";\\n\\n // Loads the table into memory\\n string memory table = _TABLE;\\n\\n // Encoding takes 3 bytes chunks of binary data from `bytes` data parameter\\n // and split into 4 numbers of 6 bits.\\n // The final Base64 length should be `bytes` data length multiplied by 4/3 rounded up\\n // - `data.length + 2` -> Round up\\n // - `/ 3` -> Number of 3-bytes chunks\\n // - `4 *` -> 4 characters for each chunk\\n //string memory result = new string(4 * ((data.length + 2) / 3));\\n string memory result = new string(4 * ((data.length + 2) / 3) - 1);\\n\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Prepare the lookup table (skip the first \\\"length\\\" byte)\\n let tablePtr := add(table, 1)\\n\\n // Prepare result pointer, jump over length\\n let resultPtr := add(result, 32)\\n\\n // Run over the input, 3 bytes at a time\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n // Advance 3 bytes\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n // To write each character, shift the 3 bytes (18 bits) chunk\\n // 4 times in blocks of 6 bits for each character (18, 12, 6, 0)\\n // and apply logical AND with 0x3F which is the number of\\n // the previous character in the ASCII table prior to the Base64 Table\\n // The result is then added to the table to get the character to write,\\n // and finally write it in the result pointer but with a left shift\\n // of 256 (1 byte) - 8 (1 ASCII char) = 248 bits\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1) // Advance\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1) // Advance\\n }\\n\\n /*\\n // When data `bytes` is not exactly 3 bytes long\\n // it is padded with `=` characters at the end\\n switch mod(mload(data), 3)\\n case 1 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n mstore8(sub(resultPtr, 2), 0x3d)\\n }\\n case 2 {\\n mstore8(sub(resultPtr, 1), 0x3d)\\n }\\n*/\\n }\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0xcf1ca3e3e85d1b22dec76240ef3b23f9f6416d76eb7483b80a7d0a8a8e9aa664\",\"license\":\"MIT\"},\"contracts/FCL/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _ \\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__ \\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_| \\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project \\n///* License: This software is licensed under MIT License \\t \\n///* This Code may be reused including license and copyright notice. \\t \\n///* See LICENSE file at the root folder of the project.\\t\\t\\t\\t \\n///* FILE: FCL_elliptic.sol\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* \\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t \\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///* \\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.0;\\n\\n\\n\\n//import \\\"hardhat/console.sol\\\";\\n\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n \\n //curve prime field modulus\\n uint constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint constant a =\\n 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient \\n uint constant b =\\n 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates \\n uint constant gx =\\n 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint constant gy =\\n 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint constant n =\\n 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551; \\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F; \\n \\n uint constant minus_1= 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n \\n /**\\n /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem*/\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly {\\n \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n \\n }\\n /**\\n /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled*/\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n uint[6] memory pointer;\\n assembly { \\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) {\\n revert(0, 0)\\n }\\n result:=mload(pointer)\\n }\\n }\\n \\n /**\\n /* @dev Convert from affine rep to XYZZ rep*/\\n function ecAff_SetZZ(\\n uint x0,\\n uint y0\\n ) internal pure returns (uint[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n \\n /**\\n /* @dev Convert from XYZZ rep to affine rep*/ \\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff( uint x,\\n uint y,\\n uint zz,\\n uint zzz) internal view returns (uint x1, uint y1)\\n {\\n uint zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1=mulmod(y,zzzInv,p);//Y/zzz\\n uint b=mulmod(zz, zzzInv,p); //1/z\\n zzzInv= mulmod(b,b,p); //1/zz\\n x1=mulmod(x,zzzInv,p);//X/zz\\n }\\n \\n \\n \\n /**\\n /* @dev Sutherland2008 doubling*/\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n \\n function ecZZ_Dbl(\\n \\tuint x,\\n uint y,\\n uint zz,\\n uint zzz\\n ) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n assembly{\\n P0:=mulmod(2, y, p) //U = 2*Y1\\n P2:=mulmod(P0,P0,p) // V=U^2\\n P3:=mulmod(x, P2,p)// S = X1*V\\n P1:=mulmod(P0, P2,p) // W=UV\\n P2:=mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz:=mulmod(3, mulmod(addmod(x,sub(p,zz),p), addmod(x,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0:=addmod(mulmod(zz,zz,p), mulmod(minus_2, P3,p),p) //X3=M^2-2S\\n x:=mulmod(zz,addmod(P3, sub(p,P0),p),p)//M(S-X3)\\n P3:=mulmod(P1,zzz,p)//zzz3=W*zzz1\\n P1:=addmod(x, sub(p, mulmod(P1, y,p)),p )//Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n \\n //tbd: return -x1 and -Y1 in double to avoid two substractions\\n function ecZZ_AddN(\\n \\tuint x1,\\n uint y1,\\n uint zz1,\\n uint zzz1,\\n uint x2,\\n uint y2) internal pure returns (uint P0, uint P1,uint P2,uint P3)\\n {\\n unchecked{\\n if(y1==0){\\n return (x2,y2,1,1);\\n }\\n \\n assembly{\\n y1:=sub(p, y1)\\n y2:=addmod(mulmod(y2, zzz1,p),y1,p) \\n x2:=addmod(mulmod(x2, zz1,p),sub(p,x1),p) \\n P0:=mulmod(x2, x2, p)//PP = P^2\\n P1:=mulmod(P0,x2,p)//PPP = P*PP\\n P2:=mulmod(zz1,P0,p) ////ZZ3 = ZZ1*PP\\n P3:= mulmod(zzz1,P1,p) ////ZZZ3 = ZZZ1*PPP\\n zz1:=mulmod(x1, P0, p)//Q = X1*PP\\n P0:=addmod(addmod(mulmod(y2,y2, p), sub(p,P1),p ), mulmod(minus_2, zz1,p) ,p )//R^2-PPP-2*Q\\n P1:=addmod(mulmod(addmod(zz1, sub(p,P0),p), y2, p), mulmod(y1, P1,p),p)//R*(Q-X3)\\n }\\n //end assembly\\n }//end unchecked\\n return (P0, P1, P2, P3);\\n }\\n \\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint x, uint y, uint zz, uint zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n function ecZZ_IsZero (uint x0, uint y0, uint zz0, uint zzz0) internal pure returns (bool)\\n {\\n if ( (y0 == 0) ) {\\n return true;\\n }\\n return false;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n function ecAff_SetZero() internal pure returns (uint x, uint y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n function ecAff_IsZero(uint x, uint y) internal pure returns (bool flag) {\\n return (y==0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint x, uint y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint LHS = mulmod(y, y, p); // y^2\\n uint RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n \\n return LHS == RHS;\\n }\\n }\\n \\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n \\n function ecAff_add(\\n uint x0,\\n uint y0,\\n uint x1,\\n uint y1\\n ) internal view returns (uint, uint) {\\n uint zz0;\\n uint zzz0;\\n \\n\\tif(ecAff_IsZero(x0,y0)) return (x1,y1);\\n\\tif(ecAff_IsZero(x1,y1)) return (x1,y1);\\n\\t\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1,1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n */\\n function ecZZ_mulmuladd_S_asm(\\n uint Q0, uint Q1,// Point G and Q stored in one memory for stack optimization\\n uint scalar_u,\\n uint scalar_v\\n ) internal view returns (uint X) {\\n uint zz;\\n uint zzz;\\n uint Y;\\n uint index=255;\\n uint[6] memory T;\\n uint H0;\\n uint H1; \\n \\n unchecked {\\n \\n if(scalar_u==0 && scalar_v==0) return 0;\\n \\n (H0,H1 )=ecAff_add(gx,gy,Q0, Q1);//will not work if Q=P, obvious forbidden private key\\n \\n /*\\n while( ( ((scalar_u>>index)&1)+2*((scalar_v>>index)&1) ) ==0){\\n index=index-1; \\n }\\n */\\n \\n assembly{\\n \\n \\n for{ let T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n } eq(T4,0) {\\n index := sub(index, 1)\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n }\\n {}\\n zz:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if eq(zz,1) {\\n \\tX:=gx\\n \\tY:=gy\\n \\t}\\n if eq(zz,2) {\\n X:=Q0\\n \\tY:=Q1\\n }\\n if eq(zz,3) {\\n \\t X:=H0\\n \\t Y:= H1\\n }\\n \\n index:=sub(index,1)\\n zz:=1\\n zzz:=1\\n \\n for { } gt( minus_1, index) { index := sub(index, 1) } \\n {\\n // inlined EcZZ_Dbl\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n { \\n //value of dibit\\t\\n T4:=add( shl(1, and(shr(index, scalar_v),1)), and(shr(index, scalar_u),1) )\\n \\n if iszero(T4){\\n Y:=sub(p,Y)//restore the -Y inversion \\n continue\\n }// if T4!=0\\n \\n if eq(T4,1) {\\n \\tT1:=gx\\n \\tT2:=gy\\n \\t\\n \\t}\\n if eq(T4,2) {\\n T1:=Q0\\n \\tT2:=Q1\\n }\\n if eq(T4,3) {\\n \\t T1:=H0\\n \\t T2:= H1\\n \\t }\\n \\t \\t \\n // inlined EcZZ_AddN\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2:=addmod(mulmod(T2, zzz,p),Y,p) //R\\n T2:=addmod(mulmod(T1, zz,p),sub(p,X),p) //P\\n \\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if eq(y2,0){\\n if eq(T2,0){\\n \\n T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n \\n continue \\n }\\n }\\n \\n T4:=mulmod(T2, T2, p)//PP\\n let TT1:=mulmod(T4,T2,p)//PPP, this one could be spared, but adding this register spare gas\\n zz:=mulmod(zz,T4,p) \\n zzz:= mulmod(zzz,TT1,p) //zz3=V*ZZ1\\n let TT2:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,TT1),p ), mulmod(minus_2, TT2,p) ,p )\\n Y:=addmod(mulmod(addmod(TT2, sub(p,T4),p), y2, p), mulmod(Y, TT1,p),p)\\n \\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X:=mulmod(X,mload(T),p)//X/zz\\n } //end assembly\\n }//end unchecked\\n \\n return X;\\n }\\n \\n \\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint scalar_u, uint scalar_v, address dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n \\n unchecked{ \\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n extcodecopy(dataPointer, T, mload(T), 64)\\n \\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\t{\\n let TT1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(TT1,TT1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n let T1:=mulmod(TT1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T5,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n let index2:=sub(index, 64)\\n let T3:=add(T4, add( shl(12, and(shr(index2, scalar_v),1)), shl(8, and(shr(index2, scalar_u),1)) ))\\n let index3:=sub(index2, 64)\\n let T2:=add(T3,add( shl(11, and(shr(index3, scalar_v),1)), shl(7, and(shr(index3, scalar_u),1)) ))\\n index:=sub(index3, 64)\\n let T1:=add(T2,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n \\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n extcodecopy(dataPointer, T,T1, 64)\\n }\\n \\n {\\n \\n /* Access to precomputed table using extcodecopy hack */\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n let T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n \\n //special case ecAdd(P,P)=EcDbl\\n if eq(y2,0){\\n if eq(T2,0){\\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n \\n let TT1:=mulmod(T1, T2,p) // W=UV\\n y2:= addmod(X,zz,p)\\n TT1:=addmod(X,sub(p,zz),p)\\n y2:=mulmod(y2,TT1,p)\\n T2:=addmod(X,zz,p)\\n T1:=addmod(X,sub(p,zz),p)\\n T2:=mulmod(T1,T2,p)\\n let T4:=mulmod(3,T2,p)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n \\n Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n continue\\n }\\n }\\n \\n let T4:=mulmod(T2, T2, p)\\n let T1:=mulmod(T4,T2,p)//\\n zz:=mulmod(zz,T4,p) //zzz3=V*ZZ1\\n zzz:= mulmod(zzz,T1,p) // W=UV/\\n let zz1:=mulmod(X, T4, p)\\n X:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,X),p), y2, p), mulmod(Y, T1,p),p)\\n \\n \\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n \\n \\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint scalar_u, uint scalar_v, uint dataPointer) \\n internal returns(uint X/*, uint Y*/)\\n {\\n uint zz; // third and coordinates of the point\\n \\n uint[6] memory T;\\n zz=256;//start index\\n \\n unchecked{ \\n \\n while(T[0]==0)\\n {\\n zz=zz-1;\\n //tbd case of msb octobit is null\\n T[0]=64*(128*((scalar_v>>zz)&1)+64*((scalar_v>>(zz-64))&1)+\\n 32*((scalar_v>>(zz-128))&1)+16*((scalar_v>>(zz-192))&1)+\\n 8*((scalar_u>>zz)&1)+4*((scalar_u>>(zz-64))&1)+2*((scalar_u>>(zz-128))&1)+((scalar_u>>(zz-192))&1));\\n }\\n assembly{\\n \\n codecopy( T, add(mload(T), dataPointer), 64)\\n X:= mload(T)\\n let Y:= mload(add(T,32))\\n let zzz:=1\\n zz:=1\\n \\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } \\n { \\n \\n let T1:=mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2:=mulmod(T1,T1,p) // V=U^2\\n let T3:=mulmod(X, T2,p)// S = X1*V\\n T1:=mulmod(T1, T2,p) // W=UV\\n let T4:=mulmod(3, mulmod(addmod(X,sub(p,zz),p), addmod(X,zz,p),p) ,p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz:=mulmod(T1,zzz,p)//zzz3=W*zzz1\\n zz:=mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n \\n X:=addmod(mulmod(T4,T4,p), mulmod(minus_2, T3,p),p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2:=mulmod(T4,addmod(X, sub(p, T3),p),p)//-M(S-X3)=M(X3-S)\\n \\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y:= addmod(mulmod(T1, Y ,p), T2,p )//-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n \\n /* compute element to access in precomputed table */\\n \\n T4:= add( shl(13, and(shr(index, scalar_v),1)), shl(9, and(shr(index, scalar_u),1)) )\\n index:=sub(index, 64)\\n T4:=add(T4, add( shl(12, and(shr(index, scalar_v),1)), shl(8, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(11, and(shr(index, scalar_v),1)), shl(7, and(shr(index, scalar_u),1)) ))\\n index:=sub(index, 64)\\n T4:=add(T4,add( shl(10, and(shr(index, scalar_v),1)), shl(6, and(shr(index, scalar_u),1)) ))\\n //index:=add(index,192), restore index, interleaved with loop\\n \\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4){\\n Y:=sub(p, Y)\\n \\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy( T, add(T4, dataPointer), 64)\\n \\n // inlined EcZZ_AddN\\n \\n \\n let y2:=addmod(mulmod(mload(add(T,32)), zzz,p),Y,p) \\n T2:=addmod(mulmod(mload(T), zz,p),sub(p,X),p) \\n T4:=mulmod(T2, T2, p)\\n T1:=mulmod(T4,T2,p)\\n T2:=mulmod(zz,T4,p) // W=UV\\n zzz:= mulmod(zzz,T1,p) //zz3=V*ZZ1\\n let zz1:=mulmod(X, T4, p)\\n T4:=addmod(addmod(mulmod(y2,y2, p), sub(p,T1),p ), mulmod(minus_2, zz1,p) ,p )\\n Y:=addmod(mulmod(addmod(zz1, sub(p,T4),p), y2, p), mulmod(Y, T1,p),p)\\n zz:=T2\\n X:=T4\\n }\\n \\n }//end loop\\n mstore(add(T, 0x60),zz)\\n \\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n \\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(call(not(0), 0x05, 0, T, 0xc0, T, 0x20)) {\\n revert(0, 0)\\n }\\n \\n zz:=mload(T)\\n X:=mulmod(X,zz,p)//X/zz\\n } \\n }//end unchecked\\n }\\n\\n function ecdsa_verify_mem(\\n bytes32 message,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) internal view returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,mload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint[2] calldata Q\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0||rs[1]>=n) {\\n return false;\\n }\\n \\n \\n if (!ecAff_isOnCurve(Q[0], Q[1])) {\\n return false;\\n }\\n \\t\\n uint sInv = FCL_nModInv(n-rs[1]);\\n \\n uint scalar_u=mulmod(uint(message), sInv, n);\\n uint scalar_v= mulmod(rs[0], sInv, n);\\n uint x1;\\n\\t\\n x1=ecZZ_mulmuladd_S_asm(Q[0], Q[1],scalar_u, scalar_v);\\n \\t\\n \\t\\n assembly{\\n\\t x1:=addmod(x1,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t//return true; \\t\\n return x1 == 0;\\n \\n }\\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_verify(\\n bytes32 message,\\n uint[2] calldata rs,\\n address Shamir8\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n //uint sInv =2;\\n \\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_extcode(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), Shamir8);\\n \\n\\tassembly{\\n\\t\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n\\t\\n\\t \\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n \\n \\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n generation of contract bytecode for precomputations is done using sagemath code \\n (see sage directory, WebAuthn_precompute.sage)\\n */\\n \\n function ecdsa_precomputed_hackmem(\\n bytes32 message,\\n uint[2] calldata rs,\\n uint256 endcontract\\n ) internal returns (bool) {\\n if (rs[0] == 0 || rs[0] >= n || rs[1] == 0) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n \\n uint sInv =FCL_nModInv(rs[1]);\\n \\tuint X;\\n \\n //Shamir 8 dimensions\\t\\n X=ecZZ_mulmuladd_S8_hackmem(mulmod(uint(message), sInv, n), mulmod(rs[0], sInv, n), endcontract);\\n \\n\\tassembly{\\n\\t X:=addmod(X,sub(n,calldataload(rs)), n)\\n\\t}\\n return X == 0;\\n \\n }//end ecdsa_precomputed_verify()\\n}//EOF\\n\\n\\n\",\"keccak256\":\"0xff4afff0bd9034e0de7df18b225e540636313280237c828428103030093f318a\",\"license\":\"MIT\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {Webauthn} from \\\"./Webauthn.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\ncontract P256Signer {\\n uint256 immutable public x;\\n uint256 immutable public y;\\n\\n bytes4 constant internal EIP1271_MAGICVALUE = 0x1626ba7e;\\n bytes4 constant internal OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n error InvalidSignature();\\n error InvalidHash();\\n\\n constructor(uint256 _x, uint256 _y) {\\n x = _x;\\n y = _y;\\n }\\n\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (\\n bytes memory authenticatorData,\\n bytes memory clientData,\\n uint256 challengeOffset,\\n uint256[2] memory rs\\n ) = abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = Webauthn.checkSignature(\\n authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]\\n );\\n \\n if (!valid) revert InvalidSignature();\\n }\\n\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n}\\n\",\"keccak256\":\"0x22b75316ffed37b3a8b67b8b092199fc9eb7f9e1ba87eb6817e5d5c92fc45e5f\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\n\\ncontract P256SignerFactory {\\n\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n function create(uint256 x, uint256 y) external {\\n bytes32 salt = keccak256(abi.encode(x, y));\\n address signer = address(new P256Signer{salt: salt}(x, y));\\n\\n emit NewSignerCreated(x, y, signer);\\n }\\n}\\n\",\"keccak256\":\"0x098871d5ebf37764ef8f4dbb16fe227e1d9542c9b0f3307566836a98aefea196\"},\"contracts/Webauthn.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\nimport {Base64URL} from \\\"./Base64URL.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL/FCL_elliptic.sol\\\";\\nimport \\\"hardhat/console.sol\\\";\\n\\nerror InvalidAuthenticatorData();\\nerror InvalidClientData();\\nerror InvalidSignature();\\n\\nlibrary Webauthn {\\n function checkSignature(\\n bytes memory authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes memory clientData,\\n bytes32 clientChallenge,\\n uint clientChallengeDataOffset,\\n uint[2] memory rs,\\n uint[2] memory Q\\n ) public view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n if (\\n (authenticatorData[32] & authenticatorDataFlagMask) !=\\n authenticatorDataFlagMask\\n ) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n string memory challengeEncoded = Base64URL.encode32(\\n abi.encodePacked(clientChallenge)\\n );\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n copyBytes(\\n clientData,\\n clientChallengeDataOffset,\\n challengeExtracted.length,\\n challengeExtracted,\\n 0\\n );\\n if (\\n keccak256(abi.encodePacked(bytes(challengeEncoded))) !=\\n keccak256(abi.encodePacked(challengeExtracted))\\n ) {\\n revert InvalidClientData();\\n } \\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n copyBytes(\\n authenticatorData,\\n 0,\\n authenticatorData.length,\\n verifyData,\\n 0\\n );\\n copyBytes(\\n abi.encodePacked(sha256(clientData)),\\n 0,\\n 32,\\n verifyData,\\n authenticatorData.length\\n );\\n bytes32 message = sha256(verifyData);\\n return FCL_Elliptic_ZZ.ecdsa_verify_mem(message, rs, Q);\\n }\\n\\n /*\\n The following function has been written by Alex Beregszaszi (@axic), use it under the terms of the MIT license\\n */\\n function copyBytes(\\n bytes memory _from,\\n uint _fromOffset,\\n uint _length,\\n bytes memory _to,\\n uint _toOffset\\n ) internal pure returns (bytes memory _copiedBytes) {\\n uint minLength = _length + _toOffset;\\n require(_to.length >= minLength); // Buffer too small. Should be a better way?\\n uint i = 32 + _fromOffset; // NOTE: the offset 32 is added to skip the `size` field of both bytes variables\\n uint j = 32 + _toOffset;\\n while (i < (32 + _fromOffset + _length)) {\\n assembly {\\n let tmp := mload(add(_from, i))\\n mstore(add(_to, j), tmp)\\n }\\n i += 32;\\n j += 32;\\n }\\n return _to;\\n }\\n}\\n\",\"keccak256\":\"0x231a3e8eca437f9b00d106499b738372cad0095e6263363e338776285f2fed57\",\"license\":\"Apache-2.0\"},\"hardhat/console.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity >= 0.4.22 <0.9.0;\\n\\nlibrary console {\\n\\taddress constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);\\n\\n\\tfunction _sendLogPayload(bytes memory payload) private view {\\n\\t\\tuint256 payloadLength = payload.length;\\n\\t\\taddress consoleAddress = CONSOLE_ADDRESS;\\n\\t\\tassembly {\\n\\t\\t\\tlet payloadStart := add(payload, 32)\\n\\t\\t\\tlet r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)\\n\\t\\t}\\n\\t}\\n\\n\\tfunction log() internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log()\\\"));\\n\\t}\\n\\n\\tfunction logInt(int256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(int256)\\\", p0));\\n\\t}\\n\\n\\tfunction logUint(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction logString(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction logBool(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction logAddress(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes(bytes memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes1(bytes1 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes1)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes2(bytes2 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes2)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes3(bytes3 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes3)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes4(bytes4 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes4)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes5(bytes5 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes5)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes6(bytes6 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes6)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes7(bytes7 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes7)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes8(bytes8 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes8)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes9(bytes9 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes9)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes10(bytes10 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes10)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes11(bytes11 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes11)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes12(bytes12 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes12)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes13(bytes13 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes13)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes14(bytes14 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes14)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes15(bytes15 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes15)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes16(bytes16 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes16)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes17(bytes17 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes17)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes18(bytes18 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes18)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes19(bytes19 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes19)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes20(bytes20 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes20)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes21(bytes21 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes21)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes22(bytes22 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes22)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes23(bytes23 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes23)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes24(bytes24 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes24)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes25(bytes25 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes25)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes26(bytes26 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes26)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes27(bytes27 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes27)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes28(bytes28 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes28)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes29(bytes29 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes29)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes30(bytes30 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes30)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes31(bytes31 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes31)\\\", p0));\\n\\t}\\n\\n\\tfunction logBytes32(bytes32 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bytes32)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256)\\\", p0));\\n\\t}\\n\\n\\tfunction log(string memory p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string)\\\", p0));\\n\\t}\\n\\n\\tfunction log(bool p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool)\\\", p0));\\n\\t}\\n\\n\\tfunction log(address p0) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address)\\\", p0));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(address p0, address p1) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address)\\\", p0, p1));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address)\\\", p0, p1, p2));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(uint256 p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(uint256,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(string memory p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(string,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(bool p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(bool,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, uint256 p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,uint256,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, string memory p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,string,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, bool p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,bool,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, uint256 p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,uint256,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, string memory p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,string,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, bool p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,bool,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, uint256 p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,uint256)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, string memory p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,string)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, bool p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,bool)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n\\tfunction log(address p0, address p1, address p2, address p3) internal view {\\n\\t\\t_sendLogPayload(abi.encodeWithSignature(\\\"log(address,address,address,address)\\\", p0, p1, p2, p3));\\n\\t}\\n\\n}\\n\",\"keccak256\":\"0x60b0215121bf25612a6739fb2f1ec35f31ee82e4a8216c032c8243d904ab3aa9\",\"license\":\"MIT\"}},\"version\":1}", - "bytecode": "0x608060405234801561001057600080fd5b50610949806100206000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "deployedBytecode": "0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80639f7b457914610030575b600080fd5b61004361003e366004610114565b610045565b005b6040805160208101849052908101829052600090606001604051602081830303815290604052805190602001209050600081848460405161008590610107565b91825260208201526040018190604051809103906000f59050801580156100b0573d6000803e3d6000fd5b5060405173ffffffffffffffffffffffffffffffffffffffff82168152909150839085907f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a350505050565b6107dd8061013783390190565b6000806040838503121561012757600080fd5b5050803592602090910135915056fe60c060405234801561001057600080fd5b506040516107dd3803806107dd83398101604081905261002f9161003d565b60809190915260a052610061565b6000806040838503121561005057600080fd5b505080516020909101519092909150565b60805160a05161074b6100926000396000818160e70152610216015260008181605601526101f0015261074b6000f3fe608060405234801561001057600080fd5b506004361061004c5760003560e01c80630c55699c146100515780631626ba7e1461008b57806320c13b0b146100cf578063a56dfe4a146100e2575b600080fd5b6100787f000000000000000000000000000000000000000000000000000000000000000081565b6040519081526020015b60405180910390f35b61009e610099366004610421565b610109565b6040517fffffffff000000000000000000000000000000000000000000000000000000009091168152602001610082565b61009e6100dd366004610468565b61015e565b6100787f000000000000000000000000000000000000000000000000000000000000000081565b60006101368360405160200161012191815260200190565b60405160208183030381529060405283610192565b507f1626ba7e0000000000000000000000000000000000000000000000000000000092915050565b600061016a8383610192565b507f20c13b0b0000000000000000000000000000000000000000000000000000000092915050565b600082805190602001209050600080600080858060200190518101906101b89190610533565b9350935093509350600073__$84047ae21dcd4eb7d6018436351b69d321$__630d5efec9866001878a888860405180604001604052807f000000000000000000000000000000000000000000000000000000000000000081526020017f00000000000000000000000000000000000000000000000000000000000000008152506040518863ffffffff1660e01b815260040161025a9796959493929190610664565b602060405180830381865af4158015610277573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019061029b91906106ec565b9050806102d4576040517f8baa579f00000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b5050505050505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6040805190810167ffffffffffffffff81118282101715610330576103306102de565b60405290565b604051601f82017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe016810167ffffffffffffffff8111828210171561037d5761037d6102de565b604052919050565b600067ffffffffffffffff82111561039f5761039f6102de565b50601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe01660200190565b600082601f8301126103dc57600080fd5b81356103ef6103ea82610385565b610336565b81815284602083860101111561040457600080fd5b816020850160208301376000918101602001919091529392505050565b6000806040838503121561043457600080fd5b82359150602083013567ffffffffffffffff81111561045257600080fd5b61045e858286016103cb565b9150509250929050565b6000806040838503121561047b57600080fd5b823567ffffffffffffffff8082111561049357600080fd5b61049f868387016103cb565b935060208501359150808211156104b557600080fd5b5061045e858286016103cb565b60005b838110156104dd5781810151838201526020016104c5565b50506000910152565b600082601f8301126104f757600080fd5b81516105056103ea82610385565b81815284602083860101111561051a57600080fd5b61052b8260208301602087016104c2565b949350505050565b60008060008060a0858703121561054957600080fd5b845167ffffffffffffffff8082111561056157600080fd5b61056d888389016104e6565b955060209150818701518181111561058457600080fd5b61059089828a016104e6565b955050506040860151925086607f8701126105aa57600080fd5b6105b261030d565b8060a08801898111156105c457600080fd5b606089015b818110156105e057805184529284019284016105c9565b505080935050505092959194509250565b600081518084526106098160208601602086016104c2565b601f017fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0169290920160200192915050565b8060005b600281101561065e57815184526020938401939091019060010161063f565b50505050565b60006101208083526106788184018b6105f1565b90507fff000000000000000000000000000000000000000000000000000000000000008960f81b16602084015282810360408401526106b781896105f1565b9150508560608301528460808301526106d360a083018561063b565b6106e060e083018461063b565b98975050505050505050565b6000602082840312156106fe57600080fd5b8151801515811461070e57600080fd5b939250505056fea2646970667358221220ee8ed319334e4dc8d418cc771e5c5a1619dbc07de1e6cb3983d9ab34ae5ddd1d64736f6c63430008110033a2646970667358221220dcc57105a98cb3072ac9ab25a6a587969539fe7c8e17fe962097fbacfd0d621864736f6c63430008110033", - "libraries": { - "Webauthn": "0x04641D72fbE21Db00c1d2f04d19E8206fB8D1eD3" - }, + "args": [ + "0x10eCfe0ee8e7f192067d409Bb964735C900d3dF8" + ], + "numDeployments": 4, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[{\"internalType\":\"address\",\"name\":\"implementation_\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"constructor\"},{\"anonymous\":false,\"inputs\":[{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"indexed\":true,\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"},{\"indexed\":false,\"internalType\":\"address\",\"name\":\"signer\",\"type\":\"address\"}],\"name\":\"NewSignerCreated\",\"type\":\"event\"},{\"inputs\":[{\"internalType\":\"uint256\",\"name\":\"x\",\"type\":\"uint256\"},{\"internalType\":\"uint256\",\"name\":\"y\",\"type\":\"uint256\"}],\"name\":\"create\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"nonpayable\",\"type\":\"function\"},{\"inputs\":[],\"name\":\"implementation\",\"outputs\":[{\"internalType\":\"address\",\"name\":\"\",\"type\":\"address\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"kind\":\"dev\",\"methods\":{\"create(uint256,uint256)\":{\"params\":{\"x\":\"The x coordinate of the public key\",\"y\":\"The y coordinate of the public key\"}}},\"title\":\"P256SignerFactory\",\"version\":1},\"userdoc\":{\"events\":{\"NewSignerCreated(uint256,uint256,address)\":{\"notice\":\"Emitted when a new P256Signer proxy contract is created\"}},\"kind\":\"user\",\"methods\":{\"create(uint256,uint256)\":{\"notice\":\"Creates a new P256Signer proxy contract\"},\"implementation()\":{\"notice\":\"The implementation address of the P256Signer contract\"}},\"notice\":\"Factory contract for creating proxies for P256Signer\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/P256SignerFactory.sol\":\"P256SignerFactory\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"},\"contracts/P256Signer.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {WrapperFCLWebAuthn} from \\\"./FCL/WrapperFCLWebAuthn.sol\\\";\\n\\n/// @title P256Signer\\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This contract is the implementation. It is meant to be used through\\n/// proxy clone.\\ncontract P256Signer {\\n /// @notice The EIP-1271 magic value\\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\\n\\n /// @notice The old EIP-1271 magic value\\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\\n\\n /// @notice Whether the contract has been initialized\\n bool public initialized;\\n\\n /// @notice The x coordinate of the secp256r1 public key\\n uint256 public x;\\n\\n /// @notice The y coordinate of the secp256r1 public key\\n uint256 public y;\\n\\n /// @notice Error message when the signature is invalid\\n error InvalidSignature();\\n\\n /// @notice Error message when the hash is invalid\\n error InvalidHash();\\n\\n /// @notice Error message when the contract is already initialized\\n error AlreadyInitialized();\\n\\n constructor() {\\n initialized = true;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(abi.encode(_hash), _signature);\\n return EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\\n /// @dev This is the old version of the function of EIP-1271 using bytes\\n /// memory instead of bytes32\\n /// @param _hash The hash of the data signed\\n /// @param _signature The signature\\n /// @return The EIP-1271 magic value\\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\\n _validate(_hash, _signature);\\n return OLD_EIP1271_MAGICVALUE;\\n }\\n\\n /// @notice Validates the signature\\n /// @param data The data signed\\n /// @param _signature The signature\\n function _validate(bytes memory data, bytes memory _signature) private view {\\n bytes32 _hash = keccak256(data);\\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\\n\\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\\n\\n if (!valid) revert InvalidSignature();\\n }\\n\\n /// @dev This function is only callable once and needs to be called immediately\\n /// after deployment by the factory in the same transaction.\\n /// @param x_ The x coordinate of the public key\\n /// @param y_ The y coordinate of the public key\\n function initialize(uint256 x_, uint256 y_) external {\\n if (initialized) revert AlreadyInitialized();\\n initialized = true;\\n x = x_;\\n y = y_;\\n }\\n}\\n\",\"keccak256\":\"0x1c4a4a8793dd4753832bd31e0a048b87ca2ef9f35b16ee4ee960eca473a4920a\"},\"contracts/P256SignerFactory.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {P256Signer} from \\\"./P256Signer.sol\\\";\\nimport \\\"solady/src/utils/LibClone.sol\\\";\\n\\n/// @title P256SignerFactory\\n/// @notice Factory contract for creating proxies for P256Signer\\ncontract P256SignerFactory {\\n /// @notice The implementation address of the P256Signer contract\\n address public immutable implementation;\\n\\n constructor(address implementation_) {\\n implementation = implementation_;\\n }\\n\\n /// @notice Emitted when a new P256Signer proxy contract is created\\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\\n\\n /// @notice Creates a new P256Signer proxy contract\\n /// @param x The x coordinate of the public key\\n /// @param y The y coordinate of the public key\\n function create(uint256 x, uint256 y) external returns (address) {\\n bytes32 salt = keccak256(abi.encodePacked(x, y));\\n address signer = LibClone.cloneDeterministic(implementation, salt);\\n P256Signer(signer).initialize(x, y);\\n emit NewSignerCreated(x, y, signer);\\n return signer;\\n }\\n}\\n\",\"keccak256\":\"0x3bdac08bf7a1c4c1621474b10733f74a9487359212705bbca42ec678aa549a53\"},\"solady/src/utils/LibClone.sol\":{\"content\":\"// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.4;\\n\\n/// @notice Minimal proxy library.\\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\\n/// @author Minimal proxy by 0age (https://github.com/0age)\\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\\n///\\n/// @dev Minimal proxy:\\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\\n///\\n/// @dev Minimal proxy (PUSH0 variant):\\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \\\"_PUSH0\\\" as\\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\\n/// Please use with caution.\\n///\\n/// @dev Clones with immutable args (CWIA):\\n/// The implementation of CWIA here implements a `receive()` method that emits the\\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\\n/// composability. The minimal proxy implementation does not offer this feature.\\nlibrary LibClone {\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CUSTOM ERRORS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Unable to deploy the clone.\\n error DeploymentFailed();\\n\\n /// @dev The salt must start with either the zero address or the caller.\\n error SaltDoesNotStartWithCaller();\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a clone of `implementation`.\\n function clone(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (44 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | |\\n * 3d | RETURNDATASIZE | 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create(0, 0x0c, 0x35)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\\n function cloneDeterministic(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n instance := create2(0, 0x0c, 0x35, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\\n mstore(0x14, implementation)\\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\\n hash := keccak256(0x0c, 0x35)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x21, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n bytes32 hash = initCodeHash(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a PUSH0 clone of `implementation`.\\n function clone_PUSH0(address implementation) internal returns (address instance) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n /**\\n * --------------------------------------------------------------------------+\\n * CREATION (9 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * 60 runSize | PUSH1 runSize | r | |\\n * 5f | PUSH0 | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 5f | PUSH0 | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * --------------------------------------------------------------------------|\\n * RUNTIME (45 bytes) |\\n * --------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * --------------------------------------------------------------------------|\\n * |\\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\\n * 5f | PUSH0 | 0 | |\\n * 5f | PUSH0 | 0 0 | |\\n * |\\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | |\\n * 5f | PUSH0 | 0 cds 0 0 | |\\n * 5f | PUSH0 | 0 0 cds 0 0 | |\\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\\n * |\\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\\n * f4 | DELEGATECALL | success | [0..cds): calldata |\\n * |\\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\\n * |\\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\\n * 57 | JUMPI | | [0..rds): returndata |\\n * |\\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | | [0..rds): returndata |\\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * --------------------------------------------------------------------------+\\n */\\n\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create(0, 0x0e, 0x36)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n instance := create2(0, 0x0e, 0x36, salt)\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\\n /// @solidity memory-safe-assembly\\n assembly {\\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\\n mstore(0x14, implementation) // 20\\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\\n hash := keccak256(0x0e, 0x36)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x24, 0)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\\n /// with `salt` by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress_PUSH0(\\n address implementation,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash_PUSH0(implementation);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Deploys a minimal proxy with `implementation`,\\n /// using immutable arguments encoded in `data`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function clone(address implementation, bytes memory data) internal returns (address instance) {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n // The `creationSize` is `extraLength + 108`\\n // The `runSize` is `creationSize - 10`.\\n\\n /**\\n * ---------------------------------------------------------------------------------------------------+\\n * CREATION (10 bytes) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * 61 runSize | PUSH2 runSize | r | |\\n * 3d | RETURNDATASIZE | 0 r | |\\n * 81 | DUP2 | r 0 r | |\\n * 60 offset | PUSH1 offset | o r 0 r | |\\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\\n * f3 | RETURN | | [0..runSize): runtime code |\\n * ---------------------------------------------------------------------------------------------------|\\n * RUNTIME (98 bytes + extraLength) |\\n * ---------------------------------------------------------------------------------------------------|\\n * Opcode | Mnemonic | Stack | Memory |\\n * ---------------------------------------------------------------------------------------------------|\\n * |\\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\\n * 57 | JUMPI | | |\\n * 34 | CALLVALUE | cv | |\\n * 3d | RETURNDATASIZE | 0 cv | |\\n * 52 | MSTORE | | [0..0x20): callvalue |\\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\\n * a1 | LOG1 | | [0..0x20): callvalue |\\n * 00 | STOP | | [0..0x20): callvalue |\\n * 5b | JUMPDEST | | |\\n * |\\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds | |\\n * 3d | RETURNDATASIZE | 0 cds | |\\n * 3d | RETURNDATASIZE | 0 0 cds | |\\n * 37 | CALLDATACOPY | | [0..cds): calldata |\\n * |\\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\\n * |\\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * |\\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\\n * |\\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\\n * |\\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * fd | REVERT | | [0..rds): returndata |\\n * |\\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\\n * f3 | RETURN | | [0..rds): returndata |\\n * ---------------------------------------------------------------------------------------------------+\\n */\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Deploys a deterministic clone of `implementation`,\\n /// using immutable arguments encoded in `data`, with `salt`.\\n ///\\n /// Note: This implementation of CWIA differs from the original implementation.\\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\\n internal\\n returns (address instance)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\\n // The actual EVM limit may be smaller and may change over time.\\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Create the instance.\\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\\n\\n // If `instance` is zero, revert.\\n if iszero(instance) {\\n // Store the function selector of `DeploymentFailed()`.\\n mstore(0x00, 0x30116425)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the initialization code hash of the clone of `implementation`\\n /// using immutable arguments encoded in `data`.\\n /// Used for mining vanity addresses with create2crunch.\\n function initCodeHash(address implementation, bytes memory data)\\n internal\\n pure\\n returns (bytes32 hash)\\n {\\n assembly {\\n // Compute the boundaries of the data and cache the memory slots around it.\\n let mBefore3 := mload(sub(data, 0x60))\\n let mBefore2 := mload(sub(data, 0x40))\\n let mBefore1 := mload(sub(data, 0x20))\\n let dataLength := mload(data)\\n let dataEnd := add(add(data, 0x20), dataLength)\\n let mAfter1 := mload(dataEnd)\\n\\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\\n // The actual EVM limit may be smaller and may change over time.\\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\\n\\n // +2 bytes for telling how much data there is appended to the call.\\n let extraLength := add(dataLength, 2)\\n\\n // Write the bytecode before the data.\\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\\n // Write the address of the implementation.\\n mstore(sub(data, 0x0d), implementation)\\n // Write the rest of the bytecode.\\n mstore(\\n sub(data, 0x21),\\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\\n )\\n // `keccak256(\\\"ReceiveETH(uint256)\\\")`\\n mstore(\\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\\n )\\n mstore(\\n sub(data, 0x5a),\\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\\n )\\n mstore(dataEnd, shl(0xf0, extraLength))\\n\\n // Compute and store the bytecode hash.\\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\\n\\n // Restore the overwritten memory surrounding `data`.\\n mstore(dataEnd, mAfter1)\\n mstore(data, dataLength)\\n mstore(sub(data, 0x20), mBefore1)\\n mstore(sub(data, 0x40), mBefore2)\\n mstore(sub(data, 0x60), mBefore3)\\n }\\n }\\n\\n /// @dev Returns the address of the deterministic clone of\\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(\\n address implementation,\\n bytes memory data,\\n bytes32 salt,\\n address deployer\\n ) internal pure returns (address predicted) {\\n bytes32 hash = initCodeHash(implementation, data);\\n predicted = predictDeterministicAddress(hash, salt, deployer);\\n }\\n\\n /*\\u00b4:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0\\u2022.*\\u2022\\u00b4.*:\\u02da.\\u00b0*.\\u02da\\u2022\\u00b4.\\u00b0:\\u00b0\\u2022.\\u00b0+.*\\u2022\\u00b4.*:*/\\n /* OTHER OPERATIONS */\\n /*.\\u2022\\u00b0:\\u00b0.\\u00b4+\\u02da.*\\u00b0.\\u02da:*.\\u00b4\\u2022*.+\\u00b0.\\u2022\\u00b0:\\u00b4*.\\u00b4\\u2022*.\\u2022\\u00b0.\\u2022\\u00b0:\\u00b0.\\u00b4:\\u2022\\u02da\\u00b0.*\\u00b0.\\u02da:*.\\u00b4+\\u00b0.\\u2022*/\\n\\n /// @dev Returns the address when a contract with initialization code hash,\\n /// `hash`, is deployed with `salt`, by `deployer`.\\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\\n internal\\n pure\\n returns (address predicted)\\n {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // Compute and store the bytecode hash.\\n mstore8(0x00, 0xff) // Write the prefix.\\n mstore(0x35, hash)\\n mstore(0x01, shl(96, deployer))\\n mstore(0x15, salt)\\n predicted := keccak256(0x00, 0x55)\\n // Restore the part of the free memory pointer that has been overwritten.\\n mstore(0x35, 0)\\n }\\n }\\n\\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\\n function checkStartsWithCaller(bytes32 salt) internal view {\\n /// @solidity memory-safe-assembly\\n assembly {\\n // If the salt does not start with the zero address or the caller.\\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\\n mstore(0x00, 0x2f634836)\\n // Revert with (offset, size).\\n revert(0x1c, 0x04)\\n }\\n }\\n }\\n}\\n\",\"keccak256\":\"0x159b64c65da9e6efe93b8df8c6bb1c7672a7511dcaba414aaa3e447f6d7065e6\",\"license\":\"MIT\"}},\"version\":1}", + "bytecode": "0x60a060405234801561001057600080fd5b5060405161031a38038061031a83398101604081905261002f91610040565b6001600160a01b0316608052610070565b60006020828403121561005257600080fd5b81516001600160a01b038116811461006957600080fd5b9392505050565b60805161028a610090600039600081816040015260d7015261028a6000f3fe608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", + "deployedBytecode": "0x608060405234801561001057600080fd5b50600436106100365760003560e01c80635c60da1b1461003b5780639f7b45791461008b575b600080fd5b6100627f000000000000000000000000000000000000000000000000000000000000000081565b60405173ffffffffffffffffffffffffffffffffffffffff909116815260200160405180910390f35b610062610099366004610232565b60008083836040516020016100b8929190918252602082015260400190565b60405160208183030381529060405280519060200120905060006100fc7f0000000000000000000000000000000000000000000000000000000000000000836101db565b6040517fe4a30116000000000000000000000000000000000000000000000000000000008152600481018790526024810186905290915073ffffffffffffffffffffffffffffffffffffffff82169063e4a3011690604401600060405180830381600087803b15801561016e57600080fd5b505af1158015610182573d6000803e3d6000fd5b505060405173ffffffffffffffffffffffffffffffffffffffff841681528692508791507f33b61205835e3063eb8935cac4b29d7fc333ad80d6cb11893ba4758adf8cdde19060200160405180910390a3949350505050565b60006c5af43d3d93803e602a57fd5bf36021528260145273602c3d8160093d39f33d3d3d3d363d3d37363d73600052816035600c6000f59050806102275763301164256000526004601cfd5b600060215292915050565b6000806040838503121561024557600080fd5b5050803592602090910135915056fea2646970667358221220d58b58802d5c7747f06cdad3d5dae1daf849ad475c9f80c8a469c68e8b50b75264736f6c63430008140033", "devdoc": { "kind": "dev", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "params": { + "x": "The x coordinate of the public key", + "y": "The y coordinate of the public key" + } + } + }, + "title": "P256SignerFactory", "version": 1 }, "userdoc": { + "events": { + "NewSignerCreated(uint256,uint256,address)": { + "notice": "Emitted when a new P256Signer proxy contract is created" + } + }, "kind": "user", - "methods": {}, + "methods": { + "create(uint256,uint256)": { + "notice": "Creates a new P256Signer proxy contract" + }, + "implementation()": { + "notice": "The implementation address of the P256Signer contract" + } + }, + "notice": "Factory contract for creating proxies for P256Signer", "version": 1 }, "storageLayout": { diff --git a/deployments/polygon/WrapperFCLWebAuthn.json b/deployments/polygon/WrapperFCLWebAuthn.json new file mode 100644 index 0000000..e7e242f --- /dev/null +++ b/deployments/polygon/WrapperFCLWebAuthn.json @@ -0,0 +1,87 @@ +{ + "address": "0xB15bb4dE71bF6fbB91913872dB9F18E6C8897E9F", + "abi": [ + { + "inputs": [], + "name": "InvalidAuthenticatorData", + "type": "error" + }, + { + "inputs": [], + "name": "InvalidClientData", + "type": "error" + }, + { + "inputs": [ + { + "internalType": "bytes", + "name": "authenticatorData", + "type": "bytes" + }, + { + "internalType": "bytes1", + "name": "authenticatorDataFlagMask", + "type": "bytes1" + }, + { + "internalType": "bytes", + "name": "clientData", + "type": "bytes" + }, + { + "internalType": "bytes32", + "name": "clientChallenge", + "type": "bytes32" + }, + { + "internalType": "uint256", + "name": "clientChallengeDataOffset", + "type": "uint256" + }, + { + "internalType": "uint256[2]", + "name": "rs", + "type": "uint256[2]" + }, + { + "internalType": "uint256[2]", + "name": "Q", + "type": "uint256[2]" + } + ], + "name": "checkSignature", + "outputs": [ + { + "internalType": "bool", + "name": "", + "type": "bool" + } + ], + "stateMutability": "view", + "type": "function" + } + ], + "args": [], + "numDeployments": 1, + "solcInputHash": "9a239a13792e7e509c47a689d8b7e7c4", + "metadata": "{\"compiler\":{\"version\":\"0.8.20+commit.a1b79de6\"},\"language\":\"Solidity\",\"output\":{\"abi\":[{\"inputs\":[],\"name\":\"InvalidAuthenticatorData\",\"type\":\"error\"},{\"inputs\":[],\"name\":\"InvalidClientData\",\"type\":\"error\"},{\"inputs\":[{\"internalType\":\"bytes\",\"name\":\"authenticatorData\",\"type\":\"bytes\"},{\"internalType\":\"bytes1\",\"name\":\"authenticatorDataFlagMask\",\"type\":\"bytes1\"},{\"internalType\":\"bytes\",\"name\":\"clientData\",\"type\":\"bytes\"},{\"internalType\":\"bytes32\",\"name\":\"clientChallenge\",\"type\":\"bytes32\"},{\"internalType\":\"uint256\",\"name\":\"clientChallengeDataOffset\",\"type\":\"uint256\"},{\"internalType\":\"uint256[2]\",\"name\":\"rs\",\"type\":\"uint256[2]\"},{\"internalType\":\"uint256[2]\",\"name\":\"Q\",\"type\":\"uint256[2]\"}],\"name\":\"checkSignature\",\"outputs\":[{\"internalType\":\"bool\",\"name\":\"\",\"type\":\"bool\"}],\"stateMutability\":\"view\",\"type\":\"function\"}],\"devdoc\":{\"details\":\"This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"WrapperFCLWebAuthn\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"notice\":\"A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.\",\"version\":1}},\"settings\":{\"compilationTarget\":{\"contracts/FCL/WrapperFCLWebAuthn.sol\":\"WrapperFCLWebAuthn\"},\"evmVersion\":\"paris\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\",\"useLiteralContent\":true},\"optimizer\":{\"enabled\":true,\"runs\":1000000},\"remappings\":[]},\"sources\":{\"FreshCryptoLib/FCL_Webauthn.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nimport {Base64Url} from \\\"./utils/Base64Url.sol\\\";\\nimport {FCL_Elliptic_ZZ} from \\\"./FCL_elliptic.sol\\\";\\n\\nlibrary FCL_WebAuthn {\\n error InvalidAuthenticatorData();\\n error InvalidClientData();\\n error InvalidSignature();\\n\\n function WebAuthn_format(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata // rs\\n ) internal pure returns (bytes32 result) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n {\\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\\n revert InvalidAuthenticatorData();\\n }\\n // Verify that clientData commits to the expected client challenge\\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\\n bytes memory challengeExtracted = new bytes(\\n bytes(challengeEncoded).length\\n );\\n\\n assembly {\\n calldatacopy(\\n add(challengeExtracted, 32),\\n add(clientData.offset, clientChallengeDataOffset),\\n mload(challengeExtracted)\\n )\\n }\\n\\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\\n assembly {\\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\\n }\\n\\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\\n revert InvalidClientData();\\n }\\n } //avoid stack full\\n\\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\\n\\n assembly {\\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\\n }\\n\\n bytes32 more = sha256(clientData);\\n assembly {\\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\\n }\\n\\n return sha256(verifyData);\\n }\\n\\n function checkSignature (\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\\n\\n return result;\\n }\\n\\n function checkSignature_prec(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n address dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\\n\\n return result;\\n }\\n\\n //beware that this implementation will not be compliant with EOF\\n function checkSignature_hackmem(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256 dataPointer\\n ) internal view returns (bool) {\\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\\n\\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\\n );\\n\\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\\n\\n return result;\\n }\\n}\\n\",\"keccak256\":\"0x78658514b1f160f17b8408bddc3615b2bfaf83a50c874cdfba26ce90528214b4\",\"license\":\"MIT\"},\"FreshCryptoLib/FCL_elliptic.sol\":{\"content\":\"//********************************************************************************************/\\n// ___ _ ___ _ _ _ _\\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\\n// | _| '_/ -_|_-< ' \\\\ | (__| '_| || | '_ \\\\ _/ _ \\\\ | |__| | '_ \\\\\\n// |_||_| \\\\___/__/_||_| \\\\___|_| \\\\_, | .__/\\\\__\\\\___/ |____|_|_.__/\\n// |__/|_|\\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\\n///* License: This software is licensed under MIT License\\n///* This Code may be reused including license and copyright notice.\\n///* See LICENSE file at the root folder of the project.\\n///* FILE: FCL_elliptic.sol\\n///*\\n///*\\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\\n///* optimization\\n///*\\n//**************************************************************************************/\\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\\n// if ever used for other curve than sec256R1\\n// SPDX-License-Identifier: MIT\\npragma solidity ^0.8.20;\\n\\nlibrary FCL_Elliptic_ZZ {\\n // Set parameters for curve sec256r1.\\n\\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\\n //curve prime field modulus\\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n //short weierstrass first coefficient\\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\\n //short weierstrass second coefficient\\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\\n //generating point affine coordinates\\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\\n //curve order (number of points)\\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\\n /* -2 mod n constant, used to speed up inversion*/\\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\\n\\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\\n //P+1 div 4\\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\\n //arbitrary constant to express no quadratic residuosity\\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\\n\\n /**\\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\\n */\\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2modn)\\n mstore(add(pointer, 0xa0), n)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n /**\\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\\n */\\n\\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\\n assembly {\\n let pointer := mload(0x40)\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(pointer, 0x20)\\n mstore(add(pointer, 0x20), 0x20)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n mstore(add(pointer, 0x60), u)\\n mstore(add(pointer, 0x80), minus_2)\\n mstore(add(pointer, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\\n result := mload(pointer)\\n }\\n }\\n\\n //Coron projective shuffling, take as input alpha as blinding factor\\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n \\n uint256 alpha2=mulmod(alpha,alpha,p);\\n \\n x3=mulmod(alpha2, x,p); //alpha^-2.x\\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\\n\\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\\n \\n return (x3, y3, zz3, zzz3);\\n }\\n\\n\\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\\n {\\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\\n u2=addmod(u2, p-u1, p);// P = U2-U1\\n x1=mulmod(u2, u2, p);//PP\\n x2=mulmod(x1, u2, p);//PPP\\n \\n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \\n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\\n\\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \\n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\\n\\n return (x3, y3, zz3, zzz3);\\n }\\n\\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\\n/// @param self The integer of which to find the modular inverse\\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\\n\\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\\n assembly (\\\"memory-safe\\\") {\\n // load the free memory pointer value\\n let pointer := mload(0x40)\\n\\n // Define length of base (Bsize)\\n mstore(pointer, 0x20)\\n // Define the exponent size (Esize)\\n mstore(add(pointer, 0x20), 0x20)\\n // Define the modulus size (Msize)\\n mstore(add(pointer, 0x40), 0x20)\\n // Define variables base (B)\\n mstore(add(pointer, 0x60), self)\\n // Define the exponent (E)\\n mstore(add(pointer, 0x80), pp1div4)\\n // We save the point of the last argument, it will be override by the result\\n // of the precompile call in order to avoid paying for the memory expansion properly\\n let _result := add(pointer, 0xa0)\\n // Define the modulus (M)\\n mstore(_result, p)\\n\\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\\n if iszero(\\n staticcall(\\n not(0), // amount of gas to send\\n MODEXP_PRECOMPILE, // target\\n pointer, // argsOffset\\n 0xc0, // argsSize (6 * 32 bytes)\\n _result, // retOffset (we override M to avoid paying for the memory expansion)\\n 0x20 // retSize (32 bytes)\\n )\\n ) { revert(0, 0) }\\n\\n result := mload(_result)\\n// result :=addmod(result,0,p)\\n }\\n if(mulmod(result,result,p)!=self){\\n result=_NOTSQUARE;\\n }\\n \\n return result;\\n}\\n /**\\n * /* @dev Convert from affine rep to XYZZ rep\\n */\\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\\n unchecked {\\n P[2] = 1; //ZZ\\n P[3] = 1; //ZZZ\\n P[0] = x0;\\n P[1] = y0;\\n }\\n }\\n\\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \\n\\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\\n\\n y=SqrtMod(y2);\\n if(y==_NOTSQUARE){\\n return _NOTONCURVE;\\n }\\n if((y&1)!=(parity&1)){\\n y=p-y;\\n }\\n }\\n\\n /**\\n * /* @dev Convert from XYZZ rep to affine rep\\n */\\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\\n y1 = mulmod(y, zzzInv, p); //Y/zzz\\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\\n zzzInv = mulmod(_b, _b, p); //1/zz\\n x1 = mulmod(x, zzzInv, p); //X/zz\\n }\\n\\n /**\\n * /* @dev Sutherland2008 doubling\\n */\\n /* The \\\"dbl-2008-s-1\\\" doubling formulas */\\n\\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n assembly {\\n P0 := mulmod(2, y, p) //U = 2*Y1\\n P2 := mulmod(P0, P0, p) // V=U^2\\n P3 := mulmod(x, P2, p) // S = X1*V\\n P1 := mulmod(P0, P2, p) // W=UV\\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\\n }\\n }\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\\n */\\n\\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\\n internal\\n pure\\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\\n {\\n unchecked {\\n if (y1 == 0) {\\n return (x2, y2, 1, 1);\\n }\\n\\n assembly {\\n y1 := sub(p, y1)\\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\\n P0 := mulmod(x2, x2, p) //PP = P^2\\n P1 := mulmod(P0, x2, p) //PPP = P*PP\\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\\n }\\n //end assembly\\n } //end unchecked\\n return (P0, P1, P2, P3);\\n }\\n\\n /**\\n * @dev Return the zero curve in XYZZ coordinates.\\n */\\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\\n return (0, 0, 0, 0);\\n }\\n /**\\n * @dev Check if point is the neutral of the curve\\n */\\n\\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\\n return y0 == 0;\\n }\\n /**\\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\\n */\\n\\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\\n return (0, 0);\\n }\\n\\n /**\\n * @dev Check if the curve is the zero curve in affine rep.\\n */\\n // uint256 x, uint256 y)\\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\\n return (y == 0);\\n }\\n\\n /**\\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\\n */\\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\\n if (0 == x || x == p || 0 == y || y == p) {\\n return false;\\n }\\n unchecked {\\n uint256 LHS = mulmod(y, y, p); // y^2\\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\\n\\n return LHS == RHS;\\n }\\n }\\n\\n /**\\n * @dev Add two elliptic curve points in affine coordinates.\\n */\\n\\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\\n uint256 zz0;\\n uint256 zzz0;\\n\\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\\n\\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\\n\\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\\n }\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns only x for ECDSA use \\n * */\\n function ecZZ_mulmuladd_S_asm(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 Y;\\n uint256 index = 255;\\n uint256 H0;\\n uint256 H1;\\n\\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return 0;\\n\\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n X := H0\\n Y := H1\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := H0\\n T2 := H1\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n let T := mload(0x40)\\n mstore(add(T, 0x60), zz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n //Y:=mulmod(Y,zzz,p)//Y/zzz\\n //zz :=mulmod(zz, mload(T),p) //1/z\\n //zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, mload(T), p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return X;\\n }\\n\\n\\n /**\\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\\n * Returns affine representation of point (normalized) \\n * */\\n function ecZZ_mulmuladd(\\n uint256 Q0,\\n uint256 Q1, //affine rep for input point Q\\n uint256 scalar_u,\\n uint256 scalar_v\\n ) internal view returns (uint256 X, uint256 Y) {\\n uint256 zz;\\n uint256 zzz;\\n uint256 index = 255;\\n uint256[6] memory T;\\n uint256[2] memory H;\\n \\n unchecked {\\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\\n\\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\\n\\n assembly {\\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\\n index := sub(index, 1)\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n } {}\\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if eq(zz, 1) {\\n X := gx\\n Y := gy\\n }\\n if eq(zz, 2) {\\n X := Q0\\n Y := Q1\\n }\\n if eq(zz, 3) {\\n Y := mload(add(H,32))\\n X := mload(H)\\n }\\n\\n index := sub(index, 1)\\n zz := 1\\n zzz := 1\\n\\n for {} gt(minus_1, index) { index := sub(index, 1) } {\\n // inlined EcZZ_Dbl\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n {\\n //value of dibit\\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\\n\\n if iszero(T4) {\\n Y := sub(p, Y) //restore the -Y inversion\\n continue\\n } // if T4!=0\\n\\n if eq(T4, 1) {\\n T1 := gx\\n T2 := gy\\n }\\n if eq(T4, 2) {\\n T1 := Q0\\n T2 := Q1\\n }\\n if eq(T4, 3) {\\n T1 := mload(H)\\n T2 := mload(add(H,32))\\n }\\n if iszero(zz) {\\n X := T1\\n Y := T2\\n zz := 1\\n zzz := 1\\n continue\\n }\\n // inlined EcZZ_AddN\\n\\n //T3:=sub(p, Y)\\n //T3:=Y\\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\\n\\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\\n //todo : construct edge vector case\\n if iszero(y2) {\\n if iszero(T2) {\\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n T4 := mulmod(T2, T2, p) //PP\\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\\n zz := mulmod(zz, T4, p)\\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\\n let TT2 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\\n\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zzz)\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n Y:=mulmod(Y,mload(T),p)//Y/zzz\\n zz :=mulmod(zz, mload(T),p) //1/z\\n zz:= mulmod(zz,zz,p) //1/zz\\n X := mulmod(X, zz, p) //X/zz\\n } //end assembly\\n } //end unchecked\\n\\n return (X,Y);\\n }\\n\\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\\n //contract at given address dataPointer\\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\\n // the external tool to generate tables from public key is in the /sage directory\\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n unchecked {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n extcodecopy(dataPointer, T, mload(T), 64)\\n let index := sub(zz, 1)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for {} gt(index, 191) { index := add(index, 191) } {\\n //inline Double\\n {\\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(TT1, TT1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n let T1 := mulmod(TT1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n }\\n {\\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n let index2 := sub(index, 64)\\n let T3 :=\\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\\n let index3 := sub(index2, 64)\\n let T2 :=\\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\\n index := sub(index3, 64)\\n let T1 :=\\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T1) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n extcodecopy(dataPointer, T, T1, 64)\\n }\\n\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n\\n // inlined EcZZ_AddN\\n if iszero(zz) {\\n X := mload(T)\\n Y := mload(add(T, 32))\\n zz := 1\\n zzz := 1\\n\\n continue\\n }\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n\\n //special case ecAdd(P,P)=EcDbl\\n if iszero(y2) {\\n if iszero(T2) {\\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\\n T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n\\n T1 := mulmod(T1, T2, p) // W=UV\\n y2 := addmod(X, zz, p) //X+ZZ\\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\\n let T4 := mulmod(3, y2, p) //M\\n\\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\\n\\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\\n\\n continue\\n }\\n }\\n\\n let T4 := mulmod(T2, T2, p)\\n let T1 := mulmod(T4, T2, p) //\\n zz := mulmod(zz, T4, p)\\n //zzz3=V*ZZ1\\n zzz := mulmod(zzz, T1, p) // W=UV/\\n let zz1 := mulmod(X, T4, p)\\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n \\n\\n // improving the extcodecopy trick : append array at end of contract\\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\\n internal view\\n returns (uint256 X /*, uint Y*/ )\\n {\\n uint256 zz; // third and coordinates of the point\\n\\n uint256[6] memory T;\\n zz = 256; //start index\\n\\n unchecked {\\n while (T[0] == 0) {\\n zz = zz - 1;\\n //tbd case of msb octobit is null\\n T[0] = 64\\n * (\\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\\n );\\n }\\n assembly {\\n codecopy(T, add(mload(T), dataPointer), 64)\\n X := mload(T)\\n let Y := mload(add(T, 32))\\n let zzz := 1\\n zz := 1\\n\\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\\n let T2 := mulmod(T1, T1, p) // V=U^2\\n let T3 := mulmod(X, T2, p) // S = X1*V\\n T1 := mulmod(T1, T2, p) // W=UV\\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\\n\\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\\n\\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\\n\\n /* compute element to access in precomputed table */\\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\\n index := sub(index, 64)\\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\\n //index:=add(index,192), restore index, interleaved with loop\\n\\n //tbd: check validity of formulae with (0,1) to remove conditional jump\\n if iszero(T4) {\\n Y := sub(p, Y)\\n\\n continue\\n }\\n {\\n /* Access to precomputed table using extcodecopy hack */\\n codecopy(T, add(T4, dataPointer), 64)\\n\\n // inlined EcZZ_AddN\\n\\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\\n T4 := mulmod(T2, T2, p)\\n T1 := mulmod(T4, T2, p)\\n T2 := mulmod(zz, T4, p) // W=UV\\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\\n let zz1 := mulmod(X, T4, p)\\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\\n zz := T2\\n X := T4\\n }\\n } //end loop\\n mstore(add(T, 0x60), zz)\\n\\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\\n mstore(T, 0x20)\\n mstore(add(T, 0x20), 0x20)\\n mstore(add(T, 0x40), 0x20)\\n // Define variables base, exponent and modulus\\n //mstore(add(pointer, 0x60), u)\\n mstore(add(T, 0x80), minus_2)\\n mstore(add(T, 0xa0), p)\\n\\n // Call the precompiled contract 0x05 = ModExp\\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\\n\\n zz := mload(T)\\n X := mulmod(X, zz, p) //X/zz\\n }\\n } //end unchecked\\n }\\n\\n /**\\n * @dev ECDSA verification, given , signature, and public key.\\n */\\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n uint256 Q0 = Q[0];\\n uint256 Q1 = Q[1];\\n if (!ecAff_isOnCurve(Q0, Q1)) {\\n return false;\\n }\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\\n uint256 scalar_v = mulmod(r, sInv, n);\\n uint256 x1;\\n\\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\\n\\n assembly {\\n x1 := addmod(x1, sub(n, r), n)\\n }\\n //return true;\\n return x1 == 0;\\n }\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n /**\\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\\n * generation of contract bytecode for precomputations is done using sagemath code\\n * (see sage directory, WebAuthn_precompute.sage)\\n */\\n\\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\\n internal view\\n returns (bool)\\n {\\n uint256 r = rs[0];\\n uint256 s = rs[1];\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return false;\\n }\\n /* Q is pushed via bytecode assumed to be correct\\n if (!isOnCurve(Q[0], Q[1])) {\\n return false;\\n }*/\\n\\n uint256 sInv = FCL_nModInv(s);\\n uint256 X;\\n\\n //Shamir 8 dimensions\\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\\n\\n assembly {\\n X := addmod(X, sub(n, r), n)\\n }\\n return X == 0;\\n } //end ecdsa_precomputed_verify()\\n\\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\\n {\\n if (r == 0 || r >= n || s == 0 || s >= n) {\\n return address(0);\\n }\\n uint256 y=ec_Decompress(r, v-27);\\n uint256 rinv=FCL_nModInv(r);\\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\\n uint256 u2=mulmod(s, rinv,n);//sr^-1\\n\\n uint256 Qx;\\n uint256 Qy;\\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\\n\\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\\n }\\n\\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\\n //K is nonce, kpriv is private key\\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\\n {\\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\\n r=addmod(0,r, n); \\n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\\n\\n \\n if(r==0||s==0){\\n revert();\\n }\\n\\n\\n }\\n\\n} //EOF\\n\",\"keccak256\":\"0xd6c3e555eae02916f6b9d65db6509d7ddf0fd76d5399e29dbc1502e0b7d992a6\",\"license\":\"MIT\"},\"FreshCryptoLib/utils/Base64Url.sol\":{\"content\":\"// SPDX-License-Identifier: Apache-2.0\\npragma solidity ^0.8.0;\\n\\n/**\\n * @dev Encode (without '=' padding) \\n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\\n */\\nlibrary Base64Url {\\n /**\\n * @dev Base64Url Encoding Table\\n */\\n string internal constant ENCODING_TABLE =\\n \\\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\\\";\\n\\n function encode(bytes memory data) internal pure returns (string memory) {\\n if (data.length == 0) return \\\"\\\";\\n\\n // Load the table into memory\\n string memory table = ENCODING_TABLE;\\n\\n string memory result = new string(4 * ((data.length + 2) / 3));\\n\\n // @solidity memory-safe-assembly\\n assembly {\\n let tablePtr := add(table, 1)\\n let resultPtr := add(result, 32)\\n\\n for {\\n let dataPtr := data\\n let endPtr := add(data, mload(data))\\n } lt(dataPtr, endPtr) {\\n\\n } {\\n dataPtr := add(dataPtr, 3)\\n let input := mload(dataPtr)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(\\n resultPtr,\\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\\n )\\n resultPtr := add(resultPtr, 1)\\n\\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\\n resultPtr := add(resultPtr, 1)\\n }\\n\\n // Remove the padding adjustment logic\\n switch mod(mload(data), 3)\\n case 1 {\\n // Adjust for the last byte of data\\n resultPtr := sub(resultPtr, 2)\\n }\\n case 2 {\\n // Adjust for the last two bytes of data\\n resultPtr := sub(resultPtr, 1)\\n }\\n \\n // Set the correct length of the result string\\n mstore(result, sub(resultPtr, add(result, 32)))\\n }\\n\\n return result; \\n }\\n}\\n\",\"keccak256\":\"0xc9d5fbb0ef9ff0756eb5aabe7a32b2bf0f8f3c533d4451dd5778fe77aee7f0c1\",\"license\":\"Apache-2.0\"},\"contracts/FCL/WrapperFCLWebAuthn.sol\":{\"content\":\"pragma solidity ^0.8.0;\\n\\nimport {FCL_WebAuthn} from \\\"FreshCryptoLib/FCL_Webauthn.sol\\\";\\n\\n/// @title WrapperFCLWebAuthn\\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\\n/// EIP-1271 of Webauthn payloads.\\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\\n/// It is meant to be used with 1271 signatures.\\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\\n/// functions and use calldata. This makes it impossible to use it with\\n/// isValidSignature that use memory.\\nlibrary WrapperFCLWebAuthn {\\n function checkSignature(\\n bytes calldata authenticatorData,\\n bytes1 authenticatorDataFlagMask,\\n bytes calldata clientData,\\n bytes32 clientChallenge,\\n uint256 clientChallengeDataOffset,\\n uint256[2] calldata rs,\\n uint256[2] calldata Q\\n ) external view returns (bool) {\\n return FCL_WebAuthn.checkSignature(\\n authenticatorData,\\n authenticatorDataFlagMask,\\n clientData,\\n clientChallenge,\\n clientChallengeDataOffset,\\n rs,\\n Q\\n );\\n }\\n}\",\"keccak256\":\"0x21b11feafba10e0db2399a46a1d5d30a93c39d0f1c384f43ac43f4988b5d0586\"}},\"version\":1}", + "bytecode": "0x611a3c61003a600b82828239805160001a60731461002d57634e487b7160e01b600052600060045260246000fd5b30600052607381538281f3fe73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "deployedBytecode": "0x73000000000000000000000000000000000000000030146080604052600436106100355760003560e01c80630d5efec91461003a575b600080fd5b61004d61004836600461179d565b610061565b604051901515815260200160405180910390f35b60006100748a8a8a8a8a8a8a8a8a610082565b9a9950505050505050505050565b6000806100958b8b8b8b8b8b8b8b6100b4565b905060006100a4828686610357565b9c9b505050505050505050505050565b60007fff000000000000000000000000000000000000000000000000000000000000008716878a8a60208181106100ed576100ed61187c565b9050013560f81c60f81b167effffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff191614610151576040517ffc93479200000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b600061017d8560405160200161016991815260200190565b6040516020818303038152906040526104b9565b90506000815167ffffffffffffffff81111561019b5761019b6118ab565b6040519080825280601f01601f1916602001820160405280156101c5576020820181803683370190505b50905080518589016020830137600081516020830120905080836040516020016101ef91906118da565b604051602081830303815290604052805190602001201461023c576040517febab5d2900000000000000000000000000000000000000000000000000000000815260040160405180910390fd5b506000915061024e9050896020611938565b67ffffffffffffffff811115610266576102666118ab565b6040519080825280601f01601f191660200182016040528015610290576020820181803683370190505b509050888a60208301376000600288886040516102ae92919061194b565b602060405180830381855afa1580156102cb573d6000803e3d6000fd5b5050506040513d601f19601f820116820180604052508101906102ee919061195b565b90508060208b0183015260028260405161030891906118da565b602060405180830381855afa158015610325573d6000803e3d6000fd5b5050506040513d601f19601f82011682018060405250810190610348919061195b565b9b9a5050505050505050505050565b60008235602084013581158061038d57507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518210155b80610396575080155b806103c157507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518110155b156103d1576000925050506104b2565b833560208501356103e28282610628565b6103f35760009450505050506104b2565b60006103fe846107a1565b905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551828b09905060007fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325518388099050600061045e86868585610825565b90507fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551887fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103820815985050505050505050505b9392505050565b606081516000036104d857505060408051602081019091526000815290565b60006040518060600160405280604081526020016119c760409139905060006003845160026105079190611938565b6105119190611974565b61051c9060046119af565b67ffffffffffffffff811115610534576105346118ab565b6040519080825280601f01601f19166020018201604052801561055e576020820181803683370190505b509050600182016020820185865187015b808210156105ca576003820191508151603f8160121c168501518453600184019350603f81600c1c168501518453600184019350603f8160061c168501518453600184019350603f811685015184535060018301925061056f565b50506003865106600181146105e657600281146105f1576105f8565b6002820391506105f8565b6001820391505b508290037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0018252509392505050565b600082158061065657507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83145b8061065f575081155b8061068957507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82145b156106965750600061079b565b60007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409905060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000fffffffffffffffffffffffc87097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09090890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff7f5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b8208919091149150505b92915050565b600060405160208152602080820152602060408201528260608201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f60808201527fffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255160a082015260208160c0836005600019fa61081e57600080fd5b5192915050565b600080808060ff81808815801561083a575087155b1561084e57600096505050505050506112e6565b61089a7f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2967f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f58d8d6112ee565b8092508193505050600189841c16600189851c1660011b015b806108d55760018403935060018a851c1660018a861c1660011b0190506108b3565b50600189841c16600189851c1660011b01955060018603610937577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29696507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f593505b60028603610946578a96508993505b60038603610955578196508093505b60018303925060019550600194505b827fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff111561123c577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff846002097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8182097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818a097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82840992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff807fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038e08096003097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff89850998507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a840999507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838409089a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08820992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff837fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a870908975060018d881c1660018d891c1660011b01905080610c4057877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03975050505050611231565b60018103610c8f577f6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c29693507f4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f592505b60028103610c9e578e93508d92505b60038103610cad578593508492505b89610cc657509198506001975087965094506112319050565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8609087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8c7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8d88090893508061102a578361102a577fffffffff00000001000000000000000000000000ffffffffffffffffffffffff897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd0994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff85860993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848d0992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84860994507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b8d0890507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d087fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81830991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8260030992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b82099a50507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8b85099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80847fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848509089b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808d7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038508830993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff808a8709850898505050505050611231565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84850991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8483097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838d099b507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818c099a507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff838e097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80827fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff847fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff878809080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80838d097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff03860809089a50505050809a50505050505b600183039250610964565b60405186606082015260208152602080820152602060408201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa6112b757600080fd5b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff815189099750505050505050505b949350505050565b600080808086611305578585935093505050611343565b84611317578787935093505050611343565b61132688886001808a8a61134c565b929a509098509250905061133c88888484611611565b9350935050505b94509492505050565b6000806000808860000361136b57508492508391506001905080611604565b7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff9889039889818988090894507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a7fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8a89090895507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86870993507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff86850992507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff84890991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff83880990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff848b0997507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80897fffffffff00000001000000000000000000000000fffffffffffffffffffffffd097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff857fffffffff00000001000000000000000000000000ffffffffffffffffffffffff037fffffffff00000001000000000000000000000000ffffffffffffffffffffffff898a09080893507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff80848b097fffffffff00000001000000000000000000000000ffffffffffffffffffffffff877fffffffff00000001000000000000000000000000ffffffffffffffffffffffff887fffffffff00000001000000000000000000000000ffffffffffffffffffffffff038d08090892505b9650965096509692505050565b600080600061161f846116c6565b90507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff818709915060007fffffffff00000001000000000000000000000000ffffffffffffffffffffffff82870990507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff81820991507fffffffff00000001000000000000000000000000ffffffffffffffffffffffff8289099350505094509492505050565b600060405160208152602080820152602060408201528260608201527fffffffff00000001000000000000000000000000fffffffffffffffffffffffd60808201527fffffffff00000001000000000000000000000000ffffffffffffffffffffffff60a082015260208160c0836005600019fa61081e57600080fd5b60008083601f84011261175557600080fd5b50813567ffffffffffffffff81111561176d57600080fd5b60208301915083602082850101111561178557600080fd5b9250929050565b806040810183101561079b57600080fd5b60008060008060008060008060006101208a8c0312156117bc57600080fd5b893567ffffffffffffffff808211156117d457600080fd5b6117e08d838e01611743565b909b50995060208c013591507fff000000000000000000000000000000000000000000000000000000000000008216821461181a57600080fd5b90975060408b0135908082111561183057600080fd5b5061183d8c828d01611743565b90975095505060608a0135935060808a0135925061185e8b60a08c0161178c565b915061186d8b60e08c0161178c565b90509295985092959850929598565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b6000825160005b818110156118fb57602081860181015185830152016118e1565b506000920191825250919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b8082018082111561079b5761079b611909565b8183823760009101908152919050565b60006020828403121561196d57600080fd5b5051919050565b6000826119aa577f4e487b7100000000000000000000000000000000000000000000000000000000600052601260045260246000fd5b500490565b808202811582820484141761079b5761079b61190956fe4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a303132333435363738392d5fa2646970667358221220a5a42b5a5048bdf6322d6fa3052df01e1a197bbb61722775e8f972389e441d9964736f6c63430008140033", + "devdoc": { + "details": "This lib is only a wrapper around the FCL_WebAuthn library. It is meant to be used with 1271 signatures. The wrapping is necessary because the FCL_WebAuthn has only internal functions and use calldata. This makes it impossible to use it with isValidSignature that use memory.", + "kind": "dev", + "methods": {}, + "title": "WrapperFCLWebAuthn", + "version": 1 + }, + "userdoc": { + "kind": "user", + "methods": {}, + "notice": "A library used to verify ECDSA signatures over secp256r1 through EIP-1271 of Webauthn payloads.", + "version": 1 + }, + "storageLayout": { + "storage": [], + "types": null + } +} \ No newline at end of file diff --git a/deployments/polygon/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json b/deployments/polygon/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json new file mode 100644 index 0000000..36c552a --- /dev/null +++ b/deployments/polygon/solcInputs/9a239a13792e7e509c47a689d8b7e7c4.json @@ -0,0 +1,54 @@ +{ + "language": "Solidity", + "sources": { + "contracts/FCL/WrapperFCLWebAuthn.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {FCL_WebAuthn} from \"FreshCryptoLib/FCL_Webauthn.sol\";\n\n/// @title WrapperFCLWebAuthn\n/// @notice A library used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This lib is only a wrapper around the FCL_WebAuthn library.\n/// It is meant to be used with 1271 signatures.\n/// The wrapping is necessary because the FCL_WebAuthn has only internal\n/// functions and use calldata. This makes it impossible to use it with\n/// isValidSignature that use memory.\nlibrary WrapperFCLWebAuthn {\n function checkSignature(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) external view returns (bool) {\n return FCL_WebAuthn.checkSignature(\n authenticatorData,\n authenticatorDataFlagMask,\n clientData,\n clientChallenge,\n clientChallengeDataOffset,\n rs,\n Q\n );\n }\n}" + }, + "contracts/P256Signer.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {WrapperFCLWebAuthn} from \"./FCL/WrapperFCLWebAuthn.sol\";\n\n/// @title P256Signer\n/// @notice A contract used to verify ECDSA signatures over secp256r1 through\n/// EIP-1271 of Webauthn payloads.\n/// @dev This contract is the implementation. It is meant to be used through\n/// proxy clone.\ncontract P256Signer {\n /// @notice The EIP-1271 magic value\n bytes4 internal constant EIP1271_MAGICVALUE = 0x1626ba7e;\n\n /// @notice The old EIP-1271 magic value\n bytes4 internal constant OLD_EIP1271_MAGICVALUE = 0x20c13b0b;\n\n /// @notice Whether the contract has been initialized\n bool public initialized;\n\n /// @notice The x coordinate of the secp256r1 public key\n uint256 public x;\n\n /// @notice The y coordinate of the secp256r1 public key\n uint256 public y;\n\n /// @notice Error message when the signature is invalid\n error InvalidSignature();\n\n /// @notice Error message when the hash is invalid\n error InvalidHash();\n\n /// @notice Error message when the contract is already initialized\n error AlreadyInitialized();\n\n constructor() {\n initialized = true;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(abi.encode(_hash), _signature);\n return EIP1271_MAGICVALUE;\n }\n\n /// @notice Verifies that the signer is the owner of the secp256r1 public key.\n /// @dev This is the old version of the function of EIP-1271 using bytes\n /// memory instead of bytes32\n /// @param _hash The hash of the data signed\n /// @param _signature The signature\n /// @return The EIP-1271 magic value\n function isValidSignature(bytes memory _hash, bytes memory _signature) public view returns (bytes4) {\n _validate(_hash, _signature);\n return OLD_EIP1271_MAGICVALUE;\n }\n\n /// @notice Validates the signature\n /// @param data The data signed\n /// @param _signature The signature\n function _validate(bytes memory data, bytes memory _signature) private view {\n bytes32 _hash = keccak256(data);\n (bytes memory authenticatorData, bytes memory clientData, uint256 challengeOffset, uint256[2] memory rs) =\n abi.decode(_signature, (bytes, bytes, uint256, uint256[2]));\n\n bool valid = WrapperFCLWebAuthn.checkSignature(authenticatorData, 0x01, clientData, _hash, challengeOffset, rs, [x, y]);\n\n if (!valid) revert InvalidSignature();\n }\n\n /// @dev This function is only callable once and needs to be called immediately\n /// after deployment by the factory in the same transaction.\n /// @param x_ The x coordinate of the public key\n /// @param y_ The y coordinate of the public key\n function initialize(uint256 x_, uint256 y_) external {\n if (initialized) revert AlreadyInitialized();\n initialized = true;\n x = x_;\n y = y_;\n }\n}\n" + }, + "contracts/P256SignerFactory.sol": { + "content": "pragma solidity ^0.8.0;\n\nimport {P256Signer} from \"./P256Signer.sol\";\nimport \"solady/src/utils/LibClone.sol\";\n\n/// @title P256SignerFactory\n/// @notice Factory contract for creating proxies for P256Signer\ncontract P256SignerFactory {\n /// @notice The implementation address of the P256Signer contract\n address public immutable implementation;\n\n constructor(address implementation_) {\n implementation = implementation_;\n }\n\n /// @notice Emitted when a new P256Signer proxy contract is created\n event NewSignerCreated(uint256 indexed x, uint256 indexed y, address signer);\n\n /// @notice Creates a new P256Signer proxy contract\n /// @param x The x coordinate of the public key\n /// @param y The y coordinate of the public key\n function create(uint256 x, uint256 y) external returns (address) {\n bytes32 salt = keccak256(abi.encodePacked(x, y));\n address signer = LibClone.cloneDeterministic(implementation, salt);\n P256Signer(signer).initialize(x, y);\n emit NewSignerCreated(x, y, signer);\n return signer;\n }\n}\n" + }, + "FreshCryptoLib/FCL_elliptic.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n// |__/|_|\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: modified XYZZ system coordinates for EVM elliptic point multiplication\n///* optimization\n///*\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nlibrary FCL_Elliptic_ZZ {\n // Set parameters for curve sec256r1.\n\n // address of the ModExp precompiled contract (Arbitrary-precision exponentiation under modulo)\n address constant MODEXP_PRECOMPILE = 0x0000000000000000000000000000000000000005;\n //curve prime field modulus\n uint256 constant p = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n //short weierstrass first coefficient\n uint256 constant a = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC;\n //short weierstrass second coefficient\n uint256 constant b = 0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B;\n //generating point affine coordinates\n uint256 constant gx = 0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296;\n uint256 constant gy = 0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5;\n //curve order (number of points)\n uint256 constant n = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551;\n /* -2 mod p constant, used to speed up inversion and doubling (avoid negation)*/\n uint256 constant minus_2 = 0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFD;\n /* -2 mod n constant, used to speed up inversion*/\n uint256 constant minus_2modn = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC63254F;\n\n uint256 constant minus_1 = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;\n //P+1 div 4\n uint256 constant pp1div4=0x3fffffffc0000000400000000000000000000000400000000000000000000000;\n //arbitrary constant to express no quadratic residuosity\n uint256 constant _NOTSQUARE=0xFFFFFFFF00000002000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n uint256 constant _NOTONCURVE=0xFFFFFFFF00000003000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF;\n\n /**\n * /* inversion mod n via a^(n-2), use of precompiled using little Fermat theorem\n */\n function FCL_nModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2modn)\n mstore(add(pointer, 0xa0), n)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n /**\n * /* @dev inversion mod nusing little Fermat theorem via a^(n-2), use of precompiled\n */\n\n function FCL_pModInv(uint256 u) internal view returns (uint256 result) {\n assembly {\n let pointer := mload(0x40)\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(pointer, 0x20)\n mstore(add(pointer, 0x20), 0x20)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base, exponent and modulus\n mstore(add(pointer, 0x60), u)\n mstore(add(pointer, 0x80), minus_2)\n mstore(add(pointer, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, pointer, 0xc0, pointer, 0x20)) { revert(0, 0) }\n result := mload(pointer)\n }\n }\n\n //Coron projective shuffling, take as input alpha as blinding factor\n function ecZZ_Coronize(uint256 alpha, uint256 x, uint256 y, uint256 zz, uint256 zzz) public pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n \n uint256 alpha2=mulmod(alpha,alpha,p);\n \n x3=mulmod(alpha2, x,p); //alpha^-2.x\n y3=mulmod(mulmod(alpha, alpha2,p), y,p);\n\n zz3=mulmod(zz,alpha2,p);//alpha^2 zz\n zzz3=mulmod(zzz,mulmod(alpha, alpha2,p),p);//alpha^3 zzz\n \n return (x3, y3, zz3, zzz3);\n }\n\n\n function ecZZ_Add(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2, uint256 zz2, uint256 zzz2) internal pure returns (uint256 x3, uint256 y3, uint256 zz3, uint256 zzz3)\n {\n uint256 u1=mulmod(x1,zz2,p); // U1 = X1*ZZ2\n uint256 u2=mulmod(x2, zz1,p); // U2 = X2*ZZ1\n u2=addmod(u2, p-u1, p);// P = U2-U1\n x1=mulmod(u2, u2, p);//PP\n x2=mulmod(x1, u2, p);//PPP\n \n zz3=mulmod(x1, mulmod(zz1, zz2, p),p);//ZZ3 = ZZ1*ZZ2*PP \n zzz3=mulmod(zzz1, mulmod(zzz2, x2, p),p);//ZZZ3 = ZZZ1*ZZZ2*PPP\n\n zz1=mulmod(y1, zzz2,p); // S1 = Y1*ZZZ2\n zz2=mulmod(y2, zzz1, p); // S2 = Y2*ZZZ1 \n zz2=addmod(zz2, p-zz1, p);//R = S2-S1\n zzz1=mulmod(u1, x1,p); //Q = U1*PP\n x3= addmod(addmod(mulmod(zz2, zz2, p), p-x2,p), mulmod(minus_2, zzz1,p),p); //X3 = R2-PPP-2*Q\n y3=addmod( mulmod(zz2, addmod(zzz1, p-x3, p),p), p-mulmod(zz1, x2, p),p);//R*(Q-X3)-S1*PPP\n\n return (x3, y3, zz3, zzz3);\n }\n\n/// @notice Calculate one modular square root of a given integer. Assume that p=3 mod 4.\n/// @dev Uses the ModExp precompiled contract at address 0x05 for fast computation using little Fermat theorem\n/// @param self The integer of which to find the modular inverse\n/// @return result The modular inverse of the input integer. If the modular inverse doesn't exist, it revert the tx\n\nfunction SqrtMod(uint256 self) internal view returns (uint256 result){\n assembly (\"memory-safe\") {\n // load the free memory pointer value\n let pointer := mload(0x40)\n\n // Define length of base (Bsize)\n mstore(pointer, 0x20)\n // Define the exponent size (Esize)\n mstore(add(pointer, 0x20), 0x20)\n // Define the modulus size (Msize)\n mstore(add(pointer, 0x40), 0x20)\n // Define variables base (B)\n mstore(add(pointer, 0x60), self)\n // Define the exponent (E)\n mstore(add(pointer, 0x80), pp1div4)\n // We save the point of the last argument, it will be override by the result\n // of the precompile call in order to avoid paying for the memory expansion properly\n let _result := add(pointer, 0xa0)\n // Define the modulus (M)\n mstore(_result, p)\n\n // Call the precompiled ModExp (0x05) https://www.evm.codes/precompiled#0x05\n if iszero(\n staticcall(\n not(0), // amount of gas to send\n MODEXP_PRECOMPILE, // target\n pointer, // argsOffset\n 0xc0, // argsSize (6 * 32 bytes)\n _result, // retOffset (we override M to avoid paying for the memory expansion)\n 0x20 // retSize (32 bytes)\n )\n ) { revert(0, 0) }\n\n result := mload(_result)\n// result :=addmod(result,0,p)\n }\n if(mulmod(result,result,p)!=self){\n result=_NOTSQUARE;\n }\n \n return result;\n}\n /**\n * /* @dev Convert from affine rep to XYZZ rep\n */\n function ecAff_SetZZ(uint256 x0, uint256 y0) internal pure returns (uint256[4] memory P) {\n unchecked {\n P[2] = 1; //ZZ\n P[3] = 1; //ZZZ\n P[0] = x0;\n P[1] = y0;\n }\n }\n\n function ec_Decompress(uint256 x, uint256 parity) internal view returns(uint256 y){ \n\n uint256 y2=mulmod(x,mulmod(x,x,p),p);//x3\n y2=addmod(b,addmod(y2,mulmod(x,a,p),p),p);//x3+ax+b\n\n y=SqrtMod(y2);\n if(y==_NOTSQUARE){\n return _NOTONCURVE;\n }\n if((y&1)!=(parity&1)){\n y=p-y;\n }\n }\n\n /**\n * /* @dev Convert from XYZZ rep to affine rep\n */\n /* https://hyperelliptic.org/EFD/g1p/auto-shortw-xyzz-3.html#addition-add-2008-s*/\n function ecZZ_SetAff(uint256 x, uint256 y, uint256 zz, uint256 zzz) internal view returns (uint256 x1, uint256 y1) {\n uint256 zzzInv = FCL_pModInv(zzz); //1/zzz\n y1 = mulmod(y, zzzInv, p); //Y/zzz\n uint256 _b = mulmod(zz, zzzInv, p); //1/z\n zzzInv = mulmod(_b, _b, p); //1/zz\n x1 = mulmod(x, zzzInv, p); //X/zz\n }\n\n /**\n * /* @dev Sutherland2008 doubling\n */\n /* The \"dbl-2008-s-1\" doubling formulas */\n\n function ecZZ_Dbl(uint256 x, uint256 y, uint256 zz, uint256 zzz)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n assembly {\n P0 := mulmod(2, y, p) //U = 2*Y1\n P2 := mulmod(P0, P0, p) // V=U^2\n P3 := mulmod(x, P2, p) // S = X1*V\n P1 := mulmod(P0, P2, p) // W=UV\n P2 := mulmod(P2, zz, p) //zz3=V*ZZ1\n zz := mulmod(3, mulmod(addmod(x, sub(p, zz), p), addmod(x, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n P0 := addmod(mulmod(zz, zz, p), mulmod(minus_2, P3, p), p) //X3=M^2-2S\n x := mulmod(zz, addmod(P3, sub(p, P0), p), p) //M(S-X3)\n P3 := mulmod(P1, zzz, p) //zzz3=W*zzz1\n P1 := addmod(x, sub(p, mulmod(P1, y, p)), p) //Y3= M(S-X3)-W*Y1\n }\n }\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Sutherland2008 add a ZZ point with a normalized point and greedy formulae\n * warning: assume that P1(x1,y1)!=P2(x2,y2), true in multiplication loop with prime order (cofactor 1)\n */\n\n function ecZZ_AddN(uint256 x1, uint256 y1, uint256 zz1, uint256 zzz1, uint256 x2, uint256 y2)\n internal\n pure\n returns (uint256 P0, uint256 P1, uint256 P2, uint256 P3)\n {\n unchecked {\n if (y1 == 0) {\n return (x2, y2, 1, 1);\n }\n\n assembly {\n y1 := sub(p, y1)\n y2 := addmod(mulmod(y2, zzz1, p), y1, p)\n x2 := addmod(mulmod(x2, zz1, p), sub(p, x1), p)\n P0 := mulmod(x2, x2, p) //PP = P^2\n P1 := mulmod(P0, x2, p) //PPP = P*PP\n P2 := mulmod(zz1, P0, p) ////ZZ3 = ZZ1*PP\n P3 := mulmod(zzz1, P1, p) ////ZZZ3 = ZZZ1*PPP\n zz1 := mulmod(x1, P0, p) //Q = X1*PP\n P0 := addmod(addmod(mulmod(y2, y2, p), sub(p, P1), p), mulmod(minus_2, zz1, p), p) //R^2-PPP-2*Q\n P1 := addmod(mulmod(addmod(zz1, sub(p, P0), p), y2, p), mulmod(y1, P1, p), p) //R*(Q-X3)\n }\n //end assembly\n } //end unchecked\n return (P0, P1, P2, P3);\n }\n\n /**\n * @dev Return the zero curve in XYZZ coordinates.\n */\n function ecZZ_SetZero() internal pure returns (uint256 x, uint256 y, uint256 zz, uint256 zzz) {\n return (0, 0, 0, 0);\n }\n /**\n * @dev Check if point is the neutral of the curve\n */\n\n // uint256 x0, uint256 y0, uint256 zz0, uint256 zzz0\n function ecZZ_IsZero(uint256, uint256 y0, uint256, uint256) internal pure returns (bool) {\n return y0 == 0;\n }\n /**\n * @dev Return the zero curve in affine coordinates. Compatible with the double formulae (no special case)\n */\n\n function ecAff_SetZero() internal pure returns (uint256 x, uint256 y) {\n return (0, 0);\n }\n\n /**\n * @dev Check if the curve is the zero curve in affine rep.\n */\n // uint256 x, uint256 y)\n function ecAff_IsZero(uint256, uint256 y) internal pure returns (bool flag) {\n return (y == 0);\n }\n\n /**\n * @dev Check if a point in affine coordinates is on the curve (reject Neutral that is indeed on the curve).\n */\n function ecAff_isOnCurve(uint256 x, uint256 y) internal pure returns (bool) {\n if (0 == x || x == p || 0 == y || y == p) {\n return false;\n }\n unchecked {\n uint256 LHS = mulmod(y, y, p); // y^2\n uint256 RHS = addmod(mulmod(mulmod(x, x, p), x, p), mulmod(x, a, p), p); // x^3+ax\n RHS = addmod(RHS, b, p); // x^3 + a*x + b\n\n return LHS == RHS;\n }\n }\n\n /**\n * @dev Add two elliptic curve points in affine coordinates.\n */\n\n function ecAff_add(uint256 x0, uint256 y0, uint256 x1, uint256 y1) internal view returns (uint256, uint256) {\n uint256 zz0;\n uint256 zzz0;\n\n if (ecAff_IsZero(x0, y0)) return (x1, y1);\n if (ecAff_IsZero(x1, y1)) return (x0, y0);\n\n (x0, y0, zz0, zzz0) = ecZZ_AddN(x0, y0, 1, 1, x1, y1);\n\n return ecZZ_SetAff(x0, y0, zz0, zzz0);\n }\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns only x for ECDSA use \n * */\n function ecZZ_mulmuladd_S_asm(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X) {\n uint256 zz;\n uint256 zzz;\n uint256 Y;\n uint256 index = 255;\n uint256 H0;\n uint256 H1;\n\n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return 0;\n\n (H0, H1) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n X := H0\n Y := H1\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := H0\n T2 := H1\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n let T := mload(0x40)\n mstore(add(T, 0x60), zz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n //Y:=mulmod(Y,zzz,p)//Y/zzz\n //zz :=mulmod(zz, mload(T),p) //1/z\n //zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, mload(T), p) //X/zz\n } //end assembly\n } //end unchecked\n\n return X;\n }\n\n\n /**\n * @dev Computation of uG+vQ using Strauss-Shamir's trick, G basepoint, Q public key\n * Returns affine representation of point (normalized) \n * */\n function ecZZ_mulmuladd(\n uint256 Q0,\n uint256 Q1, //affine rep for input point Q\n uint256 scalar_u,\n uint256 scalar_v\n ) internal view returns (uint256 X, uint256 Y) {\n uint256 zz;\n uint256 zzz;\n uint256 index = 255;\n uint256[6] memory T;\n uint256[2] memory H;\n \n unchecked {\n if (scalar_u == 0 && scalar_v == 0) return (0,0);\n\n (H[0], H[1]) = ecAff_add(gx, gy, Q0, Q1); //will not work if Q=P, obvious forbidden private key\n\n assembly {\n for { let T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1)) } eq(T4, 0) {\n index := sub(index, 1)\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n } {}\n zz := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if eq(zz, 1) {\n X := gx\n Y := gy\n }\n if eq(zz, 2) {\n X := Q0\n Y := Q1\n }\n if eq(zz, 3) {\n Y := mload(add(H,32))\n X := mload(H)\n }\n\n index := sub(index, 1)\n zz := 1\n zzz := 1\n\n for {} gt(minus_1, index) { index := sub(index, 1) } {\n // inlined EcZZ_Dbl\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n {\n //value of dibit\n T4 := add(shl(1, and(shr(index, scalar_v), 1)), and(shr(index, scalar_u), 1))\n\n if iszero(T4) {\n Y := sub(p, Y) //restore the -Y inversion\n continue\n } // if T4!=0\n\n if eq(T4, 1) {\n T1 := gx\n T2 := gy\n }\n if eq(T4, 2) {\n T1 := Q0\n T2 := Q1\n }\n if eq(T4, 3) {\n T1 := mload(H)\n T2 := mload(add(H,32))\n }\n if iszero(zz) {\n X := T1\n Y := T2\n zz := 1\n zzz := 1\n continue\n }\n // inlined EcZZ_AddN\n\n //T3:=sub(p, Y)\n //T3:=Y\n let y2 := addmod(mulmod(T2, zzz, p), Y, p) //R\n T2 := addmod(mulmod(T1, zz, p), sub(p, X), p) //P\n\n //special extremely rare case accumulator where EcAdd is replaced by EcDbl, no need to optimize this\n //todo : construct edge vector case\n if iszero(y2) {\n if iszero(T2) {\n T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n T4 := mulmod(T2, T2, p) //PP\n let TT1 := mulmod(T4, T2, p) //PPP, this one could be spared, but adding this register spare gas\n zz := mulmod(zz, T4, p)\n zzz := mulmod(zzz, TT1, p) //zz3=V*ZZ1\n let TT2 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, TT1), p), mulmod(minus_2, TT2, p), p)\n Y := addmod(mulmod(addmod(TT2, sub(p, T4), p), y2, p), mulmod(Y, TT1, p), p)\n\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zzz)\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n Y:=mulmod(Y,mload(T),p)//Y/zzz\n zz :=mulmod(zz, mload(T),p) //1/z\n zz:= mulmod(zz,zz,p) //1/zz\n X := mulmod(X, zz, p) //X/zz\n } //end assembly\n } //end unchecked\n\n return (X,Y);\n }\n\n //8 dimensions Shamir's trick, using precomputations stored in Shamir8, stored as Bytecode of an external\n //contract at given address dataPointer\n //(thx to Lakhdar https://github.com/Kelvyne for EVM storage explanations and tricks)\n // the external tool to generate tables from public key is in the /sage directory\n function ecZZ_mulmuladd_S8_extcode(uint256 scalar_u, uint256 scalar_v, address dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n unchecked {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n extcodecopy(dataPointer, T, mload(T), 64)\n let index := sub(zz, 1)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for {} gt(index, 191) { index := add(index, 191) } {\n //inline Double\n {\n let TT1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(TT1, TT1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n let T1 := mulmod(TT1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n let T5 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T5, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n }\n {\n let T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n let index2 := sub(index, 64)\n let T3 :=\n add(T4, add(shl(12, and(shr(index2, scalar_v), 1)), shl(8, and(shr(index2, scalar_u), 1))))\n let index3 := sub(index2, 64)\n let T2 :=\n add(T3, add(shl(11, and(shr(index3, scalar_v), 1)), shl(7, and(shr(index3, scalar_u), 1))))\n index := sub(index3, 64)\n let T1 :=\n add(T2, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T1) {\n Y := sub(p, Y)\n\n continue\n }\n extcodecopy(dataPointer, T, T1, 64)\n }\n\n {\n /* Access to precomputed table using extcodecopy hack */\n\n // inlined EcZZ_AddN\n if iszero(zz) {\n X := mload(T)\n Y := mload(add(T, 32))\n zz := 1\n zzz := 1\n\n continue\n }\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n let T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n\n //special case ecAdd(P,P)=EcDbl\n if iszero(y2) {\n if iszero(T2) {\n let T1 := mulmod(minus_2, Y, p) //U = 2*Y1, y free\n T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n\n T1 := mulmod(T1, T2, p) // W=UV\n y2 := addmod(X, zz, p) //X+ZZ\n let TT1 := addmod(X, sub(p, zz), p) //X-ZZ\n y2 := mulmod(y2, TT1, p) //(X-ZZ)(X+ZZ)\n let T4 := mulmod(3, y2, p) //M\n\n zzz := mulmod(TT1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n T2 := mulmod(T4, addmod(T3, sub(p, X), p), p) //M(S-X3)\n\n Y := addmod(T2, mulmod(T1, Y, p), p) //Y3= M(S-X3)-W*Y1\n\n continue\n }\n }\n\n let T4 := mulmod(T2, T2, p)\n let T1 := mulmod(T4, T2, p) //\n zz := mulmod(zz, T4, p)\n //zzz3=V*ZZ1\n zzz := mulmod(zzz, T1, p) // W=UV/\n let zz1 := mulmod(X, T4, p)\n X := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, X), p), y2, p), mulmod(Y, T1, p), p)\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n \n\n // improving the extcodecopy trick : append array at end of contract\n function ecZZ_mulmuladd_S8_hackmem(uint256 scalar_u, uint256 scalar_v, uint256 dataPointer)\n internal view\n returns (uint256 X /*, uint Y*/ )\n {\n uint256 zz; // third and coordinates of the point\n\n uint256[6] memory T;\n zz = 256; //start index\n\n unchecked {\n while (T[0] == 0) {\n zz = zz - 1;\n //tbd case of msb octobit is null\n T[0] = 64\n * (\n 128 * ((scalar_v >> zz) & 1) + 64 * ((scalar_v >> (zz - 64)) & 1)\n + 32 * ((scalar_v >> (zz - 128)) & 1) + 16 * ((scalar_v >> (zz - 192)) & 1)\n + 8 * ((scalar_u >> zz) & 1) + 4 * ((scalar_u >> (zz - 64)) & 1)\n + 2 * ((scalar_u >> (zz - 128)) & 1) + ((scalar_u >> (zz - 192)) & 1)\n );\n }\n assembly {\n codecopy(T, add(mload(T), dataPointer), 64)\n X := mload(T)\n let Y := mload(add(T, 32))\n let zzz := 1\n zz := 1\n\n //loop over 1/4 of scalars thx to Shamir's trick over 8 points\n for { let index := 254 } gt(index, 191) { index := add(index, 191) } {\n let T1 := mulmod(2, Y, p) //U = 2*Y1, y free\n let T2 := mulmod(T1, T1, p) // V=U^2\n let T3 := mulmod(X, T2, p) // S = X1*V\n T1 := mulmod(T1, T2, p) // W=UV\n let T4 := mulmod(3, mulmod(addmod(X, sub(p, zz), p), addmod(X, zz, p), p), p) //M=3*(X1-ZZ1)*(X1+ZZ1)\n zzz := mulmod(T1, zzz, p) //zzz3=W*zzz1\n zz := mulmod(T2, zz, p) //zz3=V*ZZ1, V free\n\n X := addmod(mulmod(T4, T4, p), mulmod(minus_2, T3, p), p) //X3=M^2-2S\n //T2:=mulmod(T4,addmod(T3, sub(p, X),p),p)//M(S-X3)\n T2 := mulmod(T4, addmod(X, sub(p, T3), p), p) //-M(S-X3)=M(X3-S)\n\n //Y:= addmod(T2, sub(p, mulmod(T1, Y ,p)),p )//Y3= M(S-X3)-W*Y1\n Y := addmod(mulmod(T1, Y, p), T2, p) //-Y3= W*Y1-M(S-X3), we replace Y by -Y to avoid a sub in ecAdd\n\n /* compute element to access in precomputed table */\n T4 := add(shl(13, and(shr(index, scalar_v), 1)), shl(9, and(shr(index, scalar_u), 1)))\n index := sub(index, 64)\n T4 := add(T4, add(shl(12, and(shr(index, scalar_v), 1)), shl(8, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(11, and(shr(index, scalar_v), 1)), shl(7, and(shr(index, scalar_u), 1))))\n index := sub(index, 64)\n T4 := add(T4, add(shl(10, and(shr(index, scalar_v), 1)), shl(6, and(shr(index, scalar_u), 1))))\n //index:=add(index,192), restore index, interleaved with loop\n\n //tbd: check validity of formulae with (0,1) to remove conditional jump\n if iszero(T4) {\n Y := sub(p, Y)\n\n continue\n }\n {\n /* Access to precomputed table using extcodecopy hack */\n codecopy(T, add(T4, dataPointer), 64)\n\n // inlined EcZZ_AddN\n\n let y2 := addmod(mulmod(mload(add(T, 32)), zzz, p), Y, p)\n T2 := addmod(mulmod(mload(T), zz, p), sub(p, X), p)\n T4 := mulmod(T2, T2, p)\n T1 := mulmod(T4, T2, p)\n T2 := mulmod(zz, T4, p) // W=UV\n zzz := mulmod(zzz, T1, p) //zz3=V*ZZ1\n let zz1 := mulmod(X, T4, p)\n T4 := addmod(addmod(mulmod(y2, y2, p), sub(p, T1), p), mulmod(minus_2, zz1, p), p)\n Y := addmod(mulmod(addmod(zz1, sub(p, T4), p), y2, p), mulmod(Y, T1, p), p)\n zz := T2\n X := T4\n }\n } //end loop\n mstore(add(T, 0x60), zz)\n\n //(X,Y)=ecZZ_SetAff(X,Y,zz, zzz);\n //T[0] = inverseModp_Hard(T[0], p); //1/zzz, inline modular inversion using precompile:\n // Define length of base, exponent and modulus. 0x20 == 32 bytes\n mstore(T, 0x20)\n mstore(add(T, 0x20), 0x20)\n mstore(add(T, 0x40), 0x20)\n // Define variables base, exponent and modulus\n //mstore(add(pointer, 0x60), u)\n mstore(add(T, 0x80), minus_2)\n mstore(add(T, 0xa0), p)\n\n // Call the precompiled contract 0x05 = ModExp\n if iszero(staticcall(not(0), 0x05, T, 0xc0, T, 0x20)) { revert(0, 0) }\n\n zz := mload(T)\n X := mulmod(X, zz, p) //X/zz\n }\n } //end unchecked\n }\n\n /**\n * @dev ECDSA verification, given , signature, and public key.\n */\n function ecdsa_verify(bytes32 message, uint256[2] calldata rs, uint256[2] calldata Q) internal view returns (bool) {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n uint256 Q0 = Q[0];\n uint256 Q1 = Q[1];\n if (!ecAff_isOnCurve(Q0, Q1)) {\n return false;\n }\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 scalar_u = mulmod(uint256(message), sInv, n);\n uint256 scalar_v = mulmod(r, sInv, n);\n uint256 x1;\n\n x1 = ecZZ_mulmuladd_S_asm(Q0, Q1, scalar_u, scalar_v);\n\n assembly {\n x1 := addmod(x1, sub(n, r), n)\n }\n //return true;\n return x1 == 0;\n }\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q stored in contract at address Shamir8\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_verify(bytes32 message, uint256[2] calldata rs, address Shamir8)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_extcode(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), Shamir8);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n /**\n * @dev ECDSA verification using a precomputed table of multiples of P and Q appended at end of contract at address endcontract\n * generation of contract bytecode for precomputations is done using sagemath code\n * (see sage directory, WebAuthn_precompute.sage)\n */\n\n function ecdsa_precomputed_hackmem(bytes32 message, uint256[2] calldata rs, uint256 endcontract)\n internal view\n returns (bool)\n {\n uint256 r = rs[0];\n uint256 s = rs[1];\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return false;\n }\n /* Q is pushed via bytecode assumed to be correct\n if (!isOnCurve(Q[0], Q[1])) {\n return false;\n }*/\n\n uint256 sInv = FCL_nModInv(s);\n uint256 X;\n\n //Shamir 8 dimensions\n X = ecZZ_mulmuladd_S8_hackmem(mulmod(uint256(message), sInv, n), mulmod(r, sInv, n), endcontract);\n\n assembly {\n X := addmod(X, sub(n, r), n)\n }\n return X == 0;\n } //end ecdsa_precomputed_verify()\n\n function ec_recover_r1(uint256 h, uint256 v, uint256 r, uint256 s) public view returns (address)\n {\n if (r == 0 || r >= n || s == 0 || s >= n) {\n return address(0);\n }\n uint256 y=ec_Decompress(r, v-27);\n uint256 rinv=FCL_nModInv(r);\n uint256 u1=mulmod(n-addmod(0,h,n), rinv,n);//-hr^-1\n uint256 u2=mulmod(s, rinv,n);//sr^-1\n\n uint256 Qx;\n uint256 Qy;\n (Qx,Qy)=ecZZ_mulmuladd(r,y, u1, u2);\n\n return address(uint160(uint256(keccak256(abi.encodePacked(Qx, Qy)))));\n }\n\n //ecdsa signature for test purpose only (who would like to have a private key onchain anyway ?)\n //K is nonce, kpriv is private key\n function ecdsa_sign(bytes32 message, uint256 k , uint256 kpriv) public view returns(uint256 r, uint256 s)\n {\n r=ecZZ_mulmuladd_S_asm(0,0, k, 0) ;//Calculate the curve point k.G (abuse ecmulmul add with v=0)\n r=addmod(0,r, n); \n s=mulmod(FCL_nModInv(k), addmod(uint256(message), mulmod(r, kpriv, n),n),n);//s=k^-1.(h+r.kpriv)\n\n \n if(r==0||s==0){\n revert();\n }\n\n\n }\n\n} //EOF\n" + }, + "FreshCryptoLib/FCL_Webauthn.sol": { + "content": "//********************************************************************************************/\n// ___ _ ___ _ _ _ _\n// | __| _ ___ __| |_ / __|_ _ _ _ _ __| |_ ___ | | (_) |__\n// | _| '_/ -_|_-< ' \\ | (__| '_| || | '_ \\ _/ _ \\ | |__| | '_ \\\n// |_||_| \\___/__/_||_| \\___|_| \\_, | .__/\\__\\___/ |____|_|_.__/\n///* Copyright (C) 2022 - Renaud Dubois - This file is part of FCL (Fresh CryptoLib) project\n///* License: This software is licensed under MIT License\n///* This Code may be reused including license and copyright notice.\n///* See LICENSE file at the root folder of the project.\n///* FILE: FCL_elliptic.sol\n///*\n///*\n///* DESCRIPTION: Implementation of the WebAuthn Authentication mechanism\n///* https://www.w3.org/TR/webauthn-2/#sctn-intro\n///* Original code extracted from https://github.com/btchip/Webauthn.sol\n//**************************************************************************************/\n//* WARNING: this code SHALL not be used for non prime order curves for security reasons.\n// Code is optimized for a=-3 only curves with prime order, constant like -1, -2 shall be replaced\n// if ever used for other curve than sec256R1\n// SPDX-License-Identifier: MIT\npragma solidity ^0.8.20;\n\nimport {Base64Url} from \"./utils/Base64Url.sol\";\nimport {FCL_Elliptic_ZZ} from \"./FCL_elliptic.sol\";\n\nlibrary FCL_WebAuthn {\n error InvalidAuthenticatorData();\n error InvalidClientData();\n error InvalidSignature();\n\n function WebAuthn_format(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata // rs\n ) internal pure returns (bytes32 result) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n {\n if ((authenticatorData[32] & authenticatorDataFlagMask) != authenticatorDataFlagMask) {\n revert InvalidAuthenticatorData();\n }\n // Verify that clientData commits to the expected client challenge\n // Use the Base64Url encoding which omits padding characters to match WebAuthn Specification\n string memory challengeEncoded = Base64Url.encode(abi.encodePacked(clientChallenge));\n bytes memory challengeExtracted = new bytes(\n bytes(challengeEncoded).length\n );\n\n assembly {\n calldatacopy(\n add(challengeExtracted, 32),\n add(clientData.offset, clientChallengeDataOffset),\n mload(challengeExtracted)\n )\n }\n\n bytes32 moreData; //=keccak256(abi.encodePacked(challengeExtracted));\n assembly {\n moreData := keccak256(add(challengeExtracted, 32), mload(challengeExtracted))\n }\n\n if (keccak256(abi.encodePacked(bytes(challengeEncoded))) != moreData) {\n revert InvalidClientData();\n }\n } //avoid stack full\n\n // Verify the signature over sha256(authenticatorData || sha256(clientData))\n bytes memory verifyData = new bytes(authenticatorData.length + 32);\n\n assembly {\n calldatacopy(add(verifyData, 32), authenticatorData.offset, authenticatorData.length)\n }\n\n bytes32 more = sha256(clientData);\n assembly {\n mstore(add(verifyData, add(authenticatorData.length, 32)), more)\n }\n\n return sha256(verifyData);\n }\n\n function checkSignature (\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256[2] calldata Q\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_verify(message, rs, Q);\n\n return result;\n }\n\n function checkSignature_prec(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n address dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_verify(message, rs, dataPointer);\n\n return result;\n }\n\n //beware that this implementation will not be compliant with EOF\n function checkSignature_hackmem(\n bytes calldata authenticatorData,\n bytes1 authenticatorDataFlagMask,\n bytes calldata clientData,\n bytes32 clientChallenge,\n uint256 clientChallengeDataOffset,\n uint256[2] calldata rs,\n uint256 dataPointer\n ) internal view returns (bool) {\n // Let the caller check if User Presence (0x01) or User Verification (0x04) are set\n\n bytes32 message = FCL_WebAuthn.WebAuthn_format(\n authenticatorData, authenticatorDataFlagMask, clientData, clientChallenge, clientChallengeDataOffset, rs\n );\n\n bool result = FCL_Elliptic_ZZ.ecdsa_precomputed_hackmem(message, rs, dataPointer);\n\n return result;\n }\n}\n" + }, + "FreshCryptoLib/utils/Base64Url.sol": { + "content": "// SPDX-License-Identifier: Apache-2.0\npragma solidity ^0.8.0;\n\n/**\n * @dev Encode (without '=' padding) \n * @author evmbrahmin, adapted from hiromin's Base64URL libraries\n */\nlibrary Base64Url {\n /**\n * @dev Base64Url Encoding Table\n */\n string internal constant ENCODING_TABLE =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\";\n\n function encode(bytes memory data) internal pure returns (string memory) {\n if (data.length == 0) return \"\";\n\n // Load the table into memory\n string memory table = ENCODING_TABLE;\n\n string memory result = new string(4 * ((data.length + 2) / 3));\n\n // @solidity memory-safe-assembly\n assembly {\n let tablePtr := add(table, 1)\n let resultPtr := add(result, 32)\n\n for {\n let dataPtr := data\n let endPtr := add(data, mload(data))\n } lt(dataPtr, endPtr) {\n\n } {\n dataPtr := add(dataPtr, 3)\n let input := mload(dataPtr)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(18, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(12, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(\n resultPtr,\n mload(add(tablePtr, and(shr(6, input), 0x3F)))\n )\n resultPtr := add(resultPtr, 1)\n\n mstore8(resultPtr, mload(add(tablePtr, and(input, 0x3F))))\n resultPtr := add(resultPtr, 1)\n }\n\n // Remove the padding adjustment logic\n switch mod(mload(data), 3)\n case 1 {\n // Adjust for the last byte of data\n resultPtr := sub(resultPtr, 2)\n }\n case 2 {\n // Adjust for the last two bytes of data\n resultPtr := sub(resultPtr, 1)\n }\n \n // Set the correct length of the result string\n mstore(result, sub(resultPtr, add(result, 32)))\n }\n\n return result; \n }\n}\n" + }, + "solady/src/utils/LibClone.sol": { + "content": "// SPDX-License-Identifier: MIT\npragma solidity ^0.8.4;\n\n/// @notice Minimal proxy library.\n/// @author Solady (https://github.com/vectorized/solady/blob/main/src/utils/LibClone.sol)\n/// @author Minimal proxy by 0age (https://github.com/0age)\n/// @author Clones with immutable args by wighawag, zefram.eth, Saw-mon & Natalie\n/// (https://github.com/Saw-mon-and-Natalie/clones-with-immutable-args)\n///\n/// @dev Minimal proxy:\n/// Although the sw0nt pattern saves 5 gas over the erc-1167 pattern during runtime,\n/// it is not supported out-of-the-box on Etherscan. Hence, we choose to use the 0age pattern,\n/// which saves 4 gas over the erc-1167 pattern during runtime, and has the smallest bytecode.\n///\n/// @dev Minimal proxy (PUSH0 variant):\n/// This is a new minimal proxy that uses the PUSH0 opcode introduced during Shanghai.\n/// It is optimized first for minimal runtime gas, then for minimal bytecode.\n/// The PUSH0 clone functions are intentionally postfixed with a jarring \"_PUSH0\" as\n/// many EVM chains may not support the PUSH0 opcode in the early months after Shanghai.\n/// Please use with caution.\n///\n/// @dev Clones with immutable args (CWIA):\n/// The implementation of CWIA here implements a `receive()` method that emits the\n/// `ReceiveETH(uint256)` event. This skips the `DELEGATECALL` when there is no calldata,\n/// enabling us to accept hard gas-capped `sends` & `transfers` for maximum backwards\n/// composability. The minimal proxy implementation does not offer this feature.\nlibrary LibClone {\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CUSTOM ERRORS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Unable to deploy the clone.\n error DeploymentFailed();\n\n /// @dev The salt must start with either the zero address or the caller.\n error SaltDoesNotStartWithCaller();\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a clone of `implementation`.\n function clone(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (44 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | |\n * 3d | RETURNDATASIZE | 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | |\n * 3d | RETURNDATASIZE | 0 0 cds 0 0 0 0 | |\n * 37 | CALLDATACOPY | 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 cds 0 0 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x2a | PUSH1 0x2a | 0x2a success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create(0, 0x0c, 0x35)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation` with `salt`.\n function cloneDeterministic(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n instance := create2(0, 0x0c, 0x35, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x21, 0x5af43d3d93803e602a57fd5bf3)\n mstore(0x14, implementation)\n mstore(0x00, 0x602c3d8160093d39f33d3d3d3d363d3d37363d73)\n hash := keccak256(0x0c, 0x35)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x21, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(address implementation, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n bytes32 hash = initCodeHash(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* MINIMAL PROXY OPERATIONS (PUSH0 VARIANT) */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a PUSH0 clone of `implementation`.\n function clone_PUSH0(address implementation) internal returns (address instance) {\n /// @solidity memory-safe-assembly\n assembly {\n /**\n * --------------------------------------------------------------------------+\n * CREATION (9 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * 60 runSize | PUSH1 runSize | r | |\n * 5f | PUSH0 | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 5f | PUSH0 | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * --------------------------------------------------------------------------|\n * RUNTIME (45 bytes) |\n * --------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * --------------------------------------------------------------------------|\n * |\n * ::: keep some values in stack ::::::::::::::::::::::::::::::::::::::::::: |\n * 5f | PUSH0 | 0 | |\n * 5f | PUSH0 | 0 0 | |\n * |\n * ::: copy calldata to memory ::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | |\n * 5f | PUSH0 | 0 cds 0 0 | |\n * 5f | PUSH0 | 0 0 cds 0 0 | |\n * 37 | CALLDATACOPY | 0 0 | [0..cds): calldata |\n * |\n * ::: delegate call to the implementation contract :::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds 0 0 | [0..cds): calldata |\n * 5f | PUSH0 | 0 cds 0 0 | [0..cds): calldata |\n * 73 addr | PUSH20 addr | addr 0 cds 0 0 | [0..cds): calldata |\n * 5a | GAS | gas addr 0 cds 0 0 | [0..cds): calldata |\n * f4 | DELEGATECALL | success | [0..cds): calldata |\n * |\n * ::: copy return data to memory :::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 rds success | [0..cds): calldata |\n * 5f | PUSH0 | 0 0 rds success | [0..cds): calldata |\n * 3e | RETURNDATACOPY | success | [0..rds): returndata |\n * |\n * 60 0x29 | PUSH1 0x29 | 0x29 success | [0..rds): returndata |\n * 57 | JUMPI | | [0..rds): returndata |\n * |\n * ::: revert :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | | [0..rds): returndata |\n * 3d | RETURNDATASIZE | rds | [0..rds): returndata |\n * 5f | PUSH0 | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * --------------------------------------------------------------------------+\n */\n\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create(0, 0x0e, 0x36)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Deploys a deterministic PUSH0 clone of `implementation` with `salt`.\n function cloneDeterministic_PUSH0(address implementation, bytes32 salt)\n internal\n returns (address instance)\n {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n instance := create2(0, 0x0e, 0x36, salt)\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the initialization code hash of the PUSH0 clone of `implementation`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash_PUSH0(address implementation) internal pure returns (bytes32 hash) {\n /// @solidity memory-safe-assembly\n assembly {\n mstore(0x24, 0x5af43d5f5f3e6029573d5ffd5b3d5ff3) // 16\n mstore(0x14, implementation) // 20\n mstore(0x00, 0x602d5f8160095f39f35f5f365f5f37365f73) // 9 + 9\n hash := keccak256(0x0e, 0x36)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x24, 0)\n }\n }\n\n /// @dev Returns the address of the deterministic PUSH0 clone of `implementation`,\n /// with `salt` by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress_PUSH0(\n address implementation,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash_PUSH0(implementation);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* CLONES WITH IMMUTABLE ARGS OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Deploys a minimal proxy with `implementation`,\n /// using immutable arguments encoded in `data`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function clone(address implementation, bytes memory data) internal returns (address instance) {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n // The `creationSize` is `extraLength + 108`\n // The `runSize` is `creationSize - 10`.\n\n /**\n * ---------------------------------------------------------------------------------------------------+\n * CREATION (10 bytes) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * 61 runSize | PUSH2 runSize | r | |\n * 3d | RETURNDATASIZE | 0 r | |\n * 81 | DUP2 | r 0 r | |\n * 60 offset | PUSH1 offset | o r 0 r | |\n * 3d | RETURNDATASIZE | 0 o r 0 r | |\n * 39 | CODECOPY | 0 r | [0..runSize): runtime code |\n * f3 | RETURN | | [0..runSize): runtime code |\n * ---------------------------------------------------------------------------------------------------|\n * RUNTIME (98 bytes + extraLength) |\n * ---------------------------------------------------------------------------------------------------|\n * Opcode | Mnemonic | Stack | Memory |\n * ---------------------------------------------------------------------------------------------------|\n * |\n * ::: if no calldata, emit event & return w/o `DELEGATECALL` ::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 60 0x2c | PUSH1 0x2c | 0x2c cds | |\n * 57 | JUMPI | | |\n * 34 | CALLVALUE | cv | |\n * 3d | RETURNDATASIZE | 0 cv | |\n * 52 | MSTORE | | [0..0x20): callvalue |\n * 7f sig | PUSH32 0x9e.. | sig | [0..0x20): callvalue |\n * 59 | MSIZE | 0x20 sig | [0..0x20): callvalue |\n * 3d | RETURNDATASIZE | 0 0x20 sig | [0..0x20): callvalue |\n * a1 | LOG1 | | [0..0x20): callvalue |\n * 00 | STOP | | [0..0x20): callvalue |\n * 5b | JUMPDEST | | |\n * |\n * ::: copy calldata to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds | |\n * 3d | RETURNDATASIZE | 0 cds | |\n * 3d | RETURNDATASIZE | 0 0 cds | |\n * 37 | CALLDATACOPY | | [0..cds): calldata |\n * |\n * ::: keep some values in stack :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 | [0..cds): calldata |\n * 3d | RETURNDATASIZE | 0 0 0 0 | [0..cds): calldata |\n * 61 extra | PUSH2 extra | e 0 0 0 0 | [0..cds): calldata |\n * |\n * ::: copy extra data to memory :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 80 | DUP1 | e e 0 0 0 0 | [0..cds): calldata |\n * 60 0x62 | PUSH1 0x62 | 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 36 | CALLDATASIZE | cds 0x62 e e 0 0 0 0 | [0..cds): calldata |\n * 39 | CODECOPY | e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: delegate call to the implementation contract ::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 36 | CALLDATASIZE | cds e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 01 | ADD | cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 73 addr | PUSH20 addr | addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 5a | GAS | gas addr 0 cds+e 0 0 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * f4 | DELEGATECALL | success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * |\n * ::: copy return data to memory ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 3d | RETURNDATASIZE | rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 3d | RETURNDATASIZE | rds rds success 0 0 | [0..cds): calldata, [cds..cds+e): extraData |\n * 93 | SWAP4 | 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 80 | DUP1 | 0 0 rds success 0 rds | [0..cds): calldata, [cds..cds+e): extraData |\n * 3e | RETURNDATACOPY | success 0 rds | [0..rds): returndata |\n * |\n * 60 0x60 | PUSH1 0x60 | 0x60 success 0 rds | [0..rds): returndata |\n * 57 | JUMPI | 0 rds | [0..rds): returndata |\n * |\n * ::: revert ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * fd | REVERT | | [0..rds): returndata |\n * |\n * ::: return ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: |\n * 5b | JUMPDEST | 0 rds | [0..rds): returndata |\n * f3 | RETURN | | [0..rds): returndata |\n * ---------------------------------------------------------------------------------------------------+\n */\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create(0, sub(data, 0x4c), add(extraLength, 0x6c))\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Deploys a deterministic clone of `implementation`,\n /// using immutable arguments encoded in `data`, with `salt`.\n ///\n /// Note: This implementation of CWIA differs from the original implementation.\n /// If the calldata is empty, it will emit a `ReceiveETH(uint256)` event and skip the `DELEGATECALL`.\n function cloneDeterministic(address implementation, bytes memory data, bytes32 salt)\n internal\n returns (address instance)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n // Do a out-of-gas revert if `extraLength` is too big. 0xffff - 0x62 + 0x01 = 0xff9e.\n // The actual EVM limit may be smaller and may change over time.\n sub(data, add(0x59, lt(extraLength, 0xff9e))),\n or(shl(0x78, add(extraLength, 0x62)), 0xfd6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Create the instance.\n instance := create2(0, sub(data, 0x4c), add(extraLength, 0x6c), salt)\n\n // If `instance` is zero, revert.\n if iszero(instance) {\n // Store the function selector of `DeploymentFailed()`.\n mstore(0x00, 0x30116425)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the initialization code hash of the clone of `implementation`\n /// using immutable arguments encoded in `data`.\n /// Used for mining vanity addresses with create2crunch.\n function initCodeHash(address implementation, bytes memory data)\n internal\n pure\n returns (bytes32 hash)\n {\n assembly {\n // Compute the boundaries of the data and cache the memory slots around it.\n let mBefore3 := mload(sub(data, 0x60))\n let mBefore2 := mload(sub(data, 0x40))\n let mBefore1 := mload(sub(data, 0x20))\n let dataLength := mload(data)\n let dataEnd := add(add(data, 0x20), dataLength)\n let mAfter1 := mload(dataEnd)\n\n // Do a out-of-gas revert if `dataLength` is too big. 0xffff - 0x02 - 0x62 = 0xff9b.\n // The actual EVM limit may be smaller and may change over time.\n returndatacopy(returndatasize(), returndatasize(), gt(dataLength, 0xff9b))\n\n // +2 bytes for telling how much data there is appended to the call.\n let extraLength := add(dataLength, 2)\n\n // Write the bytecode before the data.\n mstore(data, 0x5af43d3d93803e606057fd5bf3)\n // Write the address of the implementation.\n mstore(sub(data, 0x0d), implementation)\n // Write the rest of the bytecode.\n mstore(\n sub(data, 0x21),\n or(shl(0x48, extraLength), 0x593da1005b363d3d373d3d3d3d610000806062363936013d73)\n )\n // `keccak256(\"ReceiveETH(uint256)\")`\n mstore(\n sub(data, 0x3a), 0x9e4ac34f21c619cefc926c8bd93b54bf5a39c7ab2127a895af1cc0691d7e3dff\n )\n mstore(\n sub(data, 0x5a),\n or(shl(0x78, add(extraLength, 0x62)), 0x6100003d81600a3d39f336602c57343d527f)\n )\n mstore(dataEnd, shl(0xf0, extraLength))\n\n // Compute and store the bytecode hash.\n hash := keccak256(sub(data, 0x4c), add(extraLength, 0x6c))\n\n // Restore the overwritten memory surrounding `data`.\n mstore(dataEnd, mAfter1)\n mstore(data, dataLength)\n mstore(sub(data, 0x20), mBefore1)\n mstore(sub(data, 0x40), mBefore2)\n mstore(sub(data, 0x60), mBefore3)\n }\n }\n\n /// @dev Returns the address of the deterministic clone of\n /// `implementation` using immutable arguments encoded in `data`, with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(\n address implementation,\n bytes memory data,\n bytes32 salt,\n address deployer\n ) internal pure returns (address predicted) {\n bytes32 hash = initCodeHash(implementation, data);\n predicted = predictDeterministicAddress(hash, salt, deployer);\n }\n\n /*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/\n /* OTHER OPERATIONS */\n /*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/\n\n /// @dev Returns the address when a contract with initialization code hash,\n /// `hash`, is deployed with `salt`, by `deployer`.\n /// Note: The returned result has dirty upper 96 bits. Please clean if used in assembly.\n function predictDeterministicAddress(bytes32 hash, bytes32 salt, address deployer)\n internal\n pure\n returns (address predicted)\n {\n /// @solidity memory-safe-assembly\n assembly {\n // Compute and store the bytecode hash.\n mstore8(0x00, 0xff) // Write the prefix.\n mstore(0x35, hash)\n mstore(0x01, shl(96, deployer))\n mstore(0x15, salt)\n predicted := keccak256(0x00, 0x55)\n // Restore the part of the free memory pointer that has been overwritten.\n mstore(0x35, 0)\n }\n }\n\n /// @dev Reverts if `salt` does not start with either the zero address or the caller.\n function checkStartsWithCaller(bytes32 salt) internal view {\n /// @solidity memory-safe-assembly\n assembly {\n // If the salt does not start with the zero address or the caller.\n if iszero(or(iszero(shr(96, salt)), eq(caller(), shr(96, salt)))) {\n // Store the function selector of `SaltDoesNotStartWithCaller()`.\n mstore(0x00, 0x2f634836)\n // Revert with (offset, size).\n revert(0x1c, 0x04)\n }\n }\n }\n}\n" + } + }, + "settings": { + "optimizer": { + "enabled": true, + "runs": 1000000 + }, + "evmVersion": "paris", + "outputSelection": { + "*": { + "*": [ + "abi", + "evm.bytecode", + "evm.deployedBytecode", + "evm.methodIdentifiers", + "metadata", + "devdoc", + "userdoc", + "storageLayout", + "evm.gasEstimates" + ], + "": [ + "ast" + ] + } + }, + "metadata": { + "useLiteralContent": true + } + } +} \ No newline at end of file diff --git a/hardhat.config.js b/hardhat.config.js index 66aa162..9003e1d 100644 --- a/hardhat.config.js +++ b/hardhat.config.js @@ -6,6 +6,7 @@ require("@nomiclabs/hardhat-ethers"); require("hardhat-gas-reporter"); require("hardhat-deploy"); require("@nomicfoundation/hardhat-foundry"); +require("dotenv").config(); /** @type import('hardhat/config').HardhatUserConfig */ module.exports = { @@ -133,6 +134,13 @@ module.exports = { browserURL: "https://gnosis-chiado.blockscout.com/", }, }, + { + network: "muster_testnet", + chainId: 2121337, + urls: { + apiURL: "https://muster-anytrust-explorer.alt.technology/api", + }, + }, { network: "polygon_zkevm_testnet", chainId: 1442, diff --git a/package.json b/package.json index 220a5a0..496008c 100644 --- a/package.json +++ b/package.json @@ -7,6 +7,7 @@ "@cometh/contracts-factory": "^1.1.1", "@nomicfoundation/hardhat-verify": "^1.1.1", "@openzeppelin/contracts": "^4.8.2", + "dotenv": "^16.3.1", "elliptic": "^6.5.4", "hardhat": "^2.12.7", "hex-to-array-buffer": "^2.0.0", diff --git a/yarn.lock b/yarn.lock index 8079d87..b3b4e2c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2074,6 +2074,11 @@ dns-over-http-resolver@^1.2.3: native-fetch "^3.0.0" receptacle "^1.3.2" +dotenv@^16.3.1: + version "16.3.1" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.3.1.tgz#369034de7d7e5b120972693352a3bf112172cc3e" + integrity sha512-IPzF4w4/Rd94bA9imS68tZBaYyBWSCE47V1RGuMrB94iyTOIEwRmVL2x/4An+6mETpLrKJ5hQkB8W4kFAadeIQ== + ecc-jsbn@~0.1.1: version "0.1.2" resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz#3a83a904e54353287874c564b7549386849a98c9"