Cryo Explorer Ethereum Mainnet

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { ADDRESS_REGISTRY } from "../utils/Constants.sol";
import { TimelockUpgradeableProxy } from "./TimelockUpgradeableProxy.sol";
import { Unauthorized } from "../interfaces/Errors.sol";

contract PauseAdmin {
    event ErrorPausingContract(address indexed pausableContract);

    mapping(address pendingPauser => bool isPendingPauser) public pendingPausers;
    mapping(address pauser => bool isPauser) public pausers;

    modifier onlyPauser() {
        if (!pausers[msg.sender]) revert Unauthorized(msg.sender);
        _;
    }

    modifier onlyUpgradeAdmin() {
        if (msg.sender != ADDRESS_REGISTRY.upgradeAdmin()) revert Unauthorized(msg.sender);
        _;
    }

    function acceptPauseAdmin() external onlyUpgradeAdmin {
        ADDRESS_REGISTRY.acceptPauseAdmin();
    }

    function addPendingPauser(address pauser) external onlyUpgradeAdmin {
        pendingPausers[pauser] = true;
    }

    function acceptPauser() external {
        require(pendingPausers[msg.sender], "Not a pending pauser");
        pausers[msg.sender] = true;
        delete pendingPausers[msg.sender];
    }

    function removePauser(address pauser) external onlyUpgradeAdmin {
        pausers[pauser] = false;
    }

    function pause(address pausableContract) external onlyPauser {
        TimelockUpgradeableProxy(payable(pausableContract)).pause();
    }

    function pauseAll() external onlyPauser {
        address[] memory pausableContracts = ADDRESS_REGISTRY.getAllPausableContracts();
        for (uint256 i = 0; i < pausableContracts.length; i++) {
            if (pausableContracts[i].code.length == 0) {
                emit ErrorPausingContract(pausableContracts[i]);
                continue;
            }

            // Skip if the contract does not pause properly for some reason
            // solhint-disable-next-line no-empty-blocks
            try TimelockUpgradeableProxy(payable(pausableContracts[i])).pause() { }
            catch {
                emit ErrorPausingContract(pausableContracts[i]);
            }
        }
    }

    function unpause(address pausableContract) external onlyUpgradeAdmin {
        TimelockUpgradeableProxy(payable(pausableContract)).unpause();
    }

    function whitelistSelectors(
        address pausableContract,
        bytes4[] calldata selectors,
        bool isWhitelisted
    )
        external
        onlyUpgradeAdmin
    {
        TimelockUpgradeableProxy(payable(pausableContract)).whitelistSelectors(selectors, isWhitelisted);
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { WETH9 } from "../interfaces/IWETH.sol";
import { AddressRegistry } from "../proxy/AddressRegistry.sol";

address constant ETH_ADDRESS = address(0);
address constant ALT_ETH_ADDRESS = 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE;
uint256 constant DEFAULT_PRECISION = 1e18;
uint256 constant DEFAULT_DECIMALS = 18;
uint256 constant SHARE_PRECISION = 1e24;
uint256 constant VIRTUAL_SHARES = 1e6;

uint256 constant COOLDOWN_PERIOD = 5 minutes;
uint256 constant YEAR = 365 days;

// Will move these to a deployment file when we go to multiple chains
uint256 constant CHAIN_ID_MAINNET = 1;
WETH9 constant WETH = WETH9(0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2);
AddressRegistry constant ADDRESS_REGISTRY = AddressRegistry(0xe335d314BD4eF7DD44F103dC124FEFb7Ce63eC95);

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { ERC1967Proxy } from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Proxy.sol";
import { ERC1967Utils } from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Utils.sol";
import { Unauthorized, InvalidUpgrade, Paused } from "../interfaces/Errors.sol";
import { ADDRESS_REGISTRY } from "../utils/Constants.sol";

/// @notice A proxy that allows for a timelocked upgrade and selective pausing of the implementation
/// @dev All storage slots are offset to avoid conflicts with the implementation
contract TimelockUpgradeableProxy layout at (2 ** 128) is ERC1967Proxy {
    event UpgradeInitiated(address indexed newImplementation, uint32 upgradeValidAt);
    event UpgradeExecuted(address indexed newImplementation);
    event ProxyPaused();
    event ProxyUnpaused();
    event WhitelistedSelectors(bytes4[] indexed selectors, bool isWhitelisted);

    uint32 public constant UPGRADE_DELAY = 7 days;

    /// @notice Mapping of selector to whether it is whitelisted during a paused state
    mapping(bytes4 selector => bool isWhitelisted) public whitelistedSelectors;

    /// @notice The address of the new implementation
    address public newImplementation;

    /// @notice The timestamp at which the upgrade will be valid
    uint32 public upgradeValidAt;

    /// @notice Whether the proxy is paused
    bool public isPaused;

    constructor(address _logic, bytes memory _data) ERC1967Proxy(_logic, _data) { }

    receive() external payable {
        // Allow ETH transfers to succeed
    }

    /// @notice Initiates an upgrade and sets the upgrade delay.
    /// @param _newImplementation The address of the new implementation.
    function initiateUpgrade(address _newImplementation) external {
        if (msg.sender != ADDRESS_REGISTRY.upgradeAdmin()) revert Unauthorized(msg.sender);
        newImplementation = _newImplementation;
        if (_newImplementation == address(0)) {
            // Setting the new implementation to the zero address will cancel
            // any pending upgrade.
            upgradeValidAt = 0;
        } else {
            upgradeValidAt = uint32(block.timestamp) + UPGRADE_DELAY;
        }
        emit UpgradeInitiated(_newImplementation, upgradeValidAt);
    }

    /// @notice Executes an upgrade, only the upgradeAdmin can execute this to allow for a post upgrade function call.
    function executeUpgrade(bytes calldata data) external {
        if (msg.sender != ADDRESS_REGISTRY.upgradeAdmin()) revert Unauthorized(msg.sender);
        if (block.timestamp < upgradeValidAt) revert InvalidUpgrade();
        if (newImplementation == address(0)) revert InvalidUpgrade();
        ERC1967Utils.upgradeToAndCall(newImplementation, data);
        emit UpgradeExecuted(newImplementation);

        delete newImplementation;
        delete upgradeValidAt;
    }

    function pause() external {
        if (msg.sender != ADDRESS_REGISTRY.pauseAdmin()) revert Unauthorized(msg.sender);
        isPaused = true;
        emit ProxyPaused();
    }

    function unpause() external {
        if (msg.sender != ADDRESS_REGISTRY.upgradeAdmin()) revert Unauthorized(msg.sender);
        isPaused = false;
        emit ProxyUnpaused();
    }

    /// @dev Allows the pause admin to whitelist selectors that can be called even if the proxy is paused, this
    /// is useful for allowing vaults to continue to exit funds but not initiate new entries, for example.
    function whitelistSelectors(bytes4[] calldata selectors, bool isWhitelisted) external {
        if (msg.sender != ADDRESS_REGISTRY.pauseAdmin()) revert Unauthorized(msg.sender);
        for (uint256 i; i < selectors.length; i++) {
            whitelistedSelectors[selectors[i]] = isWhitelisted;
        }
        emit WhitelistedSelectors(selectors, isWhitelisted);
    }

    function getImplementation() external view returns (address) {
        return _implementation();
    }

    function _fallback() internal override {
        // Allows some whitelisted selectors to be called even if the proxy is paused
        if (isPaused && whitelistedSelectors[msg.sig] == false) revert Paused();
        super._fallback();
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.28;

error NotAuthorized(address operator, address user);
error Unauthorized(address caller);
error UnauthorizedLendingMarketTransfer(address from, address to, uint256 value);
error InsufficientYieldTokenBalance();
error InsufficientAssetsForRepayment(uint256 assetsToRepay, uint256 assetsWithdrawn);
error CannotLiquidate(uint256 maxLiquidateShares, uint256 seizedAssets);
error CannotLiquidateZeroShares();
error Paused();
error CannotExitPositionWithinCooldownPeriod();
error CannotTokenizeWithdrawRequest();
error CurrentAccountAlreadySet();
error InvalidVault(address vault);

error WithdrawRequestNotFinalized(uint256 requestId);
error CannotInitiateWithdraw(address account);
error CannotForceWithdraw(address account);
error InsufficientSharesHeld();
error SlippageTooHigh(uint256 actualTokensOut, uint256 minTokensOut);

error CannotEnterPosition();
error NoExistingPosition();
error LiquidatorHasPosition();
error InvalidUpgrade();
error InvalidInitialization();
error InvalidLendingRouter();

error ExistingWithdrawRequest(address vault, address account, uint256 requestId);
error NoWithdrawRequest(address vault, address account);
error InvalidWithdrawRequestTokenization();

error InvalidPrice(uint256 oraclePrice, uint256 spotPrice);
error PoolShareTooHigh(uint256 poolClaim, uint256 maxSupplyThreshold);
error AssetRemaining(uint256 assetRemaining);

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { IERC20 } from "@openzeppelin/contracts/token/ERC20/IERC20.sol";

interface WETH9 is IERC20 {
    function deposit() external payable;
    function withdraw(uint256 wad) external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { Unauthorized, CannotEnterPosition, InvalidVault } from "../interfaces/Errors.sol";
import { IWithdrawRequestManager } from "../interfaces/IWithdrawRequestManager.sol";
import { VaultPosition } from "../interfaces/ILendingRouter.sol";
import { Initializable } from "./Initializable.sol";

/// @notice Registry for the addresses for different components of the protocol.
contract AddressRegistry is Initializable {
    event PendingUpgradeAdminSet(address indexed newPendingUpgradeAdmin);
    event UpgradeAdminTransferred(address indexed newUpgradeAdmin);
    event PendingPauseAdminSet(address indexed newPendingPauseAdmin);
    event PauseAdminTransferred(address indexed newPauseAdmin);
    event FeeReceiverTransferred(address indexed newFeeReceiver);
    event WithdrawRequestManagerSet(address indexed yieldToken, address indexed withdrawRequestManager);
    event LendingRouterSet(address indexed lendingRouter);
    event AccountPositionCreated(address indexed account, address indexed vault, address indexed lendingRouter);
    event AccountPositionCleared(address indexed account, address indexed vault, address indexed lendingRouter);
    event WhitelistedVault(address indexed vault, bool isWhitelisted);
    event PausableContractAdded(address indexed pausableContract);
    event PausableContractsRemoved(address indexed removedContracts);

    /// @notice Address of the admin that is allowed to:
    /// - Upgrade TimelockUpgradeableProxy contracts given a 7 day timelock
    /// - Transfer the upgrade admin role
    /// - Set the pause admin
    /// - Set the fee receiver
    /// - Add reward tokens to the RewardManager
    /// - Set the WithdrawRequestManager for a yield token
    /// - Whitelist vaults for the WithdrawRequestManager
    /// - Whitelist new lending routers
    address public upgradeAdmin;
    address public pendingUpgradeAdmin;

    /// @notice Address of the admin that is allowed to selectively pause or unpause
    /// TimelockUpgradeableProxy contracts
    address public pauseAdmin;
    address public pendingPauseAdmin;

    /// @notice Address of the account that receives the protocol fees
    address public feeReceiver;

    /// @notice Mapping of yield token to WithdrawRequestManager
    mapping(address token => address withdrawRequestManager) public withdrawRequestManagers;

    /// @notice Mapping of lending router to boolean indicating if it is whitelisted
    mapping(address lendingRouter => bool isLendingRouter) public lendingRouters;

    /// @notice Mapping to whitelisted vaults
    mapping(address vault => bool isWhitelisted) public whitelistedVaults;

    /// @notice Mapping of accounts to their existing position on a given vault
    mapping(address account => mapping(address vault => VaultPosition)) internal accountPositions;

    /// @notice List of pausable contracts, used for automated threat detection
    address[] public pausableContracts;

    function _initialize(bytes calldata data) internal override {
        (address _upgradeAdmin, address _pauseAdmin, address _feeReceiver) =
            abi.decode(data, (address, address, address));
        upgradeAdmin = _upgradeAdmin;
        pauseAdmin = _pauseAdmin;
        feeReceiver = _feeReceiver;
    }

    modifier onlyUpgradeAdmin() {
        if (msg.sender != upgradeAdmin) revert Unauthorized(msg.sender);
        _;
    }

    function transferUpgradeAdmin(address _newUpgradeAdmin) external onlyUpgradeAdmin {
        pendingUpgradeAdmin = _newUpgradeAdmin;
        emit PendingUpgradeAdminSet(_newUpgradeAdmin);
    }

    function acceptUpgradeOwnership() external {
        if (msg.sender != pendingUpgradeAdmin) revert Unauthorized(msg.sender);
        upgradeAdmin = pendingUpgradeAdmin;
        delete pendingUpgradeAdmin;
        emit UpgradeAdminTransferred(upgradeAdmin);
    }

    function transferPauseAdmin(address _newPauseAdmin) external onlyUpgradeAdmin {
        pendingPauseAdmin = _newPauseAdmin;
        emit PendingPauseAdminSet(_newPauseAdmin);
    }

    function acceptPauseAdmin() external {
        if (msg.sender != pendingPauseAdmin) revert Unauthorized(msg.sender);
        pauseAdmin = pendingPauseAdmin;
        delete pendingPauseAdmin;
        emit PauseAdminTransferred(pauseAdmin);
    }

    function transferFeeReceiver(address _newFeeReceiver) external onlyUpgradeAdmin {
        feeReceiver = _newFeeReceiver;
        emit FeeReceiverTransferred(_newFeeReceiver);
    }

    function setWithdrawRequestManager(address withdrawRequestManager) external onlyUpgradeAdmin {
        address yieldToken = IWithdrawRequestManager(withdrawRequestManager).YIELD_TOKEN();
        // Prevent accidental override of a withdraw request manager, this is dangerous
        // as it could lead to withdraw requests being stranded on the deprecated withdraw
        // request manager. Managers can be upgraded using a TimelockUpgradeableProxy.
        require(withdrawRequestManagers[yieldToken] == address(0), "Withdraw request manager already set");

        withdrawRequestManagers[yieldToken] = withdrawRequestManager;
        emit WithdrawRequestManagerSet(yieldToken, withdrawRequestManager);
        _addPausableContract(withdrawRequestManager);
    }

    function setWhitelistedVault(address vault, bool isWhitelisted) external onlyUpgradeAdmin {
        whitelistedVaults[vault] = isWhitelisted;
        emit WhitelistedVault(vault, isWhitelisted);
        _addPausableContract(vault);
    }

    function getWithdrawRequestManager(address yieldToken) external view returns (IWithdrawRequestManager) {
        return IWithdrawRequestManager(withdrawRequestManagers[yieldToken]);
    }

    function setLendingRouter(address lendingRouter) external onlyUpgradeAdmin {
        lendingRouters[lendingRouter] = true;
        emit LendingRouterSet(lendingRouter);
        _addPausableContract(lendingRouter);
    }

    function isLendingRouter(address lendingRouter) external view returns (bool) {
        return lendingRouters[lendingRouter];
    }

    function getVaultPosition(address account, address vault) external view returns (VaultPosition memory) {
        return accountPositions[account][vault];
    }

    function setPosition(address account, address vault) external {
        // Must only be called by a lending router
        if (!lendingRouters[msg.sender]) revert Unauthorized(msg.sender);
        VaultPosition storage position = accountPositions[account][vault];

        if (position.lendingRouter == address(0)) position.lendingRouter = msg.sender;
        else if (position.lendingRouter != msg.sender) revert CannotEnterPosition();

        // Lending routers may be used to enter positions on any vault, including a malicious vault
        // so this ensures that only whitelisted vaults can be used to enter positions
        if (!whitelistedVaults[vault]) revert InvalidVault(vault);

        position.lastEntryTime = uint32(block.timestamp);
        emit AccountPositionCreated(account, vault, msg.sender);
    }

    function clearPosition(address account, address vault) external {
        // Must only be called by a lending router
        if (!lendingRouters[msg.sender]) revert Unauthorized(msg.sender);

        delete accountPositions[account][vault];
        emit AccountPositionCleared(account, vault, msg.sender);
    }

    function emitAccountNativePosition(address account, bool isCleared) external {
        // Can only be called by a whitelisted vault
        require(whitelistedVaults[msg.sender]);
        if (isCleared) emit AccountPositionCleared(account, msg.sender, address(0));
        else emit AccountPositionCreated(account, msg.sender, address(0));
    }

    function addPausableContract(address pausableContract) external onlyUpgradeAdmin {
        _addPausableContract(pausableContract);
    }

    function _addPausableContract(address pausableContract) internal {
        pausableContracts.push(pausableContract);
        emit PausableContractAdded(pausableContract);
    }

    function removePausableContract(uint256[] calldata indexes) external onlyUpgradeAdmin {
        for (uint256 i = 0; i < indexes.length; i++) {
            address removedContract = pausableContracts[indexes[i]];
            pausableContracts[indexes[i]] = pausableContracts[pausableContracts.length - 1];
            pausableContracts.pop();
            emit PausableContractsRemoved(removedContract);
        }
    }

    function getAllPausableContracts() external view returns (address[] memory) {
        return pausableContracts;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.2.0) (proxy/ERC1967/ERC1967Proxy.sol)

pragma solidity ^0.8.22;

import {Proxy} from "../Proxy.sol";
import {ERC1967Utils} from "./ERC1967Utils.sol";

/**
 * @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
 * implementation address that can be changed. This address is stored in storage in the location specified by
 * https://eips.ethereum.org/EIPS/eip-1967[ERC-1967], so that it doesn't conflict with the storage layout of the
 * implementation behind the proxy.
 */
contract ERC1967Proxy is Proxy {
    /**
     * @dev Initializes the upgradeable proxy with an initial implementation specified by `implementation`.
     *
     * If `_data` is nonempty, it's used as data in a delegate call to `implementation`. This will typically be an
     * encoded function call, and allows initializing the storage of the proxy like a Solidity constructor.
     *
     * Requirements:
     *
     * - If `data` is empty, `msg.value` must be zero.
     */
    constructor(address implementation, bytes memory _data) payable {
        ERC1967Utils.upgradeToAndCall(implementation, _data);
    }

    /**
     * @dev Returns the current implementation address.
     *
     * TIP: To get this value clients can read directly from the storage slot shown below (specified by ERC-1967) using
     * the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
     * `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
     */
    function _implementation() internal view virtual override returns (address) {
        return ERC1967Utils.getImplementation();
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.2.0) (proxy/ERC1967/ERC1967Utils.sol)

pragma solidity ^0.8.22;

import {IBeacon} from "../beacon/IBeacon.sol";
import {IERC1967} from "../../interfaces/IERC1967.sol";
import {Address} from "../../utils/Address.sol";
import {StorageSlot} from "../../utils/StorageSlot.sol";

/**
 * @dev This library provides getters and event emitting update functions for
 * https://eips.ethereum.org/EIPS/eip-1967[ERC-1967] slots.
 */
library ERC1967Utils {
    /**
     * @dev Storage slot with the address of the current implementation.
     * This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1.
     */
    // solhint-disable-next-line private-vars-leading-underscore
    bytes32 internal constant IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;

    /**
     * @dev The `implementation` of the proxy is invalid.
     */
    error ERC1967InvalidImplementation(address implementation);

    /**
     * @dev The `admin` of the proxy is invalid.
     */
    error ERC1967InvalidAdmin(address admin);

    /**
     * @dev The `beacon` of the proxy is invalid.
     */
    error ERC1967InvalidBeacon(address beacon);

    /**
     * @dev An upgrade function sees `msg.value > 0` that may be lost.
     */
    error ERC1967NonPayable();

    /**
     * @dev Returns the current implementation address.
     */
    function getImplementation() internal view returns (address) {
        return StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value;
    }

    /**
     * @dev Stores a new address in the ERC-1967 implementation slot.
     */
    function _setImplementation(address newImplementation) private {
        if (newImplementation.code.length == 0) {
            revert ERC1967InvalidImplementation(newImplementation);
        }
        StorageSlot.getAddressSlot(IMPLEMENTATION_SLOT).value = newImplementation;
    }

    /**
     * @dev Performs implementation upgrade with additional setup call if data is nonempty.
     * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
     * to avoid stuck value in the contract.
     *
     * Emits an {IERC1967-Upgraded} event.
     */
    function upgradeToAndCall(address newImplementation, bytes memory data) internal {
        _setImplementation(newImplementation);
        emit IERC1967.Upgraded(newImplementation);

        if (data.length > 0) {
            Address.functionDelegateCall(newImplementation, data);
        } else {
            _checkNonPayable();
        }
    }

    /**
     * @dev Storage slot with the admin of the contract.
     * This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1.
     */
    // solhint-disable-next-line private-vars-leading-underscore
    bytes32 internal constant ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;

    /**
     * @dev Returns the current admin.
     *
     * TIP: To get this value clients can read directly from the storage slot shown below (specified by ERC-1967) using
     * the https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
     * `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
     */
    function getAdmin() internal view returns (address) {
        return StorageSlot.getAddressSlot(ADMIN_SLOT).value;
    }

    /**
     * @dev Stores a new address in the ERC-1967 admin slot.
     */
    function _setAdmin(address newAdmin) private {
        if (newAdmin == address(0)) {
            revert ERC1967InvalidAdmin(address(0));
        }
        StorageSlot.getAddressSlot(ADMIN_SLOT).value = newAdmin;
    }

    /**
     * @dev Changes the admin of the proxy.
     *
     * Emits an {IERC1967-AdminChanged} event.
     */
    function changeAdmin(address newAdmin) internal {
        emit IERC1967.AdminChanged(getAdmin(), newAdmin);
        _setAdmin(newAdmin);
    }

    /**
     * @dev The storage slot of the UpgradeableBeacon contract which defines the implementation for this proxy.
     * This is the keccak-256 hash of "eip1967.proxy.beacon" subtracted by 1.
     */
    // solhint-disable-next-line private-vars-leading-underscore
    bytes32 internal constant BEACON_SLOT = 0xa3f0ad74e5423aebfd80d3ef4346578335a9a72aeaee59ff6cb3582b35133d50;

    /**
     * @dev Returns the current beacon.
     */
    function getBeacon() internal view returns (address) {
        return StorageSlot.getAddressSlot(BEACON_SLOT).value;
    }

    /**
     * @dev Stores a new beacon in the ERC-1967 beacon slot.
     */
    function _setBeacon(address newBeacon) private {
        if (newBeacon.code.length == 0) {
            revert ERC1967InvalidBeacon(newBeacon);
        }

        StorageSlot.getAddressSlot(BEACON_SLOT).value = newBeacon;

        address beaconImplementation = IBeacon(newBeacon).implementation();
        if (beaconImplementation.code.length == 0) {
            revert ERC1967InvalidImplementation(beaconImplementation);
        }
    }

    /**
     * @dev Change the beacon and trigger a setup call if data is nonempty.
     * This function is payable only if the setup call is performed, otherwise `msg.value` is rejected
     * to avoid stuck value in the contract.
     *
     * Emits an {IERC1967-BeaconUpgraded} event.
     *
     * CAUTION: Invoking this function has no effect on an instance of {BeaconProxy} since v5, since
     * it uses an immutable beacon without looking at the value of the ERC-1967 beacon slot for
     * efficiency.
     */
    function upgradeBeaconToAndCall(address newBeacon, bytes memory data) internal {
        _setBeacon(newBeacon);
        emit IERC1967.BeaconUpgraded(newBeacon);

        if (data.length > 0) {
            Address.functionDelegateCall(IBeacon(newBeacon).implementation(), data);
        } else {
            _checkNonPayable();
        }
    }

    /**
     * @dev Reverts if `msg.value` is not zero. It can be used to avoid `msg.value` stuck in the contract
     * if an upgrade doesn't perform an initialization call.
     */
    function _checkNonPayable() private {
        if (msg.value > 0) {
            revert ERC1967NonPayable();
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (token/ERC20/IERC20.sol)

pragma solidity ^0.8.20;

/**
 * @dev Interface of the ERC-20 standard as defined in the ERC.
 */
interface IERC20 {
    /**
     * @dev Emitted when `value` tokens are moved from one account (`from`) to
     * another (`to`).
     *
     * Note that `value` may be zero.
     */
    event Transfer(address indexed from, address indexed to, uint256 value);

    /**
     * @dev Emitted when the allowance of a `spender` for an `owner` is set by
     * a call to {approve}. `value` is the new allowance.
     */
    event Approval(address indexed owner, address indexed spender, uint256 value);

    /**
     * @dev Returns the value of tokens in existence.
     */
    function totalSupply() external view returns (uint256);

    /**
     * @dev Returns the value of tokens owned by `account`.
     */
    function balanceOf(address account) external view returns (uint256);

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transfer(address to, uint256 value) external returns (bool);

    /**
     * @dev Returns the remaining number of tokens that `spender` will be
     * allowed to spend on behalf of `owner` through {transferFrom}. This is
     * zero by default.
     *
     * This value changes when {approve} or {transferFrom} are called.
     */
    function allowance(address owner, address spender) external view returns (uint256);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * IMPORTANT: Beware that changing an allowance with this method brings the risk
     * that someone may use both the old and the new allowance by unfortunate
     * transaction ordering. One possible solution to mitigate this race
     * condition is to first reduce the spender's allowance to 0 and set the
     * desired value afterwards:
     * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
     *
     * Emits an {Approval} event.
     */
    function approve(address spender, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the
     * allowance mechanism. `value` is then deducted from the caller's
     * allowance.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transferFrom(address from, address to, uint256 value) external returns (bool);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { TradeType } from "./ITradingModule.sol";

/// Each withdraw request manager contract is responsible for managing withdraws of a token
/// from a specific token (i.e. wstETH, weETH, sUSDe, etc). Each yield strategy can call the
/// appropriate withdraw request manager to initiate a withdraw of a given yield token.

struct StakingTradeParams {
    TradeType tradeType;
    uint256 minPurchaseAmount;
    bytes exchangeData;
    uint16 dexId;
    bytes stakeData;
}

struct WithdrawRequest {
    uint256 requestId;
    uint120 yieldTokenAmount;
    uint120 sharesAmount;
}

struct TokenizedWithdrawRequest {
    uint120 totalYieldTokenAmount;
    uint120 totalWithdraw;
    bool finalized;
}

interface IWithdrawRequestManager {
    event ApprovedVault(address indexed vault, bool indexed isApproved);
    event InitiateWithdrawRequest(
        address indexed account,
        address indexed vault,
        uint256 yieldTokenAmount,
        uint256 sharesAmount,
        uint256 requestId
    );

    event WithdrawRequestTokenized(
        address indexed from, address indexed to, address indexed vault, uint256 requestId, uint256 sharesAmount
    );

    event WithdrawRequestFinalized(
        address indexed vault, address indexed account, uint256 requestId, uint256 totalWithdraw
    );

    event WithdrawRequestRedeemed(
        address indexed vault,
        address indexed account,
        uint256 requestId,
        uint256 withdrawYieldTokenAmount,
        uint256 sharesBurned,
        bool isCleared
    );

    /// @notice Returns the token that will be the result of staking
    /// @return yieldToken the yield token of the withdraw request manager
    function YIELD_TOKEN() external view returns (address);

    /// @notice Returns the token that will be the result of the withdraw request
    /// @return withdrawToken the withdraw token of the withdraw request manager
    function WITHDRAW_TOKEN() external view returns (address);

    /// @notice Returns the token that will be used to stake
    /// @return stakingToken the staking token of the withdraw request manager
    function STAKING_TOKEN() external view returns (address);

    /// @notice Returns whether a vault is approved to initiate withdraw requests
    /// @param vault the vault to check the approval for
    /// @return isApproved whether the vault is approved
    function isApprovedVault(address vault) external view returns (bool);

    /// @notice Returns whether a vault has a pending withdraw request
    /// @param vault the vault to check the pending withdraw request for
    /// @param account the account to check the pending withdraw request for
    /// @return isPending whether the vault has a pending withdraw request
    function isPendingWithdrawRequest(address vault, address account) external view returns (bool);

    /// @notice Sets whether a vault is approved to initiate withdraw requests
    /// @param vault the vault to set the approval for
    /// @param isApproved whether the vault is approved
    function setApprovedVault(address vault, bool isApproved) external;

    /// @notice Stakes the deposit token to the yield token and transfers it back to the vault
    /// @dev Only approved vaults can stake tokens
    /// @param depositToken the token to stake, will be transferred from the vault
    /// @param amount the amount of tokens to stake
    /// @param data additional data for the stake
    function stakeTokens(
        address depositToken,
        uint256 amount,
        bytes calldata data
    )
        external
        returns (uint256 yieldTokensMinted);

    /// @notice Initiates a withdraw request
    /// @dev Only approved vaults can initiate withdraw requests
    /// @param account the account to initiate the withdraw request for
    /// @param yieldTokenAmount the amount of yield tokens to withdraw
    /// @param sharesAmount the amount of shares to withdraw, used to mark the shares to
    /// yield token ratio at the time of the withdraw request
    /// @param data additional data for the withdraw request
    /// @return requestId the request id of the withdraw request
    function initiateWithdraw(
        address account,
        uint256 yieldTokenAmount,
        uint256 sharesAmount,
        bytes calldata data,
        address forceWithdrawFrom
    )
        external
        returns (uint256 requestId);

    /// @notice Attempts to redeem active withdraw requests during vault exit
    /// @dev Will revert if the withdraw request is not finalized
    /// @param account the account to finalize and redeem the withdraw request for
    /// @param withdrawYieldTokenAmount the amount of yield tokens to withdraw
    /// @param sharesToBurn the amount of shares to burn for the yield token
    /// @return tokensWithdrawn amount of withdraw tokens redeemed from the withdraw requests
    function finalizeAndRedeemWithdrawRequest(
        address account,
        uint256 withdrawYieldTokenAmount,
        uint256 sharesToBurn
    )
        external
        returns (uint256 tokensWithdrawn);

    /// @notice Finalizes withdraw requests outside of a vault exit. This may be required in cases if an
    /// account is negligent in exiting their vault position and letting the withdraw request sit idle
    /// could result in losses. The withdraw request is finalized and stored in a tokenized withdraw request
    /// where the account has the full claim on the withdraw.
    /// @dev No access control is enforced on this function but no tokens are transferred off the request
    /// manager either.
    /// @dev Will revert if the withdraw request is not finalized
    function finalizeRequestManual(address vault, address account) external returns (uint256 tokensWithdrawn);

    /// @notice If an account has an illiquid withdraw request, this method will tokenize their
    /// claim on it during liquidation.
    /// @dev Only approved vaults can tokenize withdraw requests
    /// @param from the account that is being liquidated
    /// @param to the liquidator
    /// @param sharesAmount the amount of shares to the liquidator
    function tokenizeWithdrawRequest(address from, address to, uint256 sharesAmount) external returns (bool didTokenize);

    /// @notice Allows the emergency exit role to rescue tokens from the withdraw request manager
    /// @param cooldownHolder the cooldown holder to rescue tokens from
    /// @param token the token to rescue
    /// @param receiver the receiver of the rescued tokens
    /// @param amount the amount of tokens to rescue
    function rescueTokens(address cooldownHolder, address token, address receiver, uint256 amount) external;

    /// @notice Returns whether a withdraw request can be finalized, only used off chain
    /// to determine if a withdraw request can be finalized.
    /// @param requestId the request id of the withdraw request
    /// @return canFinalize whether the withdraw request can be finalized
    function canFinalizeWithdrawRequest(uint256 requestId) external view returns (bool);

    /// @notice Returns the withdraw request and tokenized withdraw request for an account
    /// @param vault the vault to get the withdraw request for
    /// @param account the account to get the withdraw request for
    /// @return w the withdraw request
    /// @return s the tokenized withdraw request
    function getWithdrawRequest(
        address vault,
        address account
    )
        external
        view
        returns (WithdrawRequest memory w, TokenizedWithdrawRequest memory s);

    /// @notice Returns the value of a withdraw request in terms of the asset
    /// @param vault the vault to get the withdraw request for
    /// @param account the account to get the withdraw request for
    /// @param asset the asset to get the value for
    /// @param shares the amount of shares to get the value for
    /// @return hasRequest whether the account has a withdraw request
    /// @return value the value of the withdraw request in terms of the asset
    function getWithdrawRequestValue(
        address vault,
        address account,
        address asset,
        uint256 shares
    )
        external
        view
        returns (bool hasRequest, uint256 value);

    /// @notice Returns the protocol reported exchange rate between the yield token
    /// and then withdraw token.
    /// @return exchangeRate the exchange rate of the yield token to the withdraw token
    function getExchangeRate() external view returns (uint256 exchangeRate);

    /// @notice Returns the known amount of withdraw tokens for a withdraw request
    /// @param requestId the request id of the withdraw request
    /// @return hasKnownAmount whether the amount is known
    /// @return amount the amount of withdraw tokens
    function getKnownWithdrawTokenAmount(uint256 requestId) external view returns (bool hasKnownAmount, uint256 amount);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

struct VaultPosition {
    address lendingRouter;
    uint32 lastEntryTime;
}

interface ILendingRouter {
    event ApprovalUpdated(address indexed user, address indexed operator, bool approved);

    event EnterPosition(
        address indexed user,
        address indexed vault,
        uint256 depositAssets,
        uint256 borrowShares,
        uint256 vaultSharesReceived,
        bool wasMigrated
    );

    event ExitPosition(
        address indexed user,
        address indexed vault,
        uint256 borrowSharesRepaid,
        uint256 vaultSharesBurned,
        uint256 profitsWithdrawn
    );

    event LiquidatePosition(
        address indexed liquidator,
        address indexed user,
        address indexed vault,
        uint256 borrowSharesRepaid,
        uint256 vaultSharesToLiquidator
    );

    event ForceWithdraw(address indexed account, address indexed vault, uint256 requestId);

    /**
     * @dev Returns the name of the lending router.
     *
     * @return The name of the lending router.
     */
    function name() external view returns (string memory);

    /**
     * @dev Authorizes an address to manage a user's position.
     *
     * @param operator The address to authorize.
     * @param approved The authorization status.
     */
    function setApproval(address operator, bool approved) external;

    /**
     * @dev Returns the authorization status of an address.
     *
     * @param user The address to check the authorization status of.
     * @param operator The address to check the authorization status of.
     *
     * @return The authorization status.
     */
    function isApproved(address user, address operator) external view returns (bool);

    /**
     * @dev Enters a position in the lending market.
     *
     * @param onBehalf The address of the user to enter the position on behalf of.
     * @param vault The address of the vault.
     * @param depositAssetAmount The amount of margin to deposit.
     * @param borrowAmount The amount of assets to borrow.
     * @param depositData The data to pass to the deposit function.
     */
    function enterPosition(
        address onBehalf,
        address vault,
        uint256 depositAssetAmount,
        uint256 borrowAmount,
        bytes calldata depositData
    )
        external;

    /**
     * @dev Migrates a position to the lending market.
     *
     * @param onBehalf The address of the user to migrate the position on behalf of.
     * @param vault The address of the vault.
     * @param migrateFrom The address of the lending router to migrate the position from.
     */
    function migratePosition(address onBehalf, address vault, address migrateFrom) external;

    /**
     * @dev Exits a position in the lending market. Can be called by the user or another lending router
     * to migrate a position.
     *
     * @param onBehalf The address of the user to exit the position on behalf of.
     * @param vault The address of the vault.
     * @param receiver The address of the receiver.
     * @param sharesToRedeem The amount of shares to redeem.
     * @param assetToRepay The amount of assets to repay, if set to uint256.max the full debt will be repaid.
     * @param redeemData Vault specific instructions for the exit.
     */
    function exitPosition(
        address onBehalf,
        address vault,
        address receiver,
        uint256 sharesToRedeem,
        uint256 assetToRepay,
        bytes calldata redeemData
    )
        external;

    /**
     * @dev Liquidates a position in the lending market.
     *
     * @param liquidateAccount The address of the account to liquidate.
     * @param vault The address of the vault.
     * @param seizedAssets The amount of assets to seize.
     * @param repaidShares The amount of shares to repay.
     *
     * @return sharesToLiquidator The amount of shares to liquidator.
     */
    function liquidate(
        address liquidateAccount,
        address vault,
        uint256 seizedAssets,
        uint256 repaidShares
    )
        external
        returns (uint256 sharesToLiquidator);

    /**
     * @dev Returns the health factor of a user for a given vault.
     *
     * @param borrower The address of the borrower.
     * @param vault The address of the vault.
     *
     * @return borrowed The borrowed amount.
     * @return collateralValue The collateral value.
     * @return maxBorrow The max borrow amount.
     */
    function healthFactor(
        address borrower,
        address vault
    )
        external
        returns (uint256 borrowed, uint256 collateralValue, uint256 maxBorrow);

    /**
     * @dev Returns the balance of collateral of a user for a given vault.
     *
     * @param account The address of the account.
     * @param vault The address of the vault.
     *
     * @return collateralBalance The balance of collateral.
     */
    function balanceOfCollateral(address account, address vault) external view returns (uint256 collateralBalance);

    /**
     * @dev Returns the balance of borrow shares of a user for a given vault.
     *
     * @param account The address of the account.
     * @param vault The address of the vault.
     *
     * @return borrowShares The balance of borrow shares.
     */
    function balanceOfBorrowShares(address account, address vault) external view returns (uint256 borrowShares);

    /**
     * @dev Converts borrow shares to assets. Used off chain to calculate the value of borrow shares.
     *
     * @param vault The address of the vault.
     * @param shares The amount of borrow shares to convert.
     *
     * @return assets The amount of assets the borrow shares are worth.
     */
    function convertBorrowSharesToAssets(address vault, uint256 shares) external returns (uint256 assets);

    /**
     * @dev Initiates a withdraw request for a user for a given vault.
     *
     * @param onBehalf The address of the user to initiate the withdraw on behalf of.
     * @param vault The address of the vault.
     * @param data Vault specific instructions for the withdraw.
     *
     * @return requestId The request id.
     */
    function initiateWithdraw(address onBehalf, address vault, bytes calldata data) external returns (uint256 requestId);

    /**
     * @dev Forces a withdraw for a user for a given vault, only allowed if the health factor is negative.
     *
     * @param vault The address of the vault.
     * @param account The address of the account.
     * @param data Vault specific instructions for the withdraw.
     *
     * @return requestId The request id.
     */
    function forceWithdraw(address account, address vault, bytes calldata data) external returns (uint256 requestId);

    /**
     * @dev Claims rewards for a user for a given vault.
     *
     * @param onBehalf The address of the user to claim rewards on behalf of.
     * @param vault The address of the vault.
     *
     * @return rewards The rewards.
     */
    function claimRewards(address onBehalf, address vault) external returns (uint256[] memory rewards);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity >=0.8.29;

import { InvalidInitialization } from "../interfaces/Errors.sol";

contract Initializable {
    bool private initialized;

    constructor() {
        initialized = true;
    }

    function initialize(bytes calldata data) external {
        if (initialized) revert InvalidInitialization();
        initialized = true;
        _initialize(data);
    }

    /* solhint-disable no-empty-blocks */
    function _initialize(bytes calldata data) internal virtual { }
    /* solhint-enable no-empty-blocks */
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (proxy/Proxy.sol)

pragma solidity ^0.8.20;

/**
 * @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
 * instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
 * be specified by overriding the virtual {_implementation} function.
 *
 * Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
 * different contract through the {_delegate} function.
 *
 * The success and return data of the delegated call will be returned back to the caller of the proxy.
 */
abstract contract Proxy {
    /**
     * @dev Delegates the current call to `implementation`.
     *
     * This function does not return to its internal call site, it will return directly to the external caller.
     */
    function _delegate(address implementation) internal virtual {
        assembly {
            // Copy msg.data. We take full control of memory in this inline assembly
            // block because it will not return to Solidity code. We overwrite the
            // Solidity scratch pad at memory position 0.
            calldatacopy(0, 0, calldatasize())

            // Call the implementation.
            // out and outsize are 0 because we don't know the size yet.
            let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)

            // Copy the returned data.
            returndatacopy(0, 0, returndatasize())

            switch result
            // delegatecall returns 0 on error.
            case 0 {
                revert(0, returndatasize())
            }
            default {
                return(0, returndatasize())
            }
        }
    }

    /**
     * @dev This is a virtual function that should be overridden so it returns the address to which the fallback
     * function and {_fallback} should delegate.
     */
    function _implementation() internal view virtual returns (address);

    /**
     * @dev Delegates the current call to the address returned by `_implementation()`.
     *
     * This function does not return to its internal call site, it will return directly to the external caller.
     */
    function _fallback() internal virtual {
        _delegate(_implementation());
    }

    /**
     * @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
     * function in the contract matches the call data.
     */
    fallback() external payable virtual {
        _fallback();
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol)

pragma solidity ^0.8.20;

/**
 * @dev This is the interface that {BeaconProxy} expects of its beacon.
 */
interface IBeacon {
    /**
     * @dev Must return an address that can be used as a delegate call target.
     *
     * {UpgradeableBeacon} will check that this address is a contract.
     */
    function implementation() external view returns (address);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1967.sol)

pragma solidity ^0.8.20;

/**
 * @dev ERC-1967: Proxy Storage Slots. This interface contains the events defined in the ERC.
 */
interface IERC1967 {
    /**
     * @dev Emitted when the implementation is upgraded.
     */
    event Upgraded(address indexed implementation);

    /**
     * @dev Emitted when the admin account has changed.
     */
    event AdminChanged(address previousAdmin, address newAdmin);

    /**
     * @dev Emitted when the beacon is changed.
     */
    event BeaconUpgraded(address indexed beacon);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.2.0) (utils/Address.sol)

pragma solidity ^0.8.20;

import {Errors} from "./Errors.sol";

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev There's no code at `target` (it is not a contract).
     */
    error AddressEmptyCode(address target);

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        if (address(this).balance < amount) {
            revert Errors.InsufficientBalance(address(this).balance, amount);
        }

        (bool success, bytes memory returndata) = recipient.call{value: amount}("");
        if (!success) {
            _revert(returndata);
        }
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason or custom error, it is bubbled
     * up by this function (like regular Solidity function calls). However, if
     * the call reverted with no returned reason, this function reverts with a
     * {Errors.FailedCall} error.
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
        if (address(this).balance < value) {
            revert Errors.InsufficientBalance(address(this).balance, value);
        }
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
     * was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
     * of an unsuccessful call.
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata
    ) internal view returns (bytes memory) {
        if (!success) {
            _revert(returndata);
        } else {
            // only check if target is a contract if the call was successful and the return data is empty
            // otherwise we already know that it was a contract
            if (returndata.length == 0 && target.code.length == 0) {
                revert AddressEmptyCode(target);
            }
            return returndata;
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
     * revert reason or with a default {Errors.FailedCall} error.
     */
    function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
        if (!success) {
            _revert(returndata);
        } else {
            return returndata;
        }
    }

    /**
     * @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
     */
    function _revert(bytes memory returndata) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            assembly ("memory-safe") {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert Errors.FailedCall();
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/StorageSlot.sol)
// This file was procedurally generated from scripts/generate/templates/StorageSlot.js.

pragma solidity ^0.8.20;

/**
 * @dev Library for reading and writing primitive types to specific storage slots.
 *
 * Storage slots are often used to avoid storage conflict when dealing with upgradeable contracts.
 * This library helps with reading and writing to such slots without the need for inline assembly.
 *
 * The functions in this library return Slot structs that contain a `value` member that can be used to read or write.
 *
 * Example usage to set ERC-1967 implementation slot:
 * ```solidity
 * contract ERC1967 {
 *     // Define the slot. Alternatively, use the SlotDerivation library to derive the slot.
 *     bytes32 internal constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
 *
 *     function _getImplementation() internal view returns (address) {
 *         return StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value;
 *     }
 *
 *     function _setImplementation(address newImplementation) internal {
 *         require(newImplementation.code.length > 0);
 *         StorageSlot.getAddressSlot(_IMPLEMENTATION_SLOT).value = newImplementation;
 *     }
 * }
 * ```
 *
 * TIP: Consider using this library along with {SlotDerivation}.
 */
library StorageSlot {
    struct AddressSlot {
        address value;
    }

    struct BooleanSlot {
        bool value;
    }

    struct Bytes32Slot {
        bytes32 value;
    }

    struct Uint256Slot {
        uint256 value;
    }

    struct Int256Slot {
        int256 value;
    }

    struct StringSlot {
        string value;
    }

    struct BytesSlot {
        bytes value;
    }

    /**
     * @dev Returns an `AddressSlot` with member `value` located at `slot`.
     */
    function getAddressSlot(bytes32 slot) internal pure returns (AddressSlot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns a `BooleanSlot` with member `value` located at `slot`.
     */
    function getBooleanSlot(bytes32 slot) internal pure returns (BooleanSlot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns a `Bytes32Slot` with member `value` located at `slot`.
     */
    function getBytes32Slot(bytes32 slot) internal pure returns (Bytes32Slot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns a `Uint256Slot` with member `value` located at `slot`.
     */
    function getUint256Slot(bytes32 slot) internal pure returns (Uint256Slot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns a `Int256Slot` with member `value` located at `slot`.
     */
    function getInt256Slot(bytes32 slot) internal pure returns (Int256Slot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns a `StringSlot` with member `value` located at `slot`.
     */
    function getStringSlot(bytes32 slot) internal pure returns (StringSlot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns an `StringSlot` representation of the string storage pointer `store`.
     */
    function getStringSlot(string storage store) internal pure returns (StringSlot storage r) {
        assembly ("memory-safe") {
            r.slot := store.slot
        }
    }

    /**
     * @dev Returns a `BytesSlot` with member `value` located at `slot`.
     */
    function getBytesSlot(bytes32 slot) internal pure returns (BytesSlot storage r) {
        assembly ("memory-safe") {
            r.slot := slot
        }
    }

    /**
     * @dev Returns an `BytesSlot` representation of the bytes storage pointer `store`.
     */
    function getBytesSlot(bytes storage store) internal pure returns (BytesSlot storage r) {
        assembly ("memory-safe") {
            r.slot := store.slot
        }
    }
}

// SPDX-License-Identifier: MIT
pragma solidity >=0.8.28;

import { AggregatorV2V3Interface } from "./AggregatorV2V3Interface.sol";

enum DexId {
    _UNUSED, // flag = 1,  enum = 0
    UNISWAP_V2, // flag = 2,  enum = 1
    UNISWAP_V3, // flag = 4,  enum = 2
    ZERO_EX, // flag = 8,  enum = 3
    BALANCER_V2, // flag = 16, enum = 4
    // NOTE: this id is unused in the TradingModule
    CURVE, // flag = 32, enum = 5
    NOTIONAL_VAULT, // flag = 64, enum = 6
    CURVE_V2, // flag = 128, enum = 7
    CAMELOT_V3 // flag = 256, enum = 8
}

enum TradeType {
    EXACT_IN_SINGLE, // flag = 1
    EXACT_OUT_SINGLE, // flag = 2
    EXACT_IN_BATCH, // flag = 4
    EXACT_OUT_BATCH, // flag = 8
    STAKE_TOKEN // flag = 16
}

struct UniV3SingleData {
    uint24 fee;
}

// Path is packed encoding `token, fee, token, fee, outToken`
struct UniV3BatchData {
    bytes path;
}

struct CurveV2SingleData {
    // Address of the pool to use for the swap
    address pool;
    int128 fromIndex;
    int128 toIndex;
}

struct CurveV2BatchData {
    // Array of [initial token, pool, token, pool, token, ...]
    // The array is iterated until a pool address of 0x00, then the last
    // given token is transferred to `_receiver`
    address[9] route;
    // Multidimensional array of [i, j, swap type] where i and j are the correct
    // values for the n'th pool in `_route`. The swap type should be
    // 1 for a stableswap `exchange`,
    // 2 for stableswap `exchange_underlying`,
    // 3 for a cryptoswap `exchange`,
    // 4 for a cryptoswap `exchange_underlying`,
    // 5 for factory metapools with lending base pool `exchange_underlying`,
    // 6 for factory crypto-meta pools underlying exchange (`exchange` method in zap),
    // 7-11 for wrapped coin (underlying for lending or fake pool) -> LP token "exchange" (actually `add_liquidity`),
    // 12-14 for LP token -> wrapped coin (underlying for lending pool) "exchange" (actually
    // `remove_liquidity_one_coin`)
    // 15 for WETH -> ETH "exchange" (actually deposit/withdraw)
    uint256[3][4] swapParams;
}

struct Trade {
    TradeType tradeType;
    address sellToken;
    address buyToken;
    uint256 amount;
    /// minBuyAmount or maxSellAmount
    uint256 limit;
    uint256 deadline;
    bytes exchangeData;
}

error InvalidTrade();
error DynamicTradeFailed();
error TradeFailed();

interface nProxy {
    function getImplementation() external view returns (address);
}

interface ITradingModule {
    struct TokenPermissions {
        bool allowSell;
        /// @notice allowed DEXes
        uint32 dexFlags;
        /// @notice allowed trade types
        uint32 tradeTypeFlags;
    }

    event TradeExecuted(address indexed sellToken, address indexed buyToken, uint256 sellAmount, uint256 buyAmount);

    event PriceOracleUpdated(address token, address oracle);
    event MaxOracleFreshnessUpdated(uint32 currentValue, uint32 newValue);
    event TokenPermissionsUpdated(address sender, address token, TokenPermissions permissions);

    function tokenWhitelist(
        address spender,
        address token
    )
        external
        view
        returns (bool allowSell, uint32 dexFlags, uint32 tradeTypeFlags);

    function priceOracles(address token) external view returns (AggregatorV2V3Interface oracle, uint8 rateDecimals);

    function getExecutionData(
        uint16 dexId,
        address from,
        Trade calldata trade
    )
        external
        view
        returns (address spender, address target, uint256 value, bytes memory params);

    function setMaxOracleFreshness(uint32 newMaxOracleFreshnessInSeconds) external;

    function setPriceOracle(address token, AggregatorV2V3Interface oracle) external;

    function setTokenPermissions(address sender, address token, TokenPermissions calldata permissions) external;

    function getOraclePrice(address inToken, address outToken) external view returns (int256 answer, int256 decimals);

    function executeTrade(
        uint16 dexId,
        Trade calldata trade
    )
        external
        payable
        returns (uint256 amountSold, uint256 amountBought);

    function executeTradeWithDynamicSlippage(
        uint16 dexId,
        Trade memory trade,
        uint32 dynamicSlippageLimit
    )
        external
        payable
        returns (uint256 amountSold, uint256 amountBought);

    function getLimitAmount(
        address from,
        TradeType tradeType,
        address sellToken,
        address buyToken,
        uint256 amount,
        uint32 slippageLimit
    )
        external
        view
        returns (uint256 limitAmount);

    function canExecuteTrade(address from, uint16 dexId, Trade calldata trade) external view returns (bool);
}

ITradingModule constant TRADING_MODULE = ITradingModule(0x594734c7e06C3D483466ADBCe401C6Bd269746C8);

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/Errors.sol)

pragma solidity ^0.8.20;

/**
 * @dev Collection of common custom errors used in multiple contracts
 *
 * IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
 * It is recommended to avoid relying on the error API for critical functionality.
 *
 * _Available since v5.1._
 */
library Errors {
    /**
     * @dev The ETH balance of the account is not enough to perform the operation.
     */
    error InsufficientBalance(uint256 balance, uint256 needed);

    /**
     * @dev A call to an address target failed. The target may have reverted.
     */
    error FailedCall();

    /**
     * @dev The deployment failed.
     */
    error FailedDeployment();

    /**
     * @dev A necessary precompile is missing.
     */
    error MissingPrecompile(address);
}

// SPDX-License-Identifier: MIT
pragma solidity >=0.8.28;

interface AggregatorV2V3Interface {
    function latestAnswer() external view returns (int256);
    function latestTimestamp() external view returns (uint256);
    function latestRound() external view returns (uint256);
    function getAnswer(uint256 roundId) external view returns (int256);
    function getTimestamp(uint256 roundId) external view returns (uint256);

    function decimals() external view returns (uint8);
    function description() external view returns (string memory);
    function version() external view returns (uint256);

    // getRoundData and latestRoundData should both raise "No data present"
    // if they do not have data to report, instead of returning unset values
    // which could be misinterpreted as actual reported values.
    function getRoundData(uint80 _roundId)
        external
        view
        returns (uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound);
    function latestRoundData()
        external
        view
        returns (uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound);
}