Cryo Explorer Ethereum Mainnet

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.28;

import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {IERC3009} from "./interfaces/IERC3009.sol";
import {ISignatureTransfer} from "./interfaces/ISignatureTransfer.sol";

/// @title PaymentOrchestrator
/// @notice Unified payment orchestrator supporting ERC-3009, native tokens, and Permit2
/// @dev Handles all payment types with atomic fee splitting and double-pay prevention
/// @author WalletConnect
contract PaymentOrchestrator {
    using SafeERC20 for IERC20;

    // ============ Constants ============
    uint16 public constant MAX_FEE_BPS = 10_000;

    // ============ Immutables ============
    address public immutable RELAYER;
    address public immutable FEE_VAULT;
    ISignatureTransfer public immutable PERMIT2;

    // ============ State ============
    /// @notice Tracks used payment IDs to prevent double-spending
    mapping(bytes32 => bool) public usedPaymentIds;

    // ============ Events ============
    event PaymentSplit(
        bytes32 indexed paymentId,
        address indexed from,
        address indexed merchant,
        address token,
        uint256 totalAmount,
        uint256 merchantAmount,
        uint16 feeBps
    );

    event NativePaymentSplit(
        bytes32 indexed paymentId,
        address indexed from,
        address indexed merchant,
        uint256 totalAmount,
        uint256 merchantAmount,
        uint16 feeBps
    );

    // ============ Errors ============
    error OnlyRelayer();
    error ZeroAddress();
    error InvalidFeeBps();
    error ZeroAmount();
    error PaymentAlreadyUsed();
    error NativeTransferFailed();

    // ============ Modifiers ============
    modifier onlyRelayer() {
        _checkRelayer();
        _;
    }

    modifier validPaymentId(bytes32 paymentId) {
        _checkPaymentId(paymentId);
        _;
    }

    function _checkRelayer() internal view {
        if (msg.sender != RELAYER) revert OnlyRelayer();
    }

    function _checkPaymentId(bytes32 paymentId) internal view {
        if (usedPaymentIds[paymentId]) revert PaymentAlreadyUsed();
    }

    // ============ Constructor ============
    /// @param _relayer Address authorized to submit ERC-3009 and Permit2 transactions
    /// @param _feeVault Address receiving fee portion of payments
    /// @param _permit2 Permit2 contract address (can be address(0) on chains without Permit2)
    constructor(address _relayer, address _feeVault, address _permit2) {
        if (_relayer == address(0)) revert ZeroAddress();
        if (_feeVault == address(0)) revert ZeroAddress();
        // permit2 can be address(0) on chains without Permit2 support

        RELAYER = _relayer;
        FEE_VAULT = _feeVault;
        PERMIT2 = ISignatureTransfer(_permit2);
    }

    // ============ Path 1: ERC-3009 (Gasless USDC) ============

    /// @notice Receive ERC-3009 authorized payment and split between merchant and fee vault
    /// @dev Only relayer can call. Uses receiveWithAuthorization (v,r,s version).
    /// @param token ERC-3009 compatible token address (e.g., USDC)
    /// @param from Payer address (signer of the authorization)
    /// @param amount Total payment amount
    /// @param validAfter Authorization valid after timestamp
    /// @param validBefore Authorization valid before timestamp
    /// @param nonce Unique nonce for the ERC-3009 authorization
    /// @param v ECDSA signature v component
    /// @param r ECDSA signature r component
    /// @param s ECDSA signature s component
    /// @param merchant Merchant address to receive payment minus fee
    /// @param feeBps Fee in basis points (100 = 1%)
    /// @param paymentId Unique payment identifier to prevent double-spending
    function receiveAndSplitERC3009(
        address token,
        address from,
        uint256 amount,
        uint256 validAfter,
        uint256 validBefore,
        bytes32 nonce,
        uint8 v,
        bytes32 r,
        bytes32 s,
        address merchant,
        uint16 feeBps,
        bytes32 paymentId
    ) external onlyRelayer validPaymentId(paymentId) {
        _validateInputs(amount, merchant, feeBps);

        // Mark payment as used BEFORE external calls (CEI pattern)
        usedPaymentIds[paymentId] = true;

        // Pull funds via ERC-3009 receiveWithAuthorization
        IERC3009(token).receiveWithAuthorization(from, address(this), amount, validAfter, validBefore, nonce, v, r, s);

        // Split and distribute
        _splitAndDistributeToken(IERC20(token), from, merchant, amount, feeBps, paymentId);
    }

    /// @notice Receive ERC-3009 authorized payment with bytes signature and split
    /// @dev Supports EIP-2098 compact signatures (64 bytes) and standard (65 bytes)
    /// @param token ERC-3009 compatible token address
    /// @param from Payer address (signer of the authorization)
    /// @param amount Total payment amount
    /// @param validAfter Authorization valid after timestamp
    /// @param validBefore Authorization valid before timestamp
    /// @param nonce Unique nonce for the ERC-3009 authorization
    /// @param signature Signature bytes
    /// @param merchant Merchant address to receive payment minus fee
    /// @param feeBps Fee in basis points (100 = 1%)
    /// @param paymentId Unique payment identifier to prevent double-spending
    function receiveAndSplitERC3009WithSignature(
        address token,
        address from,
        uint256 amount,
        uint256 validAfter,
        uint256 validBefore,
        bytes32 nonce,
        bytes calldata signature,
        address merchant,
        uint16 feeBps,
        bytes32 paymentId
    ) external onlyRelayer validPaymentId(paymentId) {
        _validateInputs(amount, merchant, feeBps);

        // Mark payment as used BEFORE external calls (CEI pattern)
        usedPaymentIds[paymentId] = true;

        // Pull funds via ERC-3009 receiveWithAuthorization (bytes signature version)
        IERC3009(token).receiveWithAuthorization(from, address(this), amount, validAfter, validBefore, nonce, signature);

        // Split and distribute
        _splitAndDistributeToken(IERC20(token), from, merchant, amount, feeBps, paymentId);
    }

    // ============ Path 2: Native Token (ETH/BNB/POL/MON) ============

    /// @notice Pay with native token and split fees atomically
    /// @dev Anyone can call (user submits tx directly). PaymentId prevents double-pay.
    /// @param merchant Merchant address to receive payment minus fee
    /// @param feeBps Fee in basis points (100 = 1%)
    /// @param paymentId Unique payment identifier to prevent double-spending
    function payNative(address merchant, uint16 feeBps, bytes32 paymentId) external payable validPaymentId(paymentId) {
        _validateInputs(msg.value, merchant, feeBps);

        // Mark payment as used BEFORE external calls (CEI pattern)
        usedPaymentIds[paymentId] = true;

        // Calculate split
        uint256 feeAmount = (msg.value * feeBps) / MAX_FEE_BPS;
        uint256 merchantAmount = msg.value - feeAmount;

        // Transfer fee to vault
        if (feeAmount > 0) {
            (bool feeSuccess,) = FEE_VAULT.call{value: feeAmount}("");
            if (!feeSuccess) revert NativeTransferFailed();
        }

        // Transfer to merchant
        if (merchantAmount > 0) {
            (bool merchantSuccess,) = merchant.call{value: merchantAmount}("");
            if (!merchantSuccess) revert NativeTransferFailed();
        }

        emit NativePaymentSplit(paymentId, msg.sender, merchant, msg.value, merchantAmount, feeBps);
    }

    // ============ Path 3: Permit2 (Any ERC-20) ============

    /// @notice Parameters for Permit2 payment to reduce stack depth
    struct Permit2Params {
        address token;
        address from;
        uint256 amount;
        uint256 nonce;
        uint256 deadline;
        address merchant;
        uint16 feeBps;
        bytes32 paymentId;
    }

    /// @notice Receive Permit2 authorized payment and split
    /// @dev Only relayer can call. Works with any ERC-20 token approved to Permit2.
    /// @param params Permit2 payment parameters (see Permit2Params struct)
    /// @param signature Permit2 signature bytes
    function receiveAndSplitPermit2(
        Permit2Params calldata params,
        bytes calldata signature
    ) external onlyRelayer validPaymentId(params.paymentId) {
        _validateInputs(params.amount, params.merchant, params.feeBps);

        // Mark payment as used BEFORE external calls (CEI pattern)
        usedPaymentIds[params.paymentId] = true;

        // Pull funds via Permit2
        _executePermit2Transfer(params, signature);

        // Split and distribute
        _splitAndDistributeToken(
            IERC20(params.token),
            params.from,
            params.merchant,
            params.amount,
            params.feeBps,
            params.paymentId
        );
    }

    /// @dev Internal function to execute Permit2 transfer (reduces stack depth)
    function _executePermit2Transfer(Permit2Params calldata params, bytes calldata signature) internal {
        PERMIT2.permitTransferFrom(
            ISignatureTransfer.PermitTransferFrom({
                permitted: ISignatureTransfer.TokenPermissions({token: params.token, amount: params.amount}),
                nonce: params.nonce,
                deadline: params.deadline
            }),
            ISignatureTransfer.SignatureTransferDetails({to: address(this), requestedAmount: params.amount}),
            params.from,
            signature
        );
    }

    // ============ Internal Functions ============

    function _validateInputs(uint256 amount, address merchant, uint16 feeBps) internal pure {
        if (amount == 0) revert ZeroAmount();
        if (merchant == address(0)) revert ZeroAddress();
        if (feeBps > MAX_FEE_BPS) revert InvalidFeeBps();
    }

    function _splitAndDistributeToken(
        IERC20 token,
        address from,
        address merchant,
        uint256 amount,
        uint16 feeBps,
        bytes32 paymentId
    ) internal {
        // Calculate merchant amount (fee is implicit: amount - merchantAmount)
        uint256 merchantAmount = amount - ((amount * feeBps) / MAX_FEE_BPS);

        // Transfer fee to vault (amount - merchantAmount)
        token.safeTransfer(FEE_VAULT, amount - merchantAmount);

        // Transfer to merchant
        token.safeTransfer(merchant, merchantAmount);

        emit PaymentSplit(paymentId, from, merchant, address(token), amount, merchantAmount, feeBps);
    }

    // ============ View Functions ============

    /// @notice Check if a payment ID has been used
    /// @param paymentId The payment ID to check
    /// @return True if the payment ID has already been used
    function isPaymentUsed(bytes32 paymentId) external view returns (bool) {
        return usedPaymentIds[paymentId];
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)

pragma solidity >=0.4.16;

/**
 * @dev Interface of the ERC-20 standard as defined in the ERC.
 */
interface IERC20 {
    /**
     * @dev Emitted when `value` tokens are moved from one account (`from`) to
     * another (`to`).
     *
     * Note that `value` may be zero.
     */
    event Transfer(address indexed from, address indexed to, uint256 value);

    /**
     * @dev Emitted when the allowance of a `spender` for an `owner` is set by
     * a call to {approve}. `value` is the new allowance.
     */
    event Approval(address indexed owner, address indexed spender, uint256 value);

    /**
     * @dev Returns the value of tokens in existence.
     */
    function totalSupply() external view returns (uint256);

    /**
     * @dev Returns the value of tokens owned by `account`.
     */
    function balanceOf(address account) external view returns (uint256);

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transfer(address to, uint256 value) external returns (bool);

    /**
     * @dev Returns the remaining number of tokens that `spender` will be
     * allowed to spend on behalf of `owner` through {transferFrom}. This is
     * zero by default.
     *
     * This value changes when {approve} or {transferFrom} are called.
     */
    function allowance(address owner, address spender) external view returns (uint256);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * IMPORTANT: Beware that changing an allowance with this method brings the risk
     * that someone may use both the old and the new allowance by unfortunate
     * transaction ordering. One possible solution to mitigate this race
     * condition is to first reduce the spender's allowance to 0 and set the
     * desired value afterwards:
     * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
     *
     * Emits an {Approval} event.
     */
    function approve(address spender, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the
     * allowance mechanism. `value` is then deducted from the caller's
     * allowance.
     *
     * Returns a boolean value indicating whether the operation succeeded.
     *
     * Emits a {Transfer} event.
     */
    function transferFrom(address from, address to, uint256 value) external returns (bool);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.5.0) (token/ERC20/utils/SafeERC20.sol)

pragma solidity ^0.8.20;

import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";

/**
 * @title SafeERC20
 * @dev Wrappers around ERC-20 operations that throw on failure (when the token
 * contract returns false). Tokens that return no value (and instead revert or
 * throw on failure) are also supported, non-reverting calls are assumed to be
 * successful.
 * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
 * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
 */
library SafeERC20 {
    /**
     * @dev An operation with an ERC-20 token failed.
     */
    error SafeERC20FailedOperation(address token);

    /**
     * @dev Indicates a failed `decreaseAllowance` request.
     */
    error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);

    /**
     * @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     */
    function safeTransfer(IERC20 token, address to, uint256 value) internal {
        if (!_safeTransfer(token, to, value, true)) {
            revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
     * calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
     */
    function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
        if (!_safeTransferFrom(token, from, to, value, true)) {
            revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
     */
    function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
        return _safeTransfer(token, to, value, false);
    }

    /**
     * @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
     */
    function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
        return _safeTransferFrom(token, from, to, value, false);
    }

    /**
     * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful.
     *
     * IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
     * smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
     * this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
     * that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
     */
    function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
        uint256 oldAllowance = token.allowance(address(this), spender);
        forceApprove(token, spender, oldAllowance + value);
    }

    /**
     * @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
     * value, non-reverting calls are assumed to be successful.
     *
     * IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
     * smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
     * this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
     * that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
     */
    function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
        unchecked {
            uint256 currentAllowance = token.allowance(address(this), spender);
            if (currentAllowance < requestedDecrease) {
                revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
            }
            forceApprove(token, spender, currentAllowance - requestedDecrease);
        }
    }

    /**
     * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
     * non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
     * to be set to zero before setting it to a non-zero value, such as USDT.
     *
     * NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
     * only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
     * set here.
     */
    function forceApprove(IERC20 token, address spender, uint256 value) internal {
        if (!_safeApprove(token, spender, value, false)) {
            if (!_safeApprove(token, spender, 0, true)) revert SafeERC20FailedOperation(address(token));
            if (!_safeApprove(token, spender, value, true)) revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
     * code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
     * targeting contracts.
     *
     * Reverts if the returned value is other than `true`.
     */
    function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
        if (to.code.length == 0) {
            safeTransfer(token, to, value);
        } else if (!token.transferAndCall(to, value, data)) {
            revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
     * has no code. This can be used to implement an {ERC721}-like safe transfer that relies on {ERC1363} checks when
     * targeting contracts.
     *
     * Reverts if the returned value is other than `true`.
     */
    function transferFromAndCallRelaxed(
        IERC1363 token,
        address from,
        address to,
        uint256 value,
        bytes memory data
    ) internal {
        if (to.code.length == 0) {
            safeTransferFrom(token, from, to, value);
        } else if (!token.transferFromAndCall(from, to, value, data)) {
            revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
     * code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
     * targeting contracts.
     *
     * NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
     * Oppositely, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
     * once without retrying, and relies on the returned value to be true.
     *
     * Reverts if the returned value is other than `true`.
     */
    function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
        if (to.code.length == 0) {
            forceApprove(token, to, value);
        } else if (!token.approveAndCall(to, value, data)) {
            revert SafeERC20FailedOperation(address(token));
        }
    }

    /**
     * @dev Imitates a Solidity `token.transfer(to, value)` call, relaxing the requirement on the return value: the
     * return value is optional (but if data is returned, it must not be false).
     *
     * @param token The token targeted by the call.
     * @param to The recipient of the tokens
     * @param value The amount of token to transfer
     * @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
     */
    function _safeTransfer(IERC20 token, address to, uint256 value, bool bubble) private returns (bool success) {
        bytes4 selector = IERC20.transfer.selector;

        assembly ("memory-safe") {
            let fmp := mload(0x40)
            mstore(0x00, selector)
            mstore(0x04, and(to, shr(96, not(0))))
            mstore(0x24, value)
            success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
            // if call success and return is true, all is good.
            // otherwise (not success or return is not true), we need to perform further checks
            if iszero(and(success, eq(mload(0x00), 1))) {
                // if the call was a failure and bubble is enabled, bubble the error
                if and(iszero(success), bubble) {
                    returndatacopy(fmp, 0x00, returndatasize())
                    revert(fmp, returndatasize())
                }
                // if the return value is not true, then the call is only successful if:
                // - the token address has code
                // - the returndata is empty
                success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
            }
            mstore(0x40, fmp)
        }
    }

    /**
     * @dev Imitates a Solidity `token.transferFrom(from, to, value)` call, relaxing the requirement on the return
     * value: the return value is optional (but if data is returned, it must not be false).
     *
     * @param token The token targeted by the call.
     * @param from The sender of the tokens
     * @param to The recipient of the tokens
     * @param value The amount of token to transfer
     * @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
     */
    function _safeTransferFrom(
        IERC20 token,
        address from,
        address to,
        uint256 value,
        bool bubble
    ) private returns (bool success) {
        bytes4 selector = IERC20.transferFrom.selector;

        assembly ("memory-safe") {
            let fmp := mload(0x40)
            mstore(0x00, selector)
            mstore(0x04, and(from, shr(96, not(0))))
            mstore(0x24, and(to, shr(96, not(0))))
            mstore(0x44, value)
            success := call(gas(), token, 0, 0x00, 0x64, 0x00, 0x20)
            // if call success and return is true, all is good.
            // otherwise (not success or return is not true), we need to perform further checks
            if iszero(and(success, eq(mload(0x00), 1))) {
                // if the call was a failure and bubble is enabled, bubble the error
                if and(iszero(success), bubble) {
                    returndatacopy(fmp, 0x00, returndatasize())
                    revert(fmp, returndatasize())
                }
                // if the return value is not true, then the call is only successful if:
                // - the token address has code
                // - the returndata is empty
                success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
            }
            mstore(0x40, fmp)
            mstore(0x60, 0)
        }
    }

    /**
     * @dev Imitates a Solidity `token.approve(spender, value)` call, relaxing the requirement on the return value:
     * the return value is optional (but if data is returned, it must not be false).
     *
     * @param token The token targeted by the call.
     * @param spender The spender of the tokens
     * @param value The amount of token to transfer
     * @param bubble Behavior switch if the transfer call reverts: bubble the revert reason or return a false boolean.
     */
    function _safeApprove(IERC20 token, address spender, uint256 value, bool bubble) private returns (bool success) {
        bytes4 selector = IERC20.approve.selector;

        assembly ("memory-safe") {
            let fmp := mload(0x40)
            mstore(0x00, selector)
            mstore(0x04, and(spender, shr(96, not(0))))
            mstore(0x24, value)
            success := call(gas(), token, 0, 0x00, 0x44, 0x00, 0x20)
            // if call success and return is true, all is good.
            // otherwise (not success or return is not true), we need to perform further checks
            if iszero(and(success, eq(mload(0x00), 1))) {
                // if the call was a failure and bubble is enabled, bubble the error
                if and(iszero(success), bubble) {
                    returndatacopy(fmp, 0x00, returndatasize())
                    revert(fmp, returndatasize())
                }
                // if the return value is not true, then the call is only successful if:
                // - the token address has code
                // - the returndata is empty
                success := and(success, and(iszero(returndatasize()), gt(extcodesize(token), 0)))
            }
            mstore(0x40, fmp)
        }
    }
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.28;

/// @title IERC3009
/// @notice Interface for ERC-3009: Transfer With Authorization
interface IERC3009 {
    /// @notice Execute a transfer with a signed authorization
    /// @param from Payer's address (authorizer)
    /// @param to Payee's address
    /// @param value Amount to be transferred
    /// @param validAfter Timestamp after which the authorization is valid
    /// @param validBefore Timestamp before which the authorization is valid
    /// @param nonce Unique nonce for the authorization
    /// @param v ECDSA signature v component
    /// @param r ECDSA signature r component
    /// @param s ECDSA signature s component
    function transferWithAuthorization(
        address from,
        address to,
        uint256 value,
        uint256 validAfter,
        uint256 validBefore,
        bytes32 nonce,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) external;

    /// @notice Receive a transfer with a signed authorization from the payer
    /// @dev This has an additional check that the caller must be the payee
    /// @param from Payer's address (authorizer)
    /// @param to Payee's address (must be caller)
    /// @param value Amount to be transferred
    /// @param validAfter Timestamp after which the authorization is valid
    /// @param validBefore Timestamp before which the authorization is valid
    /// @param nonce Unique nonce for the authorization
    /// @param v ECDSA signature v component
    /// @param r ECDSA signature r component
    /// @param s ECDSA signature s component
    function receiveWithAuthorization(
        address from,
        address to,
        uint256 value,
        uint256 validAfter,
        uint256 validBefore,
        bytes32 nonce,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) external;

    /// @notice Receive a transfer with a signed authorization from the payer
    /// @dev Signature bytes version for flexibility (EIP-2098 compact sigs)
    /// @param from Payer's address (authorizer)
    /// @param to Payee's address (must be caller)
    /// @param value Amount to be transferred
    /// @param validAfter Timestamp after which the authorization is valid
    /// @param validBefore Timestamp before which the authorization is valid
    /// @param nonce Unique nonce for the authorization
    /// @param signature Signature bytes (65 bytes for standard, 64 for EIP-2098)
    function receiveWithAuthorization(
        address from,
        address to,
        uint256 value,
        uint256 validAfter,
        uint256 validBefore,
        bytes32 nonce,
        bytes calldata signature
    ) external;
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.28;

/// @title ISignatureTransfer
/// @notice Interface for Uniswap Permit2 SignatureTransfer functionality
/// @dev Minimal interface for what HybridFeeSplitter needs
interface ISignatureTransfer {
    /// @notice The token and amount details for a transfer
    struct TokenPermissions {
        /// @dev Token to transfer
        address token;
        /// @dev Maximum amount to transfer
        uint256 amount;
    }

    /// @notice The signed permit message for a single token transfer
    struct PermitTransferFrom {
        TokenPermissions permitted;
        /// @dev Unique nonce for the permit
        uint256 nonce;
        /// @dev Deadline after which the permit is no longer valid
        uint256 deadline;
    }

    /// @notice Transfer details for permitTransferFrom
    struct SignatureTransferDetails {
        /// @dev Recipient of the tokens
        address to;
        /// @dev Amount to transfer (must be <= permitted amount)
        uint256 requestedAmount;
    }

    /// @notice Transfers a token using a signed permit message
    /// @param permit The permit data signed over by the owner
    /// @param transferDetails The spender's requested transfer details for the permitted token
    /// @param owner The owner of the tokens to transfer
    /// @param signature The signature over the permit data
    function permitTransferFrom(
        PermitTransferFrom memory permit,
        SignatureTransferDetails calldata transferDetails,
        address owner,
        bytes calldata signature
    ) external;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1363.sol)

pragma solidity >=0.6.2;

import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";

/**
 * @title IERC1363
 * @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
 *
 * Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
 * after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
 */
interface IERC1363 is IERC20, IERC165 {
    /*
     * Note: the ERC-165 identifier for this interface is 0xb0202a11.
     * 0xb0202a11 ===
     *   bytes4(keccak256('transferAndCall(address,uint256)')) ^
     *   bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
     *   bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
     *   bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
     *   bytes4(keccak256('approveAndCall(address,uint256)')) ^
     *   bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
     */

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferAndCall(address to, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @param data Additional data with no specified format, sent in call to `to`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param from The address which you want to send tokens from.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferFromAndCall(address from, address to, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param from The address which you want to send tokens from.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @param data Additional data with no specified format, sent in call to `to`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
     * @param spender The address which will spend the funds.
     * @param value The amount of tokens to be spent.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function approveAndCall(address spender, uint256 value) external returns (bool);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
     * @param spender The address which will spend the funds.
     * @param value The amount of tokens to be spent.
     * @param data Additional data with no specified format, sent in call to `spender`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC20.sol)

pragma solidity >=0.4.16;

import {IERC20} from "../token/ERC20/IERC20.sol";

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC165.sol)

pragma solidity >=0.4.16;

import {IERC165} from "../utils/introspection/IERC165.sol";

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)

pragma solidity >=0.4.16;

/**
 * @dev Interface of the ERC-165 standard, as defined in the
 * https://eips.ethereum.org/EIPS/eip-165[ERC].
 *
 * Implementers can declare support of contract interfaces, which can then be
 * queried by others ({ERC165Checker}).
 *
 * For an implementation, see {ERC165}.
 */
interface IERC165 {
    /**
     * @dev Returns true if this contract implements the interface defined by
     * `interfaceId`. See the corresponding
     * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
     * to learn more about how these ids are created.
     *
     * This function call must use less than 30 000 gas.
     */
    function supportsInterface(bytes4 interfaceId) external view returns (bool);
}