Cryo Explorer Ethereum Mainnet

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/AccessControl.sol)

pragma solidity ^0.8.0;

import "./IAccessControl.sol";
import "../utils/Context.sol";
import "../utils/Strings.sol";
import "../utils/introspection/ERC165.sol";

/**
 * @dev Contract module that allows children to implement role-based access
 * control mechanisms. This is a lightweight version that doesn't allow enumerating role
 * members except through off-chain means by accessing the contract event logs. Some
 * applications may benefit from on-chain enumerability, for those cases see
 * {AccessControlEnumerable}.
 *
 * Roles are referred to by their `bytes32` identifier. These should be exposed
 * in the external API and be unique. The best way to achieve this is by
 * using `public constant` hash digests:
 *
 * ```solidity
 * bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
 * ```
 *
 * Roles can be used to represent a set of permissions. To restrict access to a
 * function call, use {hasRole}:
 *
 * ```solidity
 * function foo() public {
 *     require(hasRole(MY_ROLE, msg.sender));
 *     ...
 * }
 * ```
 *
 * Roles can be granted and revoked dynamically via the {grantRole} and
 * {revokeRole} functions. Each role has an associated admin role, and only
 * accounts that have a role's admin role can call {grantRole} and {revokeRole}.
 *
 * By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
 * that only accounts with this role will be able to grant or revoke other
 * roles. More complex role relationships can be created by using
 * {_setRoleAdmin}.
 *
 * WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
 * grant and revoke this role. Extra precautions should be taken to secure
 * accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
 * to enforce additional security measures for this role.
 */
abstract contract AccessControl is Context, IAccessControl, ERC165 {
    struct RoleData {
        mapping(address => bool) members;
        bytes32 adminRole;
    }

    mapping(bytes32 => RoleData) private _roles;

    bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;

    /**
     * @dev Modifier that checks that an account has a specific role. Reverts
     * with a standardized message including the required role.
     *
     * The format of the revert reason is given by the following regular expression:
     *
     *  /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
     *
     * _Available since v4.1._
     */
    modifier onlyRole(bytes32 role) {
        _checkRole(role);
        _;
    }

    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
    }

    /**
     * @dev Returns `true` if `account` has been granted `role`.
     */
    function hasRole(bytes32 role, address account) public view virtual override returns (bool) {
        return _roles[role].members[account];
    }

    /**
     * @dev Revert with a standard message if `_msgSender()` is missing `role`.
     * Overriding this function changes the behavior of the {onlyRole} modifier.
     *
     * Format of the revert message is described in {_checkRole}.
     *
     * _Available since v4.6._
     */
    function _checkRole(bytes32 role) internal view virtual {
        _checkRole(role, _msgSender());
    }

    /**
     * @dev Revert with a standard message if `account` is missing `role`.
     *
     * The format of the revert reason is given by the following regular expression:
     *
     *  /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
     */
    function _checkRole(bytes32 role, address account) internal view virtual {
        if (!hasRole(role, account)) {
            revert(
                string(
                    abi.encodePacked(
                        "AccessControl: account ",
                        Strings.toHexString(account),
                        " is missing role ",
                        Strings.toHexString(uint256(role), 32)
                    )
                )
            );
        }
    }

    /**
     * @dev Returns the admin role that controls `role`. See {grantRole} and
     * {revokeRole}.
     *
     * To change a role's admin, use {_setRoleAdmin}.
     */
    function getRoleAdmin(bytes32 role) public view virtual override returns (bytes32) {
        return _roles[role].adminRole;
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleGranted} event.
     */
    function grantRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
        _grantRole(role, account);
    }

    /**
     * @dev Revokes `role` from `account`.
     *
     * If `account` had been granted `role`, emits a {RoleRevoked} event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleRevoked} event.
     */
    function revokeRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
        _revokeRole(role, account);
    }

    /**
     * @dev Revokes `role` from the calling account.
     *
     * Roles are often managed via {grantRole} and {revokeRole}: this function's
     * purpose is to provide a mechanism for accounts to lose their privileges
     * if they are compromised (such as when a trusted device is misplaced).
     *
     * If the calling account had been revoked `role`, emits a {RoleRevoked}
     * event.
     *
     * Requirements:
     *
     * - the caller must be `account`.
     *
     * May emit a {RoleRevoked} event.
     */
    function renounceRole(bytes32 role, address account) public virtual override {
        require(account == _msgSender(), "AccessControl: can only renounce roles for self");

        _revokeRole(role, account);
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event. Note that unlike {grantRole}, this function doesn't perform any
     * checks on the calling account.
     *
     * May emit a {RoleGranted} event.
     *
     * [WARNING]
     * ====
     * This function should only be called from the constructor when setting
     * up the initial roles for the system.
     *
     * Using this function in any other way is effectively circumventing the admin
     * system imposed by {AccessControl}.
     * ====
     *
     * NOTE: This function is deprecated in favor of {_grantRole}.
     */
    function _setupRole(bytes32 role, address account) internal virtual {
        _grantRole(role, account);
    }

    /**
     * @dev Sets `adminRole` as ``role``'s admin role.
     *
     * Emits a {RoleAdminChanged} event.
     */
    function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
        bytes32 previousAdminRole = getRoleAdmin(role);
        _roles[role].adminRole = adminRole;
        emit RoleAdminChanged(role, previousAdminRole, adminRole);
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleGranted} event.
     */
    function _grantRole(bytes32 role, address account) internal virtual {
        if (!hasRole(role, account)) {
            _roles[role].members[account] = true;
            emit RoleGranted(role, account, _msgSender());
        }
    }

    /**
     * @dev Revokes `role` from `account`.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleRevoked} event.
     */
    function _revokeRole(bytes32 role, address account) internal virtual {
        if (hasRole(role, account)) {
            _roles[role].members[account] = false;
            emit RoleRevoked(role, account, _msgSender());
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (access/IAccessControl.sol)

pragma solidity ^0.8.0;

/**
 * @dev External interface of AccessControl declared to support ERC165 detection.
 */
interface IAccessControl {
    /**
     * @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
     *
     * `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
     * {RoleAdminChanged} not being emitted signaling this.
     *
     * _Available since v3.1._
     */
    event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);

    /**
     * @dev Emitted when `account` is granted `role`.
     *
     * `sender` is the account that originated the contract call, an admin role
     * bearer except when using {AccessControl-_setupRole}.
     */
    event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);

    /**
     * @dev Emitted when `account` is revoked `role`.
     *
     * `sender` is the account that originated the contract call:
     *   - if using `revokeRole`, it is the admin role bearer
     *   - if using `renounceRole`, it is the role bearer (i.e. `account`)
     */
    event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);

    /**
     * @dev Returns `true` if `account` has been granted `role`.
     */
    function hasRole(bytes32 role, address account) external view returns (bool);

    /**
     * @dev Returns the admin role that controls `role`. See {grantRole} and
     * {revokeRole}.
     *
     * To change a role's admin, use {AccessControl-_setRoleAdmin}.
     */
    function getRoleAdmin(bytes32 role) external view returns (bytes32);

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     */
    function grantRole(bytes32 role, address account) external;

    /**
     * @dev Revokes `role` from `account`.
     *
     * If `account` had been granted `role`, emits a {RoleRevoked} event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     */
    function revokeRole(bytes32 role, address account) external;

    /**
     * @dev Revokes `role` from the calling account.
     *
     * Roles are often managed via {grantRole} and {revokeRole}: this function's
     * purpose is to provide a mechanism for accounts to lose their privileges
     * if they are compromised (such as when a trusted device is misplaced).
     *
     * If the calling account had been granted `role`, emits a {RoleRevoked}
     * event.
     *
     * Requirements:
     *
     * - the caller must be `account`.
     */
    function renounceRole(bytes32 role, address account) external;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (access/Ownable.sol)

pragma solidity ^0.8.0;

import "../utils/Context.sol";

/**
 * @dev Contract module which provides a basic access control mechanism, where
 * there is an account (an owner) that can be granted exclusive access to
 * specific functions.
 *
 * By default, the owner account will be the one that deploys the contract. This
 * can later be changed with {transferOwnership}.
 *
 * This module is used through inheritance. It will make available the modifier
 * `onlyOwner`, which can be applied to your functions to restrict their use to
 * the owner.
 */
abstract contract Ownable is Context {
    address private _owner;

    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);

    /**
     * @dev Initializes the contract setting the deployer as the initial owner.
     */
    constructor() {
        _transferOwnership(_msgSender());
    }

    /**
     * @dev Throws if called by any account other than the owner.
     */
    modifier onlyOwner() {
        _checkOwner();
        _;
    }

    /**
     * @dev Returns the address of the current owner.
     */
    function owner() public view virtual returns (address) {
        return _owner;
    }

    /**
     * @dev Throws if the sender is not the owner.
     */
    function _checkOwner() internal view virtual {
        require(owner() == _msgSender(), "Ownable: caller is not the owner");
    }

    /**
     * @dev Leaves the contract without owner. It will not be possible to call
     * `onlyOwner` functions. Can only be called by the current owner.
     *
     * NOTE: Renouncing ownership will leave the contract without an owner,
     * thereby disabling any functionality that is only available to the owner.
     */
    function renounceOwnership() public virtual onlyOwner {
        _transferOwnership(address(0));
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Can only be called by the current owner.
     */
    function transferOwnership(address newOwner) public virtual onlyOwner {
        require(newOwner != address(0), "Ownable: new owner is the zero address");
        _transferOwnership(newOwner);
    }

    /**
     * @dev Transfers ownership of the contract to a new account (`newOwner`).
     * Internal function without access restriction.
     */
    function _transferOwnership(address newOwner) internal virtual {
        address oldOwner = _owner;
        _owner = newOwner;
        emit OwnershipTransferred(oldOwner, newOwner);
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.4) (utils/Context.sol)

pragma solidity ^0.8.0;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }

    function _contextSuffixLength() internal view virtual returns (uint256) {
        return 0;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/cryptography/ECDSA.sol)

pragma solidity ^0.8.0;

import "../Strings.sol";

/**
 * @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
 *
 * These functions can be used to verify that a message was signed by the holder
 * of the private keys of a given address.
 */
library ECDSA {
    enum RecoverError {
        NoError,
        InvalidSignature,
        InvalidSignatureLength,
        InvalidSignatureS,
        InvalidSignatureV // Deprecated in v4.8
    }

    function _throwError(RecoverError error) private pure {
        if (error == RecoverError.NoError) {
            return; // no error: do nothing
        } else if (error == RecoverError.InvalidSignature) {
            revert("ECDSA: invalid signature");
        } else if (error == RecoverError.InvalidSignatureLength) {
            revert("ECDSA: invalid signature length");
        } else if (error == RecoverError.InvalidSignatureS) {
            revert("ECDSA: invalid signature 's' value");
        }
    }

    /**
     * @dev Returns the address that signed a hashed message (`hash`) with
     * `signature` or error string. This address can then be used for verification purposes.
     *
     * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
     * this function rejects them by requiring the `s` value to be in the lower
     * half order, and the `v` value to be either 27 or 28.
     *
     * IMPORTANT: `hash` _must_ be the result of a hash operation for the
     * verification to be secure: it is possible to craft signatures that
     * recover to arbitrary addresses for non-hashed data. A safe way to ensure
     * this is by receiving a hash of the original message (which may otherwise
     * be too long), and then calling {toEthSignedMessageHash} on it.
     *
     * Documentation for signature generation:
     * - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
     * - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
     *
     * _Available since v4.3._
     */
    function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
        if (signature.length == 65) {
            bytes32 r;
            bytes32 s;
            uint8 v;
            // ecrecover takes the signature parameters, and the only way to get them
            // currently is to use assembly.
            /// @solidity memory-safe-assembly
            assembly {
                r := mload(add(signature, 0x20))
                s := mload(add(signature, 0x40))
                v := byte(0, mload(add(signature, 0x60)))
            }
            return tryRecover(hash, v, r, s);
        } else {
            return (address(0), RecoverError.InvalidSignatureLength);
        }
    }

    /**
     * @dev Returns the address that signed a hashed message (`hash`) with
     * `signature`. This address can then be used for verification purposes.
     *
     * The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
     * this function rejects them by requiring the `s` value to be in the lower
     * half order, and the `v` value to be either 27 or 28.
     *
     * IMPORTANT: `hash` _must_ be the result of a hash operation for the
     * verification to be secure: it is possible to craft signatures that
     * recover to arbitrary addresses for non-hashed data. A safe way to ensure
     * this is by receiving a hash of the original message (which may otherwise
     * be too long), and then calling {toEthSignedMessageHash} on it.
     */
    function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
        (address recovered, RecoverError error) = tryRecover(hash, signature);
        _throwError(error);
        return recovered;
    }

    /**
     * @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
     *
     * See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
     *
     * _Available since v4.3._
     */
    function tryRecover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address, RecoverError) {
        bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
        uint8 v = uint8((uint256(vs) >> 255) + 27);
        return tryRecover(hash, v, r, s);
    }

    /**
     * @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
     *
     * _Available since v4.2._
     */
    function recover(bytes32 hash, bytes32 r, bytes32 vs) internal pure returns (address) {
        (address recovered, RecoverError error) = tryRecover(hash, r, vs);
        _throwError(error);
        return recovered;
    }

    /**
     * @dev Overload of {ECDSA-tryRecover} that receives the `v`,
     * `r` and `s` signature fields separately.
     *
     * _Available since v4.3._
     */
    function tryRecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address, RecoverError) {
        // EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
        // unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
        // the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
        // signatures from current libraries generate a unique signature with an s-value in the lower half order.
        //
        // If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
        // with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
        // vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
        // these malleable signatures as well.
        if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
            return (address(0), RecoverError.InvalidSignatureS);
        }

        // If the signature is valid (and not malleable), return the signer address
        address signer = ecrecover(hash, v, r, s);
        if (signer == address(0)) {
            return (address(0), RecoverError.InvalidSignature);
        }

        return (signer, RecoverError.NoError);
    }

    /**
     * @dev Overload of {ECDSA-recover} that receives the `v`,
     * `r` and `s` signature fields separately.
     */
    function recover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) internal pure returns (address) {
        (address recovered, RecoverError error) = tryRecover(hash, v, r, s);
        _throwError(error);
        return recovered;
    }

    /**
     * @dev Returns an Ethereum Signed Message, created from a `hash`. This
     * produces hash corresponding to the one signed with the
     * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
     * JSON-RPC method as part of EIP-191.
     *
     * See {recover}.
     */
    function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32 message) {
        // 32 is the length in bytes of hash,
        // enforced by the type signature above
        /// @solidity memory-safe-assembly
        assembly {
            mstore(0x00, "\x19Ethereum Signed Message:\n32")
            mstore(0x1c, hash)
            message := keccak256(0x00, 0x3c)
        }
    }

    /**
     * @dev Returns an Ethereum Signed Message, created from `s`. This
     * produces hash corresponding to the one signed with the
     * https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
     * JSON-RPC method as part of EIP-191.
     *
     * See {recover}.
     */
    function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
        return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
    }

    /**
     * @dev Returns an Ethereum Signed Typed Data, created from a
     * `domainSeparator` and a `structHash`. This produces hash corresponding
     * to the one signed with the
     * https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
     * JSON-RPC method as part of EIP-712.
     *
     * See {recover}.
     */
    function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32 data) {
        /// @solidity memory-safe-assembly
        assembly {
            let ptr := mload(0x40)
            mstore(ptr, "\x19\x01")
            mstore(add(ptr, 0x02), domainSeparator)
            mstore(add(ptr, 0x22), structHash)
            data := keccak256(ptr, 0x42)
        }
    }

    /**
     * @dev Returns an Ethereum Signed Data with intended validator, created from a
     * `validator` and `data` according to the version 0 of EIP-191.
     *
     * See {recover}.
     */
    function toDataWithIntendedValidatorHash(address validator, bytes memory data) internal pure returns (bytes32) {
        return keccak256(abi.encodePacked("\x19\x00", validator, data));
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)

pragma solidity ^0.8.0;

import "./IERC165.sol";

/**
 * @dev Implementation of the {IERC165} interface.
 *
 * Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
 * for the additional interface id that will be supported. For example:
 *
 * ```solidity
 * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
 *     return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
 * }
 * ```
 *
 * Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
 */
abstract contract ERC165 is IERC165 {
    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IERC165).interfaceId;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)

pragma solidity ^0.8.0;

/**
 * @dev Interface of the ERC165 standard, as defined in the
 * https://eips.ethereum.org/EIPS/eip-165[EIP].
 *
 * Implementers can declare support of contract interfaces, which can then be
 * queried by others ({ERC165Checker}).
 *
 * For an implementation, see {ERC165}.
 */
interface IERC165 {
    /**
     * @dev Returns true if this contract implements the interface defined by
     * `interfaceId`. See the corresponding
     * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
     * to learn more about how these ids are created.
     *
     * This function call must use less than 30 000 gas.
     */
    function supportsInterface(bytes4 interfaceId) external view returns (bool);
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/math/Math.sol)

pragma solidity ^0.8.0;

/**
 * @dev Standard math utilities missing in the Solidity language.
 */
library Math {
    enum Rounding {
        Down, // Toward negative infinity
        Up, // Toward infinity
        Zero // Toward zero
    }

    /**
     * @dev Returns the largest of two numbers.
     */
    function max(uint256 a, uint256 b) internal pure returns (uint256) {
        return a > b ? a : b;
    }

    /**
     * @dev Returns the smallest of two numbers.
     */
    function min(uint256 a, uint256 b) internal pure returns (uint256) {
        return a < b ? a : b;
    }

    /**
     * @dev Returns the average of two numbers. The result is rounded towards
     * zero.
     */
    function average(uint256 a, uint256 b) internal pure returns (uint256) {
        // (a + b) / 2 can overflow.
        return (a & b) + (a ^ b) / 2;
    }

    /**
     * @dev Returns the ceiling of the division of two numbers.
     *
     * This differs from standard division with `/` in that it rounds up instead
     * of rounding down.
     */
    function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
        // (a + b - 1) / b can overflow on addition, so we distribute.
        return a == 0 ? 0 : (a - 1) / b + 1;
    }

    /**
     * @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
     * @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
     * with further edits by Uniswap Labs also under MIT license.
     */
    function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
        unchecked {
            // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
            // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
            // variables such that product = prod1 * 2^256 + prod0.
            uint256 prod0; // Least significant 256 bits of the product
            uint256 prod1; // Most significant 256 bits of the product
            assembly {
                let mm := mulmod(x, y, not(0))
                prod0 := mul(x, y)
                prod1 := sub(sub(mm, prod0), lt(mm, prod0))
            }

            // Handle non-overflow cases, 256 by 256 division.
            if (prod1 == 0) {
                // Solidity will revert if denominator == 0, unlike the div opcode on its own.
                // The surrounding unchecked block does not change this fact.
                // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
                return prod0 / denominator;
            }

            // Make sure the result is less than 2^256. Also prevents denominator == 0.
            require(denominator > prod1, "Math: mulDiv overflow");

            ///////////////////////////////////////////////
            // 512 by 256 division.
            ///////////////////////////////////////////////

            // Make division exact by subtracting the remainder from [prod1 prod0].
            uint256 remainder;
            assembly {
                // Compute remainder using mulmod.
                remainder := mulmod(x, y, denominator)

                // Subtract 256 bit number from 512 bit number.
                prod1 := sub(prod1, gt(remainder, prod0))
                prod0 := sub(prod0, remainder)
            }

            // Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
            // See https://cs.stackexchange.com/q/138556/92363.

            // Does not overflow because the denominator cannot be zero at this stage in the function.
            uint256 twos = denominator & (~denominator + 1);
            assembly {
                // Divide denominator by twos.
                denominator := div(denominator, twos)

                // Divide [prod1 prod0] by twos.
                prod0 := div(prod0, twos)

                // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
                twos := add(div(sub(0, twos), twos), 1)
            }

            // Shift in bits from prod1 into prod0.
            prod0 |= prod1 * twos;

            // Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
            // that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
            // four bits. That is, denominator * inv = 1 mod 2^4.
            uint256 inverse = (3 * denominator) ^ 2;

            // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
            // in modular arithmetic, doubling the correct bits in each step.
            inverse *= 2 - denominator * inverse; // inverse mod 2^8
            inverse *= 2 - denominator * inverse; // inverse mod 2^16
            inverse *= 2 - denominator * inverse; // inverse mod 2^32
            inverse *= 2 - denominator * inverse; // inverse mod 2^64
            inverse *= 2 - denominator * inverse; // inverse mod 2^128
            inverse *= 2 - denominator * inverse; // inverse mod 2^256

            // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
            // This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
            // less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
            // is no longer required.
            result = prod0 * inverse;
            return result;
        }
    }

    /**
     * @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
     */
    function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
        uint256 result = mulDiv(x, y, denominator);
        if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
            result += 1;
        }
        return result;
    }

    /**
     * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
     *
     * Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
     */
    function sqrt(uint256 a) internal pure returns (uint256) {
        if (a == 0) {
            return 0;
        }

        // For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
        //
        // We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
        // `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
        //
        // This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
        // → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
        // → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
        //
        // Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
        uint256 result = 1 << (log2(a) >> 1);

        // At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
        // since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
        // every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
        // into the expected uint128 result.
        unchecked {
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            result = (result + a / result) >> 1;
            return min(result, a / result);
        }
    }

    /**
     * @notice Calculates sqrt(a), following the selected rounding direction.
     */
    function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
        unchecked {
            uint256 result = sqrt(a);
            return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
        }
    }

    /**
     * @dev Return the log in base 2, rounded down, of a positive value.
     * Returns 0 if given 0.
     */
    function log2(uint256 value) internal pure returns (uint256) {
        uint256 result = 0;
        unchecked {
            if (value >> 128 > 0) {
                value >>= 128;
                result += 128;
            }
            if (value >> 64 > 0) {
                value >>= 64;
                result += 64;
            }
            if (value >> 32 > 0) {
                value >>= 32;
                result += 32;
            }
            if (value >> 16 > 0) {
                value >>= 16;
                result += 16;
            }
            if (value >> 8 > 0) {
                value >>= 8;
                result += 8;
            }
            if (value >> 4 > 0) {
                value >>= 4;
                result += 4;
            }
            if (value >> 2 > 0) {
                value >>= 2;
                result += 2;
            }
            if (value >> 1 > 0) {
                result += 1;
            }
        }
        return result;
    }

    /**
     * @dev Return the log in base 2, following the selected rounding direction, of a positive value.
     * Returns 0 if given 0.
     */
    function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
        unchecked {
            uint256 result = log2(value);
            return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
        }
    }

    /**
     * @dev Return the log in base 10, rounded down, of a positive value.
     * Returns 0 if given 0.
     */
    function log10(uint256 value) internal pure returns (uint256) {
        uint256 result = 0;
        unchecked {
            if (value >= 10 ** 64) {
                value /= 10 ** 64;
                result += 64;
            }
            if (value >= 10 ** 32) {
                value /= 10 ** 32;
                result += 32;
            }
            if (value >= 10 ** 16) {
                value /= 10 ** 16;
                result += 16;
            }
            if (value >= 10 ** 8) {
                value /= 10 ** 8;
                result += 8;
            }
            if (value >= 10 ** 4) {
                value /= 10 ** 4;
                result += 4;
            }
            if (value >= 10 ** 2) {
                value /= 10 ** 2;
                result += 2;
            }
            if (value >= 10 ** 1) {
                result += 1;
            }
        }
        return result;
    }

    /**
     * @dev Return the log in base 10, following the selected rounding direction, of a positive value.
     * Returns 0 if given 0.
     */
    function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
        unchecked {
            uint256 result = log10(value);
            return result + (rounding == Rounding.Up && 10 ** result < value ? 1 : 0);
        }
    }

    /**
     * @dev Return the log in base 256, rounded down, of a positive value.
     * Returns 0 if given 0.
     *
     * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
     */
    function log256(uint256 value) internal pure returns (uint256) {
        uint256 result = 0;
        unchecked {
            if (value >> 128 > 0) {
                value >>= 128;
                result += 16;
            }
            if (value >> 64 > 0) {
                value >>= 64;
                result += 8;
            }
            if (value >> 32 > 0) {
                value >>= 32;
                result += 4;
            }
            if (value >> 16 > 0) {
                value >>= 16;
                result += 2;
            }
            if (value >> 8 > 0) {
                result += 1;
            }
        }
        return result;
    }

    /**
     * @dev Return the log in base 256, following the selected rounding direction, of a positive value.
     * Returns 0 if given 0.
     */
    function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
        unchecked {
            uint256 result = log256(value);
            return result + (rounding == Rounding.Up && 1 << (result << 3) < value ? 1 : 0);
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/SignedMath.sol)

pragma solidity ^0.8.0;

/**
 * @dev Standard signed math utilities missing in the Solidity language.
 */
library SignedMath {
    /**
     * @dev Returns the largest of two signed numbers.
     */
    function max(int256 a, int256 b) internal pure returns (int256) {
        return a > b ? a : b;
    }

    /**
     * @dev Returns the smallest of two signed numbers.
     */
    function min(int256 a, int256 b) internal pure returns (int256) {
        return a < b ? a : b;
    }

    /**
     * @dev Returns the average of two signed numbers without overflow.
     * The result is rounded towards zero.
     */
    function average(int256 a, int256 b) internal pure returns (int256) {
        // Formula from the book "Hacker's Delight"
        int256 x = (a & b) + ((a ^ b) >> 1);
        return x + (int256(uint256(x) >> 255) & (a ^ b));
    }

    /**
     * @dev Returns the absolute unsigned value of a signed value.
     */
    function abs(int256 n) internal pure returns (uint256) {
        unchecked {
            // must be unchecked in order to support `n = type(int256).min`
            return uint256(n >= 0 ? n : -n);
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.9.0) (utils/Strings.sol)

pragma solidity ^0.8.0;

import "./math/Math.sol";
import "./math/SignedMath.sol";

/**
 * @dev String operations.
 */
library Strings {
    bytes16 private constant _SYMBOLS = "0123456789abcdef";
    uint8 private constant _ADDRESS_LENGTH = 20;

    /**
     * @dev Converts a `uint256` to its ASCII `string` decimal representation.
     */
    function toString(uint256 value) internal pure returns (string memory) {
        unchecked {
            uint256 length = Math.log10(value) + 1;
            string memory buffer = new string(length);
            uint256 ptr;
            /// @solidity memory-safe-assembly
            assembly {
                ptr := add(buffer, add(32, length))
            }
            while (true) {
                ptr--;
                /// @solidity memory-safe-assembly
                assembly {
                    mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
                }
                value /= 10;
                if (value == 0) break;
            }
            return buffer;
        }
    }

    /**
     * @dev Converts a `int256` to its ASCII `string` decimal representation.
     */
    function toString(int256 value) internal pure returns (string memory) {
        return string(abi.encodePacked(value < 0 ? "-" : "", toString(SignedMath.abs(value))));
    }

    /**
     * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
     */
    function toHexString(uint256 value) internal pure returns (string memory) {
        unchecked {
            return toHexString(value, Math.log256(value) + 1);
        }
    }

    /**
     * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
     */
    function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
        bytes memory buffer = new bytes(2 * length + 2);
        buffer[0] = "0";
        buffer[1] = "x";
        for (uint256 i = 2 * length + 1; i > 1; --i) {
            buffer[i] = _SYMBOLS[value & 0xf];
            value >>= 4;
        }
        require(value == 0, "Strings: hex length insufficient");
        return string(buffer);
    }

    /**
     * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
     */
    function toHexString(address addr) internal pure returns (string memory) {
        return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
    }

    /**
     * @dev Returns true if the two strings are equal.
     */
    function equal(string memory a, string memory b) internal pure returns (bool) {
        return keccak256(bytes(a)) == keccak256(bytes(b));
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.17;

/**
 * @title QXMPDynamicRegistryV2
 * @notice Universal asset registry with schema-less dynamic fields
 * @dev Supports ANY asset type with ANY number of fields
 * 
 * Key Features:
 * - Global field schema registry (define field types once, reuse forever)
 * - Per-asset dynamic field storage (0 to 100+ fields per asset)
 * - Field-level confidence tracking (AI extraction confidence)
 * - Admin verification system (manual verification flag per field)
 * - IPFS backup integration (full metadata stored off-chain)
 * - Gas optimized (only store fields that exist)
 * 
 * Asset Types Supported: Gold, Diamond, Land, Art, Vehicles, IP, ANY future type
 */
contract QXMPDynamicRegistryV2 {
    
    // ═══════════════════════════════════════════════════════════════════════
    // ENUMS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @dev Data types for field values
     * Each type determines how the bytes value is encoded/decoded
     */
    enum DataType {
        String,     // 0: Text data (name, description, location)
        Uint256,    // 1: Unsigned integer (quantities, amounts)
        Int256,     // 2: Signed integer (coordinates, deltas)
        Address,    // 3: Ethereum address (holder, certifier)
        Bytes32,    // 4: Hash or identifier
        Bool        // 5: Boolean flag
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // STRUCTS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @dev Field schema definition
     * Registered once globally, reused for all assets that have this field
     */
    struct FieldSchema {
        bytes32 schemaId;           // keccak256(fieldName) - unique identifier
        string fieldName;           // Human-readable name (e.g., "Gold Ounces In Situ")
        DataType dataType;          // How to interpret the bytes value
        string unit;                // Unit of measurement ("oz", "m²", "USD", "")
        string category;            // Grouping ("Resource", "Location", "Financial", "Legal")
        string description;         // Human-readable description for UI
        bool isNumeric;             // Can be used in oracle price feeds
        bool isRequired;            // Required for certain asset types (optional enforcement)
        uint256 registeredAt;       // Block timestamp when schema was created
        bool exists;                // Schema exists flag
    }
    
    /**
     * @dev Core asset record (minimal, universal)
     * Same fields for ALL asset types
     */
    struct AssetCore {
        bytes32 assetCode;          // Unique identifier (keccak256 of human-readable code)
        string assetName;           // Human-readable asset name
        string assetType;           // Dynamic type: "Gold Mine", "Land Parcel", "Fine Art", etc.
        string jurisdiction;        // Location / country code
        uint256 primaryValueUsd;    // Main USD value (18 decimals) - oracle verified
        bytes32 reportHash;         // SHA-256 hash of source PDF document
        uint256 registeredAt;       // Block timestamp of registration
        uint256 lastUpdated;        // Last update timestamp (field changes, oracle updates)
        address holder;             // Asset holder wallet address
        bool isActive;              // Active status (can be deactivated)
        string ipfsCid;             // IPFS CID for full metadata backup
    }
    
    /**
     * @dev Dynamic field value with metadata
     * Each asset can have 0 to N of these
     */
    struct AssetField {
        bytes32 schemaId;           // References FieldSchema.schemaId
        bytes value;                // ABI-encoded value (decode based on schema.dataType)
        string displayValue;        // Human-readable string for UI display
        uint8 confidence;           // AI extraction confidence (0-100)
        bool isVerified;            // Admin manual verification flag
        bool isDeleted;             // Soft delete flag (filtered from queries)
        uint256 updatedAt;          // Last update timestamp
        bytes32 sourceHash;         // Hash of PDF page/section where extracted (optional)
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // STATE VARIABLES
    // ═══════════════════════════════════════════════════════════════════════
    
    // Owner address (QXMP Labs or ProofOfReserve contract)
    address public owner;
    
    // Global field schema registry
    mapping(bytes32 => FieldSchema) public fieldSchemas;
    bytes32[] public fieldSchemaIds;
    
    // Asset core data
    mapping(bytes32 => AssetCore) public assets;
    bytes32[] public assetCodes;
    
    // Asset fields (assetCode => array of fields)
    mapping(bytes32 => AssetField[]) private assetFields;
    
    // Field index for O(1) lookups (assetCode => schemaId => index in array)
    mapping(bytes32 => mapping(bytes32 => uint256)) private fieldIndex;
    mapping(bytes32 => mapping(bytes32 => bool)) private hasField;
    
    // ═══════════════════════════════════════════════════════════════════════
    // EVENTS
    // ═══════════════════════════════════════════════════════════════════════
    
    event FieldSchemaRegistered(
        bytes32 indexed schemaId,
        string fieldName,
        DataType dataType,
        string category
    );
    
    event AssetRegistered(
        bytes32 indexed assetCode,
        string assetName,
        string assetType,
        uint256 primaryValueUsd,
        uint256 fieldCount
    );
    
    event FieldAdded(
        bytes32 indexed assetCode,
        bytes32 indexed schemaId,
        string displayValue
    );
    
    event FieldUpdated(
        bytes32 indexed assetCode,
        bytes32 indexed schemaId,
        string newDisplayValue
    );
    
    event FieldVerified(
        bytes32 indexed assetCode,
        bytes32 indexed schemaId,
        address verifier
    );
    
    event FieldDeleted(
        bytes32 indexed assetCode,
        bytes32 indexed schemaId,
        address deletedBy
    );
    
    event PrimaryValueUpdated(
        bytes32 indexed assetCode,
        uint256 oldValue,
        uint256 newValue
    );
    
    event AssetDeactivated(bytes32 indexed assetCode);
    event AssetReactivated(bytes32 indexed assetCode);
    event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
    
    // ═══════════════════════════════════════════════════════════════════════
    // MODIFIERS
    // ═══════════════════════════════════════════════════════════════════════
    
    modifier onlyOwner() {
        require(msg.sender == owner, "Only owner can call this function");
        _;
    }
    
    modifier assetExists(bytes32 assetCode) {
        require(assets[assetCode].isActive, "Asset does not exist or is inactive");
        _;
    }
    
    modifier schemaExists(bytes32 schemaId) {
        require(fieldSchemas[schemaId].exists, "Field schema does not exist");
        _;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // CONSTRUCTOR
    // ═══════════════════════════════════════════════════════════════════════
    
    constructor() {
        owner = msg.sender;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // FIELD SCHEMA MANAGEMENT
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Register a new field schema
     * @dev Can be called by owner or automatically when new field type is discovered
     * @param fieldName Human-readable field name
     * @param dataType Data type enum value
     * @param unit Unit of measurement (empty string if none)
     * @param category Grouping category
     * @param description Human-readable description
     * @param isNumeric Whether field can be used in oracle feeds
     * @return schemaId Generated schema identifier
     */
    function registerFieldSchema(
        string memory fieldName,
        DataType dataType,
        string memory unit,
        string memory category,
        string memory description,
        bool isNumeric
    ) external onlyOwner returns (bytes32 schemaId) {
        // Generate schema ID from field name
        schemaId = keccak256(abi.encodePacked(fieldName));
        
        require(!fieldSchemas[schemaId].exists, "Field schema already exists");
        require(bytes(fieldName).length > 0, "Field name cannot be empty");
        
        fieldSchemas[schemaId] = FieldSchema({
            schemaId: schemaId,
            fieldName: fieldName,
            dataType: dataType,
            unit: unit,
            category: category,
            description: description,
            isNumeric: isNumeric,
            isRequired: false,
            registeredAt: block.timestamp,
            exists: true
        });
        
        fieldSchemaIds.push(schemaId);
        
        emit FieldSchemaRegistered(schemaId, fieldName, dataType, category);
        
        return schemaId;
    }
    
    /**
     * @notice Get field schema by ID
     */
    function getFieldSchema(bytes32 schemaId) 
        external 
        view 
        schemaExists(schemaId) 
        returns (FieldSchema memory) 
    {
        return fieldSchemas[schemaId];
    }
    
    /**
     * @notice Get total number of registered field schemas
     */
    function getFieldSchemaCount() external view returns (uint256) {
        return fieldSchemaIds.length;
    }
    
    /**
     * @notice Check if field schema exists
     */
    function fieldSchemaExists(bytes32 schemaId) external view returns (bool) {
        return fieldSchemas[schemaId].exists;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // ASSET CORE MANAGEMENT
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Register asset core data (called by ProofOfReserve contract)
     * @dev Fields are added separately with addField() or in batch with addFields()
     */
    function registerAssetCore(
        bytes32 assetCode,
        string memory assetName,
        string memory assetType,
        string memory jurisdiction,
        uint256 primaryValueUsd,
        bytes32 reportHash,
        address holder,
        string memory ipfsCid
    ) external onlyOwner {
        require(assets[assetCode].registeredAt == 0, "Asset code already used");
        require(primaryValueUsd > 0, "Primary value must be greater than 0");
        require(holder != address(0), "Invalid holder address");
        require(bytes(assetName).length > 0, "Asset name cannot be empty");
        
        assets[assetCode] = AssetCore({
            assetCode: assetCode,
            assetName: assetName,
            assetType: assetType,
            jurisdiction: jurisdiction,
            primaryValueUsd: primaryValueUsd,
            reportHash: reportHash,
            registeredAt: block.timestamp,
            lastUpdated: block.timestamp,
            holder: holder,
            isActive: true,
            ipfsCid: ipfsCid
        });
        
        assetCodes.push(assetCode);
        
        emit AssetRegistered(assetCode, assetName, assetType, primaryValueUsd, 0);
    }
    
    /**
     * @notice Update primary value (called by ProofOfReserve after oracle verification)
     */
    function updatePrimaryValue(bytes32 assetCode, uint256 newValueUsd) 
        external 
        onlyOwner 
        assetExists(assetCode) 
    {
        require(newValueUsd > 0, "Value must be greater than 0");
        
        uint256 oldValue = assets[assetCode].primaryValueUsd;
        assets[assetCode].primaryValueUsd = newValueUsd;
        assets[assetCode].lastUpdated = block.timestamp;
        
        emit PrimaryValueUpdated(assetCode, oldValue, newValueUsd);
    }
    
    /**
     * @notice Deactivate an asset
     */
    function deactivateAsset(bytes32 assetCode) 
        external 
        onlyOwner 
        assetExists(assetCode) 
    {
        assets[assetCode].isActive = false;
        emit AssetDeactivated(assetCode);
    }
    
    /**
     * @notice Reactivate a deactivated asset
     */
    function reactivateAsset(bytes32 assetCode) external onlyOwner {
        require(assets[assetCode].registeredAt > 0, "Asset never existed");
        require(!assets[assetCode].isActive, "Asset already active");
        assets[assetCode].isActive = true;
        assets[assetCode].lastUpdated = block.timestamp;
        emit AssetReactivated(assetCode);
    }
    
    /**
     * @notice Get asset core data
     */
    function getAsset(bytes32 assetCode) 
        external 
        view 
        assetExists(assetCode) 
        returns (AssetCore memory) 
    {
        return assets[assetCode];
    }
    
    /**
     * @notice Get total number of registered assets
     */
    function getAssetCount() external view returns (uint256) {
        return assetCodes.length;
    }
    
    /**
     * @notice Get asset code by index
     */
    function getAssetCodeByIndex(uint256 index) external view returns (bytes32) {
        require(index < assetCodes.length, "Index out of bounds");
        return assetCodes[index];
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // DYNAMIC FIELD MANAGEMENT
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Add a field to an existing asset
     * @dev Schema must exist before calling this
     */
    function addField(
        bytes32 assetCode,
        bytes32 schemaId,
        bytes memory value,
        string memory displayValue,
        uint8 confidence,
        bytes32 sourceHash
    ) external onlyOwner assetExists(assetCode) schemaExists(schemaId) {
        require(!hasField[assetCode][schemaId], "Field already exists, use updateField");
        require(confidence <= 100, "Confidence must be 0-100");
        
        AssetField memory field = AssetField({
            schemaId: schemaId,
            value: value,
            displayValue: displayValue,
            confidence: confidence,
            isVerified: false,
            isDeleted: false,
            updatedAt: block.timestamp,
            sourceHash: sourceHash
        });
        
        assetFields[assetCode].push(field);
        fieldIndex[assetCode][schemaId] = assetFields[assetCode].length - 1;
        hasField[assetCode][schemaId] = true;
        
        assets[assetCode].lastUpdated = block.timestamp;
        
        emit FieldAdded(assetCode, schemaId, displayValue);
    }
    
    /**
     * @notice Add multiple fields in batch (gas efficient)
     */
    function addFields(
        bytes32 assetCode,
        bytes32[] memory schemaIds,
        bytes[] memory values,
        string[] memory displayValues,
        uint8[] memory confidences,
        bytes32[] memory sourceHashes
    ) external onlyOwner assetExists(assetCode) {
        require(schemaIds.length > 0, "Cannot add zero fields");
        require(schemaIds.length <= 50, "Max 50 fields per batch to prevent out-of-gas");
        require(schemaIds.length == values.length, "Array length mismatch");
        require(schemaIds.length == displayValues.length, "Array length mismatch");
        require(schemaIds.length == confidences.length, "Array length mismatch");
        require(schemaIds.length == sourceHashes.length, "Array length mismatch");
        
        for (uint i = 0; i < schemaIds.length; i++) {
            bytes32 schemaId = schemaIds[i];
            
            require(fieldSchemas[schemaId].exists, "Field schema does not exist");
            require(!hasField[assetCode][schemaId], "Field already exists");
            require(confidences[i] <= 100, "Confidence must be 0-100");
            
            AssetField memory field = AssetField({
                schemaId: schemaId,
                value: values[i],
                displayValue: displayValues[i],
                confidence: confidences[i],
                isVerified: false,
                isDeleted: false,
                updatedAt: block.timestamp,
                sourceHash: sourceHashes[i]
            });
            
            assetFields[assetCode].push(field);
            fieldIndex[assetCode][schemaId] = assetFields[assetCode].length - 1;
            hasField[assetCode][schemaId] = true;
            
            emit FieldAdded(assetCode, schemaId, displayValues[i]);
        }
        
        assets[assetCode].lastUpdated = block.timestamp;
    }
    
    /**
     * @notice Update an existing field value
     */
    function updateField(
        bytes32 assetCode,
        bytes32 schemaId,
        bytes memory newValue,
        string memory newDisplayValue
    ) external onlyOwner assetExists(assetCode) {
        require(hasField[assetCode][schemaId], "Field does not exist");
        
        uint256 idx = fieldIndex[assetCode][schemaId];
        assetFields[assetCode][idx].value = newValue;
        assetFields[assetCode][idx].displayValue = newDisplayValue;
        assetFields[assetCode][idx].updatedAt = block.timestamp;
        assetFields[assetCode][idx].isVerified = false; // Reset verification
        
        assets[assetCode].lastUpdated = block.timestamp;
        
        emit FieldUpdated(assetCode, schemaId, newDisplayValue);
    }
    
    /**
     * @notice Verify a field (admin approval)
     */
    function verifyField(bytes32 assetCode, bytes32 schemaId) 
        external 
        onlyOwner 
        assetExists(assetCode) 
    {
        require(hasField[assetCode][schemaId], "Field does not exist");
        
        uint256 idx = fieldIndex[assetCode][schemaId];
        assetFields[assetCode][idx].isVerified = true;
        assetFields[assetCode][idx].updatedAt = block.timestamp;
        
        emit FieldVerified(assetCode, schemaId, msg.sender);
    }
    
    /**
     * @notice Remove (soft delete) a field from an asset
     * @dev Marks field as deleted but keeps it in array for audit trail
     */
    function removeField(bytes32 assetCode, bytes32 schemaId)
        external
        onlyOwner
        assetExists(assetCode)
    {
        require(hasField[assetCode][schemaId], "Field does not exist");
        
        uint256 idx = fieldIndex[assetCode][schemaId];
        require(!assetFields[assetCode][idx].isDeleted, "Field already deleted");
        
        assetFields[assetCode][idx].isDeleted = true;
        assetFields[assetCode][idx].updatedAt = block.timestamp;
        
        assets[assetCode].lastUpdated = block.timestamp;
        
        emit FieldDeleted(assetCode, schemaId, msg.sender);
    }
    
    /**
     * @notice Restore a deleted field
     * @dev Unmarks the deleted flag
     */
    function restoreField(bytes32 assetCode, bytes32 schemaId)
        external
        onlyOwner
        assetExists(assetCode)
    {
        require(hasField[assetCode][schemaId], "Field does not exist");
        
        uint256 idx = fieldIndex[assetCode][schemaId];
        require(assetFields[assetCode][idx].isDeleted, "Field not deleted");
        
        assetFields[assetCode][idx].isDeleted = false;
        assetFields[assetCode][idx].updatedAt = block.timestamp;
        
        assets[assetCode].lastUpdated = block.timestamp;
        
        emit FieldAdded(assetCode, schemaId, assetFields[assetCode][idx].displayValue);
    }
    
    /**
     * @notice Get all fields for an asset (excluding deleted)
     */
    function getAssetFields(bytes32 assetCode)
        external
        view
        assetExists(assetCode)
        returns (AssetField[] memory)
    {
        // Count non-deleted fields
        uint256 count = 0;
        for (uint i = 0; i < assetFields[assetCode].length; i++) {
            if (!assetFields[assetCode][i].isDeleted) {
                count++;
            }
        }
        
        // Build array of non-deleted fields
        AssetField[] memory activeFields = new AssetField[](count);
        uint256 index = 0;
        for (uint i = 0; i < assetFields[assetCode].length; i++) {
            if (!assetFields[assetCode][i].isDeleted) {
                activeFields[index] = assetFields[assetCode][i];
                index++;
            }
        }
        
        return activeFields;
    }
    
    /**
     * @notice Get all fields including deleted ones (admin view)
     */
    function getAllAssetFields(bytes32 assetCode)
        external
        view
        assetExists(assetCode)
        returns (AssetField[] memory)
    {
        return assetFields[assetCode];
    }
    
    /**
     * @notice Get specific field value
     */
    function getFieldValue(bytes32 assetCode, bytes32 schemaId) 
        external 
        view 
        assetExists(assetCode) 
        returns (
            bytes memory value,
            string memory displayValue,
            uint8 confidence,
            bool isVerified
        ) 
    {
        require(hasField[assetCode][schemaId], "Field does not exist");
        
        uint256 idx = fieldIndex[assetCode][schemaId];
        AssetField memory field = assetFields[assetCode][idx];
        
        require(!field.isDeleted, "Field has been deleted");
        
        return (field.value, field.displayValue, field.confidence, field.isVerified);
    }
    
    /**
     * @notice Get field count for an asset
     */
    function getFieldCount(bytes32 assetCode) 
        external 
        view 
        assetExists(assetCode) 
        returns (uint256) 
    {
        // Count non-deleted fields
        uint256 count = 0;
        for (uint i = 0; i < assetFields[assetCode].length; i++) {
            if (!assetFields[assetCode][i].isDeleted) {
                count++;
            }
        }
        return count;
    }
    
    /**
     * @notice Check if asset has specific field
     */
    function assetHasField(bytes32 assetCode, bytes32 schemaId) 
        external 
        view 
        returns (bool) 
    {
        return hasField[assetCode][schemaId];
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // ADMIN FUNCTIONS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Transfer ownership
     */
    function transferOwnership(address newOwner) external onlyOwner {
        require(newOwner != address(0), "Invalid new owner address");
        address previousOwner = owner;
        owner = newOwner;
        emit OwnershipTransferred(previousOwner, newOwner);
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.17;

import "@openzeppelin/contracts/access/Ownable.sol";
import "@openzeppelin/contracts/access/AccessControl.sol";
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";

/**
 * @title QXMPOracleController
 * @notice Manages authorized oracle signers and signature verification for QXMP
 * @dev Handles signer management, threshold configuration, and signature verification
 * 
 * Key Features:
 * - Role-based access control (Admin, Operator roles)
 * - Dynamic signer management (add/remove authorized signers)
 * - Configurable signature threshold (1-of-N, N-of-M)
 * - Per-asset staleness configuration
 * - Per-asset value bounds for anomaly detection
 * - ECDSA signature verification
 * 
 * Scalability:
 * - Phase 1: Single QXMP signer (1-of-1)
 * - Phase 2: Multiple QXMP signers (N-of-M)
 * - Phase 3: Partner oracle integration
 */
contract QXMPOracleController is Ownable, AccessControl {
    using ECDSA for bytes32;
    
    // ═══════════════════════════════════════════════════════════════════════
    // ROLES
    // ═══════════════════════════════════════════════════════════════════════
    
    bytes32 public constant ADMIN_ROLE = keccak256("ADMIN_ROLE");
    bytes32 public constant OPERATOR_ROLE = keccak256("OPERATOR_ROLE");
    
    // ═══════════════════════════════════════════════════════════════════════
    // STATE VARIABLES
    // ═══════════════════════════════════════════════════════════════════════
    
    // Authorized oracle signers
    mapping(address => bool) public isAuthorizedSigner;
    address[] public signers;
    
    // Signature threshold (e.g., 1 for single signer, 2 for 2-of-3)
    uint8 public requiredSignatures;
    
    // Staleness protection
    uint256 public defaultMaxStaleness;
    mapping(bytes32 => uint256) public assetMaxStaleness; // Per-asset override
    
    // Value bounds for anomaly detection
    mapping(bytes32 => uint256) public assetMinValue;
    mapping(bytes32 => uint256) public assetMaxValue;
    
    // ═══════════════════════════════════════════════════════════════════════
    // EVENTS
    // ═══════════════════════════════════════════════════════════════════════
    
    event SignerAdded(
        address indexed signer,
        address indexed addedBy,
        uint256 timestamp
    );
    
    event SignerRemoved(
        address indexed signer,
        address indexed removedBy,
        uint256 timestamp
    );
    
    event ThresholdUpdated(
        uint8 oldThreshold,
        uint8 newThreshold,
        address indexed updatedBy
    );
    
    event DefaultMaxStalenessUpdated(
        uint256 oldMaxStaleness,
        uint256 newMaxStaleness,
        address indexed updatedBy
    );
    
    event AssetMaxStalenessUpdated(
        bytes32 indexed assetCode,
        uint256 oldMaxStaleness,
        uint256 newMaxStaleness,
        address indexed updatedBy
    );
    
    event AssetValueBoundsUpdated(
        bytes32 indexed assetCode,
        uint256 minValue,
        uint256 maxValue,
        address indexed updatedBy
    );
    
    // ═══════════════════════════════════════════════════════════════════════
    // CONSTRUCTOR
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @param initialSigner First authorized oracle signer (typically QXMP wallet)
     * @param _defaultMaxStaleness Default staleness threshold (e.g., 24 hours)
     */
    constructor(address initialSigner, uint256 _defaultMaxStaleness) {
        require(initialSigner != address(0), "Invalid initial signer");
        require(_defaultMaxStaleness > 0, "Invalid staleness threshold");
        
        // Set up roles
        _setupRole(DEFAULT_ADMIN_ROLE, msg.sender);
        _setupRole(ADMIN_ROLE, msg.sender);
        _setupRole(OPERATOR_ROLE, msg.sender);
        
        // Add initial signer
        isAuthorizedSigner[initialSigner] = true;
        signers.push(initialSigner);
        
        // Set initial threshold to 1 (single signature required)
        requiredSignatures = 1;
        
        // Set default staleness
        defaultMaxStaleness = _defaultMaxStaleness;
        
        emit SignerAdded(initialSigner, msg.sender, block.timestamp);
        emit ThresholdUpdated(0, 1, msg.sender);
        emit DefaultMaxStalenessUpdated(0, _defaultMaxStaleness, msg.sender);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // SIGNER MANAGEMENT
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Add a new authorized oracle signer
     * @param signer Address of the new signer
     */
    function addSigner(address signer) external onlyRole(ADMIN_ROLE) {
        require(signer != address(0), "Invalid signer address");
        require(!isAuthorizedSigner[signer], "Signer already authorized");
        
        isAuthorizedSigner[signer] = true;
        signers.push(signer);
        
        emit SignerAdded(signer, msg.sender, block.timestamp);
    }
    
    /**
     * @notice Remove an authorized oracle signer
     * @param signer Address of the signer to remove
     */
    function removeSigner(address signer) external onlyRole(ADMIN_ROLE) {
        require(isAuthorizedSigner[signer], "Signer not authorized");
        require(signers.length > 1, "Cannot remove last signer");
        
        isAuthorizedSigner[signer] = false;
        
        // Remove from array
        for (uint i = 0; i < signers.length; i++) {
            if (signers[i] == signer) {
                signers[i] = signers[signers.length - 1];
                signers.pop();
                break;
            }
        }
        
        emit SignerRemoved(signer, msg.sender, block.timestamp);
    }
    
    /**
     * @notice Get all authorized signers
     * @return Array of authorized signer addresses
     */
    function getSigners() external view returns (address[] memory) {
        return signers;
    }
    
    /**
     * @notice Get number of authorized signers
     * @return Count of authorized signers
     */
    function getSignerCount() external view returns (uint256) {
        return signers.length;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // THRESHOLD MANAGEMENT
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Set the required number of signatures
     * @param newThreshold Number of signatures required (e.g., 2 for 2-of-3)
     */
    function setThreshold(uint8 newThreshold) external onlyRole(ADMIN_ROLE) {
        require(newThreshold > 0, "Threshold must be greater than 0");
        require(newThreshold <= signers.length, "Threshold exceeds signer count");
        
        uint8 oldThreshold = requiredSignatures;
        requiredSignatures = newThreshold;
        
        emit ThresholdUpdated(oldThreshold, newThreshold, msg.sender);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // STALENESS CONFIGURATION
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Set default maximum staleness for all assets
     * @param newMaxStaleness Maximum age in seconds (e.g., 86400 for 24 hours)
     */
    function setDefaultMaxStaleness(uint256 newMaxStaleness) 
        external 
        onlyRole(ADMIN_ROLE) 
    {
        require(newMaxStaleness > 0, "Staleness must be greater than 0");
        
        uint256 oldMaxStaleness = defaultMaxStaleness;
        defaultMaxStaleness = newMaxStaleness;
        
        emit DefaultMaxStalenessUpdated(oldMaxStaleness, newMaxStaleness, msg.sender);
    }
    
    /**
     * @notice Set maximum staleness for a specific asset
     * @param assetCode Asset identifier
     * @param maxStaleness Maximum age in seconds (0 to use default)
     */
    function setAssetMaxStaleness(bytes32 assetCode, uint256 maxStaleness) 
        external 
        onlyRole(ADMIN_ROLE) 
    {
        uint256 oldMaxStaleness = assetMaxStaleness[assetCode];
        assetMaxStaleness[assetCode] = maxStaleness;
        
        emit AssetMaxStalenessUpdated(assetCode, oldMaxStaleness, maxStaleness, msg.sender);
    }
    
    /**
     * @notice Get maximum staleness for an asset
     * @param assetCode Asset identifier
     * @return Maximum staleness in seconds
     */
    function getMaxStaleness(bytes32 assetCode) public view returns (uint256) {
        uint256 assetStaleness = assetMaxStaleness[assetCode];
        return assetStaleness > 0 ? assetStaleness : defaultMaxStaleness;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // VALUE BOUNDS CONFIGURATION
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Set value bounds for anomaly detection
     * @param assetCode Asset identifier
     * @param minValue Minimum acceptable value (0 for no minimum)
     * @param maxValue Maximum acceptable value (0 for no maximum)
     */
    function setAssetValueBounds(
        bytes32 assetCode,
        uint256 minValue,
        uint256 maxValue
    ) external onlyRole(ADMIN_ROLE) {
        if (maxValue > 0) {
            require(minValue < maxValue, "Min must be less than max");
        }
        
        assetMinValue[assetCode] = minValue;
        assetMaxValue[assetCode] = maxValue;
        
        emit AssetValueBoundsUpdated(assetCode, minValue, maxValue, msg.sender);
    }
    
    /**
     * @notice Check if a value is within bounds
     * @param assetCode Asset identifier
     * @param value Value to check
     * @return bool True if value is within bounds (or no bounds set)
     */
    function isValueWithinBounds(bytes32 assetCode, uint256 value) 
        public 
        view 
        returns (bool) 
    {
        uint256 minValue = assetMinValue[assetCode];
        uint256 maxValue = assetMaxValue[assetCode];
        
        // No bounds set
        if (minValue == 0 && maxValue == 0) {
            return true;
        }
        
        // Check bounds
        if (minValue > 0 && value < minValue) {
            return false;
        }
        if (maxValue > 0 && value > maxValue) {
            return false;
        }
        
        return true;
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // SIGNATURE VERIFICATION
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Verify a single signature
     * @param messageHash Hash of the signed message
     * @param signature ECDSA signature
     * @return isValid True if signature is from an authorized signer
     * @return signer Address that signed the message
     */
    function verifySignature(bytes32 messageHash, bytes memory signature) 
        public 
        view 
        returns (bool isValid, address signer) 
    {
        // Recover signer from signature
        signer = messageHash.toEthSignedMessageHash().recover(signature);
        
        // Check if signer is authorized
        isValid = isAuthorizedSigner[signer];
        
        return (isValid, signer);
    }
    
    /**
     * @notice Verify multiple signatures (for multi-sig)
     * @param messageHash Hash of the signed message
     * @param signatures Array of ECDSA signatures
     * @return isValid True if enough valid signatures from unique signers
     * @return validCount Number of valid signatures
     * @return recoveredSigners Array of signer addresses
     */
    function verifyMultipleSignatures(
        bytes32 messageHash,
        bytes[] memory signatures
    ) 
        public 
        view 
        returns (
            bool isValid,
            uint8 validCount,
            address[] memory recoveredSigners
        ) 
    {
        require(signatures.length > 0, "No signatures provided");
        require(
            signatures.length <= signers.length,
            "More signatures than signers"
        );
        
        recoveredSigners = new address[](signatures.length);
        validCount = 0;
        
        bytes32 ethSignedHash = messageHash.toEthSignedMessageHash();
        
        for (uint i = 0; i < signatures.length; i++) {
            address signer = ethSignedHash.recover(signatures[i]);
            recoveredSigners[i] = signer;
            
            // Check if signer is authorized and not duplicate
            if (isAuthorizedSigner[signer]) {
                // Check for duplicates
                bool isDuplicate = false;
                for (uint j = 0; j < i; j++) {
                    if (recoveredSigners[j] == signer) {
                        isDuplicate = true;
                        break;
                    }
                }
                
                if (!isDuplicate) {
                    validCount++;
                }
            }
        }
        
        // Check if we have enough valid signatures
        isValid = validCount >= requiredSignatures;
        
        return (isValid, validCount, recoveredSigners);
    }
    
    /**
     * @notice Recover signer address from signature (utility function)
     * @param messageHash Hash of the signed message
     * @param signature ECDSA signature
     * @return signer Address that signed the message
     */
    function recoverSigner(bytes32 messageHash, bytes memory signature) 
        public 
        pure 
        returns (address signer) 
    {
        return messageHash.toEthSignedMessageHash().recover(signature);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // VALIDATION HELPERS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Check if data is stale
     * @param assetCode Asset identifier
     * @param timestamp Data timestamp
     * @return bool True if data is fresh (not stale)
     */
    function isFresh(bytes32 assetCode, uint256 timestamp) 
        public 
        view 
        returns (bool) 
    {
        uint256 maxStaleness = getMaxStaleness(assetCode);
        
        // Prevent underflow: if timestamp is in the future (e.g., clock skew), 
        // consider it fresh rather than reverting
        if (timestamp >= block.timestamp) {
            return true;
        }
        
        // Check if the time difference is within acceptable staleness
        return block.timestamp - timestamp <= maxStaleness;
    }
}

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.17;

import "@openzeppelin/contracts/access/Ownable.sol";
import "./QXMPOracleController.sol";
import "./QXMPDynamicRegistryV2.sol";

/**
 * @title QXMPProofOfReserveV3
 * @notice Oracle-verified proof-of-reserves for QXMP assets with FIXED ownership architecture
 * @dev V3 OWNS the Registry contract - fixes the ownership bug from V2
 * 
 * Key Changes from V2:
 * - V3 now OWNS the Registry contract (deployed first, then Registry ownership transferred)
 * - This allows V3 to call registry.updatePrimaryValue() successfully
 * - Fixes the admin blockchain sync feature
 * 
 * Architecture:
 * Deployer Wallet (0xaD00eb5dC02E56d628d68AbD144B8c223A6Cf1Ef)
 *     ↓ owns
 * QXMPProofOfReserveV3 (this contract)
 *     ↓ owns
 * QXMPDynamicRegistryV2
 * 
 * Layer 1: QXMPOracleController (signature verification)
 * Layer 2: QXMPProofOfReserveV3 (this contract - proof storage)
 * Layer 3: QXMPDynamicRegistryV2 (asset data storage)
 */
contract QXMPProofOfReserveV3 is Ownable {
    
    // ═══════════════════════════════════════════════════════════════════════
    // STATE VARIABLES
    // ═══════════════════════════════════════════════════════════════════════
    
    QXMPOracleController public controller;
    QXMPDynamicRegistryV2 public registry;
    
    // ═══════════════════════════════════════════════════════════════════════
    // STRUCTS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @dev Proof-of-reserve record with full audit trail
     */
    struct Proof {
        bytes32 assetCode;          // Asset identifier
        bytes32 dataFeedId;         // Data feed ID (QXMP:ASSET-STANDARD-JURISDICTION)
        uint256 value;              // USD value (18 decimals)
        uint256 timestamp;          // Off-chain timestamp when data was gathered
        uint256 blockNumber;        // On-chain block number when proof was submitted
        uint256 blockTimestamp;     // On-chain timestamp when proof was submitted
        address submitter;          // Address that submitted the transaction
        address signer;             // Oracle signer who signed the data
        bool verified;              // Always true (only verified proofs are stored)
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // STORAGE
    // ═══════════════════════════════════════════════════════════════════════
    
    // All proofs for an asset (complete history)
    mapping(bytes32 => Proof[]) public proofs;
    
    // Latest proof for an asset (for quick access)
    mapping(bytes32 => Proof) public latestProofs;
    
    // Track if asset has any proofs
    mapping(bytes32 => bool) public hasProof;
    
    // ═══════════════════════════════════════════════════════════════════════
    // EVENTS
    // ═══════════════════════════════════════════════════════════════════════
    
    event ProofSubmitted(
        bytes32 indexed assetCode,
        bytes32 indexed dataFeedId,
        uint256 value,
        uint256 timestamp,
        address indexed submitter,
        address signer
    );
    
    event ProofSubmittedDirect(
        bytes32 indexed assetCode,
        bytes32 indexed dataFeedId,
        uint256 value,
        address indexed submitter
    );
    
    event AssetRegisteredViaProof(
        bytes32 indexed assetCode,
        string assetName,
        string assetType,
        uint256 primaryValueUsd
    );
    
    event ControllerUpdated(
        address indexed oldController,
        address indexed newController
    );
    
    event RegistryUpdated(
        address indexed oldRegistry,
        address indexed newRegistry
    );
    
    // ═══════════════════════════════════════════════════════════════════════
    // CONSTRUCTOR
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @param _controllerAddress Address of QXMPOracleController
     * @param _registryAddress Address of QXMPDynamicRegistryV2
     */
    constructor(address _controllerAddress, address _registryAddress) {
        require(_controllerAddress != address(0), "Invalid controller address");
        require(_registryAddress != address(0), "Invalid registry address");
        
        controller = QXMPOracleController(_controllerAddress);
        registry = QXMPDynamicRegistryV2(_registryAddress);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // PROOF SUBMISSION - SIGNATURE-BASED (Phase 1)
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Submit proof with single oracle signature
     * @dev Message format: keccak256(assetCode, dataFeedId, value, timestamp, chainId)
     * 
     * @param assetCode Asset identifier
     * @param dataFeedId Data feed ID (format: QXMP:ASSET-STANDARD-JURISDICTION)
     * @param value USD value (18 decimals)
     * @param timestamp Off-chain timestamp when data was gathered
     * @param signature ECDSA signature from authorized oracle
     */
    function submitProofWithSignature(
        bytes32 assetCode,
        bytes32 dataFeedId,
        uint256 value,
        uint256 timestamp,
        bytes memory signature
    ) external {
        // 1. Construct message hash
        bytes32 messageHash = keccak256(
            abi.encodePacked(
                assetCode,
                dataFeedId,
                value,
                timestamp,
                block.chainid
            )
        );
        
        // 2. Verify signature through controller
        (bool isValid, address signer) = controller.verifySignature(
            messageHash,
            signature
        );
        require(isValid, "Invalid signature or unauthorized signer");
        
        // 3. Check timestamp freshness
        require(
            controller.isFresh(assetCode, timestamp),
            "Data too stale"
        );
        
        // 4. Check value bounds (if configured)
        require(
            controller.isValueWithinBounds(assetCode, value),
            "Value out of bounds"
        );
        
        // 5. Store proof
        _storeProof(assetCode, dataFeedId, value, timestamp, signer);
        
        // 6. Update registry (V3 owns Registry, so this will work)
        _updateRegistry(assetCode, value);
        
        emit ProofSubmitted(
            assetCode,
            dataFeedId,
            value,
            timestamp,
            msg.sender,
            signer
        );
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // PROOF SUBMISSION - MULTI-SIGNATURE (Phase 2 - Future)
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Submit proof with multiple oracle signatures
     * @dev For high-value assets requiring consensus from N-of-M oracles
     * 
     * @param assetCode Asset identifier
     * @param dataFeedId Data feed ID
     * @param value USD value (18 decimals)
     * @param timestamp Off-chain timestamp
     * @param signatures Array of ECDSA signatures from authorized oracles
     */
    function submitProofMultiSig(
        bytes32 assetCode,
        bytes32 dataFeedId,
        uint256 value,
        uint256 timestamp,
        bytes[] memory signatures
    ) external {
        // 1. Construct message hash
        bytes32 messageHash = keccak256(
            abi.encodePacked(
                assetCode,
                dataFeedId,
                value,
                timestamp,
                block.chainid
            )
        );
        
        // 2. Verify multiple signatures through controller
        (
            bool isValid,
            uint8 validCount,
            address[] memory signers
        ) = controller.verifyMultipleSignatures(messageHash, signatures);
        
        require(isValid, "Insufficient valid signatures");
        
        // 3. Check timestamp freshness
        require(
            controller.isFresh(assetCode, timestamp),
            "Data too stale"
        );
        
        // 4. Check value bounds
        require(
            controller.isValueWithinBounds(assetCode, value),
            "Value out of bounds"
        );
        
        // 5. Store proof (use first signer for simplicity)
        _storeProof(assetCode, dataFeedId, value, timestamp, signers[0]);
        
        // 6. Update registry (V3 owns Registry, so this will work)
        _updateRegistry(assetCode, value);
        
        emit ProofSubmitted(
            assetCode,
            dataFeedId,
            value,
            timestamp,
            msg.sender,
            signers[0] // Primary signer
        );
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // PROOF SUBMISSION - DIRECT (Admin Fallback)
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Submit proof directly without signature (owner only)
     * @dev Emergency fallback if signature system has issues
     *      Uses block.timestamp as data timestamp
     * 
     * @param assetCode Asset identifier
     * @param dataFeedId Data feed ID
     * @param value USD value (18 decimals)
     */
    function submitProofDirect(
        bytes32 assetCode,
        bytes32 dataFeedId,
        uint256 value
    ) external onlyOwner {
        require(value > 0, "Value must be greater than 0");
        
        // Store proof with block.timestamp as data timestamp
        _storeProof(assetCode, dataFeedId, value, block.timestamp, msg.sender);
        
        // Update registry (V3 owns Registry, so this will work)
        _updateRegistry(assetCode, value);
        
        emit ProofSubmittedDirect(
            assetCode,
            dataFeedId,
            value,
            msg.sender
        );
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // INTERNAL HELPERS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @dev Internal function to store proof
     */
    function _storeProof(
        bytes32 assetCode,
        bytes32 dataFeedId,
        uint256 value,
        uint256 timestamp,
        address signer
    ) private {
        Proof memory proof = Proof({
            assetCode: assetCode,
            dataFeedId: dataFeedId,
            value: value,
            timestamp: timestamp,
            blockNumber: block.number,
            blockTimestamp: block.timestamp,
            submitter: msg.sender,
            signer: signer,
            verified: true
        });
        
        // Add to history
        proofs[assetCode].push(proof);
        
        // Update latest
        latestProofs[assetCode] = proof;
        
        // Mark as having proof
        hasProof[assetCode] = true;
    }
    
    /**
     * @dev Update registry - V3 owns Registry so this will succeed
     * @notice Only updates if asset exists in registry
     */
    function _updateRegistry(bytes32 assetCode, uint256 value) private {
        try registry.updatePrimaryValue(assetCode, value) {
            // Registry updated successfully
        } catch {
            // Registry update failed (asset might not be registered yet)
            // This is OK - proof is still stored
        }
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // ASSET REGISTRATION (Convenience wrappers)
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Register asset in dynamic registry
     * @dev Convenience wrapper - forwards to registry contract
     */
    function registerAsset(
        bytes32 assetCode,
        string memory assetName,
        string memory assetType,
        string memory jurisdiction,
        uint256 primaryValueUsd,
        bytes32 reportHash,
        address holder,
        string memory ipfsCid
    ) external onlyOwner {
        registry.registerAssetCore(
            assetCode,
            assetName,
            assetType,
            jurisdiction,
            primaryValueUsd,
            reportHash,
            holder,
            ipfsCid
        );
        
        emit AssetRegisteredViaProof(assetCode, assetName, assetType, primaryValueUsd);
    }
    
    /**
     * @notice Register asset with fields in single transaction
     * @dev Convenience wrapper for registry.registerAssetCore + addFields
     */
    function registerAssetWithFields(
        bytes32 assetCode,
        string memory assetName,
        string memory assetType,
        string memory jurisdiction,
        uint256 primaryValueUsd,
        bytes32 reportHash,
        address holder,
        string memory ipfsCid,
        bytes32[] memory schemaIds,
        bytes[] memory values,
        string[] memory displayValues,
        uint8[] memory confidences,
        bytes32[] memory sourceHashes
    ) external onlyOwner {
        // Register core asset
        registry.registerAssetCore(
            assetCode,
            assetName,
            assetType,
            jurisdiction,
            primaryValueUsd,
            reportHash,
            holder,
            ipfsCid
        );
        
        // Add fields
        registry.addFields(
            assetCode,
            schemaIds,
            values,
            displayValues,
            confidences,
            sourceHashes
        );
        
        emit AssetRegisteredViaProof(assetCode, assetName, assetType, primaryValueUsd);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // PROOF QUERIES
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Get latest proof for an asset
     */
    function getLatestProof(bytes32 assetCode) 
        external 
        view 
        returns (Proof memory) 
    {
        require(hasProof[assetCode], "No proofs for this asset");
        return latestProofs[assetCode];
    }
    
    /**
     * @notice Get all proofs for an asset
     */
    function getProofs(bytes32 assetCode) 
        external 
        view 
        returns (Proof[] memory) 
    {
        return proofs[assetCode];
    }
    
    /**
     * @notice Get proof count for an asset
     */
    function getProofCount(bytes32 assetCode) 
        external 
        view 
        returns (uint256) 
    {
        return proofs[assetCode].length;
    }
    
    /**
     * @notice Get specific proof by index
     */
    function getProofByIndex(bytes32 assetCode, uint256 index) 
        external 
        view 
        returns (Proof memory) 
    {
        require(index < proofs[assetCode].length, "Index out of bounds");
        return proofs[assetCode][index];
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // FIELD SCHEMA & FIELD MANAGEMENT (Convenience wrappers)
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Register field schema in registry
     */
    function registerFieldSchema(
        string memory fieldName,
        QXMPDynamicRegistryV2.DataType dataType,
        string memory unit,
        string memory category,
        string memory description,
        bool isNumeric
    ) external onlyOwner returns (bytes32 schemaId) {
        return registry.registerFieldSchema(
            fieldName,
            dataType,
            unit,
            category,
            description,
            isNumeric
        );
    }
    
    /**
     * @notice Add field to asset
     */
    function addField(
        bytes32 assetCode,
        bytes32 schemaId,
        bytes memory value,
        string memory displayValue,
        uint8 confidence,
        bytes32 sourceHash
    ) external onlyOwner {
        registry.addField(
            assetCode,
            schemaId,
            value,
            displayValue,
            confidence,
            sourceHash
        );
    }
    
    /**
     * @notice Add multiple fields to asset
     */
    function addFields(
        bytes32 assetCode,
        bytes32[] memory schemaIds,
        bytes[] memory values,
        string[] memory displayValues,
        uint8[] memory confidences,
        bytes32[] memory sourceHashes
    ) external onlyOwner {
        registry.addFields(
            assetCode,
            schemaIds,
            values,
            displayValues,
            confidences,
            sourceHashes
        );
    }
    
    /**
     * @notice Update an existing field
     */
    function updateField(
        bytes32 assetCode,
        bytes32 schemaId,
        bytes memory newValue,
        string memory newDisplayValue
    ) external onlyOwner {
        registry.updateField(
            assetCode,
            schemaId,
            newValue,
            newDisplayValue
        );
    }
    
    /**
     * @notice Remove (soft delete) a field from asset
     */
    function removeField(
        bytes32 assetCode,
        bytes32 schemaId
    ) external onlyOwner {
        registry.removeField(assetCode, schemaId);
    }
    
    /**
     * @notice Restore a deleted field
     */
    function restoreField(
        bytes32 assetCode,
        bytes32 schemaId
    ) external onlyOwner {
        registry.restoreField(assetCode, schemaId);
    }
    
    /**
     * @notice Verify a field (admin approval)
     */
    function verifyField(
        bytes32 assetCode,
        bytes32 schemaId
    ) external onlyOwner {
        registry.verifyField(assetCode, schemaId);
    }
    
    // ═══════════════════════════════════════════════════════════════════════
    // ADMIN FUNCTIONS
    // ═══════════════════════════════════════════════════════════════════════
    
    /**
     * @notice Update controller contract address
     */
    function updateController(address newController) external onlyOwner {
        require(newController != address(0), "Invalid controller address");
        address oldController = address(controller);
        controller = QXMPOracleController(newController);
        emit ControllerUpdated(oldController, newController);
    }
    
    /**
     * @notice Update registry contract address
     */
    function updateRegistry(address newRegistry) external onlyOwner {
        require(newRegistry != address(0), "Invalid registry address");
        address oldRegistry = address(registry);
        registry = QXMPDynamicRegistryV2(newRegistry);
        emit RegistryUpdated(oldRegistry, newRegistry);
    }
}