Forkchoice Ethereum Mainnet

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;

import "@openzeppelin/IERC20.sol";
import "./interfaces/IAssetRegistry.sol";

// Types.sol
//
// This file defines the types used in V2.

/// @notice Combination of contract address and sighash to be used in allowlist.
/// @dev It's packed as follows:
///      [target 160 bits] [selector 32 bits] [<empty> 64 bits]
type TargetSighash is bytes32;

/// @notice Struct encapulating an asset and an associated value.
/// @param asset Asset address.
/// @param value The associated value for this asset (e.g., amount or price).
struct AssetValue {
    IERC20 asset;
    uint256 value;
}

/// @notice Execution details for a vault operation.
/// @param target Target contract address.
/// @param value Native token amount.
/// @param data Calldata.
struct Operation {
    address target;
    uint256 value;
    bytes data;
}

/// @notice Contract address and sighash struct to be used in the public interface.
struct TargetSighashData {
    address target;
    bytes4 selector;
}

/// @notice Parameters for vault deployment.
/// @param owner Initial owner address.
/// @param assetRegistry Asset registry address.
/// @param hooks Hooks address.
/// @param guardian Guardian address.
/// @param feeRecipient Fee recipient address.
/// @param fee Fees accrued per second, denoted in 18 decimal fixed point format.
struct Parameters {
    address owner;
    address assetRegistry;
    address hooks;
    address guardian;
    address feeRecipient;
    uint256 fee;
}

/// @notice Vault parameters for vault deployment.
/// @param owner Initial owner address.
/// @param guardian Guardian address.
/// @param feeRecipient Fee recipient address.
/// @param fee Fees accrued per second, denoted in 18 decimal fixed point format.
struct VaultParameters {
    address owner;
    address guardian;
    address feeRecipient;
    uint256 fee;
}

/// @notice Asset registry parameters for asset registry deployment.
/// @param factory Asset registry factory address.
/// @param owner Initial owner address.
/// @param assets Initial list of registered assets.
/// @param numeraireToken Numeraire token address.
/// @param feeToken Fee token address.
/// @param sequencer Sequencer Uptime Feed address for L2.
struct AssetRegistryParameters {
    address factory;
    address owner;
    IAssetRegistry.AssetInformation[] assets;
    IERC20 numeraireToken;
    IERC20 feeToken;
    AggregatorV2V3Interface sequencer;
}

/// @notice Hooks parameters for hooks deployment.
/// @param factory Hooks factory address.
/// @param owner Initial owner address.
/// @param minDailyValue The fraction of value that the vault has to retain per day
///                      in the course of submissions.
/// @param targetSighashAllowlist Array of target contract and sighash combinations to allow.
struct HooksParameters {
    address factory;
    address owner;
    uint256 minDailyValue;
    TargetSighashData[] targetSighashAllowlist;
}

// SPDX-License-Identifier: MIT
// slither-disable-start dead-code
pragma solidity 0.8.21;

library Math {
    /// @dev Multiply two quantities, then divide by a third.
    ///      Copied from solmate FixedPointMathLib.
    function mulDiv(
        uint256 x,
        uint256 y,
        uint256 denominator
    ) internal pure returns (uint256 z) {
        // slither-disable-next-line assembly
        assembly {
            // Store x * y in z for now.
            z := mul(x, y)

            // Equivalent to require(denominator != 0 && (x == 0 || (x * y) / x == y))
            if iszero(
                and(
                    iszero(iszero(denominator)),
                    or(iszero(x), eq(div(z, x), y))
                )
            ) { revert(0, 0) }

            // Divide z by the denominator.
            z := div(z, denominator)
        }
    }
}
// slither-disable-end dead-code

// SPDX-License-Identifier: BUSL-1.1
// slither-disable-start unimplemented-functions
pragma solidity 0.8.21;

import "@openzeppelin/ReentrancyGuard.sol";
import "./interfaces/IExecutor.sol";
import "src/v2/Types.sol";

abstract contract Executor is IExecutor, ReentrancyGuard {
    /// FUNCTIONS ///

    /// @inheritdoc IExecutor
    function execute(Operation[] calldata operations) external nonReentrant {
        // Requirements: check operations to be executed.
        _checkOperations(operations);

        uint256 numOperations = operations.length;

        // Requirements: check that the number of operations is not zero.
        if (numOperations == 0) return;

        for (uint256 i = 0; i < numOperations;) {
            // Effects: execute operation.
            _executeOperation(operations[i]);
            unchecked {
                i++;
            } // gas savings
        }
    }

    /// INTERNAL FUNCTIONS ///

    /// @dev Execute a single operation.
    function _executeOperation(Operation calldata operation)
        internal
        virtual
    {
        // Requirements: check the operation.
        _checkOperation(operation);

        // Interactions: execute operation.
        // slither-disable-next-line calls-loop,arbitrary-send-eth
        (bool success, bytes memory result) =
            operation.target.call{value: operation.value}(operation.data);

        // Invariants: check that the operation was successful.
        // Note: if operation.target is EOA, success will always be true.
        // It is caller responsibility to check that the operation.target is a contract.
        if (!success) {
            revert AeraPeriphery__ExecutionFailed(result);
        }

        // Log that the operation was executed.
        emit Executed(msg.sender, operation);
    }

    /// @dev Authorize the execution of operations. Intended to be marked by
    ///      `onlyOwner` or similar access control modifier.
    function _checkOperations(Operation[] calldata operations)
        internal
        view
        virtual;

    /// @dev Authorize the execution of a single operation.
    function _checkOperation(Operation calldata operation)
        internal
        view
        virtual;
}
// slither-disable-end unimplemented-functions

// SPDX-License-Identifier: BUSL-1.1
// slither-disable-start dead-code,unimplemented-functions
pragma solidity 0.8.21;

import {SafeCast} from "./dependencies/openzeppelin/SafeCast.sol";
import {IAeraV2Oracle} from "./interfaces/IAeraV2Oracle.sol";
import {Math} from "./Math.sol";

abstract contract AbstractAssetOracle is IAeraV2Oracle {
    using SafeCast for *;

    /// @dev The total supply of the token.
    uint256 private constant _TOTAL_SUPPLY = 1e18;
    /// @dev Vault address.
    address internal immutable _vault;

    /// ERRORS ///

    /// @notice Thrown when the vault address is zero.
    error AeraPeriphery__VaultIsZeroAddress();
    /// @notice Thrown when a user tries to transfer tokens.
    error AeraPeriphery__TransfersAreNotAllowed();
    /// @notice Thrown when a user tries to approve.
    error AeraPeriphery__ApprovalsAreNotAllowed();
    /// @notice Thrown when the price <= 0.
    error AeraPeriphery__InvalidPrice(address priceFeed, int256 price);

    /// STORAGE ///

    /// @notice Flag to check if the token is burned.
    bool public burned;

    /// FUNCTIONS ///

    /// @notice Constructor for the AbstractAssetOracle contract.
    /// @param vault_ The address of the AeraVaultV2 contract.
    constructor(address vault_) {
        // Requirements: check the vault address is not zero.
        if (vault_ == address(0)) {
            revert AeraPeriphery__VaultIsZeroAddress();
        }
        // Effects: set the vault address.
        _vault = vault_;
    }

    /// @dev When called by the vault, this function burns
    ///      the token and makes this token unusable.
    function transfer(address, uint256) external returns (bool) {
        if (msg.sender == _vault && !burned) {
            burned = true;
            return true;
        }
        revert AeraPeriphery__TransfersAreNotAllowed();
    }

    function transferFrom(
        address,
        address,
        uint256
    ) external virtual returns (bool) {
        revert AeraPeriphery__TransfersAreNotAllowed();
    }

    function approve(address, uint256) external virtual returns (bool) {
        revert AeraPeriphery__ApprovalsAreNotAllowed();
    }

    /// @dev Returns the amount of tokens owned by `account`.
    function balanceOf(address account) external view returns (uint256) {
        // For everyone else, the balance is zero.
        if (account != _vault) return 0;

        // For the vault, the balance is the total supply, if not burned.
        return burned ? 0 : _TOTAL_SUPPLY;
    }

    /// @dev Returns the amount of tokens in existence.
    function totalSupply() external view returns (uint256) {
        return burned ? 0 : _TOTAL_SUPPLY;
    }

    /// @inheritdoc IAeraV2Oracle
    function latestRoundData()
        external
        view
        returns (
            uint80 roundId,
            int256 answer,
            uint256 startedAt,
            uint256 updatedAt,
            uint80 answeredInRound
        )
    {
        roundId = 0;
        // Note: since the amount of the token is fixed then 1 * answer = position value.
        answer = _getValue().toInt256();
        if (answer == 0) {
            answer = 1; // Avoid zero price, which would break AeraVaultAssetRegistry
        }
        startedAt = 0;
        updatedAt = block.timestamp;
        answeredInRound = 0;
    }

    /// @notice Returns the AeraVaultV2 address.
    function vault() external view virtual returns (address) {
        return _vault;
    }

    /// @notice Because this contract is oracle and ERC20 token at the same time,
    ///         this function represent decimals for oracle price and token decimals.
    /// @return decimals The number of decimals.
    function decimals() public pure returns (uint8) {
        return 18;
    }

    /// @notice Name of ERC20 token.
    function name() external pure virtual returns (string memory);

    /// @notice Symbol of ERC20 token.
    function symbol() external pure virtual returns (string memory);

    /// INTERNAL FUNCTIONS ///

    /// @dev Gets and validates the price from the price feed.
    function _getPrice(address priceFeed) internal view returns (uint256) {
        (, int256 price,,,) = IAeraV2Oracle(priceFeed).latestRoundData();

        if (price <= 0) {
            revert AeraPeriphery__InvalidPrice(priceFeed, price);
        }
        return price.toUint256();
    }

    /// @dev Returns the value of the position.
    function _getValue() internal view virtual returns (uint256);

    /// @dev Multiply two quantities, then divide by a third.
    ///      Copied from solmale FixedPointMathLib.
    function _mulDiv(
        uint256 x,
        uint256 y,
        uint256 denominator
    ) internal pure returns (uint256 z) {
        return Math.mulDiv(x, y, denominator);
    }
}
// slither-disable-end dead-code,unimplemented-functions

// SPDX-License-Identifier: BUSL-1.1
// slither-disable-start similar-names
pragma solidity 0.8.21;

import {IERC20} from "@openzeppelin/IERC20.sol";
import {Ownable} from "@openzeppelin/Ownable.sol";
import {SafeERC20} from "@openzeppelin/SafeERC20.sol";
import {AggregatorV2V3Interface} from
    "@chainlink/interfaces/AggregatorV2V3Interface.sol";
import {Operation} from "src/v2/Types.sol";
import {ILlamaPay} from "./dependencies/llamapay/ILlamaPay.sol";
import {ILlamaPayRouterOracle} from "./interfaces/ILlamaPayRouterOracle.sol";
import {Executor} from "./Executor.sol";
import {AbstractAssetOracle} from "./AbstractAssetOracle.sol";

/// @title LlamaPayRouterOracle.
/// @notice An router/oracle that calculates the value of LlamaPay streams.
///         The router/oracle can create, cancel, pause, modify, deposit and withdraw LlamaPay streams.
/// @notice Note 1: The contract does not check for LlamaPay contract duplicates in constructor.
/// @notice Note 2: All "amountPerSec" arguments should use 20 decimals.
/// @notice Note 3: In the withdrawPayer() function, "amount" argument should use 20 decimals.
/// @notice ### Audit Note: L-01 Vault Value Can Go Below Daily Lower Bound
/// @notice Since a withdrawal action by the beneficiary of a LlamaPay instance does not affect the daily
///         multiplier of a vault, the value locked within a vault over any 24-hour period can reach a lower
///         value than would be expected, given the `minDailyValue`.
///         Assume the following scenario:
///         * The vault holds `X` amount of value and has a `minDailyValue` multiplier of `0.9`.
///         * There is `Y = 0.03 * X` amount of value sitting in a LlamaPay contract managed by
///         the `LlamaPayRouterOracle` contract.
///         * The beneficiary of the LlamaPay stream withdraws `Y` value. Now there is `X - Y =
///         0.97 * X` value in the vault, but the `cumulativeDailyMultiplier` stays at `1`.
///         * The guardian submits a batch of actions which reduces the amount of value in the vault
///         by `0.09 * X`. This would put the vault at `0.88 * X` value which is below the
///         threshold of `0.9 * X`. Since the `cumulativeDailyMultiplier` did not account for
///         the withdrawal of funds from the LlamaPay stream, the calculation of the
///         `newMultiplier` in the `afterSubmit` hook results in a value greater than `0.9` and
///         therefore allows it. The exact calculation of `newMultiplier`
///         in this case is the following: `(1 * (0.88 * X)) / (0.97 * X)`,
///         which results in `~0.907 > 0.9`. Therefore, the daily multiplier check passes.
contract LlamaPayRouterOracle is
    ILlamaPayRouterOracle,
    AbstractAssetOracle,
    Executor
{
    using SafeERC20 for IERC20;

    /// CONSTANTS ///

    /// @notice The maximum number of LlamaPay contracts.
    uint256 private constant _MAX_LLAMAPAY_COUNT = 10;
    /// @notice Downscale factor from LlamaPay balance to 18 decimals.
    uint256 private constant _LLAMAPAY_DOWNSCALE_FACTOR = 1e2;
    /// @notice The number of decimals of the LlamaPay payer balance.
    uint256 private constant _LLAMAPAY_DECIMALS = 20;
    /// @notice The name of the token.
    string private constant _NAME = "LlamaPayRouterOracle";
    /// @notice The symbol of the token.
    string private constant _SYMBOL = "LPRO";

    /// IMMUTABLES ///

    /// @notice Number of LlamaPay contracts.
    uint256 public immutable llamaPayCount;

    /// @notice Decomposed list of LlamaPay contracts (one for each token).
    ILlamaPay private immutable _llamaPay0;
    ILlamaPay private immutable _llamaPay1;
    ILlamaPay private immutable _llamaPay2;
    ILlamaPay private immutable _llamaPay3;
    ILlamaPay private immutable _llamaPay4;
    ILlamaPay private immutable _llamaPay5;
    ILlamaPay private immutable _llamaPay6;
    ILlamaPay private immutable _llamaPay7;
    ILlamaPay private immutable _llamaPay8;
    ILlamaPay private immutable _llamaPay9;

    /// @notice Decomposed decimals divisor list.
    uint256 private immutable _decimalsDivisor0;
    uint256 private immutable _decimalsDivisor1;
    uint256 private immutable _decimalsDivisor2;
    uint256 private immutable _decimalsDivisor3;
    uint256 private immutable _decimalsDivisor4;
    uint256 private immutable _decimalsDivisor5;
    uint256 private immutable _decimalsDivisor6;
    uint256 private immutable _decimalsDivisor7;
    uint256 private immutable _decimalsDivisor8;
    uint256 private immutable _decimalsDivisor9;

    /// @notice Decomposed price feed list.
    address private immutable _priceFeed0;
    address private immutable _priceFeed1;
    address private immutable _priceFeed2;
    address private immutable _priceFeed3;
    address private immutable _priceFeed4;
    address private immutable _priceFeed5;
    address private immutable _priceFeed6;
    address private immutable _priceFeed7;
    address private immutable _priceFeed8;
    address private immutable _priceFeed9;

    /// @notice Decomposed LlamaPay token list.
    IERC20 private immutable _token0;
    IERC20 private immutable _token1;
    IERC20 private immutable _token2;
    IERC20 private immutable _token3;
    IERC20 private immutable _token4;
    IERC20 private immutable _token5;
    IERC20 private immutable _token6;
    IERC20 private immutable _token7;
    IERC20 private immutable _token8;
    IERC20 private immutable _token9;

    /// @notice Decomposed rescale factor list.
    uint256 private immutable _rescaleFactor0;
    uint256 private immutable _rescaleFactor1;
    uint256 private immutable _rescaleFactor2;
    uint256 private immutable _rescaleFactor3;
    uint256 private immutable _rescaleFactor4;
    uint256 private immutable _rescaleFactor5;
    uint256 private immutable _rescaleFactor6;
    uint256 private immutable _rescaleFactor7;
    uint256 private immutable _rescaleFactor8;
    uint256 private immutable _rescaleFactor9;

    /// @notice Decomposed inverted price numerator list.
    uint256 private immutable _invertedPriceNumerator0;
    uint256 private immutable _invertedPriceNumerator1;
    uint256 private immutable _invertedPriceNumerator2;
    uint256 private immutable _invertedPriceNumerator3;
    uint256 private immutable _invertedPriceNumerator4;
    uint256 private immutable _invertedPriceNumerator5;
    uint256 private immutable _invertedPriceNumerator6;
    uint256 private immutable _invertedPriceNumerator7;
    uint256 private immutable _invertedPriceNumerator8;
    uint256 private immutable _invertedPriceNumerator9;

    /// MODIFIERS ///

    /// @notice Check that the caller is the Vault owner.
    modifier onlyVaultOwner() {
        // Requirements: check that the caller is the Vault owner.
        if (msg.sender != Ownable(_vault).owner()) {
            revert AeraPeriphery__CallerIsNotVaultOwner(msg.sender);
        }
        _;
    }

    /// @notice Check that the caller is the Vault.
    modifier onlyVault() {
        // Requirements: check that the caller is the Vault.
        if (msg.sender != _vault) {
            revert AeraPeriphery__CallerIsNotVault(msg.sender);
        }
        _;
    }

    /// STORAGE ///

    /// @notice Mapping of stream end dates.
    mapping(bytes32 streamId => uint256 endDate) internal _streamEndDate;

    /// FUNCTIONS ///

    /// @notice The constructor for the LlamaPayRouterOracle. The contract does not check for LlamaPay contract duplicates.
    /// @notice It is deployer responsibility to ensure that there are no LlamaPay contract duplicates in provided llamaPayInfoList.
    constructor(
        address vault_,
        LlamaPayInfo[] memory llamaPayInfoList_
    ) AbstractAssetOracle(vault_) {
        // Effects: set llamaPay count.
        llamaPayCount = llamaPayInfoList_.length;

        // Requirements: check that the llamaPay count is not zero.
        if (llamaPayCount == 0) {
            revert AeraPeriphery__LlamaPayInfoCountIsZero();
        }

        // Requirements: check that the llamaPay count does not exceed the maximum.
        if (llamaPayCount > _MAX_LLAMAPAY_COUNT) {
            revert AeraPeriphery__LlamaPayInfoCountExceedsMax(
                _MAX_LLAMAPAY_COUNT
            );
        }

        // Effects: initialize immutable variables
        (
            _llamaPay0,
            _token0,
            _priceFeed0,
            _decimalsDivisor0,
            _invertedPriceNumerator0,
            _rescaleFactor0
        ) = _getLlamaPayInfo(llamaPayInfoList_[0]);
        if (llamaPayCount == 1) return;

        (
            _llamaPay1,
            _token1,
            _priceFeed1,
            _decimalsDivisor1,
            _invertedPriceNumerator1,
            _rescaleFactor1
        ) = _getLlamaPayInfo(llamaPayInfoList_[1]);
        if (llamaPayCount == 2) return;

        (
            _llamaPay2,
            _token2,
            _priceFeed2,
            _decimalsDivisor2,
            _invertedPriceNumerator2,
            _rescaleFactor2
        ) = _getLlamaPayInfo(llamaPayInfoList_[2]);
        if (llamaPayCount == 3) return;

        (
            _llamaPay3,
            _token3,
            _priceFeed3,
            _decimalsDivisor3,
            _invertedPriceNumerator3,
            _rescaleFactor3
        ) = _getLlamaPayInfo(llamaPayInfoList_[3]);
        if (llamaPayCount == 4) return;

        (
            _llamaPay4,
            _token4,
            _priceFeed4,
            _decimalsDivisor4,
            _invertedPriceNumerator4,
            _rescaleFactor4
        ) = _getLlamaPayInfo(llamaPayInfoList_[4]);
        if (llamaPayCount == 5) return;

        (
            _llamaPay5,
            _token5,
            _priceFeed5,
            _decimalsDivisor5,
            _invertedPriceNumerator5,
            _rescaleFactor5
        ) = _getLlamaPayInfo(llamaPayInfoList_[5]);
        if (llamaPayCount == 6) return;

        (
            _llamaPay6,
            _token6,
            _priceFeed6,
            _decimalsDivisor6,
            _invertedPriceNumerator6,
            _rescaleFactor6
        ) = _getLlamaPayInfo(llamaPayInfoList_[6]);
        if (llamaPayCount == 7) return;

        (
            _llamaPay7,
            _token7,
            _priceFeed7,
            _decimalsDivisor7,
            _invertedPriceNumerator7,
            _rescaleFactor7
        ) = _getLlamaPayInfo(llamaPayInfoList_[7]);
        if (llamaPayCount == 8) return;

        (
            _llamaPay8,
            _token8,
            _priceFeed8,
            _decimalsDivisor8,
            _invertedPriceNumerator8,
            _rescaleFactor8
        ) = _getLlamaPayInfo(llamaPayInfoList_[8]);
        if (llamaPayCount == 9) return;

        (
            _llamaPay9,
            _token9,
            _priceFeed9,
            _decimalsDivisor9,
            _invertedPriceNumerator9,
            _rescaleFactor9
        ) = _getLlamaPayInfo(llamaPayInfoList_[9]);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function createStream(
        IERC20 token,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external onlyVault {
        // Requirements: check that the duration is not zero.
        if (duration == 0) {
            revert AeraPeriphery__DurationIsZero();
        }

        // Effects: remember the end date.
        _streamEndDate[_streamId(token, to, amountPerSec)] =
            block.timestamp + duration;

        // Log that a new expiring stream was created.
        // Note: event is emitted before the interaction with LlamaPay contract to avoid reentrancy issues
        // and make slither happy.
        // https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
        emit ExpiringStreamCreated(token, to, amountPerSec, duration);

        // Interactions: create stream on LlamaPay contract.
        _getLlamaPay(token).createStream(to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function cancelStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external onlyVault {
        ILlamaPay llamaPay = _getLlamaPay(token);

        bytes32 streamId = _streamId(token, to, amountPerSec);

        // Requirements: check that the stream exists.
        if (_streamEndDate[streamId] == 0) {
            revert AeraPeriphery__StreamDoesNotExist(token, to, amountPerSec);
        }

        // Effects & Interactions: delete endDate and cancel stream on LlamaPay contract.
        _cancelStream(llamaPay, streamId, to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function pauseStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external onlyVault {
        ILlamaPay llamaPay = _getLlamaPay(token);
        bytes32 streamId = _streamId(token, to, amountPerSec);

        // Requirements: check that the stream exists.
        if (_streamEndDate[streamId] == 0) {
            revert AeraPeriphery__StreamDoesNotExist(token, to, amountPerSec);
        }

        // Interactions: pause stream on LlamaPay contract.
        llamaPay.pauseStream(to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function cancelExpiredStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external {
        ILlamaPay llamaPay = _getLlamaPay(token);
        bytes32 streamId = _streamId(token, to, amountPerSec);
        // Cache the end date to avoid SLOAD.
        uint256 streamEndDate = _streamEndDate[streamId];

        // Requirements: check that the stream exists.
        if (streamEndDate == 0) {
            revert AeraPeriphery__StreamDoesNotExist(token, to, amountPerSec);
        }

        // Requirements: check that the stream is expired.
        if (streamEndDate > block.timestamp) {
            revert AeraPeriphery__StreamNotExpired(streamEndDate);
        }

        // Effects & Interactions: delete endDate and cancel stream on LlamaPay contract.
        _cancelStream(llamaPay, streamId, to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function modifyStream(
        IERC20 token,
        address oldTo,
        uint216 oldAmountPerSec,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external onlyVault {
        ILlamaPay llamaPay = _getLlamaPay(token);

        // Requirements: check that the endDate is not in the past.
        if (duration == 0) {
            revert AeraPeriphery__DurationIsZero();
        }
        bytes32 oldStreamId = _streamId(token, oldTo, oldAmountPerSec);

        // Requirements: check that the old stream exists.
        if (_streamEndDate[oldStreamId] == 0) {
            revert AeraPeriphery__StreamDoesNotExist(
                token, oldTo, oldAmountPerSec
            );
        }

        // Effects: delete old end date.
        delete _streamEndDate[oldStreamId];

        // Effects: remember the end date.
        _streamEndDate[_streamId(token, to, amountPerSec)] =
            block.timestamp + duration;

        // Log that a new expiring stream was created.
        // Note: event is emitted before the interaction with LlamaPay contract to avoid reentrancy issues
        // and make slither happy.
        // https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
        emit ExpiringStreamCreated(token, to, amountPerSec, duration);

        // Interactions: modify the stream on LlamaPay contract.
        llamaPay.modifyStream(oldTo, oldAmountPerSec, to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function deposit(
        IERC20 token,
        uint256 amount
    ) external onlyVault nonReentrant {
        ILlamaPay llamaPay = _getLlamaPay(token);

        // Interactions: transfer the tokens from the Vault to this contract.
        // slither-disable-next-line arbitrary-send-erc20
        token.safeTransferFrom(_vault, address(this), amount);

        // Interactions: increase the allowance of the LlamaPay contract.
        token.safeIncreaseAllowance(address(llamaPay), amount);

        // Interactions: deposit the tokens to the LlamaPay contract.
        llamaPay.deposit(amount);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function depositAndCreate(
        IERC20 token,
        uint256 amountToDeposit,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external onlyVault nonReentrant {
        ILlamaPay llamaPay = _getLlamaPay(token);

        // Requirements: check that the duration is not zero.
        if (duration == 0) {
            revert AeraPeriphery__DurationIsZero();
        }

        // Effects: remember the end date.
        _streamEndDate[_streamId(token, to, amountPerSec)] =
            block.timestamp + duration;

        // Interactions: transfer the tokens from the Vault to this contract.
        // slither-disable-next-line arbitrary-send-erc20
        token.safeTransferFrom(_vault, address(this), amountToDeposit);

        // Interactions: increase the allowance of the LlamaPay contract.
        token.safeIncreaseAllowance(address(llamaPay), amountToDeposit);

        // Log that a new expiring stream was created.
        // Note: event is emitted before the interaction with LlamaPay to be consistent with the
        // createStream and modifyStream functions.
        emit ExpiringStreamCreated(token, to, amountPerSec, duration);

        // Interactions: deposit the tokens to the LlamaPay contract and create a stream.
        llamaPay.depositAndCreate(amountToDeposit, to, amountPerSec);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function withdrawPayer(IERC20 token, uint256 amount) external onlyVault {
        // Interactions: withdraw tokens from the LlamaPay contract.
        _getLlamaPay(token).withdrawPayer(amount);

        uint256 decimalsDivisor = _getDecimalsDivisor(token);

        // Interactions: transfer the tokens from this contract to the Vault.
        token.safeTransfer(_vault, amount / decimalsDivisor);
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function withdrawPayerAll(IERC20 token) external onlyVault {
        // Interactions: withdraw all tokens from the LlamaPay contract.
        _getLlamaPay(token).withdrawPayerAll();

        // Interactions: transfer the tokens from this contract to the Vault.
        token.safeTransfer(_vault, token.balanceOf(address(this)));
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function endDate(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external view returns (uint256) {
        return _streamEndDate[_streamId(token, to, amountPerSec)];
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function llamaPayInfoList()
        external
        view
        returns (LlamaPayInfo[] memory)
    {
        // Create a new array with the LlamaPayInfo.
        LlamaPayInfo[] memory result = new LlamaPayInfo[](llamaPayCount);
        // Fill the array with the LlamaPayInfo.
        result[0] = LlamaPayInfo({
            llamaPay: _llamaPay0,
            priceFeed: _priceFeed0,
            invertPrice: _invertedPriceNumerator0 > 0
        });
        if (llamaPayCount == 1) return result;

        result[1] = LlamaPayInfo({
            llamaPay: _llamaPay1,
            priceFeed: _priceFeed1,
            invertPrice: _invertedPriceNumerator1 > 0
        });
        if (llamaPayCount == 2) return result;

        result[2] = LlamaPayInfo({
            llamaPay: _llamaPay2,
            priceFeed: _priceFeed2,
            invertPrice: _invertedPriceNumerator2 > 0
        });
        if (llamaPayCount == 3) return result;

        result[3] = LlamaPayInfo({
            llamaPay: _llamaPay3,
            priceFeed: _priceFeed3,
            invertPrice: _invertedPriceNumerator3 > 0
        });
        if (llamaPayCount == 4) return result;

        result[4] = LlamaPayInfo({
            llamaPay: _llamaPay4,
            priceFeed: _priceFeed4,
            invertPrice: _invertedPriceNumerator4 > 0
        });
        if (llamaPayCount == 5) return result;

        result[5] = LlamaPayInfo({
            llamaPay: _llamaPay5,
            priceFeed: _priceFeed5,
            invertPrice: _invertedPriceNumerator5 > 0
        });
        if (llamaPayCount == 6) return result;

        result[6] = LlamaPayInfo({
            llamaPay: _llamaPay6,
            priceFeed: _priceFeed6,
            invertPrice: _invertedPriceNumerator6 > 0
        });
        if (llamaPayCount == 7) return result;

        result[7] = LlamaPayInfo({
            llamaPay: _llamaPay7,
            priceFeed: _priceFeed7,
            invertPrice: _invertedPriceNumerator7 > 0
        });
        if (llamaPayCount == 8) return result;

        result[8] = LlamaPayInfo({
            llamaPay: _llamaPay8,
            priceFeed: _priceFeed8,
            invertPrice: _invertedPriceNumerator8 > 0
        });
        if (llamaPayCount == 9) return result;

        result[9] = LlamaPayInfo({
            llamaPay: _llamaPay9,
            priceFeed: _priceFeed9,
            invertPrice: _invertedPriceNumerator9 > 0
        });
        return result;
    }

    /// @inheritdoc ILlamaPayRouterOracle
    function vault()
        external
        view
        override(ILlamaPayRouterOracle, AbstractAssetOracle)
        returns (address)
    {
        return _vault;
    }

    /// @inheritdoc AbstractAssetOracle
    function name() external pure override returns (string memory) {
        return _NAME;
    }

    /// @inheritdoc AbstractAssetOracle
    function symbol() external pure override returns (string memory) {
        return _SYMBOL;
    }

    /// INTERNAL FUNCTIONS ///

    /// @notice Delete stream end date and cancel the stream.
    function _cancelStream(
        ILlamaPay llamaPay,
        bytes32 streamId,
        address to,
        uint216 amountPerSec
    ) internal {
        // Effects: delete the end date.
        delete _streamEndDate[streamId];

        // Interactions: cancel the stream on LlamaPay contract.
        llamaPay.cancelStream(to, amountPerSec);
    }

    /// @inheritdoc AbstractAssetOracle
    function _getValue() internal view override returns (uint256 balance) {
        balance = _llamaPayBalance(
            _llamaPay0, _priceFeed0, _rescaleFactor0, _invertedPriceNumerator0
        );
        if (llamaPayCount == 1) return balance;

        balance += _llamaPayBalance(
            _llamaPay1, _priceFeed1, _rescaleFactor1, _invertedPriceNumerator1
        );
        if (llamaPayCount == 2) return balance;

        balance += _llamaPayBalance(
            _llamaPay2, _priceFeed2, _rescaleFactor2, _invertedPriceNumerator2
        );
        if (llamaPayCount == 3) return balance;

        balance += _llamaPayBalance(
            _llamaPay3, _priceFeed3, _rescaleFactor3, _invertedPriceNumerator3
        );
        if (llamaPayCount == 4) return balance;

        balance += _llamaPayBalance(
            _llamaPay4, _priceFeed4, _rescaleFactor4, _invertedPriceNumerator4
        );
        if (llamaPayCount == 5) return balance;

        balance += _llamaPayBalance(
            _llamaPay5, _priceFeed5, _rescaleFactor5, _invertedPriceNumerator5
        );
        if (llamaPayCount == 6) return balance;

        balance += _llamaPayBalance(
            _llamaPay6, _priceFeed6, _rescaleFactor6, _invertedPriceNumerator6
        );
        if (llamaPayCount == 7) return balance;

        balance += _llamaPayBalance(
            _llamaPay7, _priceFeed7, _rescaleFactor7, _invertedPriceNumerator7
        );
        if (llamaPayCount == 8) return balance;

        balance += _llamaPayBalance(
            _llamaPay8, _priceFeed8, _rescaleFactor8, _invertedPriceNumerator8
        );
        if (llamaPayCount == 9) return balance;

        balance += _llamaPayBalance(
            _llamaPay9, _priceFeed9, _rescaleFactor9, _invertedPriceNumerator9
        );
    }

    /// @notice Get the LlamaPay balance in numerator terms scaled to 18 decimals.
    function _llamaPayBalance(
        ILlamaPay llamaPay,
        address priceFeed,
        uint256 rescaleFactor,
        uint256 invertedPriceNumerator
    ) internal view returns (uint256) {
        // Get the balance of this contract from LlamaPay contract.
        // Note: balance is always 20 decimals.
        uint256 balance = llamaPay.balances(address(this));
        // If the balance is zero, return zero.
        if (balance == 0) return 0;
        // If the price feed is absent, return balance downscaled to 18 decimals.
        if (priceFeed == address(0)) {
            return balance / _LLAMAPAY_DOWNSCALE_FACTOR;
        }

        uint256 price = _getPrice(priceFeed);
        // Invert the price if necessary.
        if (invertedPriceNumerator > 0) {
            price = invertedPriceNumerator / price;
        }

        // Multiply balance by the price and rescale to 18 decimals.
        return _mulDiv(balance, price, rescaleFactor);
    }

    /// @notice Return decomposed LlamaPayInfo, rescale factor, invertedPriceNumerator, token and decimalsDivisor.
    /// @return llamaPay The LlamaPay contract.
    /// @return token LlamaPay stream token.
    /// @return priceFeed The price feed address.
    /// @return decimalsDivisor The decimals divisor. DECIMALS_DIVISOR from LlamaPay contract. Signifies the scale to scale the balance to 20 decimals.
    /// @return invertedPriceNumerator The invert price numerator.
    /// @return rescaleFactor The rescale factor.
    function _getLlamaPayInfo(LlamaPayInfo memory llamaPayInfo)
        internal
        view
        returns (
            ILlamaPay llamaPay,
            IERC20 token,
            address priceFeed,
            uint256 decimalsDivisor,
            uint256 invertedPriceNumerator,
            uint256 rescaleFactor
        )
    {
        llamaPay = llamaPayInfo.llamaPay;
        decimalsDivisor = ILlamaPay(llamaPay).DECIMALS_DIVISOR();
        priceFeed = llamaPayInfo.priceFeed;
        token = llamaPay.token();

        // Get price feed decimals
        uint8 priceFeedDecimals = (
            priceFeed == address(0)
                ? 0
                : AggregatorV2V3Interface(priceFeed).decimals()
        );

        uint256 totalDecimals = _LLAMAPAY_DECIMALS + priceFeedDecimals;
        // Since this oracle is designed to work with 18 decimals, we need to rescale the value.
        // _LLAMAPAY_DECIMALS is 20, totalDecimals will always be >= 20.
        rescaleFactor = 10 ** (totalDecimals - 18);

        // Inverted price numerator to be used in value calculation.
        invertedPriceNumerator = (
            priceFeed != address(0) && llamaPayInfo.invertPrice
                ? 100 ** priceFeedDecimals // 10 ** (priceFeedDecimals * 2)
                : 0
        );
    }

    /// @notice Returns the LlamaPay contract for a given token.
    function _getLlamaPay(IERC20 token) internal view returns (ILlamaPay) {
        if (address(token) == address(0)) {
            revert AeraPeriphery__InvalidToken(token);
        }

        // Generally we would use a mapping here, but SHA3 operation costs 30+ units of gas and
        // EQ operation costs 3 units of gas. Roughly, one SHA3 = 10 comparisons.
        // We have maximum 10 tokens, so it's cheaper (or the same in worst case) to compare them manually.
        if (token == _token0) return _llamaPay0;
        if (token == _token1) return _llamaPay1;
        if (token == _token2) return _llamaPay2;
        if (token == _token3) return _llamaPay3;
        if (token == _token4) return _llamaPay4;
        if (token == _token5) return _llamaPay5;
        if (token == _token6) return _llamaPay6;
        if (token == _token7) return _llamaPay7;
        if (token == _token8) return _llamaPay8;
        if (token == _token9) return _llamaPay9;

        revert AeraPeriphery__InvalidToken(token);
    }

    /// @notice Returns cached decimals divisor for a given token.
    function _getDecimalsDivisor(IERC20 token)
        internal
        view
        returns (uint256)
    {
        if (address(token) == address(0)) {
            revert AeraPeriphery__InvalidToken(token);
        }
        // Note: see _getLlamaPay() for explanation.
        if (token == _token0) return _decimalsDivisor0;
        if (token == _token1) return _decimalsDivisor1;
        if (token == _token2) return _decimalsDivisor2;
        if (token == _token3) return _decimalsDivisor3;
        if (token == _token4) return _decimalsDivisor4;
        if (token == _token5) return _decimalsDivisor5;
        if (token == _token6) return _decimalsDivisor6;
        if (token == _token7) return _decimalsDivisor7;
        if (token == _token8) return _decimalsDivisor8;
        if (token == _token9) return _decimalsDivisor9;

        revert AeraPeriphery__InvalidToken(token);
    }

    /// @inheritdoc Executor
    function _checkOperations(Operation[] calldata operations)
        internal
        view
        override
        onlyVaultOwner
    {}

    /// @inheritdoc Executor
    function _checkOperation(Operation calldata operation)
        internal
        view
        override
    {}

    /// @notice Returns the stream ID.
    function _streamId(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) internal pure returns (bytes32) {
        return keccak256(abi.encodePacked(token, to, amountPerSec));
    }
}
// slither-disable-end similar-names

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;

import {Operation} from "src/v2/Types.sol";

interface IExecutor {
    /// EVENTS ///

    /// @notice Emitted when operations are executed.
    event Executed(address indexed caller, Operation operation);

    /// ERRORS ///

    /// @notice Error emitted when the execution of an operation fails.
    error AeraPeriphery__ExecutionFailed(bytes result);

    /// FUNCTIONS ///

    /// @notice Execute arbitrary actions.
    /// @param operations The operations to execute.
    function execute(Operation[] calldata operations) external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;

import "@chainlink/interfaces/AggregatorV2V3Interface.sol";
import "@openzeppelin/IERC20.sol";

/// @title IAssetRegistry
/// @notice Asset registry interface.
/// @dev Any implementation MUST also implement Ownable2Step and ERC165.
interface IAssetRegistry {
    /// @param asset Asset address.
    /// @param heartbeat Frequency of oracle price updates.
    /// @param isERC4626 True if yield-bearing asset, false if just an ERC20 asset.
    /// @param oracle If applicable, oracle address for asset.
    struct AssetInformation {
        IERC20 asset;
        uint256 heartbeat;
        bool isERC4626;
        AggregatorV2V3Interface oracle;
    }

    /// @param asset Asset address.
    /// @param spotPrice Spot price of an asset in Numeraire token terms.
    struct AssetPriceReading {
        IERC20 asset;
        uint256 spotPrice;
    }

    /// @notice Get address of vault.
    /// @return vault Address of vault.
    function vault() external view returns (address vault);

    /// @notice Get a list of all registered assets.
    /// @return assets List of assets.
    /// @dev MUST return assets in an order sorted by address.
    function assets()
        external
        view
        returns (AssetInformation[] memory assets);

    /// @notice Get address of fee token.
    /// @return feeToken Address of fee token.
    /// @dev Represented as an address for efficiency reasons.
    /// @dev MUST be present in assets array.
    function feeToken() external view returns (IERC20 feeToken);

    /// @notice Get the index of the Numeraire token in the assets array.
    /// @return numeraireToken Numeraire token address.
    /// @dev Represented as an index for efficiency reasons.
    /// @dev MUST be a number between 0 (inclusive) and the length of assets array (exclusive).
    function numeraireToken() external view returns (IERC20 numeraireToken);

    /// @notice Calculate spot prices of non-ERC4626 assets.
    /// @return spotPrices Spot prices of non-ERC4626 assets in 18 decimals.
    /// @dev MUST return assets in the same order as in assets but with ERC4626 assets filtered out.
    /// @dev MUST also include Numeraire token (spot price = 1).
    /// @dev MAY revert if oracle prices for any asset are unreliable at the time.
    function spotPrices()
        external
        view
        returns (AssetPriceReading[] memory spotPrices);
}

// SPDX-License-Identifier: MIT
pragma solidity 0.8.21;

/// @title IAeraV2Oracle
/// @notice Used to calculate price of ERC20 tokens using the same interface as Chainlink.
interface IAeraV2Oracle {
    /// @notice The decimals returned from the answer in latestRoundData.
    function decimals() external view returns (uint8);

    /// @notice Returns the latest price.
    /// @return roundId Optional, doesn't apply to non-Chainlink oracles.
    /// @return answer The price.
    /// @return startedAt Optional, doesn't apply to non-Chainlink oracles.
    /// @return updatedAt The most recent timestamp the price was updated
    /// @return answeredInRound Optional, doesn't apply to non-Chainlink oracles.
    function latestRoundData()
        external
        view
        returns (
            uint80 roundId,
            int256 answer,
            uint256 startedAt,
            uint256 updatedAt,
            uint80 answeredInRound
        );
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/IERC20.sol)

pragma solidity ^0.8.0;

/**
 * @dev Interface of the ERC20 standard as defined in the EIP.
 */
interface IERC20 {
    /**
     * @dev Emitted when `value` tokens are moved from one account (`from`) to
     * another (`to`).
     *
     * Note that `value` may be zero.
     */
    event Transfer(address indexed from, address indexed to, uint256 value);

    /**
     * @dev Emitted when the allowance of a `spender` for an `owner` is set by
     * a call to {approve}. `value` is the new allowance.
     */
    event Approval(address indexed owner, address indexed spender, uint256 value);

    /**
     * @dev Returns the amount of tokens in existence.
     */
    function totalSupply() external view returns (uint256);

    /**
     * @dev Returns the amount of tokens owned by `account`.
     */
    function balanceOf(address account) external view returns (uint256);

    /**
     * @dev Moves `amount` tokens from the caller's account to `to`.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transfer(address to, uint256 amount) external returns (bool);

    /**
     * @dev Returns the remaining number of tokens that `spender` will be
     * allowed to spend on behalf of `owner` through {transferFrom}. This is
     * zero by default.
     *
     * This value changes when {approve} or {transferFrom} are called.
     */
    function allowance(address owner, address spender) external view returns (uint256);

    /**
     * @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * IMPORTANT: Beware that changing an allowance with this method brings the risk
     * that someone may use both the old and the new allowance by unfortunate
     * transaction ordering. One possible solution to mitigate this race
     * condition is to first reduce the spender's allowance to 0 and set the
     * desired value afterwards:
     * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
     *
     * Emits an {Approval} event.
     */
    function approve(address spender, uint256 amount) external returns (bool);

    /**
     * @dev Moves `amount` tokens from `from` to `to` using the
     * allowance mechanism. `amount` is then deducted from the caller's
     * allowance.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transferFrom(address from, address to, uint256 amount) external returns (bool);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Address.sol)

pragma solidity ^0.8.1;

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     *
     * Furthermore, `isContract` will also return true if the target contract within
     * the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
     * which only has an effect at the end of a transaction.
     * ====
     *
     * [IMPORTANT]
     * ====
     * You shouldn't rely on `isContract` to protect against flash loan attacks!
     *
     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
     * constructor.
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize/address.code.length, which returns 0
        // for contracts in construction, since the code is only stored at the end
        // of the constructor execution.

        return account.code.length > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.8.0/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        (bool success, ) = recipient.call{value: amount}("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value,
        string memory errorMessage
    ) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionDelegateCall(target, data, "Address: low-level delegate call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
     *
     * _Available since v4.8._
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        if (success) {
            if (returndata.length == 0) {
                // only check isContract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                require(isContract(target), "Address: call to non-contract");
            }
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
     * revert reason or using the provided one.
     *
     * _Available since v4.3._
     */
    function verifyCallResult(
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal pure returns (bytes memory) {
        if (success) {
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    function _revert(bytes memory returndata, string memory errorMessage) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            /// @solidity memory-safe-assembly
            assembly {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert(errorMessage);
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)

pragma solidity ^0.8.0;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)

pragma solidity ^0.8.0;

import "./Context.sol";

/**
 * @dev Contract module which provides a basic access control mechanism, where
 * there is an account (an owner) that can be granted exclusive access to
 * specific functions.
 *
 * By default, the owner account will be the one that deploys the contract. This
 * can later be changed with {transferOwnership}.
 *
 * This module is used through inheritance. It will make available the modifier
 * `onlyOwner`, which can be applied to your functions to restrict their use to
 * the owner.
 */
abstract contract Ownable is Context {
    address private _owner;

    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);

    /**
     * @dev Initializes the contract setting the deployer as the initial owner.
     */
    constructor() {
        _transferOwnership(_msgSender());
    }

    /**
     * @dev Throws if called by any account other than the owner.
     */
    modifier onlyOwner() {
        _checkOwner();
        _;
    }

    /**
     * @dev Returns the address of the current owner.
     */
    function owner() public view virtual returns (address) {
        return _owner;
    }

    /**
     * @dev Throws if the sender is not the owner.
     */
    function _checkOwner() internal view virtual {
        require(owner() == _msgSender(), "Ownable: caller is not the owner");
    }

    /**
     * @dev Leaves the contract without owner. It will not be possible to call
     * `onlyOwner` functions. Can only be called by the current owner.
     *
     * NOTE: Renouncing ownership will leave the contract without an owner,
     * thereby disabling any functionality that is only available to the owner.
     */
    function renounceOwnership() public virtual onlyOwner {
        _transferOwnership(address(0));
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Can only be called by the current owner.
     */
    function transferOwnership(address newOwner) public virtual onlyOwner {
        require(newOwner != address(0), "Ownable: new owner is the zero address");
        _transferOwnership(newOwner);
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Internal function without access restriction.
     */
    function _transferOwnership(address newOwner) internal virtual {
        address oldOwner = _owner;
        _owner = newOwner;
        emit OwnershipTransferred(oldOwner, newOwner);
    }
}

//SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.0;

import "@openzeppelin/IERC20.sol";

interface ILlamaPay {
    struct Payer {
        uint40 lastPayerUpdate;
        uint216 totalPaidPerSec;
    }

    // solhint-disable-next-line func-name-mixedcase
    function DECIMALS_DIVISOR() external view returns (uint256);
    function token() external view returns (IERC20);
    function balances(address) external view returns (uint256);

    function createStream(address to, uint216 amountPerSec) external;

    function withdrawable(
        address from,
        address to,
        uint216 amountPerSec
    )
        external
        view
        returns (uint256 withdrawableAmount, uint256 lastUpdate, uint256 owed);

    function withdraw(
        address from,
        address to,
        uint216 amountPerSec
    ) external;

    function cancelStream(address to, uint216 amountPerSec) external;

    function pauseStream(address to, uint216 amountPerSec) external;

    function modifyStream(
        address oldTo,
        uint216 oldAmountPerSec,
        address to,
        uint216 amountPerSec
    ) external;

    function deposit(uint256 amountToDeposit) external;

    function depositAndCreate(
        uint256 amountToDeposit,
        address to,
        uint216 amountPerSec
    ) external;

    function withdrawPayer(uint256 amount) external;

    function withdrawPayerAll() external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;

import {IERC20} from "@openzeppelin/IERC20.sol";
import {Operation} from "src/v2/Types.sol";
import {IExecutor} from "./IExecutor.sol";
import {ILlamaPayRouterOracleTypes} from "./ILlamaPayRouterOracleTypes.sol";

/// @title ILlamaPayRouterOracle.
interface ILlamaPayRouterOracle is IExecutor, ILlamaPayRouterOracleTypes {
    /// @notice Creates a LlamaPay stream and remembers the end date.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if endDate ≤ block.timestamp.
    /// @dev MUST revert if token is not part of a supported LlamaPay contract.
    /// @param token The token of the stream.
    /// @param to The address of the stream.
    /// @param amountPerSec The amount per second of the stream. Must use 20 decimals.
    /// @param duration Duration of the stream in seconds.
    function createStream(
        IERC20 token,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external;

    /// @notice Cancel a given stream. Just calls the same function on LlamaPay.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token of the stream.
    /// @param to The address of the stream.
    /// @param amountPerSec The amount per second of the stream. Must use 20 decimals.
    function cancelStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external;

    /// @notice Pause a given stream. Just calls the same function on LlamaPay.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token of the stream.
    /// @param to The address of the stream.
    /// @param amountPerSec The amount per second of the stream. Must use 20 decimals.
    function pauseStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external;

    /// @notice Cancel a given stream if block.timestamp ≥ endDate for that stream.
    /// @dev MUST revert if endDate > block.timestamp.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token of the stream.
    /// @param to The address of the stream.
    /// @param amountPerSec The amount per second of the stream. Must use 20 decimals.
    function cancelExpiredStream(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external;

    /// @notice Modifies an existing LlamaPay stream.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if endDate ≤ block.timestamp.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token of the stream.
    /// @param oldTo The address of the stream.
    /// @param oldAmountPerSec The amount per second of the stream. Must use 20 decimals.
    /// @param to The new address of the stream.
    /// @param amountPerSec The new amount per second of the stream. Must use 20 decimals.
    /// @param duration Duration of the stream in seconds.
    function modifyStream(
        IERC20 token,
        address oldTo,
        uint216 oldAmountPerSec,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external;

    /// @notice Forwards a deposit on behalf of vault.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token to deposit.
    /// @param amount The amount to deposit.
    function deposit(IERC20 token, uint256 amount) external;

    /// @notice Creates a LlamaPay stream with a deposit and remembers the end date.
    /// @dev MUST revert if not called by vault.
    /// @dev MUST revert if endDate ≤ block.timestamp.
    /// @dev MUST revert if stream doesn't exist.
    /// @param token The token to deposit.
    /// @param amountToDeposit The amount to deposit.
    /// @param to The address to send the stream to.
    /// @param amountPerSec The amount per second to send. Must use 20 decimals.
    /// @param duration Duration of the stream in seconds.
    function depositAndCreate(
        IERC20 token,
        uint256 amountToDeposit,
        address to,
        uint216 amountPerSec,
        uint256 duration
    ) external;

    /// @notice Recover money back to vault.
    /// @dev MUST revert if not called by vault.
    /// @param token The token to withdraw.
    /// @param amount The amount to withdraw. Must use 20 decimals.
    function withdrawPayer(IERC20 token, uint256 amount) external;

    /// @notice Recover all money back to vault.
    /// @dev MUST revert if not called by vault.
    /// @param token The token to withdraw.
    function withdrawPayerAll(IERC20 token) external;

    /// @notice Returns the end date of a given stream.
    /// @param token The token of the stream.
    /// @param to The address of the stream.
    /// @param amountPerSec The amount per second of the stream. Must use 20 decimals.
    /// @return endDate The end date of the stream.
    function endDate(
        IERC20 token,
        address to,
        uint216 amountPerSec
    ) external view returns (uint256);

    /// @notice Returns Vault address.
    /// @return vault The Vault address.
    function vault() external view returns (address);

    /// @notice Returns the LlamaPay Info list.
    /// @return llamaPayInfoList The LlamaPay Info list.
    function llamaPayInfoList()
        external
        view
        returns (LlamaPayInfo[] memory);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/utils/SafeERC20.sol)

pragma solidity ^0.8.0;

import "./IERC20.sol";
import "./IERC20Permit.sol";
import "./Address.sol";

/**
 * @title SafeERC20
 * @dev Wrappers around ERC20 operations that throw on failure (when the token
 * contract returns false). Tokens that return no value (and instead revert or
 * throw on failure) are also supported, non-reverting calls are assumed to be
 * successful.
 * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
 * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
 */
library SafeERC20 {
    using Address for address;

    /**
     * @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeTransfer(IERC20 token, address to, uint256 value) internal {
        _callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
    }

    /**
     * @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
     * calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
     */
    function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
        _callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
    }

    /**
     * @dev Deprecated. This function has issues similar to the ones found in
     * {IERC20-approve}, and its usage is discouraged.
     *
     * Whenever possible, use {safeIncreaseAllowance} and
     * {safeDecreaseAllowance} instead.
     */
    function safeApprove(IERC20 token, address spender, uint256 value) internal {
        // safeApprove should only be called when setting an initial allowance,
        // or when resetting it to zero. To increase and decrease it, use
        // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
        require(
            (value == 0) || (token.allowance(address(this), spender) == 0),
            "SafeERC20: approve from non-zero to non-zero allowance"
        );
        _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
    }

    /**
     * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
        uint256 oldAllowance = token.allowance(address(this), spender);
        _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance + value));
    }

    /**
     * @dev Decrease the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
        unchecked {
            uint256 oldAllowance = token.allowance(address(this), spender);
            require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, oldAllowance - value));
        }
    }

    /**
     * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful. Compatible with tokens that require the approval to be set to
     * 0 before setting it to a non-zero value.
     */
    function forceApprove(IERC20 token, address spender, uint256 value) internal {
        bytes memory approvalCall = abi.encodeWithSelector(token.approve.selector, spender, value);

        if (!_callOptionalReturnBool(token, approvalCall)) {
            _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, 0));
            _callOptionalReturn(token, approvalCall);
        }
    }

    /**
     * @dev Use a ERC-2612 signature to set the `owner` approval toward `spender` on `token`.
     * Revert on invalid signature.
     */
    function safePermit(
        IERC20Permit token,
        address owner,
        address spender,
        uint256 value,
        uint256 deadline,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) internal {
        uint256 nonceBefore = token.nonces(owner);
        token.permit(owner, spender, value, deadline, v, r, s);
        uint256 nonceAfter = token.nonces(owner);
        require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
    }

    /**
     * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
     * on the return value: the return value is optional (but if data is returned, it must not be false).
     * @param token The token targeted by the call.
     * @param data The call data (encoded using abi.encode or one of its variants).
     */
    function _callOptionalReturn(IERC20 token, bytes memory data) private {
        // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
        // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
        // the target address contains contract code and also asserts for success in the low-level call.

        bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
        require(returndata.length == 0 || abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
    }

    /**
     * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
     * on the return value: the return value is optional (but if data is returned, it must not be false).
     * @param token The token targeted by the call.
     * @param data The call data (encoded using abi.encode or one of its variants).
     *
     * This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
     */
    function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
        // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
        // we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
        // and not revert is the subcall reverts.

        (bool success, bytes memory returndata) = address(token).call(data);
        return
            success && (returndata.length == 0 || abi.decode(returndata, (bool))) && Address.isContract(address(token));
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SafeCast.sol)
// This file was procedurally generated from scripts/generate/templates/SafeCast.js.

pragma solidity ^0.8.21;

/**
 * @dev Wrappers over Solidity's uintXX/intXX casting operators with added overflow
 * checks.
 *
 * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
 * easily result in undesired exploitation or bugs, since developers usually
 * assume that overflows raise errors. `SafeCast` restores this intuition by
 * reverting the transaction when such an operation overflows.
 *
 * Using this library instead of the unchecked operations eliminates an entire
 * class of bugs, so it's recommended to use it always.
 */
library SafeCast {
    /**
     * @dev Value doesn't fit in an uint of `bits` size.
     */
    error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);

    /**
     * @dev An int value doesn't fit in an uint of `bits` size.
     */
    error SafeCastOverflowedIntToUint(int256 value);

    /**
     * @dev Value doesn't fit in an int of `bits` size.
     */
    error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);

    /**
     * @dev An uint value doesn't fit in an int of `bits` size.
     */
    error SafeCastOverflowedUintToInt(uint256 value);

    /**
     * @dev Returns the downcasted uint248 from uint256, reverting on
     * overflow (when the input is greater than largest uint248).
     *
     * Counterpart to Solidity's `uint248` operator.
     *
     * Requirements:
     *
     * - input must fit into 248 bits
     */
    function toUint248(uint256 value) internal pure returns (uint248) {
        if (value > type(uint248).max) {
            revert SafeCastOverflowedUintDowncast(248, value);
        }
        return uint248(value);
    }

    /**
     * @dev Returns the downcasted uint240 from uint256, reverting on
     * overflow (when the input is greater than largest uint240).
     *
     * Counterpart to Solidity's `uint240` operator.
     *
     * Requirements:
     *
     * - input must fit into 240 bits
     */
    function toUint240(uint256 value) internal pure returns (uint240) {
        if (value > type(uint240).max) {
            revert SafeCastOverflowedUintDowncast(240, value);
        }
        return uint240(value);
    }

    /**
     * @dev Returns the downcasted uint232 from uint256, reverting on
     * overflow (when the input is greater than largest uint232).
     *
     * Counterpart to Solidity's `uint232` operator.
     *
     * Requirements:
     *
     * - input must fit into 232 bits
     */
    function toUint232(uint256 value) internal pure returns (uint232) {
        if (value > type(uint232).max) {
            revert SafeCastOverflowedUintDowncast(232, value);
        }
        return uint232(value);
    }

    /**
     * @dev Returns the downcasted uint224 from uint256, reverting on
     * overflow (when the input is greater than largest uint224).
     *
     * Counterpart to Solidity's `uint224` operator.
     *
     * Requirements:
     *
     * - input must fit into 224 bits
     */
    function toUint224(uint256 value) internal pure returns (uint224) {
        if (value > type(uint224).max) {
            revert SafeCastOverflowedUintDowncast(224, value);
        }
        return uint224(value);
    }

    /**
     * @dev Returns the downcasted uint216 from uint256, reverting on
     * overflow (when the input is greater than largest uint216).
     *
     * Counterpart to Solidity's `uint216` operator.
     *
     * Requirements:
     *
     * - input must fit into 216 bits
     */
    function toUint216(uint256 value) internal pure returns (uint216) {
        if (value > type(uint216).max) {
            revert SafeCastOverflowedUintDowncast(216, value);
        }
        return uint216(value);
    }

    /**
     * @dev Returns the downcasted uint208 from uint256, reverting on
     * overflow (when the input is greater than largest uint208).
     *
     * Counterpart to Solidity's `uint208` operator.
     *
     * Requirements:
     *
     * - input must fit into 208 bits
     */
    function toUint208(uint256 value) internal pure returns (uint208) {
        if (value > type(uint208).max) {
            revert SafeCastOverflowedUintDowncast(208, value);
        }
        return uint208(value);
    }

    /**
     * @dev Returns the downcasted uint200 from uint256, reverting on
     * overflow (when the input is greater than largest uint200).
     *
     * Counterpart to Solidity's `uint200` operator.
     *
     * Requirements:
     *
     * - input must fit into 200 bits
     */
    function toUint200(uint256 value) internal pure returns (uint200) {
        if (value > type(uint200).max) {
            revert SafeCastOverflowedUintDowncast(200, value);
        }
        return uint200(value);
    }

    /**
     * @dev Returns the downcasted uint192 from uint256, reverting on
     * overflow (when the input is greater than largest uint192).
     *
     * Counterpart to Solidity's `uint192` operator.
     *
     * Requirements:
     *
     * - input must fit into 192 bits
     */
    function toUint192(uint256 value) internal pure returns (uint192) {
        if (value > type(uint192).max) {
            revert SafeCastOverflowedUintDowncast(192, value);
        }
        return uint192(value);
    }

    /**
     * @dev Returns the downcasted uint184 from uint256, reverting on
     * overflow (when the input is greater than largest uint184).
     *
     * Counterpart to Solidity's `uint184` operator.
     *
     * Requirements:
     *
     * - input must fit into 184 bits
     */
    function toUint184(uint256 value) internal pure returns (uint184) {
        if (value > type(uint184).max) {
            revert SafeCastOverflowedUintDowncast(184, value);
        }
        return uint184(value);
    }

    /**
     * @dev Returns the downcasted uint176 from uint256, reverting on
     * overflow (when the input is greater than largest uint176).
     *
     * Counterpart to Solidity's `uint176` operator.
     *
     * Requirements:
     *
     * - input must fit into 176 bits
     */
    function toUint176(uint256 value) internal pure returns (uint176) {
        if (value > type(uint176).max) {
            revert SafeCastOverflowedUintDowncast(176, value);
        }
        return uint176(value);
    }

    /**
     * @dev Returns the downcasted uint168 from uint256, reverting on
     * overflow (when the input is greater than largest uint168).
     *
     * Counterpart to Solidity's `uint168` operator.
     *
     * Requirements:
     *
     * - input must fit into 168 bits
     */
    function toUint168(uint256 value) internal pure returns (uint168) {
        if (value > type(uint168).max) {
            revert SafeCastOverflowedUintDowncast(168, value);
        }
        return uint168(value);
    }

    /**
     * @dev Returns the downcasted uint160 from uint256, reverting on
     * overflow (when the input is greater than largest uint160).
     *
     * Counterpart to Solidity's `uint160` operator.
     *
     * Requirements:
     *
     * - input must fit into 160 bits
     */
    function toUint160(uint256 value) internal pure returns (uint160) {
        if (value > type(uint160).max) {
            revert SafeCastOverflowedUintDowncast(160, value);
        }
        return uint160(value);
    }

    /**
     * @dev Returns the downcasted uint152 from uint256, reverting on
     * overflow (when the input is greater than largest uint152).
     *
     * Counterpart to Solidity's `uint152` operator.
     *
     * Requirements:
     *
     * - input must fit into 152 bits
     */
    function toUint152(uint256 value) internal pure returns (uint152) {
        if (value > type(uint152).max) {
            revert SafeCastOverflowedUintDowncast(152, value);
        }
        return uint152(value);
    }

    /**
     * @dev Returns the downcasted uint144 from uint256, reverting on
     * overflow (when the input is greater than largest uint144).
     *
     * Counterpart to Solidity's `uint144` operator.
     *
     * Requirements:
     *
     * - input must fit into 144 bits
     */
    function toUint144(uint256 value) internal pure returns (uint144) {
        if (value > type(uint144).max) {
            revert SafeCastOverflowedUintDowncast(144, value);
        }
        return uint144(value);
    }

    /**
     * @dev Returns the downcasted uint136 from uint256, reverting on
     * overflow (when the input is greater than largest uint136).
     *
     * Counterpart to Solidity's `uint136` operator.
     *
     * Requirements:
     *
     * - input must fit into 136 bits
     */
    function toUint136(uint256 value) internal pure returns (uint136) {
        if (value > type(uint136).max) {
            revert SafeCastOverflowedUintDowncast(136, value);
        }
        return uint136(value);
    }

    /**
     * @dev Returns the downcasted uint128 from uint256, reverting on
     * overflow (when the input is greater than largest uint128).
     *
     * Counterpart to Solidity's `uint128` operator.
     *
     * Requirements:
     *
     * - input must fit into 128 bits
     */
    function toUint128(uint256 value) internal pure returns (uint128) {
        if (value > type(uint128).max) {
            revert SafeCastOverflowedUintDowncast(128, value);
        }
        return uint128(value);
    }

    /**
     * @dev Returns the downcasted uint120 from uint256, reverting on
     * overflow (when the input is greater than largest uint120).
     *
     * Counterpart to Solidity's `uint120` operator.
     *
     * Requirements:
     *
     * - input must fit into 120 bits
     */
    function toUint120(uint256 value) internal pure returns (uint120) {
        if (value > type(uint120).max) {
            revert SafeCastOverflowedUintDowncast(120, value);
        }
        return uint120(value);
    }

    /**
     * @dev Returns the downcasted uint112 from uint256, reverting on
     * overflow (when the input is greater than largest uint112).
     *
     * Counterpart to Solidity's `uint112` operator.
     *
     * Requirements:
     *
     * - input must fit into 112 bits
     */
    function toUint112(uint256 value) internal pure returns (uint112) {
        if (value > type(uint112).max) {
            revert SafeCastOverflowedUintDowncast(112, value);
        }
        return uint112(value);
    }

    /**
     * @dev Returns the downcasted uint104 from uint256, reverting on
     * overflow (when the input is greater than largest uint104).
     *
     * Counterpart to Solidity's `uint104` operator.
     *
     * Requirements:
     *
     * - input must fit into 104 bits
     */
    function toUint104(uint256 value) internal pure returns (uint104) {
        if (value > type(uint104).max) {
            revert SafeCastOverflowedUintDowncast(104, value);
        }
        return uint104(value);
    }

    /**
     * @dev Returns the downcasted uint96 from uint256, reverting on
     * overflow (when the input is greater than largest uint96).
     *
     * Counterpart to Solidity's `uint96` operator.
     *
     * Requirements:
     *
     * - input must fit into 96 bits
     */
    function toUint96(uint256 value) internal pure returns (uint96) {
        if (value > type(uint96).max) {
            revert SafeCastOverflowedUintDowncast(96, value);
        }
        return uint96(value);
    }

    /**
     * @dev Returns the downcasted uint88 from uint256, reverting on
     * overflow (when the input is greater than largest uint88).
     *
     * Counterpart to Solidity's `uint88` operator.
     *
     * Requirements:
     *
     * - input must fit into 88 bits
     */
    function toUint88(uint256 value) internal pure returns (uint88) {
        if (value > type(uint88).max) {
            revert SafeCastOverflowedUintDowncast(88, value);
        }
        return uint88(value);
    }

    /**
     * @dev Returns the downcasted uint80 from uint256, reverting on
     * overflow (when the input is greater than largest uint80).
     *
     * Counterpart to Solidity's `uint80` operator.
     *
     * Requirements:
     *
     * - input must fit into 80 bits
     */
    function toUint80(uint256 value) internal pure returns (uint80) {
        if (value > type(uint80).max) {
            revert SafeCastOverflowedUintDowncast(80, value);
        }
        return uint80(value);
    }

    /**
     * @dev Returns the downcasted uint72 from uint256, reverting on
     * overflow (when the input is greater than largest uint72).
     *
     * Counterpart to Solidity's `uint72` operator.
     *
     * Requirements:
     *
     * - input must fit into 72 bits
     */
    function toUint72(uint256 value) internal pure returns (uint72) {
        if (value > type(uint72).max) {
            revert SafeCastOverflowedUintDowncast(72, value);
        }
        return uint72(value);
    }

    /**
     * @dev Returns the downcasted uint64 from uint256, reverting on
     * overflow (when the input is greater than largest uint64).
     *
     * Counterpart to Solidity's `uint64` operator.
     *
     * Requirements:
     *
     * - input must fit into 64 bits
     */
    function toUint64(uint256 value) internal pure returns (uint64) {
        if (value > type(uint64).max) {
            revert SafeCastOverflowedUintDowncast(64, value);
        }
        return uint64(value);
    }

    /**
     * @dev Returns the downcasted uint56 from uint256, reverting on
     * overflow (when the input is greater than largest uint56).
     *
     * Counterpart to Solidity's `uint56` operator.
     *
     * Requirements:
     *
     * - input must fit into 56 bits
     */
    function toUint56(uint256 value) internal pure returns (uint56) {
        if (value > type(uint56).max) {
            revert SafeCastOverflowedUintDowncast(56, value);
        }
        return uint56(value);
    }

    /**
     * @dev Returns the downcasted uint48 from uint256, reverting on
     * overflow (when the input is greater than largest uint48).
     *
     * Counterpart to Solidity's `uint48` operator.
     *
     * Requirements:
     *
     * - input must fit into 48 bits
     */
    function toUint48(uint256 value) internal pure returns (uint48) {
        if (value > type(uint48).max) {
            revert SafeCastOverflowedUintDowncast(48, value);
        }
        return uint48(value);
    }

    /**
     * @dev Returns the downcasted uint40 from uint256, reverting on
     * overflow (when the input is greater than largest uint40).
     *
     * Counterpart to Solidity's `uint40` operator.
     *
     * Requirements:
     *
     * - input must fit into 40 bits
     */
    function toUint40(uint256 value) internal pure returns (uint40) {
        if (value > type(uint40).max) {
            revert SafeCastOverflowedUintDowncast(40, value);
        }
        return uint40(value);
    }

    /**
     * @dev Returns the downcasted uint32 from uint256, reverting on
     * overflow (when the input is greater than largest uint32).
     *
     * Counterpart to Solidity's `uint32` operator.
     *
     * Requirements:
     *
     * - input must fit into 32 bits
     */
    function toUint32(uint256 value) internal pure returns (uint32) {
        if (value > type(uint32).max) {
            revert SafeCastOverflowedUintDowncast(32, value);
        }
        return uint32(value);
    }

    /**
     * @dev Returns the downcasted uint24 from uint256, reverting on
     * overflow (when the input is greater than largest uint24).
     *
     * Counterpart to Solidity's `uint24` operator.
     *
     * Requirements:
     *
     * - input must fit into 24 bits
     */
    function toUint24(uint256 value) internal pure returns (uint24) {
        if (value > type(uint24).max) {
            revert SafeCastOverflowedUintDowncast(24, value);
        }
        return uint24(value);
    }

    /**
     * @dev Returns the downcasted uint16 from uint256, reverting on
     * overflow (when the input is greater than largest uint16).
     *
     * Counterpart to Solidity's `uint16` operator.
     *
     * Requirements:
     *
     * - input must fit into 16 bits
     */
    function toUint16(uint256 value) internal pure returns (uint16) {
        if (value > type(uint16).max) {
            revert SafeCastOverflowedUintDowncast(16, value);
        }
        return uint16(value);
    }

    /**
     * @dev Returns the downcasted uint8 from uint256, reverting on
     * overflow (when the input is greater than largest uint8).
     *
     * Counterpart to Solidity's `uint8` operator.
     *
     * Requirements:
     *
     * - input must fit into 8 bits
     */
    function toUint8(uint256 value) internal pure returns (uint8) {
        if (value > type(uint8).max) {
            revert SafeCastOverflowedUintDowncast(8, value);
        }
        return uint8(value);
    }

    /**
     * @dev Converts a signed int256 into an unsigned uint256.
     *
     * Requirements:
     *
     * - input must be greater than or equal to 0.
     */
    function toUint256(int256 value) internal pure returns (uint256) {
        if (value < 0) {
            revert SafeCastOverflowedIntToUint(value);
        }
        return uint256(value);
    }

    /**
     * @dev Returns the downcasted int248 from int256, reverting on
     * overflow (when the input is less than smallest int248 or
     * greater than largest int248).
     *
     * Counterpart to Solidity's `int248` operator.
     *
     * Requirements:
     *
     * - input must fit into 248 bits
     */
    function toInt248(int256 value)
        internal
        pure
        returns (int248 downcasted)
    {
        downcasted = int248(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(248, value);
        }
    }

    /**
     * @dev Returns the downcasted int240 from int256, reverting on
     * overflow (when the input is less than smallest int240 or
     * greater than largest int240).
     *
     * Counterpart to Solidity's `int240` operator.
     *
     * Requirements:
     *
     * - input must fit into 240 bits
     */
    function toInt240(int256 value)
        internal
        pure
        returns (int240 downcasted)
    {
        downcasted = int240(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(240, value);
        }
    }

    /**
     * @dev Returns the downcasted int232 from int256, reverting on
     * overflow (when the input is less than smallest int232 or
     * greater than largest int232).
     *
     * Counterpart to Solidity's `int232` operator.
     *
     * Requirements:
     *
     * - input must fit into 232 bits
     */
    function toInt232(int256 value)
        internal
        pure
        returns (int232 downcasted)
    {
        downcasted = int232(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(232, value);
        }
    }

    /**
     * @dev Returns the downcasted int224 from int256, reverting on
     * overflow (when the input is less than smallest int224 or
     * greater than largest int224).
     *
     * Counterpart to Solidity's `int224` operator.
     *
     * Requirements:
     *
     * - input must fit into 224 bits
     */
    function toInt224(int256 value)
        internal
        pure
        returns (int224 downcasted)
    {
        downcasted = int224(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(224, value);
        }
    }

    /**
     * @dev Returns the downcasted int216 from int256, reverting on
     * overflow (when the input is less than smallest int216 or
     * greater than largest int216).
     *
     * Counterpart to Solidity's `int216` operator.
     *
     * Requirements:
     *
     * - input must fit into 216 bits
     */
    function toInt216(int256 value)
        internal
        pure
        returns (int216 downcasted)
    {
        downcasted = int216(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(216, value);
        }
    }

    /**
     * @dev Returns the downcasted int208 from int256, reverting on
     * overflow (when the input is less than smallest int208 or
     * greater than largest int208).
     *
     * Counterpart to Solidity's `int208` operator.
     *
     * Requirements:
     *
     * - input must fit into 208 bits
     */
    function toInt208(int256 value)
        internal
        pure
        returns (int208 downcasted)
    {
        downcasted = int208(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(208, value);
        }
    }

    /**
     * @dev Returns the downcasted int200 from int256, reverting on
     * overflow (when the input is less than smallest int200 or
     * greater than largest int200).
     *
     * Counterpart to Solidity's `int200` operator.
     *
     * Requirements:
     *
     * - input must fit into 200 bits
     */
    function toInt200(int256 value)
        internal
        pure
        returns (int200 downcasted)
    {
        downcasted = int200(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(200, value);
        }
    }

    /**
     * @dev Returns the downcasted int192 from int256, reverting on
     * overflow (when the input is less than smallest int192 or
     * greater than largest int192).
     *
     * Counterpart to Solidity's `int192` operator.
     *
     * Requirements:
     *
     * - input must fit into 192 bits
     */
    function toInt192(int256 value)
        internal
        pure
        returns (int192 downcasted)
    {
        downcasted = int192(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(192, value);
        }
    }

    /**
     * @dev Returns the downcasted int184 from int256, reverting on
     * overflow (when the input is less than smallest int184 or
     * greater than largest int184).
     *
     * Counterpart to Solidity's `int184` operator.
     *
     * Requirements:
     *
     * - input must fit into 184 bits
     */
    function toInt184(int256 value)
        internal
        pure
        returns (int184 downcasted)
    {
        downcasted = int184(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(184, value);
        }
    }

    /**
     * @dev Returns the downcasted int176 from int256, reverting on
     * overflow (when the input is less than smallest int176 or
     * greater than largest int176).
     *
     * Counterpart to Solidity's `int176` operator.
     *
     * Requirements:
     *
     * - input must fit into 176 bits
     */
    function toInt176(int256 value)
        internal
        pure
        returns (int176 downcasted)
    {
        downcasted = int176(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(176, value);
        }
    }

    /**
     * @dev Returns the downcasted int168 from int256, reverting on
     * overflow (when the input is less than smallest int168 or
     * greater than largest int168).
     *
     * Counterpart to Solidity's `int168` operator.
     *
     * Requirements:
     *
     * - input must fit into 168 bits
     */
    function toInt168(int256 value)
        internal
        pure
        returns (int168 downcasted)
    {
        downcasted = int168(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(168, value);
        }
    }

    /**
     * @dev Returns the downcasted int160 from int256, reverting on
     * overflow (when the input is less than smallest int160 or
     * greater than largest int160).
     *
     * Counterpart to Solidity's `int160` operator.
     *
     * Requirements:
     *
     * - input must fit into 160 bits
     */
    function toInt160(int256 value)
        internal
        pure
        returns (int160 downcasted)
    {
        downcasted = int160(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(160, value);
        }
    }

    /**
     * @dev Returns the downcasted int152 from int256, reverting on
     * overflow (when the input is less than smallest int152 or
     * greater than largest int152).
     *
     * Counterpart to Solidity's `int152` operator.
     *
     * Requirements:
     *
     * - input must fit into 152 bits
     */
    function toInt152(int256 value)
        internal
        pure
        returns (int152 downcasted)
    {
        downcasted = int152(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(152, value);
        }
    }

    /**
     * @dev Returns the downcasted int144 from int256, reverting on
     * overflow (when the input is less than smallest int144 or
     * greater than largest int144).
     *
     * Counterpart to Solidity's `int144` operator.
     *
     * Requirements:
     *
     * - input must fit into 144 bits
     */
    function toInt144(int256 value)
        internal
        pure
        returns (int144 downcasted)
    {
        downcasted = int144(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(144, value);
        }
    }

    /**
     * @dev Returns the downcasted int136 from int256, reverting on
     * overflow (when the input is less than smallest int136 or
     * greater than largest int136).
     *
     * Counterpart to Solidity's `int136` operator.
     *
     * Requirements:
     *
     * - input must fit into 136 bits
     */
    function toInt136(int256 value)
        internal
        pure
        returns (int136 downcasted)
    {
        downcasted = int136(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(136, value);
        }
    }

    /**
     * @dev Returns the downcasted int128 from int256, reverting on
     * overflow (when the input is less than smallest int128 or
     * greater than largest int128).
     *
     * Counterpart to Solidity's `int128` operator.
     *
     * Requirements:
     *
     * - input must fit into 128 bits
     */
    function toInt128(int256 value)
        internal
        pure
        returns (int128 downcasted)
    {
        downcasted = int128(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(128, value);
        }
    }

    /**
     * @dev Returns the downcasted int120 from int256, reverting on
     * overflow (when the input is less than smallest int120 or
     * greater than largest int120).
     *
     * Counterpart to Solidity's `int120` operator.
     *
     * Requirements:
     *
     * - input must fit into 120 bits
     */
    function toInt120(int256 value)
        internal
        pure
        returns (int120 downcasted)
    {
        downcasted = int120(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(120, value);
        }
    }

    /**
     * @dev Returns the downcasted int112 from int256, reverting on
     * overflow (when the input is less than smallest int112 or
     * greater than largest int112).
     *
     * Counterpart to Solidity's `int112` operator.
     *
     * Requirements:
     *
     * - input must fit into 112 bits
     */
    function toInt112(int256 value)
        internal
        pure
        returns (int112 downcasted)
    {
        downcasted = int112(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(112, value);
        }
    }

    /**
     * @dev Returns the downcasted int104 from int256, reverting on
     * overflow (when the input is less than smallest int104 or
     * greater than largest int104).
     *
     * Counterpart to Solidity's `int104` operator.
     *
     * Requirements:
     *
     * - input must fit into 104 bits
     */
    function toInt104(int256 value)
        internal
        pure
        returns (int104 downcasted)
    {
        downcasted = int104(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(104, value);
        }
    }

    /**
     * @dev Returns the downcasted int96 from int256, reverting on
     * overflow (when the input is less than smallest int96 or
     * greater than largest int96).
     *
     * Counterpart to Solidity's `int96` operator.
     *
     * Requirements:
     *
     * - input must fit into 96 bits
     */
    function toInt96(int256 value) internal pure returns (int96 downcasted) {
        downcasted = int96(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(96, value);
        }
    }

    /**
     * @dev Returns the downcasted int88 from int256, reverting on
     * overflow (when the input is less than smallest int88 or
     * greater than largest int88).
     *
     * Counterpart to Solidity's `int88` operator.
     *
     * Requirements:
     *
     * - input must fit into 88 bits
     */
    function toInt88(int256 value) internal pure returns (int88 downcasted) {
        downcasted = int88(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(88, value);
        }
    }

    /**
     * @dev Returns the downcasted int80 from int256, reverting on
     * overflow (when the input is less than smallest int80 or
     * greater than largest int80).
     *
     * Counterpart to Solidity's `int80` operator.
     *
     * Requirements:
     *
     * - input must fit into 80 bits
     */
    function toInt80(int256 value) internal pure returns (int80 downcasted) {
        downcasted = int80(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(80, value);
        }
    }

    /**
     * @dev Returns the downcasted int72 from int256, reverting on
     * overflow (when the input is less than smallest int72 or
     * greater than largest int72).
     *
     * Counterpart to Solidity's `int72` operator.
     *
     * Requirements:
     *
     * - input must fit into 72 bits
     */
    function toInt72(int256 value) internal pure returns (int72 downcasted) {
        downcasted = int72(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(72, value);
        }
    }

    /**
     * @dev Returns the downcasted int64 from int256, reverting on
     * overflow (when the input is less than smallest int64 or
     * greater than largest int64).
     *
     * Counterpart to Solidity's `int64` operator.
     *
     * Requirements:
     *
     * - input must fit into 64 bits
     */
    function toInt64(int256 value) internal pure returns (int64 downcasted) {
        downcasted = int64(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(64, value);
        }
    }

    /**
     * @dev Returns the downcasted int56 from int256, reverting on
     * overflow (when the input is less than smallest int56 or
     * greater than largest int56).
     *
     * Counterpart to Solidity's `int56` operator.
     *
     * Requirements:
     *
     * - input must fit into 56 bits
     */
    function toInt56(int256 value) internal pure returns (int56 downcasted) {
        downcasted = int56(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(56, value);
        }
    }

    /**
     * @dev Returns the downcasted int48 from int256, reverting on
     * overflow (when the input is less than smallest int48 or
     * greater than largest int48).
     *
     * Counterpart to Solidity's `int48` operator.
     *
     * Requirements:
     *
     * - input must fit into 48 bits
     */
    function toInt48(int256 value) internal pure returns (int48 downcasted) {
        downcasted = int48(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(48, value);
        }
    }

    /**
     * @dev Returns the downcasted int40 from int256, reverting on
     * overflow (when the input is less than smallest int40 or
     * greater than largest int40).
     *
     * Counterpart to Solidity's `int40` operator.
     *
     * Requirements:
     *
     * - input must fit into 40 bits
     */
    function toInt40(int256 value) internal pure returns (int40 downcasted) {
        downcasted = int40(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(40, value);
        }
    }

    /**
     * @dev Returns the downcasted int32 from int256, reverting on
     * overflow (when the input is less than smallest int32 or
     * greater than largest int32).
     *
     * Counterpart to Solidity's `int32` operator.
     *
     * Requirements:
     *
     * - input must fit into 32 bits
     */
    function toInt32(int256 value) internal pure returns (int32 downcasted) {
        downcasted = int32(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(32, value);
        }
    }

    /**
     * @dev Returns the downcasted int24 from int256, reverting on
     * overflow (when the input is less than smallest int24 or
     * greater than largest int24).
     *
     * Counterpart to Solidity's `int24` operator.
     *
     * Requirements:
     *
     * - input must fit into 24 bits
     */
    function toInt24(int256 value) internal pure returns (int24 downcasted) {
        downcasted = int24(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(24, value);
        }
    }

    /**
     * @dev Returns the downcasted int16 from int256, reverting on
     * overflow (when the input is less than smallest int16 or
     * greater than largest int16).
     *
     * Counterpart to Solidity's `int16` operator.
     *
     * Requirements:
     *
     * - input must fit into 16 bits
     */
    function toInt16(int256 value) internal pure returns (int16 downcasted) {
        downcasted = int16(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(16, value);
        }
    }

    /**
     * @dev Returns the downcasted int8 from int256, reverting on
     * overflow (when the input is less than smallest int8 or
     * greater than largest int8).
     *
     * Counterpart to Solidity's `int8` operator.
     *
     * Requirements:
     *
     * - input must fit into 8 bits
     */
    function toInt8(int256 value) internal pure returns (int8 downcasted) {
        downcasted = int8(value);
        if (downcasted != value) {
            revert SafeCastOverflowedIntDowncast(8, value);
        }
    }

    /**
     * @dev Converts an unsigned uint256 into a signed int256.
     *
     * Requirements:
     *
     * - input must be less than or equal to maxInt256.
     */
    function toInt256(uint256 value) internal pure returns (int256) {
        // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
        if (value > uint256(type(int256).max)) {
            revert SafeCastOverflowedUintToInt(value);
        }
        return int256(value);
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (token/ERC20/extensions/IERC20Permit.sol)

pragma solidity ^0.8.0;

/**
 * @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
 * https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
 *
 * Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
 * presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
 * need to send a transaction, and thus is not required to hold Ether at all.
 */
interface IERC20Permit {
    /**
     * @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
     * given ``owner``'s signed approval.
     *
     * IMPORTANT: The same issues {IERC20-approve} has related to transaction
     * ordering also apply here.
     *
     * Emits an {Approval} event.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     * - `deadline` must be a timestamp in the future.
     * - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
     * over the EIP712-formatted function arguments.
     * - the signature must use ``owner``'s current nonce (see {nonces}).
     *
     * For more information on the signature format, see the
     * https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
     * section].
     */
    function permit(
        address owner,
        address spender,
        uint256 value,
        uint256 deadline,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) external;

    /**
     * @dev Returns the current nonce for `owner`. This value must be
     * included whenever a signature is generated for {permit}.
     *
     * Every successful call to {permit} increases ``owner``'s nonce by one. This
     * prevents a signature from being used multiple times.
     */
    function nonces(address owner) external view returns (uint256);

    /**
     * @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
     */
    // solhint-disable-next-line func-name-mixedcase
    function DOMAIN_SEPARATOR() external view returns (bytes32);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.21;

import {IERC20} from "@openzeppelin/IERC20.sol";
import {ILlamaPay} from "periphery/dependencies/llamapay/ILlamaPay.sol";

/// @title ILlamaPayRouterOracleTypes.
/// @notice The types used by the ILlamaPayRouterOracle.
interface ILlamaPayRouterOracleTypes {
    /// STRUCTS ///

    struct LlamaPayInfo {
        ILlamaPay llamaPay;
        address priceFeed;
        bool invertPrice;
    }

    /// ERRORS ///

    /// @dev Thrown when the llamaPayCount is zero.
    error AeraPeriphery__LlamaPayInfoCountIsZero();
    /// @dev Thrown when the llamaPayCount exceeds the maximum.
    error AeraPeriphery__LlamaPayInfoCountExceedsMax(uint256 maxLlamaPayCount);
    /// @dev Thrown when the caller is not the Vault owner.
    error AeraPeriphery__CallerIsNotVaultOwner(address caller);
    /// @dev Thrown when the caller is not the Vault.
    error AeraPeriphery__CallerIsNotVault(address caller);
    /// @dev Thrown when the token is invalid.
    error AeraPeriphery__InvalidToken(IERC20 token);
    /// @dev Thrown when the duration is zero when creating a new stream.
    error AeraPeriphery__DurationIsZero();
    /// @dev Thrown when the endDate is in the future when trying to cancel stream or stream does not exist.
    error AeraPeriphery__StreamNotExpired(uint256 endDate);
    /// @dev Thrown when stream does not exist.
    error AeraPeriphery__StreamDoesNotExist(
        IERC20 token, address to, uint216 amountPerSec
    );

    /// EVENTS ///

    /// @dev Emitted when a new LlamaPay stream is created.
    event ExpiringStreamCreated(
        IERC20 indexed token,
        address indexed to,
        uint216 indexed amountPerSec,
        uint256 duration
    );
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (security/ReentrancyGuard.sol)

pragma solidity ^0.8.0;

/**
 * @dev Contract module that helps prevent reentrant calls to a function.
 *
 * Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
 * available, which can be applied to functions to make sure there are no nested
 * (reentrant) calls to them.
 *
 * Note that because there is a single `nonReentrant` guard, functions marked as
 * `nonReentrant` may not call one another. This can be worked around by making
 * those functions `private`, and then adding `external` `nonReentrant` entry
 * points to them.
 *
 * TIP: If you would like to learn more about reentrancy and alternative ways
 * to protect against it, check out our blog post
 * https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
 */
abstract contract ReentrancyGuard {
    // Booleans are more expensive than uint256 or any type that takes up a full
    // word because each write operation emits an extra SLOAD to first read the
    // slot's contents, replace the bits taken up by the boolean, and then write
    // back. This is the compiler's defense against contract upgrades and
    // pointer aliasing, and it cannot be disabled.

    // The values being non-zero value makes deployment a bit more expensive,
    // but in exchange the refund on every call to nonReentrant will be lower in
    // amount. Since refunds are capped to a percentage of the total
    // transaction's gas, it is best to keep them low in cases like this one, to
    // increase the likelihood of the full refund coming into effect.
    uint256 private constant _NOT_ENTERED = 1;
    uint256 private constant _ENTERED = 2;

    uint256 private _status;

    constructor() {
        _status = _NOT_ENTERED;
    }

    /**
     * @dev Prevents a contract from calling itself, directly or indirectly.
     * Calling a `nonReentrant` function from another `nonReentrant`
     * function is not supported. It is possible to prevent this from happening
     * by making the `nonReentrant` function external, and making it call a
     * `private` function that does the actual work.
     */
    modifier nonReentrant() {
        _nonReentrantBefore();
        _;
        _nonReentrantAfter();
    }

    function _nonReentrantBefore() private {
        // On the first call to nonReentrant, _status will be _NOT_ENTERED
        require(_status != _ENTERED, "ReentrancyGuard: reentrant call");

        // Any calls to nonReentrant after this point will fail
        _status = _ENTERED;
    }

    function _nonReentrantAfter() private {
        // By storing the original value once again, a refund is triggered (see
        // https://eips.ethereum.org/EIPS/eip-2200)
        _status = _NOT_ENTERED;
    }

    /**
     * @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
     * `nonReentrant` function in the call stack.
     */
    function _reentrancyGuardEntered() internal view returns (bool) {
        return _status == _ENTERED;
    }
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

interface AggregatorInterface {
  function latestAnswer() external view returns (int256);

  function latestTimestamp() external view returns (uint256);

  function latestRound() external view returns (uint256);

  function getAnswer(uint256 roundId) external view returns (int256);

  function getTimestamp(uint256 roundId) external view returns (uint256);

  event AnswerUpdated(int256 indexed current, uint256 indexed roundId, uint256 updatedAt);

  event NewRound(uint256 indexed roundId, address indexed startedBy, uint256 startedAt);
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

interface AggregatorV3Interface {
  function decimals() external view returns (uint8);

  function description() external view returns (string memory);

  function version() external view returns (uint256);

  // getRoundData and latestRoundData should both raise "No data present"
  // if they do not have data to report, instead of returning unset values
  // which could be misinterpreted as actual reported values.
  function getRoundData(uint80 _roundId)
    external
    view
    returns (
      uint80 roundId,
      int256 answer,
      uint256 startedAt,
      uint256 updatedAt,
      uint80 answeredInRound
    );

  function latestRoundData()
    external
    view
    returns (
      uint80 roundId,
      int256 answer,
      uint256 startedAt,
      uint256 updatedAt,
      uint80 answeredInRound
    );
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

import "./AggregatorInterface.sol";
import "./AggregatorV3Interface.sol";

interface AggregatorV2V3Interface is AggregatorInterface, AggregatorV3Interface {}