S Price: $0.826165 (+3.02%)
    /

    Contract Diff Checker

    Contract Name:
    SiloIncentivesControllerGaugeLike

    Contract Source Code:

    // SPDX-License-Identifier: BUSL-1.1
    pragma solidity 0.8.28;
    
    import {IERC20} from "openzeppelin5/token/ERC20/IERC20.sol";
    
    import {IGaugeLike as IGauge} from "../interfaces/IGaugeLike.sol";
    import {SiloIncentivesController} from "./SiloIncentivesController.sol";
    import {ISiloIncentivesController} from "./interfaces/ISiloIncentivesController.sol";
    
    /// @dev Silo incentives controller that can be used as a gauge in the Gauge hook receiver
    contract SiloIncentivesControllerGaugeLike is SiloIncentivesController, IGauge {
        /// @notice Silo share token
        address public immutable SHARE_TOKEN;
    
        /// @notice Whether the gauge is killed
        /// @dev This flag is not used in the SiloIncentivesController, but it is used in the Gauge hook receiver.
        /// It was added for a backward compatibility with gauges.
        bool internal _isKilled;
    
        /// @param _owner The owner of the incentives controller
        /// @param _notifier The notifier (expected to be a hook receiver address)
        /// @param _siloShareToken The share token that is incentivized
        constructor(
            address _owner,
            address _notifier,
            address _siloShareToken
        ) SiloIncentivesController(_owner, _notifier) {
            require(_siloShareToken != address(0), EmptyShareToken());
    
            SHARE_TOKEN = _siloShareToken;
        }
    
        /// @inheritdoc ISiloIncentivesController
        function afterTokenTransfer(
            address _sender,
            uint256 _senderBalance,
            address _recipient,
            uint256 _recipientBalance,
            uint256 _totalSupply,
            uint256 _amount
        )
            public
            virtual
            override(SiloIncentivesController, IGauge)
            onlyNotifier
        {
            SiloIncentivesController.afterTokenTransfer(
                _sender, _senderBalance, _recipient, _recipientBalance, _totalSupply, _amount
            );
        }
    
        /// @inheritdoc IGauge
        function killGauge() external virtual onlyOwner {
            _isKilled = true;
            emit GaugeKilled();
        }
    
        /// @inheritdoc IGauge
        function unkillGauge() external virtual onlyOwner {
            _isKilled = false;
            emit GaugeUnKilled();
        }
    
        /// @inheritdoc IGauge
        // solhint-disable-next-line func-name-mixedcase
        function share_token() external view returns (address) {
            return SHARE_TOKEN;
        }
    
        /// @inheritdoc IGauge
        // solhint-disable-next-line func-name-mixedcase
        function is_killed() external view returns (bool) {
            return _isKilled;
        }
    
        function _shareToken() internal view override returns (IERC20 shareToken) {
            shareToken = IERC20(SHARE_TOKEN);
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Interface of the ERC-20 standard as defined in the ERC.
     */
    interface IERC20 {
        /**
         * @dev Emitted when `value` tokens are moved from one account (`from`) to
         * another (`to`).
         *
         * Note that `value` may be zero.
         */
        event Transfer(address indexed from, address indexed to, uint256 value);
    
        /**
         * @dev Emitted when the allowance of a `spender` for an `owner` is set by
         * a call to {approve}. `value` is the new allowance.
         */
        event Approval(address indexed owner, address indexed spender, uint256 value);
    
        /**
         * @dev Returns the value of tokens in existence.
         */
        function totalSupply() external view returns (uint256);
    
        /**
         * @dev Returns the value of tokens owned by `account`.
         */
        function balanceOf(address account) external view returns (uint256);
    
        /**
         * @dev Moves a `value` amount of tokens from the caller's account to `to`.
         *
         * Returns a boolean value indicating whether the operation succeeded.
         *
         * Emits a {Transfer} event.
         */
        function transfer(address to, uint256 value) external returns (bool);
    
        /**
         * @dev Returns the remaining number of tokens that `spender` will be
         * allowed to spend on behalf of `owner` through {transferFrom}. This is
         * zero by default.
         *
         * This value changes when {approve} or {transferFrom} are called.
         */
        function allowance(address owner, address spender) external view returns (uint256);
    
        /**
         * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
         * caller's tokens.
         *
         * Returns a boolean value indicating whether the operation succeeded.
         *
         * IMPORTANT: Beware that changing an allowance with this method brings the risk
         * that someone may use both the old and the new allowance by unfortunate
         * transaction ordering. One possible solution to mitigate this race
         * condition is to first reduce the spender's allowance to 0 and set the
         * desired value afterwards:
         * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
         *
         * Emits an {Approval} event.
         */
        function approve(address spender, uint256 value) external returns (bool);
    
        /**
         * @dev Moves a `value` amount of tokens from `from` to `to` using the
         * allowance mechanism. `value` is then deducted from the caller's
         * allowance.
         *
         * Returns a boolean value indicating whether the operation succeeded.
         *
         * Emits a {Transfer} event.
         */
        function transferFrom(address from, address to, uint256 value) external returns (bool);
    }

    // SPDX-License-Identifier: MIT
    pragma solidity >=0.5.0;
    
    interface IGaugeLike {
        event GaugeKilled();
        event GaugeUnKilled();
    
        error EmptyShareToken();
    
        function afterTokenTransfer(
            address _sender,
            uint256 _senderBalance,
            address _recipient,
            uint256 _recipientBalance,
            uint256 _totalSupply,
            uint256 _amount
        ) external;
    
        /// @notice Kills the gauge
        function killGauge() external;
    
        /// @notice Un kills the gauge
        function unkillGauge() external;
    
        // solhint-disable func-name-mixedcase
        function share_token() external view returns (address);
    
        function is_killed() external view returns (bool);
        // solhint-enable func-name-mixedcase
    }

    // SPDX-License-Identifier: BUSL-1.1
    pragma solidity 0.8.28;
    
    import {SafeERC20} from "openzeppelin5/token/ERC20/utils/SafeERC20.sol";
    import {IERC20} from "openzeppelin5/token/ERC20/IERC20.sol";
    import {EnumerableSet} from "openzeppelin5/utils/structs/EnumerableSet.sol";
    import {Strings} from "openzeppelin5/utils/Strings.sol";
    
    import {ISiloIncentivesController} from "./interfaces/ISiloIncentivesController.sol";
    import {BaseIncentivesController} from "./base/BaseIncentivesController.sol";
    import {DistributionTypes} from "./lib/DistributionTypes.sol";
    
    /**
     * @title SiloIncentivesController
     * @notice Distributor contract for rewards to the Aave protocol, using a staked token as rewards asset.
     * The contract stakes the rewards before redistributing them to the Aave protocol participants.
     * The reference staked token implementation is at https://github.com/aave/aave-stake-v2
     * @author Aave
     */
    contract SiloIncentivesController is BaseIncentivesController {
        using EnumerableSet for EnumerableSet.Bytes32Set;
        using SafeERC20 for IERC20;
    
        /// @param _owner address of wallet that can manage the storage
        /// @param _notifier is contract with IERC20 interface with users balances, based based on which
        /// rewards distribution is calculated
        constructor(address _owner, address _notifier) BaseIncentivesController(_owner, _notifier) {}
    
        /// @inheritdoc ISiloIncentivesController
        function afterTokenTransfer(
            address _sender,
            uint256 _senderBalance,
            address _recipient,
            uint256 _recipientBalance,
            uint256 _totalSupply,
            uint256 _amount
        ) public virtual onlyNotifier {
            uint256 numberOfPrograms = _incentivesProgramIds.length();
    
            if (_sender == _recipient || numberOfPrograms == 0) {
                return;
            }
    
            // updating total supply and users balances to the state before the transfer
    
            if (_sender == address(0)) {
                // we minting tokens, so supply before was less
                // we safe, because this amount came from token, if token handle them we can handle as well
                unchecked { _totalSupply -= _amount; }
            } else if (_recipient == address(0)) {
                // we burning, so supply before was more
                // we safe, because this amount came from token, if token handle them we can handle as well
                unchecked { _totalSupply += _amount; }
            }
    
            // here user either transferring token to someone else or burning tokens
            // user state will be new, because this event is `onAfterTransfer`
            // we need to recreate status before event in order to automatically calculate rewards
            if (_sender != address(0)) {
                // we safe, because this amount came from token, if token handle them we can handle as well
                unchecked { _senderBalance = _senderBalance + _amount; }
            }
    
            // we have to checkout also user `_recipient`
            if (_recipient != address(0)) {
                // we safe, because this amount came from token, if token handle them we can handle as well
                unchecked { _recipientBalance = _recipientBalance - _amount; }
            }
    
            // iterate over incentives programs
            for (uint256 i = 0; i < numberOfPrograms; i++) {
                bytes32 programId = _incentivesProgramIds.at(i);
    
                if (_sender != address(0)) {
                    _handleAction(programId, _sender, _totalSupply, _senderBalance);
                }
    
                if (_recipient != address(0)) {
                    _handleAction(programId, _recipient, _totalSupply, _recipientBalance);
                }
            }
        }
    
        /// @inheritdoc ISiloIncentivesController
        function immediateDistribution(address _tokenToDistribute, uint104 _amount) external virtual onlyNotifierOrOwner {
            if (_amount == 0) return;
    
            uint256 totalStaked = _shareToken().totalSupply();
    
            bytes32 programId = _getOrCreateImmediateDistributionProgram(_tokenToDistribute);
    
            IncentivesProgram storage program = incentivesPrograms[programId];
    
            // Update the program's internal state to guarantee that further actions will not break it.
            _updateAssetStateInternal(programId, totalStaked);
    
            uint40 distributionEndBefore = program.distributionEnd;
            uint104 emissionPerSecondBefore = program.emissionPerSecond;
    
            // Distributing `_amount` of rewards in one second allows the rewards to be added to users' balances
            // even to the active incentives program.
            program.distributionEnd = uint40(block.timestamp);  
            program.lastUpdateTimestamp = uint40(block.timestamp - 1);
            program.emissionPerSecond = _amount;
    
            _updateAssetStateInternal(programId, totalStaked);
    
            // If we have ongoing distribution, we need to revert the changes and keep the state as it was.
            program.distributionEnd = distributionEndBefore;
            program.lastUpdateTimestamp = uint40(block.timestamp);
            program.emissionPerSecond = emissionPerSecondBefore;
        }
    
        /// @dev Creates a new immediate distribution program if it does not exist.
        /// @param _tokenToDistribute The address of the token to distribute.
        /// @return programId The ID of the created or existing program.
        function _getOrCreateImmediateDistributionProgram(address _tokenToDistribute)
            internal
            virtual
            returns (bytes32 programId)
        {
            string memory programName = Strings.toHexString(_tokenToDistribute);
            programId = getProgramId(programName);
    
            if (incentivesPrograms[programId].lastUpdateTimestamp == 0) {
                DistributionTypes.IncentivesProgramCreationInput memory _incentivesProgramInput;
    
                _incentivesProgramInput.name = programName;
                _incentivesProgramInput.rewardToken = _tokenToDistribute;
                _incentivesProgramInput.emissionPerSecond = 0;
                _incentivesProgramInput.distributionEnd = 0;
    
                _createIncentiveProgram(_incentivesProgramInput);
            }
        }
    }

    // SPDX-License-Identifier: agpl-3.0
    pragma solidity 0.8.28;
    
    import {IDistributionManager} from "./IDistributionManager.sol";
    import {DistributionTypes} from "../lib/DistributionTypes.sol";
    
    interface ISiloIncentivesController is IDistributionManager {
        event ClaimerSet(address indexed user, address indexed claimer);
        event IncentivesProgramCreated(string name);
        event IncentivesProgramUpdated(string name);
    
        event RewardsAccrued(
            address indexed user,
            address indexed rewardToken,
            string indexed programName,
            uint256 amount
        );
    
        event RewardsClaimed(
            address indexed user,
            address indexed to,
            address indexed rewardToken,
            bytes32 programId,
            address claimer,
            uint256 amount
        );
    
        error InvalidDistributionEnd();
        error InvalidConfiguration();
        error IndexOverflowAtEmissionsPerSecond();
        error InvalidToAddress();
        error InvalidUserAddress();
        error ClaimerUnauthorized();
        error InvalidRewardToken();
        error IncentivesProgramAlreadyExists();
        error IncentivesProgramNotFound();
        error DifferentRewardsTokens();
        /**
         * @dev Silo share token event handler
         * @param _sender The address of the sender
         * @param _senderBalance The balance of the sender
         * @param _recipient The address of the recipient
         * @param _recipientBalance The balance of the recipient
         * @param _totalSupply The total supply of the asset in the lending pool
         * @param _amount The amount of the transfer
         */
        function afterTokenTransfer(
            address _sender,
            uint256 _senderBalance,
            address _recipient,
            uint256 _recipientBalance,
            uint256 _totalSupply,
            uint256 _amount
        ) external;
    
        /**
         * @dev Immediately distributes rewards to the incentives program
         * Expect an `_amount` to be transferred to the contract before calling this fn
         * @param _tokenToDistribute The token to distribute
         * @param _amount The amount of rewards to distribute
         */
        function immediateDistribution(address _tokenToDistribute, uint104 _amount) external;
    
        /**
         * @dev Whitelists an address to claim the rewards on behalf of another address
         * @param _user The address of the user
         * @param _claimer The address of the claimer
         */
        function setClaimer(address _user, address _claimer) external;
    
        /**
         * @dev Creates a new incentives program
         * @param _incentivesProgramInput The incentives program creation input
         */
        function createIncentivesProgram(DistributionTypes.IncentivesProgramCreationInput memory _incentivesProgramInput)
            external;
    
        /**
         * @dev Updates an existing incentives program
         * @param _incentivesProgram The incentives program name
         * @param _distributionEnd The distribution end
         * @param _emissionPerSecond The emission per second
         */
        function updateIncentivesProgram(
            string calldata _incentivesProgram,
            uint40 _distributionEnd,
            uint104 _emissionPerSecond
        ) external;
    
        /**
         * @dev Claims reward for an user to the desired address, on all the assets of the lending pool,
         * accumulating the pending rewards
         * @param _to Address that will be receiving the rewards
         * @return accruedRewards
         */
        function claimRewards(address _to) external returns (AccruedRewards[] memory accruedRewards);
    
        /**
         * @dev Claims reward for an user to the desired address, on all the assets of the lending pool,
         * accumulating the pending rewards
         * @param _to Address that will be receiving the rewards
         * @param _programNames The incentives program names
         * @return accruedRewards
         */
        function claimRewards(address _to, string[] calldata _programNames)
            external
            returns (AccruedRewards[] memory accruedRewards);
    
        /**
         * @dev Claims reward for an user on behalf, on all the assets of the lending pool, accumulating the pending
         * rewards. The caller must be whitelisted via "allowClaimOnBehalf" function by the RewardsAdmin role manager
         * @param _user Address to check and claim rewards
         * @param _to Address that will be receiving the rewards
         * @param _programNames The incentives program names
         * @return accruedRewards
         */
        function claimRewardsOnBehalf(address _user, address _to, string[] calldata _programNames)
            external
            returns (AccruedRewards[] memory accruedRewards);
    
        /**
         * @dev Returns the whitelisted claimer for a certain address (0x0 if not set)
         * @param _user The address of the user
         * @return The claimer address
         */
        function getClaimer(address _user) external view returns (address);
    
        /**
         * @dev Returns the total of rewards of an user, already accrued + not yet accrued
         * @param _user The address of the user
         * @param _programName The incentives program name
         * @return unclaimedRewards
         */
        function getRewardsBalance(address _user, string calldata _programName)
            external
            view
            returns (uint256 unclaimedRewards);
    
        /**
         * @dev Returns the total of rewards of an user, already accrued + not yet accrued
         * @param _user The address of the user
         * @param _programNames The incentives program names (should have the same rewards token)
         * @return unclaimedRewards
         */
        function getRewardsBalance(address _user, string[] calldata _programNames)
            external
            view
            returns (uint256 unclaimedRewards);
    
        /**
         * @dev returns the unclaimed rewards of the user
         * @param _user the address of the user
         * @param _programName The incentives program name
         * @return the unclaimed user rewards
         */
        function getUserUnclaimedRewards(address _user, string calldata _programName) external view returns (uint256);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/utils/SafeERC20.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC20} from "../IERC20.sol";
    import {IERC1363} from "../../../interfaces/IERC1363.sol";
    import {Address} from "../../../utils/Address.sol";
    
    /**
     * @title SafeERC20
     * @dev Wrappers around ERC-20 operations that throw on failure (when the token
     * contract returns false). Tokens that return no value (and instead revert or
     * throw on failure) are also supported, non-reverting calls are assumed to be
     * successful.
     * To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
     * which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
     */
    library SafeERC20 {
        using Address for address;
    
        /**
         * @dev An operation with an ERC-20 token failed.
         */
        error SafeERC20FailedOperation(address token);
    
        /**
         * @dev Indicates a failed `decreaseAllowance` request.
         */
        error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
    
        /**
         * @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
         * non-reverting calls are assumed to be successful.
         */
        function safeTransfer(IERC20 token, address to, uint256 value) internal {
            _callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
        }
    
        /**
         * @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
         * calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
         */
        function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
            _callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
        }
    
        /**
         * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
         * non-reverting calls are assumed to be successful.
         */
        function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
            uint256 oldAllowance = token.allowance(address(this), spender);
            forceApprove(token, spender, oldAllowance + value);
        }
    
        /**
         * @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
         * value, non-reverting calls are assumed to be successful.
         */
        function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
            unchecked {
                uint256 currentAllowance = token.allowance(address(this), spender);
                if (currentAllowance < requestedDecrease) {
                    revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
                }
                forceApprove(token, spender, currentAllowance - requestedDecrease);
            }
        }
    
        /**
         * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
         * non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
         * to be set to zero before setting it to a non-zero value, such as USDT.
         */
        function forceApprove(IERC20 token, address spender, uint256 value) internal {
            bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
    
            if (!_callOptionalReturnBool(token, approvalCall)) {
                _callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
                _callOptionalReturn(token, approvalCall);
            }
        }
    
        /**
         * @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
         * code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
         * targeting contracts.
         *
         * Reverts if the returned value is other than `true`.
         */
        function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
            if (to.code.length == 0) {
                safeTransfer(token, to, value);
            } else if (!token.transferAndCall(to, value, data)) {
                revert SafeERC20FailedOperation(address(token));
            }
        }
    
        /**
         * @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
         * has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
         * targeting contracts.
         *
         * Reverts if the returned value is other than `true`.
         */
        function transferFromAndCallRelaxed(
            IERC1363 token,
            address from,
            address to,
            uint256 value,
            bytes memory data
        ) internal {
            if (to.code.length == 0) {
                safeTransferFrom(token, from, to, value);
            } else if (!token.transferFromAndCall(from, to, value, data)) {
                revert SafeERC20FailedOperation(address(token));
            }
        }
    
        /**
         * @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
         * code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
         * targeting contracts.
         *
         * NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
         * Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
         * once without retrying, and relies on the returned value to be true.
         *
         * Reverts if the returned value is other than `true`.
         */
        function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
            if (to.code.length == 0) {
                forceApprove(token, to, value);
            } else if (!token.approveAndCall(to, value, data)) {
                revert SafeERC20FailedOperation(address(token));
            }
        }
    
        /**
         * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
         * on the return value: the return value is optional (but if data is returned, it must not be false).
         * @param token The token targeted by the call.
         * @param data The call data (encoded using abi.encode or one of its variants).
         */
        function _callOptionalReturn(IERC20 token, bytes memory data) private {
            // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
            // we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
            // the target address contains contract code and also asserts for success in the low-level call.
    
            bytes memory returndata = address(token).functionCall(data);
            if (returndata.length != 0 && !abi.decode(returndata, (bool))) {
                revert SafeERC20FailedOperation(address(token));
            }
        }
    
        /**
         * @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
         * on the return value: the return value is optional (but if data is returned, it must not be false).
         * @param token The token targeted by the call.
         * @param data The call data (encoded using abi.encode or one of its variants).
         *
         * This is a variant of {_callOptionalReturn} that silents catches all reverts and returns a bool instead.
         */
        function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
            // We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
            // we're implementing it ourselves. We cannot use {Address-functionCall} here since this should return false
            // and not revert is the subcall reverts.
    
            (bool success, bytes memory returndata) = address(token).call(data);
            return success && (returndata.length == 0 || abi.decode(returndata, (bool))) && address(token).code.length > 0;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/EnumerableSet.sol)
    // This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Library for managing
     * https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
     * types.
     *
     * Sets have the following properties:
     *
     * - Elements are added, removed, and checked for existence in constant time
     * (O(1)).
     * - Elements are enumerated in O(n). No guarantees are made on the ordering.
     *
     * ```solidity
     * contract Example {
     *     // Add the library methods
     *     using EnumerableSet for EnumerableSet.AddressSet;
     *
     *     // Declare a set state variable
     *     EnumerableSet.AddressSet private mySet;
     * }
     * ```
     *
     * As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
     * and `uint256` (`UintSet`) are supported.
     *
     * [WARNING]
     * ====
     * Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
     * unusable.
     * See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
     *
     * In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
     * array of EnumerableSet.
     * ====
     */
    library EnumerableSet {
        // To implement this library for multiple types with as little code
        // repetition as possible, we write it in terms of a generic Set type with
        // bytes32 values.
        // The Set implementation uses private functions, and user-facing
        // implementations (such as AddressSet) are just wrappers around the
        // underlying Set.
        // This means that we can only create new EnumerableSets for types that fit
        // in bytes32.
    
        struct Set {
            // Storage of set values
            bytes32[] _values;
            // Position is the index of the value in the `values` array plus 1.
            // Position 0 is used to mean a value is not in the set.
            mapping(bytes32 value => uint256) _positions;
        }
    
        /**
         * @dev Add a value to a set. O(1).
         *
         * Returns true if the value was added to the set, that is if it was not
         * already present.
         */
        function _add(Set storage set, bytes32 value) private returns (bool) {
            if (!_contains(set, value)) {
                set._values.push(value);
                // The value is stored at length-1, but we add 1 to all indexes
                // and use 0 as a sentinel value
                set._positions[value] = set._values.length;
                return true;
            } else {
                return false;
            }
        }
    
        /**
         * @dev Removes a value from a set. O(1).
         *
         * Returns true if the value was removed from the set, that is if it was
         * present.
         */
        function _remove(Set storage set, bytes32 value) private returns (bool) {
            // We cache the value's position to prevent multiple reads from the same storage slot
            uint256 position = set._positions[value];
    
            if (position != 0) {
                // Equivalent to contains(set, value)
                // To delete an element from the _values array in O(1), we swap the element to delete with the last one in
                // the array, and then remove the last element (sometimes called as 'swap and pop').
                // This modifies the order of the array, as noted in {at}.
    
                uint256 valueIndex = position - 1;
                uint256 lastIndex = set._values.length - 1;
    
                if (valueIndex != lastIndex) {
                    bytes32 lastValue = set._values[lastIndex];
    
                    // Move the lastValue to the index where the value to delete is
                    set._values[valueIndex] = lastValue;
                    // Update the tracked position of the lastValue (that was just moved)
                    set._positions[lastValue] = position;
                }
    
                // Delete the slot where the moved value was stored
                set._values.pop();
    
                // Delete the tracked position for the deleted slot
                delete set._positions[value];
    
                return true;
            } else {
                return false;
            }
        }
    
        /**
         * @dev Returns true if the value is in the set. O(1).
         */
        function _contains(Set storage set, bytes32 value) private view returns (bool) {
            return set._positions[value] != 0;
        }
    
        /**
         * @dev Returns the number of values on the set. O(1).
         */
        function _length(Set storage set) private view returns (uint256) {
            return set._values.length;
        }
    
        /**
         * @dev Returns the value stored at position `index` in the set. O(1).
         *
         * Note that there are no guarantees on the ordering of values inside the
         * array, and it may change when more values are added or removed.
         *
         * Requirements:
         *
         * - `index` must be strictly less than {length}.
         */
        function _at(Set storage set, uint256 index) private view returns (bytes32) {
            return set._values[index];
        }
    
        /**
         * @dev Return the entire set in an array
         *
         * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
         * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
         * this function has an unbounded cost, and using it as part of a state-changing function may render the function
         * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
         */
        function _values(Set storage set) private view returns (bytes32[] memory) {
            return set._values;
        }
    
        // Bytes32Set
    
        struct Bytes32Set {
            Set _inner;
        }
    
        /**
         * @dev Add a value to a set. O(1).
         *
         * Returns true if the value was added to the set, that is if it was not
         * already present.
         */
        function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
            return _add(set._inner, value);
        }
    
        /**
         * @dev Removes a value from a set. O(1).
         *
         * Returns true if the value was removed from the set, that is if it was
         * present.
         */
        function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
            return _remove(set._inner, value);
        }
    
        /**
         * @dev Returns true if the value is in the set. O(1).
         */
        function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
            return _contains(set._inner, value);
        }
    
        /**
         * @dev Returns the number of values in the set. O(1).
         */
        function length(Bytes32Set storage set) internal view returns (uint256) {
            return _length(set._inner);
        }
    
        /**
         * @dev Returns the value stored at position `index` in the set. O(1).
         *
         * Note that there are no guarantees on the ordering of values inside the
         * array, and it may change when more values are added or removed.
         *
         * Requirements:
         *
         * - `index` must be strictly less than {length}.
         */
        function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
            return _at(set._inner, index);
        }
    
        /**
         * @dev Return the entire set in an array
         *
         * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
         * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
         * this function has an unbounded cost, and using it as part of a state-changing function may render the function
         * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
         */
        function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
            bytes32[] memory store = _values(set._inner);
            bytes32[] memory result;
    
            /// @solidity memory-safe-assembly
            assembly {
                result := store
            }
    
            return result;
        }
    
        // AddressSet
    
        struct AddressSet {
            Set _inner;
        }
    
        /**
         * @dev Add a value to a set. O(1).
         *
         * Returns true if the value was added to the set, that is if it was not
         * already present.
         */
        function add(AddressSet storage set, address value) internal returns (bool) {
            return _add(set._inner, bytes32(uint256(uint160(value))));
        }
    
        /**
         * @dev Removes a value from a set. O(1).
         *
         * Returns true if the value was removed from the set, that is if it was
         * present.
         */
        function remove(AddressSet storage set, address value) internal returns (bool) {
            return _remove(set._inner, bytes32(uint256(uint160(value))));
        }
    
        /**
         * @dev Returns true if the value is in the set. O(1).
         */
        function contains(AddressSet storage set, address value) internal view returns (bool) {
            return _contains(set._inner, bytes32(uint256(uint160(value))));
        }
    
        /**
         * @dev Returns the number of values in the set. O(1).
         */
        function length(AddressSet storage set) internal view returns (uint256) {
            return _length(set._inner);
        }
    
        /**
         * @dev Returns the value stored at position `index` in the set. O(1).
         *
         * Note that there are no guarantees on the ordering of values inside the
         * array, and it may change when more values are added or removed.
         *
         * Requirements:
         *
         * - `index` must be strictly less than {length}.
         */
        function at(AddressSet storage set, uint256 index) internal view returns (address) {
            return address(uint160(uint256(_at(set._inner, index))));
        }
    
        /**
         * @dev Return the entire set in an array
         *
         * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
         * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
         * this function has an unbounded cost, and using it as part of a state-changing function may render the function
         * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
         */
        function values(AddressSet storage set) internal view returns (address[] memory) {
            bytes32[] memory store = _values(set._inner);
            address[] memory result;
    
            /// @solidity memory-safe-assembly
            assembly {
                result := store
            }
    
            return result;
        }
    
        // UintSet
    
        struct UintSet {
            Set _inner;
        }
    
        /**
         * @dev Add a value to a set. O(1).
         *
         * Returns true if the value was added to the set, that is if it was not
         * already present.
         */
        function add(UintSet storage set, uint256 value) internal returns (bool) {
            return _add(set._inner, bytes32(value));
        }
    
        /**
         * @dev Removes a value from a set. O(1).
         *
         * Returns true if the value was removed from the set, that is if it was
         * present.
         */
        function remove(UintSet storage set, uint256 value) internal returns (bool) {
            return _remove(set._inner, bytes32(value));
        }
    
        /**
         * @dev Returns true if the value is in the set. O(1).
         */
        function contains(UintSet storage set, uint256 value) internal view returns (bool) {
            return _contains(set._inner, bytes32(value));
        }
    
        /**
         * @dev Returns the number of values in the set. O(1).
         */
        function length(UintSet storage set) internal view returns (uint256) {
            return _length(set._inner);
        }
    
        /**
         * @dev Returns the value stored at position `index` in the set. O(1).
         *
         * Note that there are no guarantees on the ordering of values inside the
         * array, and it may change when more values are added or removed.
         *
         * Requirements:
         *
         * - `index` must be strictly less than {length}.
         */
        function at(UintSet storage set, uint256 index) internal view returns (uint256) {
            return uint256(_at(set._inner, index));
        }
    
        /**
         * @dev Return the entire set in an array
         *
         * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
         * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
         * this function has an unbounded cost, and using it as part of a state-changing function may render the function
         * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
         */
        function values(UintSet storage set) internal view returns (uint256[] memory) {
            bytes32[] memory store = _values(set._inner);
            uint256[] memory result;
    
            /// @solidity memory-safe-assembly
            assembly {
                result := store
            }
    
            return result;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/Strings.sol)
    
    pragma solidity ^0.8.20;
    
    import {Math} from "./math/Math.sol";
    import {SignedMath} from "./math/SignedMath.sol";
    
    /**
     * @dev String operations.
     */
    library Strings {
        bytes16 private constant HEX_DIGITS = "0123456789abcdef";
        uint8 private constant ADDRESS_LENGTH = 20;
    
        /**
         * @dev The `value` string doesn't fit in the specified `length`.
         */
        error StringsInsufficientHexLength(uint256 value, uint256 length);
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` decimal representation.
         */
        function toString(uint256 value) internal pure returns (string memory) {
            unchecked {
                uint256 length = Math.log10(value) + 1;
                string memory buffer = new string(length);
                uint256 ptr;
                /// @solidity memory-safe-assembly
                assembly {
                    ptr := add(buffer, add(32, length))
                }
                while (true) {
                    ptr--;
                    /// @solidity memory-safe-assembly
                    assembly {
                        mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
                    }
                    value /= 10;
                    if (value == 0) break;
                }
                return buffer;
            }
        }
    
        /**
         * @dev Converts a `int256` to its ASCII `string` decimal representation.
         */
        function toStringSigned(int256 value) internal pure returns (string memory) {
            return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
        }
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
         */
        function toHexString(uint256 value) internal pure returns (string memory) {
            unchecked {
                return toHexString(value, Math.log256(value) + 1);
            }
        }
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
         */
        function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
            uint256 localValue = value;
            bytes memory buffer = new bytes(2 * length + 2);
            buffer[0] = "0";
            buffer[1] = "x";
            for (uint256 i = 2 * length + 1; i > 1; --i) {
                buffer[i] = HEX_DIGITS[localValue & 0xf];
                localValue >>= 4;
            }
            if (localValue != 0) {
                revert StringsInsufficientHexLength(value, length);
            }
            return string(buffer);
        }
    
        /**
         * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
         * representation.
         */
        function toHexString(address addr) internal pure returns (string memory) {
            return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
        }
    
        /**
         * @dev Returns true if the two strings are equal.
         */
        function equal(string memory a, string memory b) internal pure returns (bool) {
            return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
        }
    }

    // SPDX-License-Identifier: agpl-3.0
    pragma solidity 0.8.28;
    
    import {IERC20} from "openzeppelin5/token/ERC20/IERC20.sol";
    import {EnumerableSet} from "openzeppelin5/utils/structs/EnumerableSet.sol";
    
    import {DistributionTypes} from "../lib/DistributionTypes.sol";
    import {DistributionManager} from "./DistributionManager.sol";
    import {ISiloIncentivesController} from "../interfaces/ISiloIncentivesController.sol";
    
    /**
     * @title BaseIncentivesController
     * @notice Abstract contract template to build Distributors contracts for ERC20 rewards to protocol participants
     * @author Aave
      */
    abstract contract BaseIncentivesController is DistributionManager, ISiloIncentivesController {
        using EnumerableSet for EnumerableSet.Bytes32Set;
    
        mapping(address user => mapping(bytes32 programId => uint256 unclaimedRewards)) internal _usersUnclaimedRewards;
    
        // this mapping allows whitelisted addresses to claim on behalf of others
        // useful for contracts that hold tokens to be rewarded but don't have any native logic to claim Liquidity Mining
        // rewards
        mapping(address user => address claimer) internal _authorizedClaimers;
    
        modifier onlyAuthorizedClaimers(address claimer, address user) {
            if (_authorizedClaimers[user] != claimer) revert ClaimerUnauthorized();
    
            _;
        }
    
        modifier inputsValidation(address _user, address _to) {
            if (_user == address(0)) revert InvalidUserAddress();
            if (_to == address(0)) revert InvalidToAddress();
    
            _;
        }
    
        constructor(address _owner, address _notifier) DistributionManager(_owner, _notifier) {}
    
        /// @inheritdoc ISiloIncentivesController
        function createIncentivesProgram(DistributionTypes.IncentivesProgramCreationInput memory _incentivesProgramInput)
            external
            virtual
            onlyOwner
        {
            require(bytes(_incentivesProgramInput.name).length <= 32, TooLongProgramName());
            require(_incentivesProgramInput.distributionEnd >= block.timestamp, InvalidDistributionEnd());
    
            _createIncentiveProgram(_incentivesProgramInput);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function updateIncentivesProgram(
            string calldata _incentivesProgram,
            uint40 _distributionEnd,
            uint104 _emissionPerSecond
        ) external virtual onlyOwner {
            require(_distributionEnd >= block.timestamp, InvalidDistributionEnd());
    
            bytes32 programId = getProgramId(_incentivesProgram);
    
            require(_incentivesProgramIds.contains(programId), IncentivesProgramNotFound());
    
            uint256 totalSupply = _shareToken().totalSupply();
    
            _updateAssetStateInternal(programId, totalSupply);
    
            incentivesPrograms[programId].distributionEnd = _distributionEnd;
            incentivesPrograms[programId].emissionPerSecond = _emissionPerSecond;
    
            emit IncentivesProgramUpdated(_incentivesProgram);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function getRewardsBalance(address _user, string calldata _programName)
            external
            view
            virtual
            returns (uint256 unclaimedRewards)
        {
            bytes32 programId = getProgramId(_programName);
    
            (uint256 stakedByUser, uint256 totalStaked) = _getScaledUserBalanceAndSupply(_user);
    
            unclaimedRewards = _getRewardsBalance(_user, programId, stakedByUser, totalStaked);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function getRewardsBalance(address _user, string[] calldata _programNames)
            external
            view
            virtual
            returns (uint256 unclaimedRewards)
        {
            address rewardsToken;
    
            (uint256 stakedByUser, uint256 totalStaked) = _getScaledUserBalanceAndSupply(_user);
    
            for (uint256 i = 0; i < _programNames.length; i++) {
                bytes32 programId = getProgramId(_programNames[i]);
    
                address programRewardsToken = incentivesPrograms[programId].rewardToken;
    
                if (rewardsToken == address(0)) {
                    rewardsToken = programRewardsToken;
                } else if (rewardsToken != programRewardsToken) {
                    revert DifferentRewardsTokens();
                }
    
                unclaimedRewards += _getRewardsBalance(_user, programId, stakedByUser, totalStaked);
            }
        }
    
        /// @dev Internal function to get the rewards balance for a user and a program
        function _getRewardsBalance(address _user, bytes32 _programId, uint256 _stakedByUser, uint256 _totalStaked)
            internal
            view
            virtual
            returns (uint256 unclaimedRewards)
        {
            unclaimedRewards = _usersUnclaimedRewards[_user][_programId];
            unclaimedRewards += _getUnclaimedRewards(_programId, _user, _stakedByUser, _totalStaked);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function claimRewards(address _to) external virtual returns (AccruedRewards[] memory accruedRewards) {
            if (_to == address(0)) revert InvalidToAddress();
    
            accruedRewards = _accrueRewards(msg.sender);
            _claimRewards(msg.sender, msg.sender, _to, accruedRewards);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function claimRewards(address _to, string[] calldata _programNames)
            external
            virtual
            returns (AccruedRewards[] memory accruedRewards)
        {
            if (_to == address(0)) revert InvalidToAddress();
    
            bytes32[] memory programIds = _getProgramsIds(_programNames);
            accruedRewards = _accrueRewardsForPrograms(msg.sender, programIds);
            _claimRewards(msg.sender, msg.sender, _to, accruedRewards);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function claimRewardsOnBehalf(address _user, address _to, string[] calldata _programNames)
            external
            virtual
            onlyAuthorizedClaimers(msg.sender, _user)
            inputsValidation(_user, _to)
            returns (AccruedRewards[] memory accruedRewards)
        {
            bytes32[] memory programIds = _getProgramsIds(_programNames);
            accruedRewards = _accrueRewardsForPrograms(_user, programIds);
            _claimRewards(msg.sender, _user, _to, accruedRewards);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function setClaimer(address _user, address _caller) external virtual onlyOwner {
            _authorizedClaimers[_user] = _caller;
            emit ClaimerSet(_user, _caller);
        }
    
        /// @inheritdoc ISiloIncentivesController
        function getClaimer(address _user) external view virtual returns (address) {
            return _authorizedClaimers[_user];
        }
    
        /// @inheritdoc ISiloIncentivesController
        function getUserUnclaimedRewards(address _user, string calldata _programName)
            external
            view
            virtual
            returns (uint256)
        {
            bytes32 programId = getProgramId(_programName);
            return _usersUnclaimedRewards[_user][programId];
        }
    
        /**
         * @dev Called by the corresponding asset on any update that affects the rewards distribution
         * @param _incentivesProgramId The id of the incentives program being updated
         * @param _user The address of the user
         * @param _totalSupply The total supply of the asset in the lending pool
         * @param _userBalance The balance of the user of the asset in the lending pool
         */
        function _handleAction(
            bytes32 _incentivesProgramId,
            address _user,
            uint256 _totalSupply,
            uint256 _userBalance
        ) internal virtual {
            uint256 accruedRewards = _updateUserAssetInternal(_incentivesProgramId, _user, _userBalance, _totalSupply);
    
            if (accruedRewards != 0) {
                uint256 newUnclaimedRewards = _usersUnclaimedRewards[_user][_incentivesProgramId] + accruedRewards;
                _usersUnclaimedRewards[_user][_incentivesProgramId] = newUnclaimedRewards;
    
                emit RewardsAccrued(
                    _user,
                    incentivesPrograms[_incentivesProgramId].rewardToken,
                    getProgramName(_incentivesProgramId),
                    newUnclaimedRewards
                );
            }
        }
    
        /**
         * @dev Claims reward for an user on behalf, on all the assets of the lending pool, accumulating the pending rewards
         * @param claimer Address to check and claim rewards
         * @param user Address to check and claim rewards
         * @param to Address that will be receiving the rewards
         */
        function _claimRewards(
            address claimer,
            address user,
            address to,
            AccruedRewards[] memory accruedRewards
        ) internal virtual {
            for (uint256 i = 0; i < accruedRewards.length; i++) {
                uint256 unclaimedRewards = _usersUnclaimedRewards[user][accruedRewards[i].programId];
    
                accruedRewards[i].amount += unclaimedRewards;
    
                if (accruedRewards[i].amount != 0) {
                    emit RewardsAccrued(
                        user,
                        accruedRewards[i].rewardToken,
                        getProgramName(accruedRewards[i].programId),
                        accruedRewards[i].amount
                    );
    
                    _transferRewards(accruedRewards[i].rewardToken, to, accruedRewards[i].amount);
    
                    emit RewardsClaimed(
                        user,
                        to,
                        accruedRewards[i].rewardToken,
                        accruedRewards[i].programId,
                        claimer,
                        accruedRewards[i].amount
                    );
                }
            }
        }
    
        /**
         * @dev Creates a new incentive program
         * @param _incentivesProgramInput The incentives program creation input
         */
        function _createIncentiveProgram(
            DistributionTypes.IncentivesProgramCreationInput memory _incentivesProgramInput
        ) internal virtual {
            bytes32 programId = getProgramId(_incentivesProgramInput.name);
    
            require(_incentivesProgramInput.rewardToken != address(0), InvalidRewardToken());
            require(_incentivesProgramIds.add(programId), IncentivesProgramAlreadyExists());
    
            incentivesPrograms[programId].rewardToken = _incentivesProgramInput.rewardToken;
            incentivesPrograms[programId].distributionEnd = _incentivesProgramInput.distributionEnd;
            incentivesPrograms[programId].emissionPerSecond = _incentivesProgramInput.emissionPerSecond;
            incentivesPrograms[programId].lastUpdateTimestamp = uint40(block.timestamp);
    
            _updateAssetStateInternal(programId, _shareToken().totalSupply());
    
            emit IncentivesProgramCreated(_incentivesProgramInput.name);
        }
    
        /**
         * @dev Returns the program ids for a list of program names
         * @param _programNames The program names
         * @return programIds The program ids
         */
        function _getProgramsIds(string[] calldata _programNames)
            internal
            pure
            virtual
            returns (bytes32[] memory programIds)
        {
            programIds = new bytes32[](_programNames.length);
    
            for (uint256 i = 0; i < _programNames.length; i++) {
                programIds[i] = getProgramId(_programNames[i]);
            }
        }
    
        /**
         * @dev Abstract function to transfer rewards to the desired account
         * @param rewardToken Reward token address
         * @param to Account address to send the rewards
         * @param amount Amount of rewards to transfer
         */
        function _transferRewards(address rewardToken, address to, uint256 amount) internal virtual {
            IERC20(rewardToken).transfer(to, amount);
        }
    }

    // SPDX-License-Identifier: agpl-3.0
    pragma solidity 0.8.28;
    
    library DistributionTypes {
        struct IncentivesProgramCreationInput {
            string name;
            address rewardToken;
            uint104 emissionPerSecond;
            uint40 distributionEnd;
        }
    
        struct AssetConfigInput {
            uint104 emissionPerSecond;
            uint256 totalStaked;
            address underlyingAsset;
        }
    
        struct UserStakeInput {
            address underlyingAsset;
            uint256 stakedByUser;
            uint256 totalStaked;
        }
    }

    // SPDX-License-Identifier: agpl-3.0
    pragma solidity 0.8.28;
    
    import {DistributionTypes} from "../lib/DistributionTypes.sol";
    
    interface IDistributionManager {
        struct IncentivesProgram {
            uint256 index;
            address rewardToken; // can't be updated after creation
            uint104 emissionPerSecond; // configured by owner
            uint40 lastUpdateTimestamp;
            uint40 distributionEnd; // configured by owner
            mapping(address user => uint256 userIndex) users;
        }
    
        struct IncentiveProgramDetails {
            uint256 index;
            address rewardToken;
            uint104 emissionPerSecond;
            uint40 lastUpdateTimestamp;
            uint40 distributionEnd;
        }
    
        struct AccruedRewards {
            uint256 amount;
            bytes32 programId;
            address rewardToken;
        }
    
        event AssetConfigUpdated(address indexed asset, uint256 emission);
        event AssetIndexUpdated(address indexed asset, uint256 index);
        event DistributionEndUpdated(string incentivesProgram, uint256 newDistributionEnd);
        event IncentivesProgramIndexUpdated(string incentivesProgram, uint256 newIndex);
        event UserIndexUpdated(address indexed user, string incentivesProgram, uint256 newIndex);
    
        error OnlyNotifier();
        error TooLongProgramName();
        error InvalidIncentivesProgramName();
        error OnlyNotifierOrOwner();
    
        /**
         * @dev Sets the end date for the distribution
         * @param _incentivesProgram The incentives program name
         * @param _distributionEnd The end date timestamp
         */
        function setDistributionEnd(string calldata _incentivesProgram, uint40 _distributionEnd) external;
    
        /**
         * @dev Gets the end date for the distribution  
         * @param _incentivesProgram The incentives program name
         * @return The end of the distribution
         */
        function getDistributionEnd(string calldata _incentivesProgram) external view returns (uint256);
    
        /**
         * @dev Returns the data of an user on a distribution
         * @param _user Address of the user
         * @param _incentivesProgram The incentives program name
         * @return The new index
         */
        function getUserData(address _user, string calldata _incentivesProgram) external view returns (uint256);
    
        /**
         * @dev Returns the configuration of the distribution for a certain incentives program
         * @param _incentivesProgram The incentives program name
         * @return details The configuration of the incentives program
         */
        function incentivesProgram(string calldata _incentivesProgram)
            external
            view
            returns (IncentiveProgramDetails memory details);
    
        /**
         * @dev Returns the program id for the given program name.
         * This method TRUNCATES the program name to 32 bytes.
         * If provided strings only differ after the 32nd byte they would result in the same ProgramId.
         * Ensure to use inputs that will result in 32 bytes or less.
         * @param _programName The incentives program name
         * @return programId
         */
        function getProgramId(string calldata _programName) external pure returns (bytes32 programId);
    
        /**
         * @dev returns the names of all the incentives programs
         * @return programsNames the names of all the incentives programs
         */
        function getAllProgramsNames() external view returns (string[] memory programsNames);
    
        /**
         * @dev returns the name of an incentives program
         * @param _programName the name (bytes32) of the incentives program
         * @return programName the name (string) of the incentives program
         */
        function getProgramName(bytes32 _programName) external pure returns (string memory programName);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1363.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC20} from "./IERC20.sol";
    import {IERC165} from "./IERC165.sol";
    
    /**
     * @title IERC1363
     * @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
     *
     * Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
     * after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
     */
    interface IERC1363 is IERC20, IERC165 {
        /*
         * Note: the ERC-165 identifier for this interface is 0xb0202a11.
         * 0xb0202a11 ===
         *   bytes4(keccak256('transferAndCall(address,uint256)')) ^
         *   bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
         *   bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
         *   bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
         *   bytes4(keccak256('approveAndCall(address,uint256)')) ^
         *   bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
         */
    
        /**
         * @dev Moves a `value` amount of tokens from the caller's account to `to`
         * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
         * @param to The address which you want to transfer to.
         * @param value The amount of tokens to be transferred.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function transferAndCall(address to, uint256 value) external returns (bool);
    
        /**
         * @dev Moves a `value` amount of tokens from the caller's account to `to`
         * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
         * @param to The address which you want to transfer to.
         * @param value The amount of tokens to be transferred.
         * @param data Additional data with no specified format, sent in call to `to`.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
    
        /**
         * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
         * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
         * @param from The address which you want to send tokens from.
         * @param to The address which you want to transfer to.
         * @param value The amount of tokens to be transferred.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
    
        /**
         * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
         * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
         * @param from The address which you want to send tokens from.
         * @param to The address which you want to transfer to.
         * @param value The amount of tokens to be transferred.
         * @param data Additional data with no specified format, sent in call to `to`.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
    
        /**
         * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
         * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
         * @param spender The address which will spend the funds.
         * @param value The amount of tokens to be spent.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function approveAndCall(address spender, uint256 value) external returns (bool);
    
        /**
         * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
         * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
         * @param spender The address which will spend the funds.
         * @param value The amount of tokens to be spent.
         * @param data Additional data with no specified format, sent in call to `spender`.
         * @return A boolean value indicating whether the operation succeeded unless throwing.
         */
        function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)
    
    pragma solidity ^0.8.20;
    
    import {Errors} from "./Errors.sol";
    
    /**
     * @dev Collection of functions related to the address type
     */
    library Address {
        /**
         * @dev There's no code at `target` (it is not a contract).
         */
        error AddressEmptyCode(address target);
    
        /**
         * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
         * `recipient`, forwarding all available gas and reverting on errors.
         *
         * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
         * of certain opcodes, possibly making contracts go over the 2300 gas limit
         * imposed by `transfer`, making them unable to receive funds via
         * `transfer`. {sendValue} removes this limitation.
         *
         * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
         *
         * IMPORTANT: because control is transferred to `recipient`, care must be
         * taken to not create reentrancy vulnerabilities. Consider using
         * {ReentrancyGuard} or the
         * https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
         */
        function sendValue(address payable recipient, uint256 amount) internal {
            if (address(this).balance < amount) {
                revert Errors.InsufficientBalance(address(this).balance, amount);
            }
    
            (bool success, ) = recipient.call{value: amount}("");
            if (!success) {
                revert Errors.FailedCall();
            }
        }
    
        /**
         * @dev Performs a Solidity function call using a low level `call`. A
         * plain `call` is an unsafe replacement for a function call: use this
         * function instead.
         *
         * If `target` reverts with a revert reason or custom error, it is bubbled
         * up by this function (like regular Solidity function calls). However, if
         * the call reverted with no returned reason, this function reverts with a
         * {Errors.FailedCall} error.
         *
         * Returns the raw returned data. To convert to the expected return value,
         * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
         *
         * Requirements:
         *
         * - `target` must be a contract.
         * - calling `target` with `data` must not revert.
         */
        function functionCall(address target, bytes memory data) internal returns (bytes memory) {
            return functionCallWithValue(target, data, 0);
        }
    
        /**
         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
         * but also transferring `value` wei to `target`.
         *
         * Requirements:
         *
         * - the calling contract must have an ETH balance of at least `value`.
         * - the called Solidity function must be `payable`.
         */
        function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
            if (address(this).balance < value) {
                revert Errors.InsufficientBalance(address(this).balance, value);
            }
            (bool success, bytes memory returndata) = target.call{value: value}(data);
            return verifyCallResultFromTarget(target, success, returndata);
        }
    
        /**
         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
         * but performing a static call.
         */
        function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
            (bool success, bytes memory returndata) = target.staticcall(data);
            return verifyCallResultFromTarget(target, success, returndata);
        }
    
        /**
         * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
         * but performing a delegate call.
         */
        function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
            (bool success, bytes memory returndata) = target.delegatecall(data);
            return verifyCallResultFromTarget(target, success, returndata);
        }
    
        /**
         * @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
         * was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
         * of an unsuccessful call.
         */
        function verifyCallResultFromTarget(
            address target,
            bool success,
            bytes memory returndata
        ) internal view returns (bytes memory) {
            if (!success) {
                _revert(returndata);
            } else {
                // only check if target is a contract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                if (returndata.length == 0 && target.code.length == 0) {
                    revert AddressEmptyCode(target);
                }
                return returndata;
            }
        }
    
        /**
         * @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
         * revert reason or with a default {Errors.FailedCall} error.
         */
        function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
            if (!success) {
                _revert(returndata);
            } else {
                return returndata;
            }
        }
    
        /**
         * @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
         */
        function _revert(bytes memory returndata) private pure {
            // Look for revert reason and bubble it up if present
            if (returndata.length > 0) {
                // The easiest way to bubble the revert reason is using memory via assembly
                /// @solidity memory-safe-assembly
                assembly {
                    let returndata_size := mload(returndata)
                    revert(add(32, returndata), returndata_size)
                }
            } else {
                revert Errors.FailedCall();
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
    
    pragma solidity ^0.8.20;
    
    import {Panic} from "../Panic.sol";
    import {SafeCast} from "./SafeCast.sol";
    
    /**
     * @dev Standard math utilities missing in the Solidity language.
     */
    library Math {
        enum Rounding {
            Floor, // Toward negative infinity
            Ceil, // Toward positive infinity
            Trunc, // Toward zero
            Expand // Away from zero
        }
    
        /**
         * @dev Returns the addition of two unsigned integers, with an success flag (no overflow).
         */
        function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                uint256 c = a + b;
                if (c < a) return (false, 0);
                return (true, c);
            }
        }
    
        /**
         * @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).
         */
        function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b > a) return (false, 0);
                return (true, a - b);
            }
        }
    
        /**
         * @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).
         */
        function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
                // benefit is lost if 'b' is also tested.
                // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
                if (a == 0) return (true, 0);
                uint256 c = a * b;
                if (c / a != b) return (false, 0);
                return (true, c);
            }
        }
    
        /**
         * @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
         */
        function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b == 0) return (false, 0);
                return (true, a / b);
            }
        }
    
        /**
         * @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
         */
        function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b == 0) return (false, 0);
                return (true, a % b);
            }
        }
    
        /**
         * @dev Returns the largest of two numbers.
         */
        function max(uint256 a, uint256 b) internal pure returns (uint256) {
            return a > b ? a : b;
        }
    
        /**
         * @dev Returns the smallest of two numbers.
         */
        function min(uint256 a, uint256 b) internal pure returns (uint256) {
            return a < b ? a : b;
        }
    
        /**
         * @dev Returns the average of two numbers. The result is rounded towards
         * zero.
         */
        function average(uint256 a, uint256 b) internal pure returns (uint256) {
            // (a + b) / 2 can overflow.
            return (a & b) + (a ^ b) / 2;
        }
    
        /**
         * @dev Returns the ceiling of the division of two numbers.
         *
         * This differs from standard division with `/` in that it rounds towards infinity instead
         * of rounding towards zero.
         */
        function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
            if (b == 0) {
                // Guarantee the same behavior as in a regular Solidity division.
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
    
            // The following calculation ensures accurate ceiling division without overflow.
            // Since a is non-zero, (a - 1) / b will not overflow.
            // The largest possible result occurs when (a - 1) / b is type(uint256).max,
            // but the largest value we can obtain is type(uint256).max - 1, which happens
            // when a = type(uint256).max and b = 1.
            unchecked {
                return a == 0 ? 0 : (a - 1) / b + 1;
            }
        }
    
        /**
         * @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
         * denominator == 0.
         *
         * Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
         * Uniswap Labs also under MIT license.
         */
        function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
            unchecked {
                // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
                // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
                // variables such that product = prod1 * 2²⁵⁶ + prod0.
                uint256 prod0 = x * y; // Least significant 256 bits of the product
                uint256 prod1; // Most significant 256 bits of the product
                assembly {
                    let mm := mulmod(x, y, not(0))
                    prod1 := sub(sub(mm, prod0), lt(mm, prod0))
                }
    
                // Handle non-overflow cases, 256 by 256 division.
                if (prod1 == 0) {
                    // Solidity will revert if denominator == 0, unlike the div opcode on its own.
                    // The surrounding unchecked block does not change this fact.
                    // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
                    return prod0 / denominator;
                }
    
                // Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
                if (denominator <= prod1) {
                    Panic.panic(denominator == 0 ? Panic.DIVISION_BY_ZERO : Panic.UNDER_OVERFLOW);
                }
    
                ///////////////////////////////////////////////
                // 512 by 256 division.
                ///////////////////////////////////////////////
    
                // Make division exact by subtracting the remainder from [prod1 prod0].
                uint256 remainder;
                assembly {
                    // Compute remainder using mulmod.
                    remainder := mulmod(x, y, denominator)
    
                    // Subtract 256 bit number from 512 bit number.
                    prod1 := sub(prod1, gt(remainder, prod0))
                    prod0 := sub(prod0, remainder)
                }
    
                // Factor powers of two out of denominator and compute largest power of two divisor of denominator.
                // Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
    
                uint256 twos = denominator & (0 - denominator);
                assembly {
                    // Divide denominator by twos.
                    denominator := div(denominator, twos)
    
                    // Divide [prod1 prod0] by twos.
                    prod0 := div(prod0, twos)
    
                    // Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
                    twos := add(div(sub(0, twos), twos), 1)
                }
    
                // Shift in bits from prod1 into prod0.
                prod0 |= prod1 * twos;
    
                // Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
                // that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
                // four bits. That is, denominator * inv ≡ 1 mod 2⁴.
                uint256 inverse = (3 * denominator) ^ 2;
    
                // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
                // works in modular arithmetic, doubling the correct bits in each step.
                inverse *= 2 - denominator * inverse; // inverse mod 2⁸
                inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
                inverse *= 2 - denominator * inverse; // inverse mod 2³²
                inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
                inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
                inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
    
                // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
                // This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
                // less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1
                // is no longer required.
                result = prod0 * inverse;
                return result;
            }
        }
    
        /**
         * @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
         */
        function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
            return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
        }
    
        /**
         * @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
         *
         * If n is a prime, then Z/nZ is a field. In that case all elements are inversible, expect 0.
         * If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
         *
         * If the input value is not inversible, 0 is returned.
         *
         * NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Ferma's little theorem and get the
         * inverse using `Math.modExp(a, n - 2, n)`.
         */
        function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
            unchecked {
                if (n == 0) return 0;
    
                // The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
                // Used to compute integers x and y such that: ax + ny = gcd(a, n).
                // When the gcd is 1, then the inverse of a modulo n exists and it's x.
                // ax + ny = 1
                // ax = 1 + (-y)n
                // ax ≡ 1 (mod n) # x is the inverse of a modulo n
    
                // If the remainder is 0 the gcd is n right away.
                uint256 remainder = a % n;
                uint256 gcd = n;
    
                // Therefore the initial coefficients are:
                // ax + ny = gcd(a, n) = n
                // 0a + 1n = n
                int256 x = 0;
                int256 y = 1;
    
                while (remainder != 0) {
                    uint256 quotient = gcd / remainder;
    
                    (gcd, remainder) = (
                        // The old remainder is the next gcd to try.
                        remainder,
                        // Compute the next remainder.
                        // Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
                        // where gcd is at most n (capped to type(uint256).max)
                        gcd - remainder * quotient
                    );
    
                    (x, y) = (
                        // Increment the coefficient of a.
                        y,
                        // Decrement the coefficient of n.
                        // Can overflow, but the result is casted to uint256 so that the
                        // next value of y is "wrapped around" to a value between 0 and n - 1.
                        x - y * int256(quotient)
                    );
                }
    
                if (gcd != 1) return 0; // No inverse exists.
                return x < 0 ? (n - uint256(-x)) : uint256(x); // Wrap the result if it's negative.
            }
        }
    
        /**
         * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
         *
         * Requirements:
         * - modulus can't be zero
         * - underlying staticcall to precompile must succeed
         *
         * IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
         * sure the chain you're using it on supports the precompiled contract for modular exponentiation
         * at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
         * the underlying function will succeed given the lack of a revert, but the result may be incorrectly
         * interpreted as 0.
         */
        function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
            (bool success, uint256 result) = tryModExp(b, e, m);
            if (!success) {
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
            return result;
        }
    
        /**
         * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
         * It includes a success flag indicating if the operation succeeded. Operation will be marked has failed if trying
         * to operate modulo 0 or if the underlying precompile reverted.
         *
         * IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
         * you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
         * https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
         * of a revert, but the result may be incorrectly interpreted as 0.
         */
        function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
            if (m == 0) return (false, 0);
            /// @solidity memory-safe-assembly
            assembly {
                let ptr := mload(0x40)
                // | Offset    | Content    | Content (Hex)                                                      |
                // |-----------|------------|--------------------------------------------------------------------|
                // | 0x00:0x1f | size of b  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x20:0x3f | size of e  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x40:0x5f | size of m  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x60:0x7f | value of b | 0x<.............................................................b> |
                // | 0x80:0x9f | value of e | 0x<.............................................................e> |
                // | 0xa0:0xbf | value of m | 0x<.............................................................m> |
                mstore(ptr, 0x20)
                mstore(add(ptr, 0x20), 0x20)
                mstore(add(ptr, 0x40), 0x20)
                mstore(add(ptr, 0x60), b)
                mstore(add(ptr, 0x80), e)
                mstore(add(ptr, 0xa0), m)
    
                // Given the result < m, it's guaranteed to fit in 32 bytes,
                // so we can use the memory scratch space located at offset 0.
                success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
                result := mload(0x00)
            }
        }
    
        /**
         * @dev Variant of {modExp} that supports inputs of arbitrary length.
         */
        function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
            (bool success, bytes memory result) = tryModExp(b, e, m);
            if (!success) {
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
            return result;
        }
    
        /**
         * @dev Variant of {tryModExp} that supports inputs of arbitrary length.
         */
        function tryModExp(
            bytes memory b,
            bytes memory e,
            bytes memory m
        ) internal view returns (bool success, bytes memory result) {
            if (_zeroBytes(m)) return (false, new bytes(0));
    
            uint256 mLen = m.length;
    
            // Encode call args in result and move the free memory pointer
            result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
    
            /// @solidity memory-safe-assembly
            assembly {
                let dataPtr := add(result, 0x20)
                // Write result on top of args to avoid allocating extra memory.
                success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
                // Overwrite the length.
                // result.length > returndatasize() is guaranteed because returndatasize() == m.length
                mstore(result, mLen)
                // Set the memory pointer after the returned data.
                mstore(0x40, add(dataPtr, mLen))
            }
        }
    
        /**
         * @dev Returns whether the provided byte array is zero.
         */
        function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
            for (uint256 i = 0; i < byteArray.length; ++i) {
                if (byteArray[i] != 0) {
                    return false;
                }
            }
            return true;
        }
    
        /**
         * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
         * towards zero.
         *
         * This method is based on Newton's method for computing square roots; the algorithm is restricted to only
         * using integer operations.
         */
        function sqrt(uint256 a) internal pure returns (uint256) {
            unchecked {
                // Take care of easy edge cases when a == 0 or a == 1
                if (a <= 1) {
                    return a;
                }
    
                // In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
                // sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
                // the current value as `ε_n = | x_n - sqrt(a) |`.
                //
                // For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
                // of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
                // bigger than any uint256.
                //
                // By noticing that
                // `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
                // we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
                // to the msb function.
                uint256 aa = a;
                uint256 xn = 1;
    
                if (aa >= (1 << 128)) {
                    aa >>= 128;
                    xn <<= 64;
                }
                if (aa >= (1 << 64)) {
                    aa >>= 64;
                    xn <<= 32;
                }
                if (aa >= (1 << 32)) {
                    aa >>= 32;
                    xn <<= 16;
                }
                if (aa >= (1 << 16)) {
                    aa >>= 16;
                    xn <<= 8;
                }
                if (aa >= (1 << 8)) {
                    aa >>= 8;
                    xn <<= 4;
                }
                if (aa >= (1 << 4)) {
                    aa >>= 4;
                    xn <<= 2;
                }
                if (aa >= (1 << 2)) {
                    xn <<= 1;
                }
    
                // We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
                //
                // We can refine our estimation by noticing that the middle of that interval minimizes the error.
                // If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
                // This is going to be our x_0 (and ε_0)
                xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
    
                // From here, Newton's method give us:
                // x_{n+1} = (x_n + a / x_n) / 2
                //
                // One should note that:
                // x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
                //              = ((x_n² + a) / (2 * x_n))² - a
                //              = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
                //              = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
                //              = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
                //              = (x_n² - a)² / (2 * x_n)²
                //              = ((x_n² - a) / (2 * x_n))²
                //              ≥ 0
                // Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
                //
                // This gives us the proof of quadratic convergence of the sequence:
                // ε_{n+1} = | x_{n+1} - sqrt(a) |
                //         = | (x_n + a / x_n) / 2 - sqrt(a) |
                //         = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
                //         = | (x_n - sqrt(a))² / (2 * x_n) |
                //         = | ε_n² / (2 * x_n) |
                //         = ε_n² / | (2 * x_n) |
                //
                // For the first iteration, we have a special case where x_0 is known:
                // ε_1 = ε_0² / | (2 * x_0) |
                //     ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
                //     ≤ 2**(2*e-4) / (3 * 2**(e-1))
                //     ≤ 2**(e-3) / 3
                //     ≤ 2**(e-3-log2(3))
                //     ≤ 2**(e-4.5)
                //
                // For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
                // ε_{n+1} = ε_n² / | (2 * x_n) |
                //         ≤ (2**(e-k))² / (2 * 2**(e-1))
                //         ≤ 2**(2*e-2*k) / 2**e
                //         ≤ 2**(e-2*k)
                xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5)  -- special case, see above
                xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9)    -- general case with k = 4.5
                xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18)   -- general case with k = 9
                xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36)   -- general case with k = 18
                xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72)   -- general case with k = 36
                xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144)  -- general case with k = 72
    
                // Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
                // ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
                // sqrt(a) or sqrt(a) + 1.
                return xn - SafeCast.toUint(xn > a / xn);
            }
        }
    
        /**
         * @dev Calculates sqrt(a), following the selected rounding direction.
         */
        function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = sqrt(a);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
            }
        }
    
        /**
         * @dev Return the log in base 2 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         */
        function log2(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            uint256 exp;
            unchecked {
                exp = 128 * SafeCast.toUint(value > (1 << 128) - 1);
                value >>= exp;
                result += exp;
    
                exp = 64 * SafeCast.toUint(value > (1 << 64) - 1);
                value >>= exp;
                result += exp;
    
                exp = 32 * SafeCast.toUint(value > (1 << 32) - 1);
                value >>= exp;
                result += exp;
    
                exp = 16 * SafeCast.toUint(value > (1 << 16) - 1);
                value >>= exp;
                result += exp;
    
                exp = 8 * SafeCast.toUint(value > (1 << 8) - 1);
                value >>= exp;
                result += exp;
    
                exp = 4 * SafeCast.toUint(value > (1 << 4) - 1);
                value >>= exp;
                result += exp;
    
                exp = 2 * SafeCast.toUint(value > (1 << 2) - 1);
                value >>= exp;
                result += exp;
    
                result += SafeCast.toUint(value > 1);
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 2, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log2(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
            }
        }
    
        /**
         * @dev Return the log in base 10 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         */
        function log10(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            unchecked {
                if (value >= 10 ** 64) {
                    value /= 10 ** 64;
                    result += 64;
                }
                if (value >= 10 ** 32) {
                    value /= 10 ** 32;
                    result += 32;
                }
                if (value >= 10 ** 16) {
                    value /= 10 ** 16;
                    result += 16;
                }
                if (value >= 10 ** 8) {
                    value /= 10 ** 8;
                    result += 8;
                }
                if (value >= 10 ** 4) {
                    value /= 10 ** 4;
                    result += 4;
                }
                if (value >= 10 ** 2) {
                    value /= 10 ** 2;
                    result += 2;
                }
                if (value >= 10 ** 1) {
                    result += 1;
                }
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 10, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log10(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
            }
        }
    
        /**
         * @dev Return the log in base 256 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         *
         * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
         */
        function log256(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            uint256 isGt;
            unchecked {
                isGt = SafeCast.toUint(value > (1 << 128) - 1);
                value >>= isGt * 128;
                result += isGt * 16;
    
                isGt = SafeCast.toUint(value > (1 << 64) - 1);
                value >>= isGt * 64;
                result += isGt * 8;
    
                isGt = SafeCast.toUint(value > (1 << 32) - 1);
                value >>= isGt * 32;
                result += isGt * 4;
    
                isGt = SafeCast.toUint(value > (1 << 16) - 1);
                value >>= isGt * 16;
                result += isGt * 2;
    
                result += SafeCast.toUint(value > (1 << 8) - 1);
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 256, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log256(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
            }
        }
    
        /**
         * @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
         */
        function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
            return uint8(rounding) % 2 == 1;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/math/SignedMath.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Standard signed math utilities missing in the Solidity language.
     */
    library SignedMath {
        /**
         * @dev Returns the largest of two signed numbers.
         */
        function max(int256 a, int256 b) internal pure returns (int256) {
            return a > b ? a : b;
        }
    
        /**
         * @dev Returns the smallest of two signed numbers.
         */
        function min(int256 a, int256 b) internal pure returns (int256) {
            return a < b ? a : b;
        }
    
        /**
         * @dev Returns the average of two signed numbers without overflow.
         * The result is rounded towards zero.
         */
        function average(int256 a, int256 b) internal pure returns (int256) {
            // Formula from the book "Hacker's Delight"
            int256 x = (a & b) + ((a ^ b) >> 1);
            return x + (int256(uint256(x) >> 255) & (a ^ b));
        }
    
        /**
         * @dev Returns the absolute unsigned value of a signed value.
         */
        function abs(int256 n) internal pure returns (uint256) {
            unchecked {
                // Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson.
                // Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift,
                // taking advantage of the most significant (or "sign" bit) in two's complement representation.
                // This opcode adds new most significant bits set to the value of the previous most significant bit. As a result,
                // the mask will either be `bytes(0)` (if n is positive) or `~bytes32(0)` (if n is negative).
                int256 mask = n >> 255;
    
                // A `bytes(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it.
                return uint256((n + mask) ^ mask);
            }
        }
    }

    // SPDX-License-Identifier: agpl-3.0
    pragma solidity 0.8.28;
    
    import {IERC20} from "openzeppelin5/token/ERC20/IERC20.sol";
    
    import {Ownable2Step, Ownable} from "openzeppelin5/access/Ownable2Step.sol";
    import {EnumerableSet} from "openzeppelin5/utils/structs/EnumerableSet.sol";
    
    import {ISiloIncentivesController} from "../interfaces/ISiloIncentivesController.sol";
    import {IDistributionManager} from "../interfaces/IDistributionManager.sol";
    import {DistributionTypes} from "../lib/DistributionTypes.sol";
    import {TokenHelper} from "../../lib/TokenHelper.sol";
    
    /**
     * @title DistributionManager
     * @notice Accounting contract to manage multiple staking distributions
     */
    contract DistributionManager is IDistributionManager, Ownable2Step {
        using EnumerableSet for EnumerableSet.Bytes32Set;
    
        EnumerableSet.Bytes32Set internal _incentivesProgramIds;
    
        mapping(bytes32 => IncentivesProgram) public incentivesPrograms;
    
        /// @dev notifier is contract with IERC20 interface with users balances, based based on which
        /// rewards distribution is calculated
        address public immutable NOTIFIER; // solhint-disable-line var-name-mixedcase
    
        uint8 public constant PRECISION = 18;
        uint256 public constant TEN_POW_PRECISION = 10 ** PRECISION;
    
        modifier onlyNotifier() {
            if (msg.sender != NOTIFIER) revert OnlyNotifier();
            _;
        }
    
        modifier onlyNotifierOrOwner() {
            if (msg.sender != NOTIFIER && msg.sender != owner()) revert OnlyNotifierOrOwner();
            _;
        }
    
        /// @param _notifier is contract with IERC20 interface with users balances, based based on which
        /// rewards distribution is calculated
        constructor(address _owner, address _notifier) Ownable(_owner) {
            NOTIFIER = _notifier;
        }
    
        /// @inheritdoc IDistributionManager
        function setDistributionEnd(
            string calldata _incentivesProgram,
            uint40 _distributionEnd
        ) external virtual onlyOwner {
            require(_distributionEnd >= block.timestamp, ISiloIncentivesController.InvalidDistributionEnd());
    
            bytes32 programId = getProgramId(_incentivesProgram);
    
            require(_incentivesProgramIds.contains(programId), ISiloIncentivesController.IncentivesProgramNotFound());
    
            uint256 totalSupply = _shareToken().totalSupply();
    
            _updateAssetStateInternal(programId, totalSupply);
    
            incentivesPrograms[programId].distributionEnd = _distributionEnd;
    
            emit DistributionEndUpdated(_incentivesProgram, _distributionEnd);
        }
    
        /// @inheritdoc IDistributionManager
        function getDistributionEnd(string calldata _incentivesProgram) external view virtual override returns (uint256) {
            bytes32 incentivesProgramId = getProgramId(_incentivesProgram);
            return incentivesPrograms[incentivesProgramId].distributionEnd;
        }
    
        /// @inheritdoc IDistributionManager
        function getUserData(address _user, string calldata _incentivesProgram)
            public
            view
            virtual
            override
            returns (uint256)
        {
            bytes32 incentivesProgramId = getProgramId(_incentivesProgram);
            return incentivesPrograms[incentivesProgramId].users[_user];
        }
    
        /// @inheritdoc IDistributionManager
        function incentivesProgram(string calldata _incentivesProgram)
            external
            view
            virtual
            returns (IncentiveProgramDetails memory details)
        {
            bytes32 incentivesProgramId = getProgramId(_incentivesProgram);
    
            details = IncentiveProgramDetails(
                incentivesPrograms[incentivesProgramId].index,
                incentivesPrograms[incentivesProgramId].rewardToken,
                incentivesPrograms[incentivesProgramId].emissionPerSecond,
                incentivesPrograms[incentivesProgramId].lastUpdateTimestamp,
                incentivesPrograms[incentivesProgramId].distributionEnd
            );
        }
    
        /// @inheritdoc IDistributionManager
        function getAllProgramsNames() external view virtual returns (string[] memory programsNames) {
            uint256 length = _incentivesProgramIds.values().length;
            programsNames = new string[](length);
    
            for (uint256 i = 0; i < length; i++) {
                programsNames[i] = getProgramName(_incentivesProgramIds.values()[i]);
            }
        }
    
        /// @inheritdoc IDistributionManager
        function getProgramId(string memory _programName) public pure virtual returns (bytes32) {
            require(bytes(_programName).length != 0, InvalidIncentivesProgramName());
    
            return bytes32(abi.encodePacked(_programName));
        }
    
        /**
         * @dev Returns the name of an incentives program (converts bytes32 to string)
         * @param _programId The id of the incentives program
         * @return The name of the incentives program
         */
        function getProgramName(bytes32 _programId) public pure virtual returns (string memory) {
            return string(TokenHelper.removeZeros(abi.encodePacked(_programId)));
        }
    
        /**
         * @dev Updates the state of one distribution, mainly rewards index and timestamp
         * @param incentivesProgramId The id of the incentives program being updated
         * @param totalStaked Current total of staked assets for this distribution
         * @return The new distribution index
         */
        function _updateAssetStateInternal(
            bytes32 incentivesProgramId,
            uint256 totalStaked
        ) internal virtual returns (uint256) {
            uint256 oldIndex = incentivesPrograms[incentivesProgramId].index;
            uint256 emissionPerSecond = incentivesPrograms[incentivesProgramId].emissionPerSecond;
            uint256 lastUpdateTimestamp = incentivesPrograms[incentivesProgramId].lastUpdateTimestamp;
            uint256 distributionEnd = incentivesPrograms[incentivesProgramId].distributionEnd;
    
            if (block.timestamp == lastUpdateTimestamp) {
                return oldIndex;
            }
    
            uint256 newIndex = _getIncentivesProgramIndex(
                oldIndex, emissionPerSecond, lastUpdateTimestamp, distributionEnd, totalStaked
            );
    
            if (newIndex != oldIndex) {
                incentivesPrograms[incentivesProgramId].index = newIndex;
                incentivesPrograms[incentivesProgramId].lastUpdateTimestamp = uint40(block.timestamp);
    
                emit IncentivesProgramIndexUpdated(getProgramName(incentivesProgramId), newIndex);
            } else {
                incentivesPrograms[incentivesProgramId].lastUpdateTimestamp = uint40(block.timestamp);
            }
    
            return newIndex;
        }
    
        /**
         * @dev Updates the state of an user in a distribution
         * @param incentivesProgramId The id of the incentives program being updated
         * @param user The user's address
         * @param stakedByUser Amount of tokens staked by the user in the distribution at the moment
         * @param totalStaked Total tokens staked in the distribution
         * @return The accrued rewards for the user until the moment
         */
        function _updateUserAssetInternal(
            bytes32 incentivesProgramId,
            address user,
            uint256 stakedByUser,
            uint256 totalStaked
        ) internal virtual returns (uint256) {
            uint256 userIndex = incentivesPrograms[incentivesProgramId].users[user];
            uint256 accruedRewards = 0;
    
            uint256 newIndex = _updateAssetStateInternal(incentivesProgramId, totalStaked);
    
            if (userIndex != newIndex) {
                if (stakedByUser != 0) {
                    accruedRewards = _getRewards(stakedByUser, newIndex, userIndex);
                }
    
                incentivesPrograms[incentivesProgramId].users[user] = newIndex;
    
                emit UserIndexUpdated(user, getProgramName(incentivesProgramId), newIndex);
            }
    
            return accruedRewards;
        }
    
        /**
         * @dev Used by "frontend" stake contracts to update the data of an user when claiming rewards from there
         * @param _user The address of the user
         * @return accruedRewards The accrued rewards for the user until the moment
         */
        function _accrueRewards(address _user)
            internal
            virtual
            returns (AccruedRewards[] memory accruedRewards)
        {
            accruedRewards = _accrueRewardsForPrograms(_user, _incentivesProgramIds.values());
        }
    
        /**
         * @dev Accrues rewards for a list of programs
         * @param _user The address of the user
         * @param _programIds The ids of the programs
         * @return accruedRewards The accrued rewards for the user until the moment
         */
        function _accrueRewardsForPrograms(address _user, bytes32[] memory _programIds)
            internal
            virtual
            returns (AccruedRewards[] memory accruedRewards)
        {
            uint256 length = _programIds.length;
            accruedRewards = new AccruedRewards[](length);
    
            (uint256 userStaked, uint256 totalStaked) = _getScaledUserBalanceAndSupply(_user);
    
            for (uint256 i = 0; i < length; i++) {
                accruedRewards[i] = _accrueRewards(_user, _programIds[i], totalStaked, userStaked);
            }
        }
    
        function _accrueRewards(address _user, bytes32 _programId, uint256 _totalStaked, uint256 _userStaked)
            internal
            virtual
            returns (AccruedRewards memory accruedRewards)
        {
            uint256 rewards = _updateUserAssetInternal(
                _programId,
                _user,
                _userStaked,
                _totalStaked
            );
    
            accruedRewards = AccruedRewards({
                amount: rewards,
                programId: _programId,
                rewardToken: incentivesPrograms[_programId].rewardToken
            });
        }
    
        /**
         * @dev Return the accrued rewards for an user over a list of distribution
         * @param programId The id of the incentives program being updated
         * @param user The address of the user
         * @param stakedByUser Amount of tokens staked by the user in the distribution at the moment
         * @param totalStaked Total tokens staked in the distribution
         * @return accruedRewards The accrued rewards for the user until the moment
         */
        function _getUnclaimedRewards(bytes32 programId, address user, uint256 stakedByUser, uint256 totalStaked)
            internal
            view
            virtual
            returns (uint256 accruedRewards)
        {
            uint256 userIndex = incentivesPrograms[programId].users[user];
    
            uint256 incentivesProgramIndex = _getIncentivesProgramIndex(
                incentivesPrograms[programId].index,
                incentivesPrograms[programId].emissionPerSecond,
                incentivesPrograms[programId].lastUpdateTimestamp,
                incentivesPrograms[programId].distributionEnd,
                totalStaked
            );
    
            accruedRewards = _getRewards(stakedByUser, incentivesProgramIndex, userIndex);
        }
    
        /**
         * @dev Internal function for the calculation of user's rewards on a distribution
         * @param principalUserBalance Amount staked by the user on a distribution
         * @param reserveIndex Current index of the distribution
         * @param userIndex Index stored for the user, representation his staking moment
         * @return rewards The rewards
         */
        function _getRewards(
            uint256 principalUserBalance,
            uint256 reserveIndex,
            uint256 userIndex
        ) internal pure virtual returns (uint256 rewards) {
            rewards = principalUserBalance * (reserveIndex - userIndex);
            unchecked { rewards /= TEN_POW_PRECISION; }
        }
    
        /**
         * @dev Calculates the next value of an specific distribution index, with validations
         * @param currentIndex Current index of the distribution
         * @param emissionPerSecond Representing the total rewards distributed per second per asset unit,
         * on the distribution
         * @param lastUpdateTimestamp Last moment this distribution was updated
         * @param distributionEnd The end of the distribution
         * @param totalBalance of tokens considered for the distribution
         * @return newIndex The new index.
         */
        function _getIncentivesProgramIndex(
            uint256 currentIndex,
            uint256 emissionPerSecond,
            uint256 lastUpdateTimestamp,
            uint256 distributionEnd,
            uint256 totalBalance
        ) internal view virtual returns (uint256 newIndex) {
            if (
                emissionPerSecond == 0 ||
                totalBalance == 0 ||
                lastUpdateTimestamp == block.timestamp ||
                lastUpdateTimestamp >= distributionEnd
            ) {
                return currentIndex;
            }
    
            uint256 currentTimestamp = block.timestamp > distributionEnd ? distributionEnd : block.timestamp;
            uint256 timeDelta = currentTimestamp - lastUpdateTimestamp;
    
            newIndex = emissionPerSecond * timeDelta * TEN_POW_PRECISION;
            unchecked { newIndex /= totalBalance; }
            newIndex += currentIndex;
        }
    
        function _shareToken() internal view virtual returns (IERC20 shareToken) {
            shareToken = IERC20(NOTIFIER);
        }
    
        function _getScaledUserBalanceAndSupply(address _user)
            internal
            view
            virtual
            returns (uint256 userBalance, uint256 totalSupply)
        {
            userBalance = _shareToken().balanceOf(_user);
            totalSupply = _shareToken().totalSupply();
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC20} from "../token/ERC20/IERC20.sol";

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC165} from "../utils/introspection/IERC165.sol";

    // SPDX-License-Identifier: MIT
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Collection of common custom errors used in multiple contracts
     *
     * IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
     * It is recommended to avoid relying on the error API for critical functionality.
     */
    library Errors {
        /**
         * @dev The ETH balance of the account is not enough to perform the operation.
         */
        error InsufficientBalance(uint256 balance, uint256 needed);
    
        /**
         * @dev A call to an address target failed. The target may have reverted.
         */
        error FailedCall();
    
        /**
         * @dev The deployment failed.
         */
        error FailedDeployment();
    }

    // SPDX-License-Identifier: MIT
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Helper library for emitting standardized panic codes.
     *
     * ```solidity
     * contract Example {
     *      using Panic for uint256;
     *
     *      // Use any of the declared internal constants
     *      function foo() { Panic.GENERIC.panic(); }
     *
     *      // Alternatively
     *      function foo() { Panic.panic(Panic.GENERIC); }
     * }
     * ```
     *
     * Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
     */
    // slither-disable-next-line unused-state
    library Panic {
        /// @dev generic / unspecified error
        uint256 internal constant GENERIC = 0x00;
        /// @dev used by the assert() builtin
        uint256 internal constant ASSERT = 0x01;
        /// @dev arithmetic underflow or overflow
        uint256 internal constant UNDER_OVERFLOW = 0x11;
        /// @dev division or modulo by zero
        uint256 internal constant DIVISION_BY_ZERO = 0x12;
        /// @dev enum conversion error
        uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
        /// @dev invalid encoding in storage
        uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
        /// @dev empty array pop
        uint256 internal constant EMPTY_ARRAY_POP = 0x31;
        /// @dev array out of bounds access
        uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
        /// @dev resource error (too large allocation or too large array)
        uint256 internal constant RESOURCE_ERROR = 0x41;
        /// @dev calling invalid internal function
        uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
    
        /// @dev Reverts with a panic code. Recommended to use with
        /// the internal constants with predefined codes.
        function panic(uint256 code) internal pure {
            /// @solidity memory-safe-assembly
            assembly {
                mstore(0x00, 0x4e487b71)
                mstore(0x20, code)
                revert(0x1c, 0x24)
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/math/SafeCast.sol)
    // This file was procedurally generated from scripts/generate/templates/SafeCast.js.
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
     * checks.
     *
     * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
     * easily result in undesired exploitation or bugs, since developers usually
     * assume that overflows raise errors. `SafeCast` restores this intuition by
     * reverting the transaction when such an operation overflows.
     *
     * Using this library instead of the unchecked operations eliminates an entire
     * class of bugs, so it's recommended to use it always.
     */
    library SafeCast {
        /**
         * @dev Value doesn't fit in an uint of `bits` size.
         */
        error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
    
        /**
         * @dev An int value doesn't fit in an uint of `bits` size.
         */
        error SafeCastOverflowedIntToUint(int256 value);
    
        /**
         * @dev Value doesn't fit in an int of `bits` size.
         */
        error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
    
        /**
         * @dev An uint value doesn't fit in an int of `bits` size.
         */
        error SafeCastOverflowedUintToInt(uint256 value);
    
        /**
         * @dev Returns the downcasted uint248 from uint256, reverting on
         * overflow (when the input is greater than largest uint248).
         *
         * Counterpart to Solidity's `uint248` operator.
         *
         * Requirements:
         *
         * - input must fit into 248 bits
         */
        function toUint248(uint256 value) internal pure returns (uint248) {
            if (value > type(uint248).max) {
                revert SafeCastOverflowedUintDowncast(248, value);
            }
            return uint248(value);
        }
    
        /**
         * @dev Returns the downcasted uint240 from uint256, reverting on
         * overflow (when the input is greater than largest uint240).
         *
         * Counterpart to Solidity's `uint240` operator.
         *
         * Requirements:
         *
         * - input must fit into 240 bits
         */
        function toUint240(uint256 value) internal pure returns (uint240) {
            if (value > type(uint240).max) {
                revert SafeCastOverflowedUintDowncast(240, value);
            }
            return uint240(value);
        }
    
        /**
         * @dev Returns the downcasted uint232 from uint256, reverting on
         * overflow (when the input is greater than largest uint232).
         *
         * Counterpart to Solidity's `uint232` operator.
         *
         * Requirements:
         *
         * - input must fit into 232 bits
         */
        function toUint232(uint256 value) internal pure returns (uint232) {
            if (value > type(uint232).max) {
                revert SafeCastOverflowedUintDowncast(232, value);
            }
            return uint232(value);
        }
    
        /**
         * @dev Returns the downcasted uint224 from uint256, reverting on
         * overflow (when the input is greater than largest uint224).
         *
         * Counterpart to Solidity's `uint224` operator.
         *
         * Requirements:
         *
         * - input must fit into 224 bits
         */
        function toUint224(uint256 value) internal pure returns (uint224) {
            if (value > type(uint224).max) {
                revert SafeCastOverflowedUintDowncast(224, value);
            }
            return uint224(value);
        }
    
        /**
         * @dev Returns the downcasted uint216 from uint256, reverting on
         * overflow (when the input is greater than largest uint216).
         *
         * Counterpart to Solidity's `uint216` operator.
         *
         * Requirements:
         *
         * - input must fit into 216 bits
         */
        function toUint216(uint256 value) internal pure returns (uint216) {
            if (value > type(uint216).max) {
                revert SafeCastOverflowedUintDowncast(216, value);
            }
            return uint216(value);
        }
    
        /**
         * @dev Returns the downcasted uint208 from uint256, reverting on
         * overflow (when the input is greater than largest uint208).
         *
         * Counterpart to Solidity's `uint208` operator.
         *
         * Requirements:
         *
         * - input must fit into 208 bits
         */
        function toUint208(uint256 value) internal pure returns (uint208) {
            if (value > type(uint208).max) {
                revert SafeCastOverflowedUintDowncast(208, value);
            }
            return uint208(value);
        }
    
        /**
         * @dev Returns the downcasted uint200 from uint256, reverting on
         * overflow (when the input is greater than largest uint200).
         *
         * Counterpart to Solidity's `uint200` operator.
         *
         * Requirements:
         *
         * - input must fit into 200 bits
         */
        function toUint200(uint256 value) internal pure returns (uint200) {
            if (value > type(uint200).max) {
                revert SafeCastOverflowedUintDowncast(200, value);
            }
            return uint200(value);
        }
    
        /**
         * @dev Returns the downcasted uint192 from uint256, reverting on
         * overflow (when the input is greater than largest uint192).
         *
         * Counterpart to Solidity's `uint192` operator.
         *
         * Requirements:
         *
         * - input must fit into 192 bits
         */
        function toUint192(uint256 value) internal pure returns (uint192) {
            if (value > type(uint192).max) {
                revert SafeCastOverflowedUintDowncast(192, value);
            }
            return uint192(value);
        }
    
        /**
         * @dev Returns the downcasted uint184 from uint256, reverting on
         * overflow (when the input is greater than largest uint184).
         *
         * Counterpart to Solidity's `uint184` operator.
         *
         * Requirements:
         *
         * - input must fit into 184 bits
         */
        function toUint184(uint256 value) internal pure returns (uint184) {
            if (value > type(uint184).max) {
                revert SafeCastOverflowedUintDowncast(184, value);
            }
            return uint184(value);
        }
    
        /**
         * @dev Returns the downcasted uint176 from uint256, reverting on
         * overflow (when the input is greater than largest uint176).
         *
         * Counterpart to Solidity's `uint176` operator.
         *
         * Requirements:
         *
         * - input must fit into 176 bits
         */
        function toUint176(uint256 value) internal pure returns (uint176) {
            if (value > type(uint176).max) {
                revert SafeCastOverflowedUintDowncast(176, value);
            }
            return uint176(value);
        }
    
        /**
         * @dev Returns the downcasted uint168 from uint256, reverting on
         * overflow (when the input is greater than largest uint168).
         *
         * Counterpart to Solidity's `uint168` operator.
         *
         * Requirements:
         *
         * - input must fit into 168 bits
         */
        function toUint168(uint256 value) internal pure returns (uint168) {
            if (value > type(uint168).max) {
                revert SafeCastOverflowedUintDowncast(168, value);
            }
            return uint168(value);
        }
    
        /**
         * @dev Returns the downcasted uint160 from uint256, reverting on
         * overflow (when the input is greater than largest uint160).
         *
         * Counterpart to Solidity's `uint160` operator.
         *
         * Requirements:
         *
         * - input must fit into 160 bits
         */
        function toUint160(uint256 value) internal pure returns (uint160) {
            if (value > type(uint160).max) {
                revert SafeCastOverflowedUintDowncast(160, value);
            }
            return uint160(value);
        }
    
        /**
         * @dev Returns the downcasted uint152 from uint256, reverting on
         * overflow (when the input is greater than largest uint152).
         *
         * Counterpart to Solidity's `uint152` operator.
         *
         * Requirements:
         *
         * - input must fit into 152 bits
         */
        function toUint152(uint256 value) internal pure returns (uint152) {
            if (value > type(uint152).max) {
                revert SafeCastOverflowedUintDowncast(152, value);
            }
            return uint152(value);
        }
    
        /**
         * @dev Returns the downcasted uint144 from uint256, reverting on
         * overflow (when the input is greater than largest uint144).
         *
         * Counterpart to Solidity's `uint144` operator.
         *
         * Requirements:
         *
         * - input must fit into 144 bits
         */
        function toUint144(uint256 value) internal pure returns (uint144) {
            if (value > type(uint144).max) {
                revert SafeCastOverflowedUintDowncast(144, value);
            }
            return uint144(value);
        }
    
        /**
         * @dev Returns the downcasted uint136 from uint256, reverting on
         * overflow (when the input is greater than largest uint136).
         *
         * Counterpart to Solidity's `uint136` operator.
         *
         * Requirements:
         *
         * - input must fit into 136 bits
         */
        function toUint136(uint256 value) internal pure returns (uint136) {
            if (value > type(uint136).max) {
                revert SafeCastOverflowedUintDowncast(136, value);
            }
            return uint136(value);
        }
    
        /**
         * @dev Returns the downcasted uint128 from uint256, reverting on
         * overflow (when the input is greater than largest uint128).
         *
         * Counterpart to Solidity's `uint128` operator.
         *
         * Requirements:
         *
         * - input must fit into 128 bits
         */
        function toUint128(uint256 value) internal pure returns (uint128) {
            if (value > type(uint128).max) {
                revert SafeCastOverflowedUintDowncast(128, value);
            }
            return uint128(value);
        }
    
        /**
         * @dev Returns the downcasted uint120 from uint256, reverting on
         * overflow (when the input is greater than largest uint120).
         *
         * Counterpart to Solidity's `uint120` operator.
         *
         * Requirements:
         *
         * - input must fit into 120 bits
         */
        function toUint120(uint256 value) internal pure returns (uint120) {
            if (value > type(uint120).max) {
                revert SafeCastOverflowedUintDowncast(120, value);
            }
            return uint120(value);
        }
    
        /**
         * @dev Returns the downcasted uint112 from uint256, reverting on
         * overflow (when the input is greater than largest uint112).
         *
         * Counterpart to Solidity's `uint112` operator.
         *
         * Requirements:
         *
         * - input must fit into 112 bits
         */
        function toUint112(uint256 value) internal pure returns (uint112) {
            if (value > type(uint112).max) {
                revert SafeCastOverflowedUintDowncast(112, value);
            }
            return uint112(value);
        }
    
        /**
         * @dev Returns the downcasted uint104 from uint256, reverting on
         * overflow (when the input is greater than largest uint104).
         *
         * Counterpart to Solidity's `uint104` operator.
         *
         * Requirements:
         *
         * - input must fit into 104 bits
         */
        function toUint104(uint256 value) internal pure returns (uint104) {
            if (value > type(uint104).max) {
                revert SafeCastOverflowedUintDowncast(104, value);
            }
            return uint104(value);
        }
    
        /**
         * @dev Returns the downcasted uint96 from uint256, reverting on
         * overflow (when the input is greater than largest uint96).
         *
         * Counterpart to Solidity's `uint96` operator.
         *
         * Requirements:
         *
         * - input must fit into 96 bits
         */
        function toUint96(uint256 value) internal pure returns (uint96) {
            if (value > type(uint96).max) {
                revert SafeCastOverflowedUintDowncast(96, value);
            }
            return uint96(value);
        }
    
        /**
         * @dev Returns the downcasted uint88 from uint256, reverting on
         * overflow (when the input is greater than largest uint88).
         *
         * Counterpart to Solidity's `uint88` operator.
         *
         * Requirements:
         *
         * - input must fit into 88 bits
         */
        function toUint88(uint256 value) internal pure returns (uint88) {
            if (value > type(uint88).max) {
                revert SafeCastOverflowedUintDowncast(88, value);
            }
            return uint88(value);
        }
    
        /**
         * @dev Returns the downcasted uint80 from uint256, reverting on
         * overflow (when the input is greater than largest uint80).
         *
         * Counterpart to Solidity's `uint80` operator.
         *
         * Requirements:
         *
         * - input must fit into 80 bits
         */
        function toUint80(uint256 value) internal pure returns (uint80) {
            if (value > type(uint80).max) {
                revert SafeCastOverflowedUintDowncast(80, value);
            }
            return uint80(value);
        }
    
        /**
         * @dev Returns the downcasted uint72 from uint256, reverting on
         * overflow (when the input is greater than largest uint72).
         *
         * Counterpart to Solidity's `uint72` operator.
         *
         * Requirements:
         *
         * - input must fit into 72 bits
         */
        function toUint72(uint256 value) internal pure returns (uint72) {
            if (value > type(uint72).max) {
                revert SafeCastOverflowedUintDowncast(72, value);
            }
            return uint72(value);
        }
    
        /**
         * @dev Returns the downcasted uint64 from uint256, reverting on
         * overflow (when the input is greater than largest uint64).
         *
         * Counterpart to Solidity's `uint64` operator.
         *
         * Requirements:
         *
         * - input must fit into 64 bits
         */
        function toUint64(uint256 value) internal pure returns (uint64) {
            if (value > type(uint64).max) {
                revert SafeCastOverflowedUintDowncast(64, value);
            }
            return uint64(value);
        }
    
        /**
         * @dev Returns the downcasted uint56 from uint256, reverting on
         * overflow (when the input is greater than largest uint56).
         *
         * Counterpart to Solidity's `uint56` operator.
         *
         * Requirements:
         *
         * - input must fit into 56 bits
         */
        function toUint56(uint256 value) internal pure returns (uint56) {
            if (value > type(uint56).max) {
                revert SafeCastOverflowedUintDowncast(56, value);
            }
            return uint56(value);
        }
    
        /**
         * @dev Returns the downcasted uint48 from uint256, reverting on
         * overflow (when the input is greater than largest uint48).
         *
         * Counterpart to Solidity's `uint48` operator.
         *
         * Requirements:
         *
         * - input must fit into 48 bits
         */
        function toUint48(uint256 value) internal pure returns (uint48) {
            if (value > type(uint48).max) {
                revert SafeCastOverflowedUintDowncast(48, value);
            }
            return uint48(value);
        }
    
        /**
         * @dev Returns the downcasted uint40 from uint256, reverting on
         * overflow (when the input is greater than largest uint40).
         *
         * Counterpart to Solidity's `uint40` operator.
         *
         * Requirements:
         *
         * - input must fit into 40 bits
         */
        function toUint40(uint256 value) internal pure returns (uint40) {
            if (value > type(uint40).max) {
                revert SafeCastOverflowedUintDowncast(40, value);
            }
            return uint40(value);
        }
    
        /**
         * @dev Returns the downcasted uint32 from uint256, reverting on
         * overflow (when the input is greater than largest uint32).
         *
         * Counterpart to Solidity's `uint32` operator.
         *
         * Requirements:
         *
         * - input must fit into 32 bits
         */
        function toUint32(uint256 value) internal pure returns (uint32) {
            if (value > type(uint32).max) {
                revert SafeCastOverflowedUintDowncast(32, value);
            }
            return uint32(value);
        }
    
        /**
         * @dev Returns the downcasted uint24 from uint256, reverting on
         * overflow (when the input is greater than largest uint24).
         *
         * Counterpart to Solidity's `uint24` operator.
         *
         * Requirements:
         *
         * - input must fit into 24 bits
         */
        function toUint24(uint256 value) internal pure returns (uint24) {
            if (value > type(uint24).max) {
                revert SafeCastOverflowedUintDowncast(24, value);
            }
            return uint24(value);
        }
    
        /**
         * @dev Returns the downcasted uint16 from uint256, reverting on
         * overflow (when the input is greater than largest uint16).
         *
         * Counterpart to Solidity's `uint16` operator.
         *
         * Requirements:
         *
         * - input must fit into 16 bits
         */
        function toUint16(uint256 value) internal pure returns (uint16) {
            if (value > type(uint16).max) {
                revert SafeCastOverflowedUintDowncast(16, value);
            }
            return uint16(value);
        }
    
        /**
         * @dev Returns the downcasted uint8 from uint256, reverting on
         * overflow (when the input is greater than largest uint8).
         *
         * Counterpart to Solidity's `uint8` operator.
         *
         * Requirements:
         *
         * - input must fit into 8 bits
         */
        function toUint8(uint256 value) internal pure returns (uint8) {
            if (value > type(uint8).max) {
                revert SafeCastOverflowedUintDowncast(8, value);
            }
            return uint8(value);
        }
    
        /**
         * @dev Converts a signed int256 into an unsigned uint256.
         *
         * Requirements:
         *
         * - input must be greater than or equal to 0.
         */
        function toUint256(int256 value) internal pure returns (uint256) {
            if (value < 0) {
                revert SafeCastOverflowedIntToUint(value);
            }
            return uint256(value);
        }
    
        /**
         * @dev Returns the downcasted int248 from int256, reverting on
         * overflow (when the input is less than smallest int248 or
         * greater than largest int248).
         *
         * Counterpart to Solidity's `int248` operator.
         *
         * Requirements:
         *
         * - input must fit into 248 bits
         */
        function toInt248(int256 value) internal pure returns (int248 downcasted) {
            downcasted = int248(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(248, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int240 from int256, reverting on
         * overflow (when the input is less than smallest int240 or
         * greater than largest int240).
         *
         * Counterpart to Solidity's `int240` operator.
         *
         * Requirements:
         *
         * - input must fit into 240 bits
         */
        function toInt240(int256 value) internal pure returns (int240 downcasted) {
            downcasted = int240(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(240, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int232 from int256, reverting on
         * overflow (when the input is less than smallest int232 or
         * greater than largest int232).
         *
         * Counterpart to Solidity's `int232` operator.
         *
         * Requirements:
         *
         * - input must fit into 232 bits
         */
        function toInt232(int256 value) internal pure returns (int232 downcasted) {
            downcasted = int232(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(232, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int224 from int256, reverting on
         * overflow (when the input is less than smallest int224 or
         * greater than largest int224).
         *
         * Counterpart to Solidity's `int224` operator.
         *
         * Requirements:
         *
         * - input must fit into 224 bits
         */
        function toInt224(int256 value) internal pure returns (int224 downcasted) {
            downcasted = int224(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(224, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int216 from int256, reverting on
         * overflow (when the input is less than smallest int216 or
         * greater than largest int216).
         *
         * Counterpart to Solidity's `int216` operator.
         *
         * Requirements:
         *
         * - input must fit into 216 bits
         */
        function toInt216(int256 value) internal pure returns (int216 downcasted) {
            downcasted = int216(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(216, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int208 from int256, reverting on
         * overflow (when the input is less than smallest int208 or
         * greater than largest int208).
         *
         * Counterpart to Solidity's `int208` operator.
         *
         * Requirements:
         *
         * - input must fit into 208 bits
         */
        function toInt208(int256 value) internal pure returns (int208 downcasted) {
            downcasted = int208(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(208, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int200 from int256, reverting on
         * overflow (when the input is less than smallest int200 or
         * greater than largest int200).
         *
         * Counterpart to Solidity's `int200` operator.
         *
         * Requirements:
         *
         * - input must fit into 200 bits
         */
        function toInt200(int256 value) internal pure returns (int200 downcasted) {
            downcasted = int200(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(200, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int192 from int256, reverting on
         * overflow (when the input is less than smallest int192 or
         * greater than largest int192).
         *
         * Counterpart to Solidity's `int192` operator.
         *
         * Requirements:
         *
         * - input must fit into 192 bits
         */
        function toInt192(int256 value) internal pure returns (int192 downcasted) {
            downcasted = int192(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(192, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int184 from int256, reverting on
         * overflow (when the input is less than smallest int184 or
         * greater than largest int184).
         *
         * Counterpart to Solidity's `int184` operator.
         *
         * Requirements:
         *
         * - input must fit into 184 bits
         */
        function toInt184(int256 value) internal pure returns (int184 downcasted) {
            downcasted = int184(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(184, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int176 from int256, reverting on
         * overflow (when the input is less than smallest int176 or
         * greater than largest int176).
         *
         * Counterpart to Solidity's `int176` operator.
         *
         * Requirements:
         *
         * - input must fit into 176 bits
         */
        function toInt176(int256 value) internal pure returns (int176 downcasted) {
            downcasted = int176(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(176, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int168 from int256, reverting on
         * overflow (when the input is less than smallest int168 or
         * greater than largest int168).
         *
         * Counterpart to Solidity's `int168` operator.
         *
         * Requirements:
         *
         * - input must fit into 168 bits
         */
        function toInt168(int256 value) internal pure returns (int168 downcasted) {
            downcasted = int168(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(168, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int160 from int256, reverting on
         * overflow (when the input is less than smallest int160 or
         * greater than largest int160).
         *
         * Counterpart to Solidity's `int160` operator.
         *
         * Requirements:
         *
         * - input must fit into 160 bits
         */
        function toInt160(int256 value) internal pure returns (int160 downcasted) {
            downcasted = int160(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(160, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int152 from int256, reverting on
         * overflow (when the input is less than smallest int152 or
         * greater than largest int152).
         *
         * Counterpart to Solidity's `int152` operator.
         *
         * Requirements:
         *
         * - input must fit into 152 bits
         */
        function toInt152(int256 value) internal pure returns (int152 downcasted) {
            downcasted = int152(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(152, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int144 from int256, reverting on
         * overflow (when the input is less than smallest int144 or
         * greater than largest int144).
         *
         * Counterpart to Solidity's `int144` operator.
         *
         * Requirements:
         *
         * - input must fit into 144 bits
         */
        function toInt144(int256 value) internal pure returns (int144 downcasted) {
            downcasted = int144(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(144, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int136 from int256, reverting on
         * overflow (when the input is less than smallest int136 or
         * greater than largest int136).
         *
         * Counterpart to Solidity's `int136` operator.
         *
         * Requirements:
         *
         * - input must fit into 136 bits
         */
        function toInt136(int256 value) internal pure returns (int136 downcasted) {
            downcasted = int136(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(136, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int128 from int256, reverting on
         * overflow (when the input is less than smallest int128 or
         * greater than largest int128).
         *
         * Counterpart to Solidity's `int128` operator.
         *
         * Requirements:
         *
         * - input must fit into 128 bits
         */
        function toInt128(int256 value) internal pure returns (int128 downcasted) {
            downcasted = int128(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(128, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int120 from int256, reverting on
         * overflow (when the input is less than smallest int120 or
         * greater than largest int120).
         *
         * Counterpart to Solidity's `int120` operator.
         *
         * Requirements:
         *
         * - input must fit into 120 bits
         */
        function toInt120(int256 value) internal pure returns (int120 downcasted) {
            downcasted = int120(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(120, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int112 from int256, reverting on
         * overflow (when the input is less than smallest int112 or
         * greater than largest int112).
         *
         * Counterpart to Solidity's `int112` operator.
         *
         * Requirements:
         *
         * - input must fit into 112 bits
         */
        function toInt112(int256 value) internal pure returns (int112 downcasted) {
            downcasted = int112(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(112, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int104 from int256, reverting on
         * overflow (when the input is less than smallest int104 or
         * greater than largest int104).
         *
         * Counterpart to Solidity's `int104` operator.
         *
         * Requirements:
         *
         * - input must fit into 104 bits
         */
        function toInt104(int256 value) internal pure returns (int104 downcasted) {
            downcasted = int104(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(104, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int96 from int256, reverting on
         * overflow (when the input is less than smallest int96 or
         * greater than largest int96).
         *
         * Counterpart to Solidity's `int96` operator.
         *
         * Requirements:
         *
         * - input must fit into 96 bits
         */
        function toInt96(int256 value) internal pure returns (int96 downcasted) {
            downcasted = int96(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(96, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int88 from int256, reverting on
         * overflow (when the input is less than smallest int88 or
         * greater than largest int88).
         *
         * Counterpart to Solidity's `int88` operator.
         *
         * Requirements:
         *
         * - input must fit into 88 bits
         */
        function toInt88(int256 value) internal pure returns (int88 downcasted) {
            downcasted = int88(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(88, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int80 from int256, reverting on
         * overflow (when the input is less than smallest int80 or
         * greater than largest int80).
         *
         * Counterpart to Solidity's `int80` operator.
         *
         * Requirements:
         *
         * - input must fit into 80 bits
         */
        function toInt80(int256 value) internal pure returns (int80 downcasted) {
            downcasted = int80(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(80, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int72 from int256, reverting on
         * overflow (when the input is less than smallest int72 or
         * greater than largest int72).
         *
         * Counterpart to Solidity's `int72` operator.
         *
         * Requirements:
         *
         * - input must fit into 72 bits
         */
        function toInt72(int256 value) internal pure returns (int72 downcasted) {
            downcasted = int72(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(72, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int64 from int256, reverting on
         * overflow (when the input is less than smallest int64 or
         * greater than largest int64).
         *
         * Counterpart to Solidity's `int64` operator.
         *
         * Requirements:
         *
         * - input must fit into 64 bits
         */
        function toInt64(int256 value) internal pure returns (int64 downcasted) {
            downcasted = int64(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(64, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int56 from int256, reverting on
         * overflow (when the input is less than smallest int56 or
         * greater than largest int56).
         *
         * Counterpart to Solidity's `int56` operator.
         *
         * Requirements:
         *
         * - input must fit into 56 bits
         */
        function toInt56(int256 value) internal pure returns (int56 downcasted) {
            downcasted = int56(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(56, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int48 from int256, reverting on
         * overflow (when the input is less than smallest int48 or
         * greater than largest int48).
         *
         * Counterpart to Solidity's `int48` operator.
         *
         * Requirements:
         *
         * - input must fit into 48 bits
         */
        function toInt48(int256 value) internal pure returns (int48 downcasted) {
            downcasted = int48(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(48, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int40 from int256, reverting on
         * overflow (when the input is less than smallest int40 or
         * greater than largest int40).
         *
         * Counterpart to Solidity's `int40` operator.
         *
         * Requirements:
         *
         * - input must fit into 40 bits
         */
        function toInt40(int256 value) internal pure returns (int40 downcasted) {
            downcasted = int40(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(40, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int32 from int256, reverting on
         * overflow (when the input is less than smallest int32 or
         * greater than largest int32).
         *
         * Counterpart to Solidity's `int32` operator.
         *
         * Requirements:
         *
         * - input must fit into 32 bits
         */
        function toInt32(int256 value) internal pure returns (int32 downcasted) {
            downcasted = int32(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(32, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int24 from int256, reverting on
         * overflow (when the input is less than smallest int24 or
         * greater than largest int24).
         *
         * Counterpart to Solidity's `int24` operator.
         *
         * Requirements:
         *
         * - input must fit into 24 bits
         */
        function toInt24(int256 value) internal pure returns (int24 downcasted) {
            downcasted = int24(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(24, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int16 from int256, reverting on
         * overflow (when the input is less than smallest int16 or
         * greater than largest int16).
         *
         * Counterpart to Solidity's `int16` operator.
         *
         * Requirements:
         *
         * - input must fit into 16 bits
         */
        function toInt16(int256 value) internal pure returns (int16 downcasted) {
            downcasted = int16(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(16, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int8 from int256, reverting on
         * overflow (when the input is less than smallest int8 or
         * greater than largest int8).
         *
         * Counterpart to Solidity's `int8` operator.
         *
         * Requirements:
         *
         * - input must fit into 8 bits
         */
        function toInt8(int256 value) internal pure returns (int8 downcasted) {
            downcasted = int8(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(8, value);
            }
        }
    
        /**
         * @dev Converts an unsigned uint256 into a signed int256.
         *
         * Requirements:
         *
         * - input must be less than or equal to maxInt256.
         */
        function toInt256(uint256 value) internal pure returns (int256) {
            // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
            if (value > uint256(type(int256).max)) {
                revert SafeCastOverflowedUintToInt(value);
            }
            return int256(value);
        }
    
        /**
         * @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
         */
        function toUint(bool b) internal pure returns (uint256 u) {
            /// @solidity memory-safe-assembly
            assembly {
                u := iszero(iszero(b))
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable2Step.sol)
    
    pragma solidity ^0.8.20;
    
    import {Ownable} from "./Ownable.sol";
    
    /**
     * @dev Contract module which provides access control mechanism, where
     * there is an account (an owner) that can be granted exclusive access to
     * specific functions.
     *
     * This extension of the {Ownable} contract includes a two-step mechanism to transfer
     * ownership, where the new owner must call {acceptOwnership} in order to replace the
     * old one. This can help prevent common mistakes, such as transfers of ownership to
     * incorrect accounts, or to contracts that are unable to interact with the
     * permission system.
     *
     * The initial owner is specified at deployment time in the constructor for `Ownable`. This
     * can later be changed with {transferOwnership} and {acceptOwnership}.
     *
     * This module is used through inheritance. It will make available all functions
     * from parent (Ownable).
     */
    abstract contract Ownable2Step is Ownable {
        address private _pendingOwner;
    
        event OwnershipTransferStarted(address indexed previousOwner, address indexed newOwner);
    
        /**
         * @dev Returns the address of the pending owner.
         */
        function pendingOwner() public view virtual returns (address) {
            return _pendingOwner;
        }
    
        /**
         * @dev Starts the ownership transfer of the contract to a new account. Replaces the pending transfer if there is one.
         * Can only be called by the current owner.
         */
        function transferOwnership(address newOwner) public virtual override onlyOwner {
            _pendingOwner = newOwner;
            emit OwnershipTransferStarted(owner(), newOwner);
        }
    
        /**
         * @dev Transfers ownership of the contract to a new account (`newOwner`) and deletes any pending owner.
         * Internal function without access restriction.
         */
        function _transferOwnership(address newOwner) internal virtual override {
            delete _pendingOwner;
            super._transferOwnership(newOwner);
        }
    
        /**
         * @dev The new owner accepts the ownership transfer.
         */
        function acceptOwnership() public virtual {
            address sender = _msgSender();
            if (pendingOwner() != sender) {
                revert OwnableUnauthorizedAccount(sender);
            }
            _transferOwnership(sender);
        }
    }

    // SPDX-License-Identifier: BUSL-1.1
    pragma solidity ^0.8.28;
    
    import {IERC20Metadata} from "openzeppelin5/token/ERC20/extensions/IERC20Metadata.sol";
    
    import {IsContract} from "./IsContract.sol";
    
    library TokenHelper {
        uint256 private constant _BYTES32_SIZE = 32;
    
        error TokenIsNotAContract();
    
        function assertAndGetDecimals(address _token) internal view returns (uint256) {
            (bool hasMetadata, bytes memory data) =
                _tokenMetadataCall(_token, abi.encodeCall(IERC20Metadata.decimals, ()));
    
            // decimals() is optional in the ERC20 standard, so if metadata is not accessible
            // we assume there are no decimals and use 0.
            if (!hasMetadata) {
                return 0;
            }
    
            return abi.decode(data, (uint8));
        }
    
        /// @dev Returns the symbol for the provided ERC20 token.
        /// An empty string is returned if the call to the token didn't succeed.
        /// @param _token address of the token to get the symbol for
        /// @return assetSymbol the token symbol
        function symbol(address _token) internal view returns (string memory assetSymbol) {
            (bool hasMetadata, bytes memory data) =
                _tokenMetadataCall(_token, abi.encodeCall(IERC20Metadata.symbol, ()));
    
            if (!hasMetadata || data.length == 0) {
                return "?";
            } else if (data.length == _BYTES32_SIZE) {
                return string(removeZeros(data));
            } else {
                return abi.decode(data, (string));
            }
        }
    
        /// @dev Removes bytes with value equal to 0 from the provided byte array.
        /// @param _data byte array from which to remove zeroes
        /// @return result byte array with zeroes removed
        function removeZeros(bytes memory _data) internal pure returns (bytes memory result) {
            uint256 n = _data.length;
    
            for (uint256 i; i < n; i++) {
                if (_data[i] == 0) continue;
    
                result = abi.encodePacked(result, _data[i]);
            }
        }
    
        /// @dev Performs a staticcall to the token to get its metadata (symbol, decimals, name)
        function _tokenMetadataCall(address _token, bytes memory _data) private view returns (bool, bytes memory) {
            // We need to do this before the call, otherwise the call will succeed even for EOAs
            require(IsContract.isContract(_token), TokenIsNotAContract());
    
            (bool success, bytes memory result) = _token.staticcall(_data);
    
            // If the call reverted we assume the token doesn't follow the metadata extension
            if (!success) {
                return (false, "");
            }
    
            return (true, result);
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/IERC165.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Interface of the ERC-165 standard, as defined in the
     * https://eips.ethereum.org/EIPS/eip-165[ERC].
     *
     * Implementers can declare support of contract interfaces, which can then be
     * queried by others ({ERC165Checker}).
     *
     * For an implementation, see {ERC165}.
     */
    interface IERC165 {
        /**
         * @dev Returns true if this contract implements the interface defined by
         * `interfaceId`. See the corresponding
         * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
         * to learn more about how these ids are created.
         *
         * This function call must use less than 30 000 gas.
         */
        function supportsInterface(bytes4 interfaceId) external view returns (bool);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
    
    pragma solidity ^0.8.20;
    
    import {Context} from "../utils/Context.sol";
    
    /**
     * @dev Contract module which provides a basic access control mechanism, where
     * there is an account (an owner) that can be granted exclusive access to
     * specific functions.
     *
     * The initial owner is set to the address provided by the deployer. This can
     * later be changed with {transferOwnership}.
     *
     * This module is used through inheritance. It will make available the modifier
     * `onlyOwner`, which can be applied to your functions to restrict their use to
     * the owner.
     */
    abstract contract Ownable is Context {
        address private _owner;
    
        /**
         * @dev The caller account is not authorized to perform an operation.
         */
        error OwnableUnauthorizedAccount(address account);
    
        /**
         * @dev The owner is not a valid owner account. (eg. `address(0)`)
         */
        error OwnableInvalidOwner(address owner);
    
        event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
    
        /**
         * @dev Initializes the contract setting the address provided by the deployer as the initial owner.
         */
        constructor(address initialOwner) {
            if (initialOwner == address(0)) {
                revert OwnableInvalidOwner(address(0));
            }
            _transferOwnership(initialOwner);
        }
    
        /**
         * @dev Throws if called by any account other than the owner.
         */
        modifier onlyOwner() {
            _checkOwner();
            _;
        }
    
        /**
         * @dev Returns the address of the current owner.
         */
        function owner() public view virtual returns (address) {
            return _owner;
        }
    
        /**
         * @dev Throws if the sender is not the owner.
         */
        function _checkOwner() internal view virtual {
            if (owner() != _msgSender()) {
                revert OwnableUnauthorizedAccount(_msgSender());
            }
        }
    
        /**
         * @dev Leaves the contract without owner. It will not be possible to call
         * `onlyOwner` functions. Can only be called by the current owner.
         *
         * NOTE: Renouncing ownership will leave the contract without an owner,
         * thereby disabling any functionality that is only available to the owner.
         */
        function renounceOwnership() public virtual onlyOwner {
            _transferOwnership(address(0));
        }
    
        /**
         * @dev Transfers ownership of the contract to a new account (`newOwner`).
         * Can only be called by the current owner.
         */
        function transferOwnership(address newOwner) public virtual onlyOwner {
            if (newOwner == address(0)) {
                revert OwnableInvalidOwner(address(0));
            }
            _transferOwnership(newOwner);
        }
    
        /**
         * @dev Transfers ownership of the contract to a new account (`newOwner`).
         * Internal function without access restriction.
         */
        function _transferOwnership(address newOwner) internal virtual {
            address oldOwner = _owner;
            _owner = newOwner;
            emit OwnershipTransferred(oldOwner, newOwner);
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/IERC20Metadata.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC20} from "../IERC20.sol";
    
    /**
     * @dev Interface for the optional metadata functions from the ERC-20 standard.
     */
    interface IERC20Metadata is IERC20 {
        /**
         * @dev Returns the name of the token.
         */
        function name() external view returns (string memory);
    
        /**
         * @dev Returns the symbol of the token.
         */
        function symbol() external view returns (string memory);
    
        /**
         * @dev Returns the decimals places of the token.
         */
        function decimals() external view returns (uint8);
    }

    // SPDX-License-Identifier: BUSL-1.1
    pragma solidity ^0.8.24;
    
    library IsContract {
        /**
         * @dev Returns true if `account` is a contract.
         *
         * [IMPORTANT]
         * ====
         * It is unsafe to assume that an address for which this function returns
         * false is an externally-owned account (EOA) and not a contract.
         *
         * Among others, `isContract` will return false for the following
         * types of addresses:
         *
         *  - an externally-owned account
         *  - a contract in construction
         *  - an address where a contract will be created
         *  - an address where a contract lived, but was destroyed
         *
         * Furthermore, `isContract` will also return true if the target contract within
         * the same transaction is already scheduled for destruction by `SELFDESTRUCT`,
         * which only has an effect at the end of a transaction.
         * ====
         *
         * [IMPORTANT]
         * ====
         * You shouldn't rely on `isContract` to protect against flash loan attacks!
         *
         * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
         * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
         * constructor.
         * ====
         */
        function isContract(address _account) internal view returns (bool) {
            // This method relies on extcodesize/address.code.length, which returns 0
            // for contracts in construction, since the code is only stored at the end
            // of the constructor execution.
    
            return _account.code.length > 0;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Provides information about the current execution context, including the
     * sender of the transaction and its data. While these are generally available
     * via msg.sender and msg.data, they should not be accessed in such a direct
     * manner, since when dealing with meta-transactions the account sending and
     * paying for execution may not be the actual sender (as far as an application
     * is concerned).
     *
     * This contract is only required for intermediate, library-like contracts.
     */
    abstract contract Context {
        function _msgSender() internal view virtual returns (address) {
            return msg.sender;
        }
    
        function _msgData() internal view virtual returns (bytes calldata) {
            return msg.data;
        }
    
        function _contextSuffixLength() internal view virtual returns (uint256) {
            return 0;
        }
    }

    Please enter a contract address above to load the contract details and source code.

    Context size (optional):