APE Price: $0.50 (-3.66%)
    /

    Contract Diff Checker

    Contract Name:
    TestNFT

    Contract Source Code:

    // SPDX-License-Identifier: MIT
    pragma solidity ^0.8.20;
    
    import "@openzeppelin/contracts/token/ERC721/ERC721.sol";
    import "@openzeppelin/contracts/access/Ownable.sol";
    
    /// @title TestNFT
    /// @notice A simple NFT collection for testing the dungeon game
    contract TestNFT is ERC721, Ownable {
        uint256 private _tokenIds;
        string private _baseTokenURI;
    
        constructor(
            string memory name,
            string memory symbol
        ) ERC721(name, symbol) Ownable(msg.sender) {}
    
        function mint() external onlyOwner returns (uint256) {
            _tokenIds++;
            uint256 newItemId = _tokenIds;
            _mint(msg.sender, newItemId);
            return newItemId;
        }
    
        function _baseURI() internal view override returns (string memory) {
            return _baseTokenURI;
        }
    
        function setBaseURI(string memory baseURI) external onlyOwner {
            _baseTokenURI = baseURI;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/ERC721.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC721} from "./IERC721.sol";
    import {IERC721Metadata} from "./extensions/IERC721Metadata.sol";
    import {ERC721Utils} from "./utils/ERC721Utils.sol";
    import {Context} from "../../utils/Context.sol";
    import {Strings} from "../../utils/Strings.sol";
    import {IERC165, ERC165} from "../../utils/introspection/ERC165.sol";
    import {IERC721Errors} from "../../interfaces/draft-IERC6093.sol";
    
    /**
     * @dev Implementation of https://eips.ethereum.org/EIPS/eip-721[ERC-721] Non-Fungible Token Standard, including
     * the Metadata extension, but not including the Enumerable extension, which is available separately as
     * {ERC721Enumerable}.
     */
    abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Errors {
        using Strings for uint256;
    
        // Token name
        string private _name;
    
        // Token symbol
        string private _symbol;
    
        mapping(uint256 tokenId => address) private _owners;
    
        mapping(address owner => uint256) private _balances;
    
        mapping(uint256 tokenId => address) private _tokenApprovals;
    
        mapping(address owner => mapping(address operator => bool)) private _operatorApprovals;
    
        /**
         * @dev Initializes the contract by setting a `name` and a `symbol` to the token collection.
         */
        constructor(string memory name_, string memory symbol_) {
            _name = name_;
            _symbol = symbol_;
        }
    
        /**
         * @dev See {IERC165-supportsInterface}.
         */
        function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
            return
                interfaceId == type(IERC721).interfaceId ||
                interfaceId == type(IERC721Metadata).interfaceId ||
                super.supportsInterface(interfaceId);
        }
    
        /**
         * @dev See {IERC721-balanceOf}.
         */
        function balanceOf(address owner) public view virtual returns (uint256) {
            if (owner == address(0)) {
                revert ERC721InvalidOwner(address(0));
            }
            return _balances[owner];
        }
    
        /**
         * @dev See {IERC721-ownerOf}.
         */
        function ownerOf(uint256 tokenId) public view virtual returns (address) {
            return _requireOwned(tokenId);
        }
    
        /**
         * @dev See {IERC721Metadata-name}.
         */
        function name() public view virtual returns (string memory) {
            return _name;
        }
    
        /**
         * @dev See {IERC721Metadata-symbol}.
         */
        function symbol() public view virtual returns (string memory) {
            return _symbol;
        }
    
        /**
         * @dev See {IERC721Metadata-tokenURI}.
         */
        function tokenURI(uint256 tokenId) public view virtual returns (string memory) {
            _requireOwned(tokenId);
    
            string memory baseURI = _baseURI();
            return bytes(baseURI).length > 0 ? string.concat(baseURI, tokenId.toString()) : "";
        }
    
        /**
         * @dev Base URI for computing {tokenURI}. If set, the resulting URI for each
         * token will be the concatenation of the `baseURI` and the `tokenId`. Empty
         * by default, can be overridden in child contracts.
         */
        function _baseURI() internal view virtual returns (string memory) {
            return "";
        }
    
        /**
         * @dev See {IERC721-approve}.
         */
        function approve(address to, uint256 tokenId) public virtual {
            _approve(to, tokenId, _msgSender());
        }
    
        /**
         * @dev See {IERC721-getApproved}.
         */
        function getApproved(uint256 tokenId) public view virtual returns (address) {
            _requireOwned(tokenId);
    
            return _getApproved(tokenId);
        }
    
        /**
         * @dev See {IERC721-setApprovalForAll}.
         */
        function setApprovalForAll(address operator, bool approved) public virtual {
            _setApprovalForAll(_msgSender(), operator, approved);
        }
    
        /**
         * @dev See {IERC721-isApprovedForAll}.
         */
        function isApprovedForAll(address owner, address operator) public view virtual returns (bool) {
            return _operatorApprovals[owner][operator];
        }
    
        /**
         * @dev See {IERC721-transferFrom}.
         */
        function transferFrom(address from, address to, uint256 tokenId) public virtual {
            if (to == address(0)) {
                revert ERC721InvalidReceiver(address(0));
            }
            // Setting an "auth" arguments enables the `_isAuthorized` check which verifies that the token exists
            // (from != 0). Therefore, it is not needed to verify that the return value is not 0 here.
            address previousOwner = _update(to, tokenId, _msgSender());
            if (previousOwner != from) {
                revert ERC721IncorrectOwner(from, tokenId, previousOwner);
            }
        }
    
        /**
         * @dev See {IERC721-safeTransferFrom}.
         */
        function safeTransferFrom(address from, address to, uint256 tokenId) public {
            safeTransferFrom(from, to, tokenId, "");
        }
    
        /**
         * @dev See {IERC721-safeTransferFrom}.
         */
        function safeTransferFrom(address from, address to, uint256 tokenId, bytes memory data) public virtual {
            transferFrom(from, to, tokenId);
            ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
        }
    
        /**
         * @dev Returns the owner of the `tokenId`. Does NOT revert if token doesn't exist
         *
         * IMPORTANT: Any overrides to this function that add ownership of tokens not tracked by the
         * core ERC-721 logic MUST be matched with the use of {_increaseBalance} to keep balances
         * consistent with ownership. The invariant to preserve is that for any address `a` the value returned by
         * `balanceOf(a)` must be equal to the number of tokens such that `_ownerOf(tokenId)` is `a`.
         */
        function _ownerOf(uint256 tokenId) internal view virtual returns (address) {
            return _owners[tokenId];
        }
    
        /**
         * @dev Returns the approved address for `tokenId`. Returns 0 if `tokenId` is not minted.
         */
        function _getApproved(uint256 tokenId) internal view virtual returns (address) {
            return _tokenApprovals[tokenId];
        }
    
        /**
         * @dev Returns whether `spender` is allowed to manage `owner`'s tokens, or `tokenId` in
         * particular (ignoring whether it is owned by `owner`).
         *
         * WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
         * assumption.
         */
        function _isAuthorized(address owner, address spender, uint256 tokenId) internal view virtual returns (bool) {
            return
                spender != address(0) &&
                (owner == spender || isApprovedForAll(owner, spender) || _getApproved(tokenId) == spender);
        }
    
        /**
         * @dev Checks if `spender` can operate on `tokenId`, assuming the provided `owner` is the actual owner.
         * Reverts if:
         * - `spender` does not have approval from `owner` for `tokenId`.
         * - `spender` does not have approval to manage all of `owner`'s assets.
         *
         * WARNING: This function assumes that `owner` is the actual owner of `tokenId` and does not verify this
         * assumption.
         */
        function _checkAuthorized(address owner, address spender, uint256 tokenId) internal view virtual {
            if (!_isAuthorized(owner, spender, tokenId)) {
                if (owner == address(0)) {
                    revert ERC721NonexistentToken(tokenId);
                } else {
                    revert ERC721InsufficientApproval(spender, tokenId);
                }
            }
        }
    
        /**
         * @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
         *
         * NOTE: the value is limited to type(uint128).max. This protect against _balance overflow. It is unrealistic that
         * a uint256 would ever overflow from increments when these increments are bounded to uint128 values.
         *
         * WARNING: Increasing an account's balance using this function tends to be paired with an override of the
         * {_ownerOf} function to resolve the ownership of the corresponding tokens so that balances and ownership
         * remain consistent with one another.
         */
        function _increaseBalance(address account, uint128 value) internal virtual {
            unchecked {
                _balances[account] += value;
            }
        }
    
        /**
         * @dev Transfers `tokenId` from its current owner to `to`, or alternatively mints (or burns) if the current owner
         * (or `to`) is the zero address. Returns the owner of the `tokenId` before the update.
         *
         * The `auth` argument is optional. If the value passed is non 0, then this function will check that
         * `auth` is either the owner of the token, or approved to operate on the token (by the owner).
         *
         * Emits a {Transfer} event.
         *
         * NOTE: If overriding this function in a way that tracks balances, see also {_increaseBalance}.
         */
        function _update(address to, uint256 tokenId, address auth) internal virtual returns (address) {
            address from = _ownerOf(tokenId);
    
            // Perform (optional) operator check
            if (auth != address(0)) {
                _checkAuthorized(from, auth, tokenId);
            }
    
            // Execute the update
            if (from != address(0)) {
                // Clear approval. No need to re-authorize or emit the Approval event
                _approve(address(0), tokenId, address(0), false);
    
                unchecked {
                    _balances[from] -= 1;
                }
            }
    
            if (to != address(0)) {
                unchecked {
                    _balances[to] += 1;
                }
            }
    
            _owners[tokenId] = to;
    
            emit Transfer(from, to, tokenId);
    
            return from;
        }
    
        /**
         * @dev Mints `tokenId` and transfers it to `to`.
         *
         * WARNING: Usage of this method is discouraged, use {_safeMint} whenever possible
         *
         * Requirements:
         *
         * - `tokenId` must not exist.
         * - `to` cannot be the zero address.
         *
         * Emits a {Transfer} event.
         */
        function _mint(address to, uint256 tokenId) internal {
            if (to == address(0)) {
                revert ERC721InvalidReceiver(address(0));
            }
            address previousOwner = _update(to, tokenId, address(0));
            if (previousOwner != address(0)) {
                revert ERC721InvalidSender(address(0));
            }
        }
    
        /**
         * @dev Mints `tokenId`, transfers it to `to` and checks for `to` acceptance.
         *
         * Requirements:
         *
         * - `tokenId` must not exist.
         * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
         *
         * Emits a {Transfer} event.
         */
        function _safeMint(address to, uint256 tokenId) internal {
            _safeMint(to, tokenId, "");
        }
    
        /**
         * @dev Same as {xref-ERC721-_safeMint-address-uint256-}[`_safeMint`], with an additional `data` parameter which is
         * forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
         */
        function _safeMint(address to, uint256 tokenId, bytes memory data) internal virtual {
            _mint(to, tokenId);
            ERC721Utils.checkOnERC721Received(_msgSender(), address(0), to, tokenId, data);
        }
    
        /**
         * @dev Destroys `tokenId`.
         * The approval is cleared when the token is burned.
         * This is an internal function that does not check if the sender is authorized to operate on the token.
         *
         * Requirements:
         *
         * - `tokenId` must exist.
         *
         * Emits a {Transfer} event.
         */
        function _burn(uint256 tokenId) internal {
            address previousOwner = _update(address(0), tokenId, address(0));
            if (previousOwner == address(0)) {
                revert ERC721NonexistentToken(tokenId);
            }
        }
    
        /**
         * @dev Transfers `tokenId` from `from` to `to`.
         *  As opposed to {transferFrom}, this imposes no restrictions on msg.sender.
         *
         * Requirements:
         *
         * - `to` cannot be the zero address.
         * - `tokenId` token must be owned by `from`.
         *
         * Emits a {Transfer} event.
         */
        function _transfer(address from, address to, uint256 tokenId) internal {
            if (to == address(0)) {
                revert ERC721InvalidReceiver(address(0));
            }
            address previousOwner = _update(to, tokenId, address(0));
            if (previousOwner == address(0)) {
                revert ERC721NonexistentToken(tokenId);
            } else if (previousOwner != from) {
                revert ERC721IncorrectOwner(from, tokenId, previousOwner);
            }
        }
    
        /**
         * @dev Safely transfers `tokenId` token from `from` to `to`, checking that contract recipients
         * are aware of the ERC-721 standard to prevent tokens from being forever locked.
         *
         * `data` is additional data, it has no specified format and it is sent in call to `to`.
         *
         * This internal function is like {safeTransferFrom} in the sense that it invokes
         * {IERC721Receiver-onERC721Received} on the receiver, and can be used to e.g.
         * implement alternative mechanisms to perform token transfer, such as signature-based.
         *
         * Requirements:
         *
         * - `tokenId` token must exist and be owned by `from`.
         * - `to` cannot be the zero address.
         * - `from` cannot be the zero address.
         * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon a safe transfer.
         *
         * Emits a {Transfer} event.
         */
        function _safeTransfer(address from, address to, uint256 tokenId) internal {
            _safeTransfer(from, to, tokenId, "");
        }
    
        /**
         * @dev Same as {xref-ERC721-_safeTransfer-address-address-uint256-}[`_safeTransfer`], with an additional `data` parameter which is
         * forwarded in {IERC721Receiver-onERC721Received} to contract recipients.
         */
        function _safeTransfer(address from, address to, uint256 tokenId, bytes memory data) internal virtual {
            _transfer(from, to, tokenId);
            ERC721Utils.checkOnERC721Received(_msgSender(), from, to, tokenId, data);
        }
    
        /**
         * @dev Approve `to` to operate on `tokenId`
         *
         * The `auth` argument is optional. If the value passed is non 0, then this function will check that `auth` is
         * either the owner of the token, or approved to operate on all tokens held by this owner.
         *
         * Emits an {Approval} event.
         *
         * Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
         */
        function _approve(address to, uint256 tokenId, address auth) internal {
            _approve(to, tokenId, auth, true);
        }
    
        /**
         * @dev Variant of `_approve` with an optional flag to enable or disable the {Approval} event. The event is not
         * emitted in the context of transfers.
         */
        function _approve(address to, uint256 tokenId, address auth, bool emitEvent) internal virtual {
            // Avoid reading the owner unless necessary
            if (emitEvent || auth != address(0)) {
                address owner = _requireOwned(tokenId);
    
                // We do not use _isAuthorized because single-token approvals should not be able to call approve
                if (auth != address(0) && owner != auth && !isApprovedForAll(owner, auth)) {
                    revert ERC721InvalidApprover(auth);
                }
    
                if (emitEvent) {
                    emit Approval(owner, to, tokenId);
                }
            }
    
            _tokenApprovals[tokenId] = to;
        }
    
        /**
         * @dev Approve `operator` to operate on all of `owner` tokens
         *
         * Requirements:
         * - operator can't be the address zero.
         *
         * Emits an {ApprovalForAll} event.
         */
        function _setApprovalForAll(address owner, address operator, bool approved) internal virtual {
            if (operator == address(0)) {
                revert ERC721InvalidOperator(operator);
            }
            _operatorApprovals[owner][operator] = approved;
            emit ApprovalForAll(owner, operator, approved);
        }
    
        /**
         * @dev Reverts if the `tokenId` doesn't have a current owner (it hasn't been minted, or it has been burned).
         * Returns the owner.
         *
         * Overrides to ownership logic should be done to {_ownerOf}.
         */
        function _requireOwned(uint256 tokenId) internal view returns (address) {
            address owner = _ownerOf(tokenId);
            if (owner == address(0)) {
                revert ERC721NonexistentToken(tokenId);
            }
            return owner;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (access/Ownable.sol)
    
    pragma solidity ^0.8.20;
    
    import {Context} from "../utils/Context.sol";
    
    /**
     * @dev Contract module which provides a basic access control mechanism, where
     * there is an account (an owner) that can be granted exclusive access to
     * specific functions.
     *
     * The initial owner is set to the address provided by the deployer. This can
     * later be changed with {transferOwnership}.
     *
     * This module is used through inheritance. It will make available the modifier
     * `onlyOwner`, which can be applied to your functions to restrict their use to
     * the owner.
     */
    abstract contract Ownable is Context {
        address private _owner;
    
        /**
         * @dev The caller account is not authorized to perform an operation.
         */
        error OwnableUnauthorizedAccount(address account);
    
        /**
         * @dev The owner is not a valid owner account. (eg. `address(0)`)
         */
        error OwnableInvalidOwner(address owner);
    
        event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
    
        /**
         * @dev Initializes the contract setting the address provided by the deployer as the initial owner.
         */
        constructor(address initialOwner) {
            if (initialOwner == address(0)) {
                revert OwnableInvalidOwner(address(0));
            }
            _transferOwnership(initialOwner);
        }
    
        /**
         * @dev Throws if called by any account other than the owner.
         */
        modifier onlyOwner() {
            _checkOwner();
            _;
        }
    
        /**
         * @dev Returns the address of the current owner.
         */
        function owner() public view virtual returns (address) {
            return _owner;
        }
    
        /**
         * @dev Throws if the sender is not the owner.
         */
        function _checkOwner() internal view virtual {
            if (owner() != _msgSender()) {
                revert OwnableUnauthorizedAccount(_msgSender());
            }
        }
    
        /**
         * @dev Leaves the contract without owner. It will not be possible to call
         * `onlyOwner` functions. Can only be called by the current owner.
         *
         * NOTE: Renouncing ownership will leave the contract without an owner,
         * thereby disabling any functionality that is only available to the owner.
         */
        function renounceOwnership() public virtual onlyOwner {
            _transferOwnership(address(0));
        }
    
        /**
         * @dev Transfers ownership of the contract to a new account (`newOwner`).
         * Can only be called by the current owner.
         */
        function transferOwnership(address newOwner) public virtual onlyOwner {
            if (newOwner == address(0)) {
                revert OwnableInvalidOwner(address(0));
            }
            _transferOwnership(newOwner);
        }
    
        /**
         * @dev Transfers ownership of the contract to a new account (`newOwner`).
         * Internal function without access restriction.
         */
        function _transferOwnership(address newOwner) internal virtual {
            address oldOwner = _owner;
            _owner = newOwner;
            emit OwnershipTransferred(oldOwner, newOwner);
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC165} from "../../utils/introspection/IERC165.sol";
    
    /**
     * @dev Required interface of an ERC-721 compliant contract.
     */
    interface IERC721 is IERC165 {
        /**
         * @dev Emitted when `tokenId` token is transferred from `from` to `to`.
         */
        event Transfer(address indexed from, address indexed to, uint256 indexed tokenId);
    
        /**
         * @dev Emitted when `owner` enables `approved` to manage the `tokenId` token.
         */
        event Approval(address indexed owner, address indexed approved, uint256 indexed tokenId);
    
        /**
         * @dev Emitted when `owner` enables or disables (`approved`) `operator` to manage all of its assets.
         */
        event ApprovalForAll(address indexed owner, address indexed operator, bool approved);
    
        /**
         * @dev Returns the number of tokens in ``owner``'s account.
         */
        function balanceOf(address owner) external view returns (uint256 balance);
    
        /**
         * @dev Returns the owner of the `tokenId` token.
         *
         * Requirements:
         *
         * - `tokenId` must exist.
         */
        function ownerOf(uint256 tokenId) external view returns (address owner);
    
        /**
         * @dev Safely transfers `tokenId` token from `from` to `to`.
         *
         * Requirements:
         *
         * - `from` cannot be the zero address.
         * - `to` cannot be the zero address.
         * - `tokenId` token must exist and be owned by `from`.
         * - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
         * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
         *   a safe transfer.
         *
         * Emits a {Transfer} event.
         */
        function safeTransferFrom(address from, address to, uint256 tokenId, bytes calldata data) external;
    
        /**
         * @dev Safely transfers `tokenId` token from `from` to `to`, checking first that contract recipients
         * are aware of the ERC-721 protocol to prevent tokens from being forever locked.
         *
         * Requirements:
         *
         * - `from` cannot be the zero address.
         * - `to` cannot be the zero address.
         * - `tokenId` token must exist and be owned by `from`.
         * - If the caller is not `from`, it must have been allowed to move this token by either {approve} or
         *   {setApprovalForAll}.
         * - If `to` refers to a smart contract, it must implement {IERC721Receiver-onERC721Received}, which is called upon
         *   a safe transfer.
         *
         * Emits a {Transfer} event.
         */
        function safeTransferFrom(address from, address to, uint256 tokenId) external;
    
        /**
         * @dev Transfers `tokenId` token from `from` to `to`.
         *
         * WARNING: Note that the caller is responsible to confirm that the recipient is capable of receiving ERC-721
         * or else they may be permanently lost. Usage of {safeTransferFrom} prevents loss, though the caller must
         * understand this adds an external call which potentially creates a reentrancy vulnerability.
         *
         * Requirements:
         *
         * - `from` cannot be the zero address.
         * - `to` cannot be the zero address.
         * - `tokenId` token must be owned by `from`.
         * - If the caller is not `from`, it must be approved to move this token by either {approve} or {setApprovalForAll}.
         *
         * Emits a {Transfer} event.
         */
        function transferFrom(address from, address to, uint256 tokenId) external;
    
        /**
         * @dev Gives permission to `to` to transfer `tokenId` token to another account.
         * The approval is cleared when the token is transferred.
         *
         * Only a single account can be approved at a time, so approving the zero address clears previous approvals.
         *
         * Requirements:
         *
         * - The caller must own the token or be an approved operator.
         * - `tokenId` must exist.
         *
         * Emits an {Approval} event.
         */
        function approve(address to, uint256 tokenId) external;
    
        /**
         * @dev Approve or remove `operator` as an operator for the caller.
         * Operators can call {transferFrom} or {safeTransferFrom} for any token owned by the caller.
         *
         * Requirements:
         *
         * - The `operator` cannot be the address zero.
         *
         * Emits an {ApprovalForAll} event.
         */
        function setApprovalForAll(address operator, bool approved) external;
    
        /**
         * @dev Returns the account approved for `tokenId` token.
         *
         * Requirements:
         *
         * - `tokenId` must exist.
         */
        function getApproved(uint256 tokenId) external view returns (address operator);
    
        /**
         * @dev Returns if the `operator` is allowed to manage all of the assets of `owner`.
         *
         * See {setApprovalForAll}
         */
        function isApprovedForAll(address owner, address operator) external view returns (bool);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.0) (token/ERC721/extensions/IERC721Metadata.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC721} from "../IERC721.sol";
    
    /**
     * @title ERC-721 Non-Fungible Token Standard, optional metadata extension
     * @dev See https://eips.ethereum.org/EIPS/eip-721
     */
    interface IERC721Metadata is IERC721 {
        /**
         * @dev Returns the token collection name.
         */
        function name() external view returns (string memory);
    
        /**
         * @dev Returns the token collection symbol.
         */
        function symbol() external view returns (string memory);
    
        /**
         * @dev Returns the Uniform Resource Identifier (URI) for `tokenId` token.
         */
        function tokenURI(uint256 tokenId) external view returns (string memory);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/utils/ERC721Utils.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC721Receiver} from "../IERC721Receiver.sol";
    import {IERC721Errors} from "../../../interfaces/draft-IERC6093.sol";
    
    /**
     * @dev Library that provide common ERC-721 utility functions.
     *
     * See https://eips.ethereum.org/EIPS/eip-721[ERC-721].
     *
     * _Available since v5.1._
     */
    library ERC721Utils {
        /**
         * @dev Performs an acceptance check for the provided `operator` by calling {IERC721-onERC721Received}
         * on the `to` address. The `operator` is generally the address that initiated the token transfer (i.e. `msg.sender`).
         *
         * The acceptance call is not executed and treated as a no-op if the target address doesn't contain code (i.e. an EOA).
         * Otherwise, the recipient must implement {IERC721Receiver-onERC721Received} and return the acceptance magic value to accept
         * the transfer.
         */
        function checkOnERC721Received(
            address operator,
            address from,
            address to,
            uint256 tokenId,
            bytes memory data
        ) internal {
            if (to.code.length > 0) {
                try IERC721Receiver(to).onERC721Received(operator, from, tokenId, data) returns (bytes4 retval) {
                    if (retval != IERC721Receiver.onERC721Received.selector) {
                        // Token rejected
                        revert IERC721Errors.ERC721InvalidReceiver(to);
                    }
                } catch (bytes memory reason) {
                    if (reason.length == 0) {
                        // non-IERC721Receiver implementer
                        revert IERC721Errors.ERC721InvalidReceiver(to);
                    } else {
                        assembly ("memory-safe") {
                            revert(add(32, reason), mload(reason))
                        }
                    }
                }
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Provides information about the current execution context, including the
     * sender of the transaction and its data. While these are generally available
     * via msg.sender and msg.data, they should not be accessed in such a direct
     * manner, since when dealing with meta-transactions the account sending and
     * paying for execution may not be the actual sender (as far as an application
     * is concerned).
     *
     * This contract is only required for intermediate, library-like contracts.
     */
    abstract contract Context {
        function _msgSender() internal view virtual returns (address) {
            return msg.sender;
        }
    
        function _msgData() internal view virtual returns (bytes calldata) {
            return msg.data;
        }
    
        function _contextSuffixLength() internal view virtual returns (uint256) {
            return 0;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.2.0) (utils/Strings.sol)
    
    pragma solidity ^0.8.20;
    
    import {Math} from "./math/Math.sol";
    import {SafeCast} from "./math/SafeCast.sol";
    import {SignedMath} from "./math/SignedMath.sol";
    
    /**
     * @dev String operations.
     */
    library Strings {
        using SafeCast for *;
    
        bytes16 private constant HEX_DIGITS = "0123456789abcdef";
        uint8 private constant ADDRESS_LENGTH = 20;
    
        /**
         * @dev The `value` string doesn't fit in the specified `length`.
         */
        error StringsInsufficientHexLength(uint256 value, uint256 length);
    
        /**
         * @dev The string being parsed contains characters that are not in scope of the given base.
         */
        error StringsInvalidChar();
    
        /**
         * @dev The string being parsed is not a properly formatted address.
         */
        error StringsInvalidAddressFormat();
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` decimal representation.
         */
        function toString(uint256 value) internal pure returns (string memory) {
            unchecked {
                uint256 length = Math.log10(value) + 1;
                string memory buffer = new string(length);
                uint256 ptr;
                assembly ("memory-safe") {
                    ptr := add(buffer, add(32, length))
                }
                while (true) {
                    ptr--;
                    assembly ("memory-safe") {
                        mstore8(ptr, byte(mod(value, 10), HEX_DIGITS))
                    }
                    value /= 10;
                    if (value == 0) break;
                }
                return buffer;
            }
        }
    
        /**
         * @dev Converts a `int256` to its ASCII `string` decimal representation.
         */
        function toStringSigned(int256 value) internal pure returns (string memory) {
            return string.concat(value < 0 ? "-" : "", toString(SignedMath.abs(value)));
        }
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
         */
        function toHexString(uint256 value) internal pure returns (string memory) {
            unchecked {
                return toHexString(value, Math.log256(value) + 1);
            }
        }
    
        /**
         * @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
         */
        function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
            uint256 localValue = value;
            bytes memory buffer = new bytes(2 * length + 2);
            buffer[0] = "0";
            buffer[1] = "x";
            for (uint256 i = 2 * length + 1; i > 1; --i) {
                buffer[i] = HEX_DIGITS[localValue & 0xf];
                localValue >>= 4;
            }
            if (localValue != 0) {
                revert StringsInsufficientHexLength(value, length);
            }
            return string(buffer);
        }
    
        /**
         * @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal
         * representation.
         */
        function toHexString(address addr) internal pure returns (string memory) {
            return toHexString(uint256(uint160(addr)), ADDRESS_LENGTH);
        }
    
        /**
         * @dev Converts an `address` with fixed length of 20 bytes to its checksummed ASCII `string` hexadecimal
         * representation, according to EIP-55.
         */
        function toChecksumHexString(address addr) internal pure returns (string memory) {
            bytes memory buffer = bytes(toHexString(addr));
    
            // hash the hex part of buffer (skip length + 2 bytes, length 40)
            uint256 hashValue;
            assembly ("memory-safe") {
                hashValue := shr(96, keccak256(add(buffer, 0x22), 40))
            }
    
            for (uint256 i = 41; i > 1; --i) {
                // possible values for buffer[i] are 48 (0) to 57 (9) and 97 (a) to 102 (f)
                if (hashValue & 0xf > 7 && uint8(buffer[i]) > 96) {
                    // case shift by xoring with 0x20
                    buffer[i] ^= 0x20;
                }
                hashValue >>= 4;
            }
            return string(buffer);
        }
    
        /**
         * @dev Returns true if the two strings are equal.
         */
        function equal(string memory a, string memory b) internal pure returns (bool) {
            return bytes(a).length == bytes(b).length && keccak256(bytes(a)) == keccak256(bytes(b));
        }
    
        /**
         * @dev Parse a decimal string and returns the value as a `uint256`.
         *
         * Requirements:
         * - The string must be formatted as `[0-9]*`
         * - The result must fit into an `uint256` type
         */
        function parseUint(string memory input) internal pure returns (uint256) {
            return parseUint(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseUint} that parses a substring of `input` located between position `begin` (included) and
         * `end` (excluded).
         *
         * Requirements:
         * - The substring must be formatted as `[0-9]*`
         * - The result must fit into an `uint256` type
         */
        function parseUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) {
            (bool success, uint256 value) = tryParseUint(input, begin, end);
            if (!success) revert StringsInvalidChar();
            return value;
        }
    
        /**
         * @dev Variant of {parseUint-string} that returns false if the parsing fails because of an invalid character.
         *
         * NOTE: This function will revert if the result does not fit in a `uint256`.
         */
        function tryParseUint(string memory input) internal pure returns (bool success, uint256 value) {
            return _tryParseUintUncheckedBounds(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseUint-string-uint256-uint256} that returns false if the parsing fails because of an invalid
         * character.
         *
         * NOTE: This function will revert if the result does not fit in a `uint256`.
         */
        function tryParseUint(
            string memory input,
            uint256 begin,
            uint256 end
        ) internal pure returns (bool success, uint256 value) {
            if (end > bytes(input).length || begin > end) return (false, 0);
            return _tryParseUintUncheckedBounds(input, begin, end);
        }
    
        /**
         * @dev Implementation of {tryParseUint} that does not check bounds. Caller should make sure that
         * `begin <= end <= input.length`. Other inputs would result in undefined behavior.
         */
        function _tryParseUintUncheckedBounds(
            string memory input,
            uint256 begin,
            uint256 end
        ) private pure returns (bool success, uint256 value) {
            bytes memory buffer = bytes(input);
    
            uint256 result = 0;
            for (uint256 i = begin; i < end; ++i) {
                uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i)));
                if (chr > 9) return (false, 0);
                result *= 10;
                result += chr;
            }
            return (true, result);
        }
    
        /**
         * @dev Parse a decimal string and returns the value as a `int256`.
         *
         * Requirements:
         * - The string must be formatted as `[-+]?[0-9]*`
         * - The result must fit in an `int256` type.
         */
        function parseInt(string memory input) internal pure returns (int256) {
            return parseInt(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseInt-string} that parses a substring of `input` located between position `begin` (included) and
         * `end` (excluded).
         *
         * Requirements:
         * - The substring must be formatted as `[-+]?[0-9]*`
         * - The result must fit in an `int256` type.
         */
        function parseInt(string memory input, uint256 begin, uint256 end) internal pure returns (int256) {
            (bool success, int256 value) = tryParseInt(input, begin, end);
            if (!success) revert StringsInvalidChar();
            return value;
        }
    
        /**
         * @dev Variant of {parseInt-string} that returns false if the parsing fails because of an invalid character or if
         * the result does not fit in a `int256`.
         *
         * NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`.
         */
        function tryParseInt(string memory input) internal pure returns (bool success, int256 value) {
            return _tryParseIntUncheckedBounds(input, 0, bytes(input).length);
        }
    
        uint256 private constant ABS_MIN_INT256 = 2 ** 255;
    
        /**
         * @dev Variant of {parseInt-string-uint256-uint256} that returns false if the parsing fails because of an invalid
         * character or if the result does not fit in a `int256`.
         *
         * NOTE: This function will revert if the absolute value of the result does not fit in a `uint256`.
         */
        function tryParseInt(
            string memory input,
            uint256 begin,
            uint256 end
        ) internal pure returns (bool success, int256 value) {
            if (end > bytes(input).length || begin > end) return (false, 0);
            return _tryParseIntUncheckedBounds(input, begin, end);
        }
    
        /**
         * @dev Implementation of {tryParseInt} that does not check bounds. Caller should make sure that
         * `begin <= end <= input.length`. Other inputs would result in undefined behavior.
         */
        function _tryParseIntUncheckedBounds(
            string memory input,
            uint256 begin,
            uint256 end
        ) private pure returns (bool success, int256 value) {
            bytes memory buffer = bytes(input);
    
            // Check presence of a negative sign.
            bytes1 sign = begin == end ? bytes1(0) : bytes1(_unsafeReadBytesOffset(buffer, begin)); // don't do out-of-bound (possibly unsafe) read if sub-string is empty
            bool positiveSign = sign == bytes1("+");
            bool negativeSign = sign == bytes1("-");
            uint256 offset = (positiveSign || negativeSign).toUint();
    
            (bool absSuccess, uint256 absValue) = tryParseUint(input, begin + offset, end);
    
            if (absSuccess && absValue < ABS_MIN_INT256) {
                return (true, negativeSign ? -int256(absValue) : int256(absValue));
            } else if (absSuccess && negativeSign && absValue == ABS_MIN_INT256) {
                return (true, type(int256).min);
            } else return (false, 0);
        }
    
        /**
         * @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as a `uint256`.
         *
         * Requirements:
         * - The string must be formatted as `(0x)?[0-9a-fA-F]*`
         * - The result must fit in an `uint256` type.
         */
        function parseHexUint(string memory input) internal pure returns (uint256) {
            return parseHexUint(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseHexUint} that parses a substring of `input` located between position `begin` (included) and
         * `end` (excluded).
         *
         * Requirements:
         * - The substring must be formatted as `(0x)?[0-9a-fA-F]*`
         * - The result must fit in an `uint256` type.
         */
        function parseHexUint(string memory input, uint256 begin, uint256 end) internal pure returns (uint256) {
            (bool success, uint256 value) = tryParseHexUint(input, begin, end);
            if (!success) revert StringsInvalidChar();
            return value;
        }
    
        /**
         * @dev Variant of {parseHexUint-string} that returns false if the parsing fails because of an invalid character.
         *
         * NOTE: This function will revert if the result does not fit in a `uint256`.
         */
        function tryParseHexUint(string memory input) internal pure returns (bool success, uint256 value) {
            return _tryParseHexUintUncheckedBounds(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseHexUint-string-uint256-uint256} that returns false if the parsing fails because of an
         * invalid character.
         *
         * NOTE: This function will revert if the result does not fit in a `uint256`.
         */
        function tryParseHexUint(
            string memory input,
            uint256 begin,
            uint256 end
        ) internal pure returns (bool success, uint256 value) {
            if (end > bytes(input).length || begin > end) return (false, 0);
            return _tryParseHexUintUncheckedBounds(input, begin, end);
        }
    
        /**
         * @dev Implementation of {tryParseHexUint} that does not check bounds. Caller should make sure that
         * `begin <= end <= input.length`. Other inputs would result in undefined behavior.
         */
        function _tryParseHexUintUncheckedBounds(
            string memory input,
            uint256 begin,
            uint256 end
        ) private pure returns (bool success, uint256 value) {
            bytes memory buffer = bytes(input);
    
            // skip 0x prefix if present
            bool hasPrefix = (end > begin + 1) && bytes2(_unsafeReadBytesOffset(buffer, begin)) == bytes2("0x"); // don't do out-of-bound (possibly unsafe) read if sub-string is empty
            uint256 offset = hasPrefix.toUint() * 2;
    
            uint256 result = 0;
            for (uint256 i = begin + offset; i < end; ++i) {
                uint8 chr = _tryParseChr(bytes1(_unsafeReadBytesOffset(buffer, i)));
                if (chr > 15) return (false, 0);
                result *= 16;
                unchecked {
                    // Multiplying by 16 is equivalent to a shift of 4 bits (with additional overflow check).
                    // This guaratees that adding a value < 16 will not cause an overflow, hence the unchecked.
                    result += chr;
                }
            }
            return (true, result);
        }
    
        /**
         * @dev Parse a hexadecimal string (with or without "0x" prefix), and returns the value as an `address`.
         *
         * Requirements:
         * - The string must be formatted as `(0x)?[0-9a-fA-F]{40}`
         */
        function parseAddress(string memory input) internal pure returns (address) {
            return parseAddress(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseAddress} that parses a substring of `input` located between position `begin` (included) and
         * `end` (excluded).
         *
         * Requirements:
         * - The substring must be formatted as `(0x)?[0-9a-fA-F]{40}`
         */
        function parseAddress(string memory input, uint256 begin, uint256 end) internal pure returns (address) {
            (bool success, address value) = tryParseAddress(input, begin, end);
            if (!success) revert StringsInvalidAddressFormat();
            return value;
        }
    
        /**
         * @dev Variant of {parseAddress-string} that returns false if the parsing fails because the input is not a properly
         * formatted address. See {parseAddress} requirements.
         */
        function tryParseAddress(string memory input) internal pure returns (bool success, address value) {
            return tryParseAddress(input, 0, bytes(input).length);
        }
    
        /**
         * @dev Variant of {parseAddress-string-uint256-uint256} that returns false if the parsing fails because input is not a properly
         * formatted address. See {parseAddress} requirements.
         */
        function tryParseAddress(
            string memory input,
            uint256 begin,
            uint256 end
        ) internal pure returns (bool success, address value) {
            if (end > bytes(input).length || begin > end) return (false, address(0));
    
            bool hasPrefix = (end > begin + 1) && bytes2(_unsafeReadBytesOffset(bytes(input), begin)) == bytes2("0x"); // don't do out-of-bound (possibly unsafe) read if sub-string is empty
            uint256 expectedLength = 40 + hasPrefix.toUint() * 2;
    
            // check that input is the correct length
            if (end - begin == expectedLength) {
                // length guarantees that this does not overflow, and value is at most type(uint160).max
                (bool s, uint256 v) = _tryParseHexUintUncheckedBounds(input, begin, end);
                return (s, address(uint160(v)));
            } else {
                return (false, address(0));
            }
        }
    
        function _tryParseChr(bytes1 chr) private pure returns (uint8) {
            uint8 value = uint8(chr);
    
            // Try to parse `chr`:
            // - Case 1: [0-9]
            // - Case 2: [a-f]
            // - Case 3: [A-F]
            // - otherwise not supported
            unchecked {
                if (value > 47 && value < 58) value -= 48;
                else if (value > 96 && value < 103) value -= 87;
                else if (value > 64 && value < 71) value -= 55;
                else return type(uint8).max;
            }
    
            return value;
        }
    
        /**
         * @dev Reads a bytes32 from a bytes array without bounds checking.
         *
         * NOTE: making this function internal would mean it could be used with memory unsafe offset, and marking the
         * assembly block as such would prevent some optimizations.
         */
        function _unsafeReadBytesOffset(bytes memory buffer, uint256 offset) private pure returns (bytes32 value) {
            // This is not memory safe in the general case, but all calls to this private function are within bounds.
            assembly ("memory-safe") {
                value := mload(add(buffer, add(0x20, offset)))
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/ERC165.sol)
    
    pragma solidity ^0.8.20;
    
    import {IERC165} from "./IERC165.sol";
    
    /**
     * @dev Implementation of the {IERC165} interface.
     *
     * Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
     * for the additional interface id that will be supported. For example:
     *
     * ```solidity
     * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
     *     return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
     * }
     * ```
     */
    abstract contract ERC165 is IERC165 {
        /**
         * @dev See {IERC165-supportsInterface}.
         */
        function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
            return interfaceId == type(IERC165).interfaceId;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (interfaces/draft-IERC6093.sol)
    pragma solidity ^0.8.20;
    
    /**
     * @dev Standard ERC-20 Errors
     * Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-20 tokens.
     */
    interface IERC20Errors {
        /**
         * @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         * @param balance Current balance for the interacting account.
         * @param needed Minimum amount required to perform a transfer.
         */
        error ERC20InsufficientBalance(address sender, uint256 balance, uint256 needed);
    
        /**
         * @dev Indicates a failure with the token `sender`. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         */
        error ERC20InvalidSender(address sender);
    
        /**
         * @dev Indicates a failure with the token `receiver`. Used in transfers.
         * @param receiver Address to which tokens are being transferred.
         */
        error ERC20InvalidReceiver(address receiver);
    
        /**
         * @dev Indicates a failure with the `spender`’s `allowance`. Used in transfers.
         * @param spender Address that may be allowed to operate on tokens without being their owner.
         * @param allowance Amount of tokens a `spender` is allowed to operate with.
         * @param needed Minimum amount required to perform a transfer.
         */
        error ERC20InsufficientAllowance(address spender, uint256 allowance, uint256 needed);
    
        /**
         * @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
         * @param approver Address initiating an approval operation.
         */
        error ERC20InvalidApprover(address approver);
    
        /**
         * @dev Indicates a failure with the `spender` to be approved. Used in approvals.
         * @param spender Address that may be allowed to operate on tokens without being their owner.
         */
        error ERC20InvalidSpender(address spender);
    }
    
    /**
     * @dev Standard ERC-721 Errors
     * Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-721 tokens.
     */
    interface IERC721Errors {
        /**
         * @dev Indicates that an address can't be an owner. For example, `address(0)` is a forbidden owner in ERC-20.
         * Used in balance queries.
         * @param owner Address of the current owner of a token.
         */
        error ERC721InvalidOwner(address owner);
    
        /**
         * @dev Indicates a `tokenId` whose `owner` is the zero address.
         * @param tokenId Identifier number of a token.
         */
        error ERC721NonexistentToken(uint256 tokenId);
    
        /**
         * @dev Indicates an error related to the ownership over a particular token. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         * @param tokenId Identifier number of a token.
         * @param owner Address of the current owner of a token.
         */
        error ERC721IncorrectOwner(address sender, uint256 tokenId, address owner);
    
        /**
         * @dev Indicates a failure with the token `sender`. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         */
        error ERC721InvalidSender(address sender);
    
        /**
         * @dev Indicates a failure with the token `receiver`. Used in transfers.
         * @param receiver Address to which tokens are being transferred.
         */
        error ERC721InvalidReceiver(address receiver);
    
        /**
         * @dev Indicates a failure with the `operator`’s approval. Used in transfers.
         * @param operator Address that may be allowed to operate on tokens without being their owner.
         * @param tokenId Identifier number of a token.
         */
        error ERC721InsufficientApproval(address operator, uint256 tokenId);
    
        /**
         * @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
         * @param approver Address initiating an approval operation.
         */
        error ERC721InvalidApprover(address approver);
    
        /**
         * @dev Indicates a failure with the `operator` to be approved. Used in approvals.
         * @param operator Address that may be allowed to operate on tokens without being their owner.
         */
        error ERC721InvalidOperator(address operator);
    }
    
    /**
     * @dev Standard ERC-1155 Errors
     * Interface of the https://eips.ethereum.org/EIPS/eip-6093[ERC-6093] custom errors for ERC-1155 tokens.
     */
    interface IERC1155Errors {
        /**
         * @dev Indicates an error related to the current `balance` of a `sender`. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         * @param balance Current balance for the interacting account.
         * @param needed Minimum amount required to perform a transfer.
         * @param tokenId Identifier number of a token.
         */
        error ERC1155InsufficientBalance(address sender, uint256 balance, uint256 needed, uint256 tokenId);
    
        /**
         * @dev Indicates a failure with the token `sender`. Used in transfers.
         * @param sender Address whose tokens are being transferred.
         */
        error ERC1155InvalidSender(address sender);
    
        /**
         * @dev Indicates a failure with the token `receiver`. Used in transfers.
         * @param receiver Address to which tokens are being transferred.
         */
        error ERC1155InvalidReceiver(address receiver);
    
        /**
         * @dev Indicates a failure with the `operator`’s approval. Used in transfers.
         * @param operator Address that may be allowed to operate on tokens without being their owner.
         * @param owner Address of the current owner of a token.
         */
        error ERC1155MissingApprovalForAll(address operator, address owner);
    
        /**
         * @dev Indicates a failure with the `approver` of a token to be approved. Used in approvals.
         * @param approver Address initiating an approval operation.
         */
        error ERC1155InvalidApprover(address approver);
    
        /**
         * @dev Indicates a failure with the `operator` to be approved. Used in approvals.
         * @param operator Address that may be allowed to operate on tokens without being their owner.
         */
        error ERC1155InvalidOperator(address operator);
    
        /**
         * @dev Indicates an array length mismatch between ids and values in a safeBatchTransferFrom operation.
         * Used in batch transfers.
         * @param idsLength Length of the array of token identifiers
         * @param valuesLength Length of the array of token amounts
         */
        error ERC1155InvalidArrayLength(uint256 idsLength, uint256 valuesLength);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/introspection/IERC165.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Interface of the ERC-165 standard, as defined in the
     * https://eips.ethereum.org/EIPS/eip-165[ERC].
     *
     * Implementers can declare support of contract interfaces, which can then be
     * queried by others ({ERC165Checker}).
     *
     * For an implementation, see {ERC165}.
     */
    interface IERC165 {
        /**
         * @dev Returns true if this contract implements the interface defined by
         * `interfaceId`. See the corresponding
         * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
         * to learn more about how these ids are created.
         *
         * This function call must use less than 30 000 gas.
         */
        function supportsInterface(bytes4 interfaceId) external view returns (bool);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (token/ERC721/IERC721Receiver.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @title ERC-721 token receiver interface
     * @dev Interface for any contract that wants to support safeTransfers
     * from ERC-721 asset contracts.
     */
    interface IERC721Receiver {
        /**
         * @dev Whenever an {IERC721} `tokenId` token is transferred to this contract via {IERC721-safeTransferFrom}
         * by `operator` from `from`, this function is called.
         *
         * It must return its Solidity selector to confirm the token transfer.
         * If any other value is returned or the interface is not implemented by the recipient, the transfer will be
         * reverted.
         *
         * The selector can be obtained in Solidity with `IERC721Receiver.onERC721Received.selector`.
         */
        function onERC721Received(
            address operator,
            address from,
            uint256 tokenId,
            bytes calldata data
        ) external returns (bytes4);
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/math/Math.sol)
    
    pragma solidity ^0.8.20;
    
    import {Panic} from "../Panic.sol";
    import {SafeCast} from "./SafeCast.sol";
    
    /**
     * @dev Standard math utilities missing in the Solidity language.
     */
    library Math {
        enum Rounding {
            Floor, // Toward negative infinity
            Ceil, // Toward positive infinity
            Trunc, // Toward zero
            Expand // Away from zero
        }
    
        /**
         * @dev Returns the addition of two unsigned integers, with an success flag (no overflow).
         */
        function tryAdd(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                uint256 c = a + b;
                if (c < a) return (false, 0);
                return (true, c);
            }
        }
    
        /**
         * @dev Returns the subtraction of two unsigned integers, with an success flag (no overflow).
         */
        function trySub(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b > a) return (false, 0);
                return (true, a - b);
            }
        }
    
        /**
         * @dev Returns the multiplication of two unsigned integers, with an success flag (no overflow).
         */
        function tryMul(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
                // benefit is lost if 'b' is also tested.
                // See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
                if (a == 0) return (true, 0);
                uint256 c = a * b;
                if (c / a != b) return (false, 0);
                return (true, c);
            }
        }
    
        /**
         * @dev Returns the division of two unsigned integers, with a success flag (no division by zero).
         */
        function tryDiv(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b == 0) return (false, 0);
                return (true, a / b);
            }
        }
    
        /**
         * @dev Returns the remainder of dividing two unsigned integers, with a success flag (no division by zero).
         */
        function tryMod(uint256 a, uint256 b) internal pure returns (bool success, uint256 result) {
            unchecked {
                if (b == 0) return (false, 0);
                return (true, a % b);
            }
        }
    
        /**
         * @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
         *
         * IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
         * However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
         * one branch when needed, making this function more expensive.
         */
        function ternary(bool condition, uint256 a, uint256 b) internal pure returns (uint256) {
            unchecked {
                // branchless ternary works because:
                // b ^ (a ^ b) == a
                // b ^ 0 == b
                return b ^ ((a ^ b) * SafeCast.toUint(condition));
            }
        }
    
        /**
         * @dev Returns the largest of two numbers.
         */
        function max(uint256 a, uint256 b) internal pure returns (uint256) {
            return ternary(a > b, a, b);
        }
    
        /**
         * @dev Returns the smallest of two numbers.
         */
        function min(uint256 a, uint256 b) internal pure returns (uint256) {
            return ternary(a < b, a, b);
        }
    
        /**
         * @dev Returns the average of two numbers. The result is rounded towards
         * zero.
         */
        function average(uint256 a, uint256 b) internal pure returns (uint256) {
            // (a + b) / 2 can overflow.
            return (a & b) + (a ^ b) / 2;
        }
    
        /**
         * @dev Returns the ceiling of the division of two numbers.
         *
         * This differs from standard division with `/` in that it rounds towards infinity instead
         * of rounding towards zero.
         */
        function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
            if (b == 0) {
                // Guarantee the same behavior as in a regular Solidity division.
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
    
            // The following calculation ensures accurate ceiling division without overflow.
            // Since a is non-zero, (a - 1) / b will not overflow.
            // The largest possible result occurs when (a - 1) / b is type(uint256).max,
            // but the largest value we can obtain is type(uint256).max - 1, which happens
            // when a = type(uint256).max and b = 1.
            unchecked {
                return SafeCast.toUint(a > 0) * ((a - 1) / b + 1);
            }
        }
    
        /**
         * @dev Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
         * denominator == 0.
         *
         * Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
         * Uniswap Labs also under MIT license.
         */
        function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
            unchecked {
                // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
                // the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
                // variables such that product = prod1 * 2²⁵⁶ + prod0.
                uint256 prod0 = x * y; // Least significant 256 bits of the product
                uint256 prod1; // Most significant 256 bits of the product
                assembly {
                    let mm := mulmod(x, y, not(0))
                    prod1 := sub(sub(mm, prod0), lt(mm, prod0))
                }
    
                // Handle non-overflow cases, 256 by 256 division.
                if (prod1 == 0) {
                    // Solidity will revert if denominator == 0, unlike the div opcode on its own.
                    // The surrounding unchecked block does not change this fact.
                    // See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
                    return prod0 / denominator;
                }
    
                // Make sure the result is less than 2²⁵⁶. Also prevents denominator == 0.
                if (denominator <= prod1) {
                    Panic.panic(ternary(denominator == 0, Panic.DIVISION_BY_ZERO, Panic.UNDER_OVERFLOW));
                }
    
                ///////////////////////////////////////////////
                // 512 by 256 division.
                ///////////////////////////////////////////////
    
                // Make division exact by subtracting the remainder from [prod1 prod0].
                uint256 remainder;
                assembly {
                    // Compute remainder using mulmod.
                    remainder := mulmod(x, y, denominator)
    
                    // Subtract 256 bit number from 512 bit number.
                    prod1 := sub(prod1, gt(remainder, prod0))
                    prod0 := sub(prod0, remainder)
                }
    
                // Factor powers of two out of denominator and compute largest power of two divisor of denominator.
                // Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
    
                uint256 twos = denominator & (0 - denominator);
                assembly {
                    // Divide denominator by twos.
                    denominator := div(denominator, twos)
    
                    // Divide [prod1 prod0] by twos.
                    prod0 := div(prod0, twos)
    
                    // Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
                    twos := add(div(sub(0, twos), twos), 1)
                }
    
                // Shift in bits from prod1 into prod0.
                prod0 |= prod1 * twos;
    
                // Invert denominator mod 2²⁵⁶. Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
                // that denominator * inv ≡ 1 mod 2²⁵⁶. Compute the inverse by starting with a seed that is correct for
                // four bits. That is, denominator * inv ≡ 1 mod 2⁴.
                uint256 inverse = (3 * denominator) ^ 2;
    
                // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
                // works in modular arithmetic, doubling the correct bits in each step.
                inverse *= 2 - denominator * inverse; // inverse mod 2⁸
                inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
                inverse *= 2 - denominator * inverse; // inverse mod 2³²
                inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
                inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
                inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
    
                // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
                // This will give us the correct result modulo 2²⁵⁶. Since the preconditions guarantee that the outcome is
                // less than 2²⁵⁶, this is the final result. We don't need to compute the high bits of the result and prod1
                // is no longer required.
                result = prod0 * inverse;
                return result;
            }
        }
    
        /**
         * @dev Calculates x * y / denominator with full precision, following the selected rounding direction.
         */
        function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
            return mulDiv(x, y, denominator) + SafeCast.toUint(unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0);
        }
    
        /**
         * @dev Calculate the modular multiplicative inverse of a number in Z/nZ.
         *
         * If n is a prime, then Z/nZ is a field. In that case all elements are inversible, except 0.
         * If n is not a prime, then Z/nZ is not a field, and some elements might not be inversible.
         *
         * If the input value is not inversible, 0 is returned.
         *
         * NOTE: If you know for sure that n is (big) a prime, it may be cheaper to use Fermat's little theorem and get the
         * inverse using `Math.modExp(a, n - 2, n)`. See {invModPrime}.
         */
        function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
            unchecked {
                if (n == 0) return 0;
    
                // The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
                // Used to compute integers x and y such that: ax + ny = gcd(a, n).
                // When the gcd is 1, then the inverse of a modulo n exists and it's x.
                // ax + ny = 1
                // ax = 1 + (-y)n
                // ax ≡ 1 (mod n) # x is the inverse of a modulo n
    
                // If the remainder is 0 the gcd is n right away.
                uint256 remainder = a % n;
                uint256 gcd = n;
    
                // Therefore the initial coefficients are:
                // ax + ny = gcd(a, n) = n
                // 0a + 1n = n
                int256 x = 0;
                int256 y = 1;
    
                while (remainder != 0) {
                    uint256 quotient = gcd / remainder;
    
                    (gcd, remainder) = (
                        // The old remainder is the next gcd to try.
                        remainder,
                        // Compute the next remainder.
                        // Can't overflow given that (a % gcd) * (gcd // (a % gcd)) <= gcd
                        // where gcd is at most n (capped to type(uint256).max)
                        gcd - remainder * quotient
                    );
    
                    (x, y) = (
                        // Increment the coefficient of a.
                        y,
                        // Decrement the coefficient of n.
                        // Can overflow, but the result is casted to uint256 so that the
                        // next value of y is "wrapped around" to a value between 0 and n - 1.
                        x - y * int256(quotient)
                    );
                }
    
                if (gcd != 1) return 0; // No inverse exists.
                return ternary(x < 0, n - uint256(-x), uint256(x)); // Wrap the result if it's negative.
            }
        }
    
        /**
         * @dev Variant of {invMod}. More efficient, but only works if `p` is known to be a prime greater than `2`.
         *
         * From https://en.wikipedia.org/wiki/Fermat%27s_little_theorem[Fermat's little theorem], we know that if p is
         * prime, then `a**(p-1) ≡ 1 mod p`. As a consequence, we have `a * a**(p-2) ≡ 1 mod p`, which means that
         * `a**(p-2)` is the modular multiplicative inverse of a in Fp.
         *
         * NOTE: this function does NOT check that `p` is a prime greater than `2`.
         */
        function invModPrime(uint256 a, uint256 p) internal view returns (uint256) {
            unchecked {
                return Math.modExp(a, p - 2, p);
            }
        }
    
        /**
         * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m)
         *
         * Requirements:
         * - modulus can't be zero
         * - underlying staticcall to precompile must succeed
         *
         * IMPORTANT: The result is only valid if the underlying call succeeds. When using this function, make
         * sure the chain you're using it on supports the precompiled contract for modular exponentiation
         * at address 0x05 as specified in https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise,
         * the underlying function will succeed given the lack of a revert, but the result may be incorrectly
         * interpreted as 0.
         */
        function modExp(uint256 b, uint256 e, uint256 m) internal view returns (uint256) {
            (bool success, uint256 result) = tryModExp(b, e, m);
            if (!success) {
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
            return result;
        }
    
        /**
         * @dev Returns the modular exponentiation of the specified base, exponent and modulus (b ** e % m).
         * It includes a success flag indicating if the operation succeeded. Operation will be marked as failed if trying
         * to operate modulo 0 or if the underlying precompile reverted.
         *
         * IMPORTANT: The result is only valid if the success flag is true. When using this function, make sure the chain
         * you're using it on supports the precompiled contract for modular exponentiation at address 0x05 as specified in
         * https://eips.ethereum.org/EIPS/eip-198[EIP-198]. Otherwise, the underlying function will succeed given the lack
         * of a revert, but the result may be incorrectly interpreted as 0.
         */
        function tryModExp(uint256 b, uint256 e, uint256 m) internal view returns (bool success, uint256 result) {
            if (m == 0) return (false, 0);
            assembly ("memory-safe") {
                let ptr := mload(0x40)
                // | Offset    | Content    | Content (Hex)                                                      |
                // |-----------|------------|--------------------------------------------------------------------|
                // | 0x00:0x1f | size of b  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x20:0x3f | size of e  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x40:0x5f | size of m  | 0x0000000000000000000000000000000000000000000000000000000000000020 |
                // | 0x60:0x7f | value of b | 0x<.............................................................b> |
                // | 0x80:0x9f | value of e | 0x<.............................................................e> |
                // | 0xa0:0xbf | value of m | 0x<.............................................................m> |
                mstore(ptr, 0x20)
                mstore(add(ptr, 0x20), 0x20)
                mstore(add(ptr, 0x40), 0x20)
                mstore(add(ptr, 0x60), b)
                mstore(add(ptr, 0x80), e)
                mstore(add(ptr, 0xa0), m)
    
                // Given the result < m, it's guaranteed to fit in 32 bytes,
                // so we can use the memory scratch space located at offset 0.
                success := staticcall(gas(), 0x05, ptr, 0xc0, 0x00, 0x20)
                result := mload(0x00)
            }
        }
    
        /**
         * @dev Variant of {modExp} that supports inputs of arbitrary length.
         */
        function modExp(bytes memory b, bytes memory e, bytes memory m) internal view returns (bytes memory) {
            (bool success, bytes memory result) = tryModExp(b, e, m);
            if (!success) {
                Panic.panic(Panic.DIVISION_BY_ZERO);
            }
            return result;
        }
    
        /**
         * @dev Variant of {tryModExp} that supports inputs of arbitrary length.
         */
        function tryModExp(
            bytes memory b,
            bytes memory e,
            bytes memory m
        ) internal view returns (bool success, bytes memory result) {
            if (_zeroBytes(m)) return (false, new bytes(0));
    
            uint256 mLen = m.length;
    
            // Encode call args in result and move the free memory pointer
            result = abi.encodePacked(b.length, e.length, mLen, b, e, m);
    
            assembly ("memory-safe") {
                let dataPtr := add(result, 0x20)
                // Write result on top of args to avoid allocating extra memory.
                success := staticcall(gas(), 0x05, dataPtr, mload(result), dataPtr, mLen)
                // Overwrite the length.
                // result.length > returndatasize() is guaranteed because returndatasize() == m.length
                mstore(result, mLen)
                // Set the memory pointer after the returned data.
                mstore(0x40, add(dataPtr, mLen))
            }
        }
    
        /**
         * @dev Returns whether the provided byte array is zero.
         */
        function _zeroBytes(bytes memory byteArray) private pure returns (bool) {
            for (uint256 i = 0; i < byteArray.length; ++i) {
                if (byteArray[i] != 0) {
                    return false;
                }
            }
            return true;
        }
    
        /**
         * @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
         * towards zero.
         *
         * This method is based on Newton's method for computing square roots; the algorithm is restricted to only
         * using integer operations.
         */
        function sqrt(uint256 a) internal pure returns (uint256) {
            unchecked {
                // Take care of easy edge cases when a == 0 or a == 1
                if (a <= 1) {
                    return a;
                }
    
                // In this function, we use Newton's method to get a root of `f(x) := x² - a`. It involves building a
                // sequence x_n that converges toward sqrt(a). For each iteration x_n, we also define the error between
                // the current value as `ε_n = | x_n - sqrt(a) |`.
                //
                // For our first estimation, we consider `e` the smallest power of 2 which is bigger than the square root
                // of the target. (i.e. `2**(e-1) ≤ sqrt(a) < 2**e`). We know that `e ≤ 128` because `(2¹²⁸)² = 2²⁵⁶` is
                // bigger than any uint256.
                //
                // By noticing that
                // `2**(e-1) ≤ sqrt(a) < 2**e → (2**(e-1))² ≤ a < (2**e)² → 2**(2*e-2) ≤ a < 2**(2*e)`
                // we can deduce that `e - 1` is `log2(a) / 2`. We can thus compute `x_n = 2**(e-1)` using a method similar
                // to the msb function.
                uint256 aa = a;
                uint256 xn = 1;
    
                if (aa >= (1 << 128)) {
                    aa >>= 128;
                    xn <<= 64;
                }
                if (aa >= (1 << 64)) {
                    aa >>= 64;
                    xn <<= 32;
                }
                if (aa >= (1 << 32)) {
                    aa >>= 32;
                    xn <<= 16;
                }
                if (aa >= (1 << 16)) {
                    aa >>= 16;
                    xn <<= 8;
                }
                if (aa >= (1 << 8)) {
                    aa >>= 8;
                    xn <<= 4;
                }
                if (aa >= (1 << 4)) {
                    aa >>= 4;
                    xn <<= 2;
                }
                if (aa >= (1 << 2)) {
                    xn <<= 1;
                }
    
                // We now have x_n such that `x_n = 2**(e-1) ≤ sqrt(a) < 2**e = 2 * x_n`. This implies ε_n ≤ 2**(e-1).
                //
                // We can refine our estimation by noticing that the middle of that interval minimizes the error.
                // If we move x_n to equal 2**(e-1) + 2**(e-2), then we reduce the error to ε_n ≤ 2**(e-2).
                // This is going to be our x_0 (and ε_0)
                xn = (3 * xn) >> 1; // ε_0 := | x_0 - sqrt(a) | ≤ 2**(e-2)
    
                // From here, Newton's method give us:
                // x_{n+1} = (x_n + a / x_n) / 2
                //
                // One should note that:
                // x_{n+1}² - a = ((x_n + a / x_n) / 2)² - a
                //              = ((x_n² + a) / (2 * x_n))² - a
                //              = (x_n⁴ + 2 * a * x_n² + a²) / (4 * x_n²) - a
                //              = (x_n⁴ + 2 * a * x_n² + a² - 4 * a * x_n²) / (4 * x_n²)
                //              = (x_n⁴ - 2 * a * x_n² + a²) / (4 * x_n²)
                //              = (x_n² - a)² / (2 * x_n)²
                //              = ((x_n² - a) / (2 * x_n))²
                //              ≥ 0
                // Which proves that for all n ≥ 1, sqrt(a) ≤ x_n
                //
                // This gives us the proof of quadratic convergence of the sequence:
                // ε_{n+1} = | x_{n+1} - sqrt(a) |
                //         = | (x_n + a / x_n) / 2 - sqrt(a) |
                //         = | (x_n² + a - 2*x_n*sqrt(a)) / (2 * x_n) |
                //         = | (x_n - sqrt(a))² / (2 * x_n) |
                //         = | ε_n² / (2 * x_n) |
                //         = ε_n² / | (2 * x_n) |
                //
                // For the first iteration, we have a special case where x_0 is known:
                // ε_1 = ε_0² / | (2 * x_0) |
                //     ≤ (2**(e-2))² / (2 * (2**(e-1) + 2**(e-2)))
                //     ≤ 2**(2*e-4) / (3 * 2**(e-1))
                //     ≤ 2**(e-3) / 3
                //     ≤ 2**(e-3-log2(3))
                //     ≤ 2**(e-4.5)
                //
                // For the following iterations, we use the fact that, 2**(e-1) ≤ sqrt(a) ≤ x_n:
                // ε_{n+1} = ε_n² / | (2 * x_n) |
                //         ≤ (2**(e-k))² / (2 * 2**(e-1))
                //         ≤ 2**(2*e-2*k) / 2**e
                //         ≤ 2**(e-2*k)
                xn = (xn + a / xn) >> 1; // ε_1 := | x_1 - sqrt(a) | ≤ 2**(e-4.5)  -- special case, see above
                xn = (xn + a / xn) >> 1; // ε_2 := | x_2 - sqrt(a) | ≤ 2**(e-9)    -- general case with k = 4.5
                xn = (xn + a / xn) >> 1; // ε_3 := | x_3 - sqrt(a) | ≤ 2**(e-18)   -- general case with k = 9
                xn = (xn + a / xn) >> 1; // ε_4 := | x_4 - sqrt(a) | ≤ 2**(e-36)   -- general case with k = 18
                xn = (xn + a / xn) >> 1; // ε_5 := | x_5 - sqrt(a) | ≤ 2**(e-72)   -- general case with k = 36
                xn = (xn + a / xn) >> 1; // ε_6 := | x_6 - sqrt(a) | ≤ 2**(e-144)  -- general case with k = 72
    
                // Because e ≤ 128 (as discussed during the first estimation phase), we know have reached a precision
                // ε_6 ≤ 2**(e-144) < 1. Given we're operating on integers, then we can ensure that xn is now either
                // sqrt(a) or sqrt(a) + 1.
                return xn - SafeCast.toUint(xn > a / xn);
            }
        }
    
        /**
         * @dev Calculates sqrt(a), following the selected rounding direction.
         */
        function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = sqrt(a);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && result * result < a);
            }
        }
    
        /**
         * @dev Return the log in base 2 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         */
        function log2(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            uint256 exp;
            unchecked {
                exp = 128 * SafeCast.toUint(value > (1 << 128) - 1);
                value >>= exp;
                result += exp;
    
                exp = 64 * SafeCast.toUint(value > (1 << 64) - 1);
                value >>= exp;
                result += exp;
    
                exp = 32 * SafeCast.toUint(value > (1 << 32) - 1);
                value >>= exp;
                result += exp;
    
                exp = 16 * SafeCast.toUint(value > (1 << 16) - 1);
                value >>= exp;
                result += exp;
    
                exp = 8 * SafeCast.toUint(value > (1 << 8) - 1);
                value >>= exp;
                result += exp;
    
                exp = 4 * SafeCast.toUint(value > (1 << 4) - 1);
                value >>= exp;
                result += exp;
    
                exp = 2 * SafeCast.toUint(value > (1 << 2) - 1);
                value >>= exp;
                result += exp;
    
                result += SafeCast.toUint(value > 1);
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 2, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log2(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << result < value);
            }
        }
    
        /**
         * @dev Return the log in base 10 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         */
        function log10(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            unchecked {
                if (value >= 10 ** 64) {
                    value /= 10 ** 64;
                    result += 64;
                }
                if (value >= 10 ** 32) {
                    value /= 10 ** 32;
                    result += 32;
                }
                if (value >= 10 ** 16) {
                    value /= 10 ** 16;
                    result += 16;
                }
                if (value >= 10 ** 8) {
                    value /= 10 ** 8;
                    result += 8;
                }
                if (value >= 10 ** 4) {
                    value /= 10 ** 4;
                    result += 4;
                }
                if (value >= 10 ** 2) {
                    value /= 10 ** 2;
                    result += 2;
                }
                if (value >= 10 ** 1) {
                    result += 1;
                }
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 10, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log10(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 10 ** result < value);
            }
        }
    
        /**
         * @dev Return the log in base 256 of a positive value rounded towards zero.
         * Returns 0 if given 0.
         *
         * Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
         */
        function log256(uint256 value) internal pure returns (uint256) {
            uint256 result = 0;
            uint256 isGt;
            unchecked {
                isGt = SafeCast.toUint(value > (1 << 128) - 1);
                value >>= isGt * 128;
                result += isGt * 16;
    
                isGt = SafeCast.toUint(value > (1 << 64) - 1);
                value >>= isGt * 64;
                result += isGt * 8;
    
                isGt = SafeCast.toUint(value > (1 << 32) - 1);
                value >>= isGt * 32;
                result += isGt * 4;
    
                isGt = SafeCast.toUint(value > (1 << 16) - 1);
                value >>= isGt * 16;
                result += isGt * 2;
    
                result += SafeCast.toUint(value > (1 << 8) - 1);
            }
            return result;
        }
    
        /**
         * @dev Return the log in base 256, following the selected rounding direction, of a positive value.
         * Returns 0 if given 0.
         */
        function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
            unchecked {
                uint256 result = log256(value);
                return result + SafeCast.toUint(unsignedRoundsUp(rounding) && 1 << (result << 3) < value);
            }
        }
    
        /**
         * @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
         */
        function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
            return uint8(rounding) % 2 == 1;
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SafeCast.sol)
    // This file was procedurally generated from scripts/generate/templates/SafeCast.js.
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Wrappers over Solidity's uintXX/intXX/bool casting operators with added overflow
     * checks.
     *
     * Downcasting from uint256/int256 in Solidity does not revert on overflow. This can
     * easily result in undesired exploitation or bugs, since developers usually
     * assume that overflows raise errors. `SafeCast` restores this intuition by
     * reverting the transaction when such an operation overflows.
     *
     * Using this library instead of the unchecked operations eliminates an entire
     * class of bugs, so it's recommended to use it always.
     */
    library SafeCast {
        /**
         * @dev Value doesn't fit in an uint of `bits` size.
         */
        error SafeCastOverflowedUintDowncast(uint8 bits, uint256 value);
    
        /**
         * @dev An int value doesn't fit in an uint of `bits` size.
         */
        error SafeCastOverflowedIntToUint(int256 value);
    
        /**
         * @dev Value doesn't fit in an int of `bits` size.
         */
        error SafeCastOverflowedIntDowncast(uint8 bits, int256 value);
    
        /**
         * @dev An uint value doesn't fit in an int of `bits` size.
         */
        error SafeCastOverflowedUintToInt(uint256 value);
    
        /**
         * @dev Returns the downcasted uint248 from uint256, reverting on
         * overflow (when the input is greater than largest uint248).
         *
         * Counterpart to Solidity's `uint248` operator.
         *
         * Requirements:
         *
         * - input must fit into 248 bits
         */
        function toUint248(uint256 value) internal pure returns (uint248) {
            if (value > type(uint248).max) {
                revert SafeCastOverflowedUintDowncast(248, value);
            }
            return uint248(value);
        }
    
        /**
         * @dev Returns the downcasted uint240 from uint256, reverting on
         * overflow (when the input is greater than largest uint240).
         *
         * Counterpart to Solidity's `uint240` operator.
         *
         * Requirements:
         *
         * - input must fit into 240 bits
         */
        function toUint240(uint256 value) internal pure returns (uint240) {
            if (value > type(uint240).max) {
                revert SafeCastOverflowedUintDowncast(240, value);
            }
            return uint240(value);
        }
    
        /**
         * @dev Returns the downcasted uint232 from uint256, reverting on
         * overflow (when the input is greater than largest uint232).
         *
         * Counterpart to Solidity's `uint232` operator.
         *
         * Requirements:
         *
         * - input must fit into 232 bits
         */
        function toUint232(uint256 value) internal pure returns (uint232) {
            if (value > type(uint232).max) {
                revert SafeCastOverflowedUintDowncast(232, value);
            }
            return uint232(value);
        }
    
        /**
         * @dev Returns the downcasted uint224 from uint256, reverting on
         * overflow (when the input is greater than largest uint224).
         *
         * Counterpart to Solidity's `uint224` operator.
         *
         * Requirements:
         *
         * - input must fit into 224 bits
         */
        function toUint224(uint256 value) internal pure returns (uint224) {
            if (value > type(uint224).max) {
                revert SafeCastOverflowedUintDowncast(224, value);
            }
            return uint224(value);
        }
    
        /**
         * @dev Returns the downcasted uint216 from uint256, reverting on
         * overflow (when the input is greater than largest uint216).
         *
         * Counterpart to Solidity's `uint216` operator.
         *
         * Requirements:
         *
         * - input must fit into 216 bits
         */
        function toUint216(uint256 value) internal pure returns (uint216) {
            if (value > type(uint216).max) {
                revert SafeCastOverflowedUintDowncast(216, value);
            }
            return uint216(value);
        }
    
        /**
         * @dev Returns the downcasted uint208 from uint256, reverting on
         * overflow (when the input is greater than largest uint208).
         *
         * Counterpart to Solidity's `uint208` operator.
         *
         * Requirements:
         *
         * - input must fit into 208 bits
         */
        function toUint208(uint256 value) internal pure returns (uint208) {
            if (value > type(uint208).max) {
                revert SafeCastOverflowedUintDowncast(208, value);
            }
            return uint208(value);
        }
    
        /**
         * @dev Returns the downcasted uint200 from uint256, reverting on
         * overflow (when the input is greater than largest uint200).
         *
         * Counterpart to Solidity's `uint200` operator.
         *
         * Requirements:
         *
         * - input must fit into 200 bits
         */
        function toUint200(uint256 value) internal pure returns (uint200) {
            if (value > type(uint200).max) {
                revert SafeCastOverflowedUintDowncast(200, value);
            }
            return uint200(value);
        }
    
        /**
         * @dev Returns the downcasted uint192 from uint256, reverting on
         * overflow (when the input is greater than largest uint192).
         *
         * Counterpart to Solidity's `uint192` operator.
         *
         * Requirements:
         *
         * - input must fit into 192 bits
         */
        function toUint192(uint256 value) internal pure returns (uint192) {
            if (value > type(uint192).max) {
                revert SafeCastOverflowedUintDowncast(192, value);
            }
            return uint192(value);
        }
    
        /**
         * @dev Returns the downcasted uint184 from uint256, reverting on
         * overflow (when the input is greater than largest uint184).
         *
         * Counterpart to Solidity's `uint184` operator.
         *
         * Requirements:
         *
         * - input must fit into 184 bits
         */
        function toUint184(uint256 value) internal pure returns (uint184) {
            if (value > type(uint184).max) {
                revert SafeCastOverflowedUintDowncast(184, value);
            }
            return uint184(value);
        }
    
        /**
         * @dev Returns the downcasted uint176 from uint256, reverting on
         * overflow (when the input is greater than largest uint176).
         *
         * Counterpart to Solidity's `uint176` operator.
         *
         * Requirements:
         *
         * - input must fit into 176 bits
         */
        function toUint176(uint256 value) internal pure returns (uint176) {
            if (value > type(uint176).max) {
                revert SafeCastOverflowedUintDowncast(176, value);
            }
            return uint176(value);
        }
    
        /**
         * @dev Returns the downcasted uint168 from uint256, reverting on
         * overflow (when the input is greater than largest uint168).
         *
         * Counterpart to Solidity's `uint168` operator.
         *
         * Requirements:
         *
         * - input must fit into 168 bits
         */
        function toUint168(uint256 value) internal pure returns (uint168) {
            if (value > type(uint168).max) {
                revert SafeCastOverflowedUintDowncast(168, value);
            }
            return uint168(value);
        }
    
        /**
         * @dev Returns the downcasted uint160 from uint256, reverting on
         * overflow (when the input is greater than largest uint160).
         *
         * Counterpart to Solidity's `uint160` operator.
         *
         * Requirements:
         *
         * - input must fit into 160 bits
         */
        function toUint160(uint256 value) internal pure returns (uint160) {
            if (value > type(uint160).max) {
                revert SafeCastOverflowedUintDowncast(160, value);
            }
            return uint160(value);
        }
    
        /**
         * @dev Returns the downcasted uint152 from uint256, reverting on
         * overflow (when the input is greater than largest uint152).
         *
         * Counterpart to Solidity's `uint152` operator.
         *
         * Requirements:
         *
         * - input must fit into 152 bits
         */
        function toUint152(uint256 value) internal pure returns (uint152) {
            if (value > type(uint152).max) {
                revert SafeCastOverflowedUintDowncast(152, value);
            }
            return uint152(value);
        }
    
        /**
         * @dev Returns the downcasted uint144 from uint256, reverting on
         * overflow (when the input is greater than largest uint144).
         *
         * Counterpart to Solidity's `uint144` operator.
         *
         * Requirements:
         *
         * - input must fit into 144 bits
         */
        function toUint144(uint256 value) internal pure returns (uint144) {
            if (value > type(uint144).max) {
                revert SafeCastOverflowedUintDowncast(144, value);
            }
            return uint144(value);
        }
    
        /**
         * @dev Returns the downcasted uint136 from uint256, reverting on
         * overflow (when the input is greater than largest uint136).
         *
         * Counterpart to Solidity's `uint136` operator.
         *
         * Requirements:
         *
         * - input must fit into 136 bits
         */
        function toUint136(uint256 value) internal pure returns (uint136) {
            if (value > type(uint136).max) {
                revert SafeCastOverflowedUintDowncast(136, value);
            }
            return uint136(value);
        }
    
        /**
         * @dev Returns the downcasted uint128 from uint256, reverting on
         * overflow (when the input is greater than largest uint128).
         *
         * Counterpart to Solidity's `uint128` operator.
         *
         * Requirements:
         *
         * - input must fit into 128 bits
         */
        function toUint128(uint256 value) internal pure returns (uint128) {
            if (value > type(uint128).max) {
                revert SafeCastOverflowedUintDowncast(128, value);
            }
            return uint128(value);
        }
    
        /**
         * @dev Returns the downcasted uint120 from uint256, reverting on
         * overflow (when the input is greater than largest uint120).
         *
         * Counterpart to Solidity's `uint120` operator.
         *
         * Requirements:
         *
         * - input must fit into 120 bits
         */
        function toUint120(uint256 value) internal pure returns (uint120) {
            if (value > type(uint120).max) {
                revert SafeCastOverflowedUintDowncast(120, value);
            }
            return uint120(value);
        }
    
        /**
         * @dev Returns the downcasted uint112 from uint256, reverting on
         * overflow (when the input is greater than largest uint112).
         *
         * Counterpart to Solidity's `uint112` operator.
         *
         * Requirements:
         *
         * - input must fit into 112 bits
         */
        function toUint112(uint256 value) internal pure returns (uint112) {
            if (value > type(uint112).max) {
                revert SafeCastOverflowedUintDowncast(112, value);
            }
            return uint112(value);
        }
    
        /**
         * @dev Returns the downcasted uint104 from uint256, reverting on
         * overflow (when the input is greater than largest uint104).
         *
         * Counterpart to Solidity's `uint104` operator.
         *
         * Requirements:
         *
         * - input must fit into 104 bits
         */
        function toUint104(uint256 value) internal pure returns (uint104) {
            if (value > type(uint104).max) {
                revert SafeCastOverflowedUintDowncast(104, value);
            }
            return uint104(value);
        }
    
        /**
         * @dev Returns the downcasted uint96 from uint256, reverting on
         * overflow (when the input is greater than largest uint96).
         *
         * Counterpart to Solidity's `uint96` operator.
         *
         * Requirements:
         *
         * - input must fit into 96 bits
         */
        function toUint96(uint256 value) internal pure returns (uint96) {
            if (value > type(uint96).max) {
                revert SafeCastOverflowedUintDowncast(96, value);
            }
            return uint96(value);
        }
    
        /**
         * @dev Returns the downcasted uint88 from uint256, reverting on
         * overflow (when the input is greater than largest uint88).
         *
         * Counterpart to Solidity's `uint88` operator.
         *
         * Requirements:
         *
         * - input must fit into 88 bits
         */
        function toUint88(uint256 value) internal pure returns (uint88) {
            if (value > type(uint88).max) {
                revert SafeCastOverflowedUintDowncast(88, value);
            }
            return uint88(value);
        }
    
        /**
         * @dev Returns the downcasted uint80 from uint256, reverting on
         * overflow (when the input is greater than largest uint80).
         *
         * Counterpart to Solidity's `uint80` operator.
         *
         * Requirements:
         *
         * - input must fit into 80 bits
         */
        function toUint80(uint256 value) internal pure returns (uint80) {
            if (value > type(uint80).max) {
                revert SafeCastOverflowedUintDowncast(80, value);
            }
            return uint80(value);
        }
    
        /**
         * @dev Returns the downcasted uint72 from uint256, reverting on
         * overflow (when the input is greater than largest uint72).
         *
         * Counterpart to Solidity's `uint72` operator.
         *
         * Requirements:
         *
         * - input must fit into 72 bits
         */
        function toUint72(uint256 value) internal pure returns (uint72) {
            if (value > type(uint72).max) {
                revert SafeCastOverflowedUintDowncast(72, value);
            }
            return uint72(value);
        }
    
        /**
         * @dev Returns the downcasted uint64 from uint256, reverting on
         * overflow (when the input is greater than largest uint64).
         *
         * Counterpart to Solidity's `uint64` operator.
         *
         * Requirements:
         *
         * - input must fit into 64 bits
         */
        function toUint64(uint256 value) internal pure returns (uint64) {
            if (value > type(uint64).max) {
                revert SafeCastOverflowedUintDowncast(64, value);
            }
            return uint64(value);
        }
    
        /**
         * @dev Returns the downcasted uint56 from uint256, reverting on
         * overflow (when the input is greater than largest uint56).
         *
         * Counterpart to Solidity's `uint56` operator.
         *
         * Requirements:
         *
         * - input must fit into 56 bits
         */
        function toUint56(uint256 value) internal pure returns (uint56) {
            if (value > type(uint56).max) {
                revert SafeCastOverflowedUintDowncast(56, value);
            }
            return uint56(value);
        }
    
        /**
         * @dev Returns the downcasted uint48 from uint256, reverting on
         * overflow (when the input is greater than largest uint48).
         *
         * Counterpart to Solidity's `uint48` operator.
         *
         * Requirements:
         *
         * - input must fit into 48 bits
         */
        function toUint48(uint256 value) internal pure returns (uint48) {
            if (value > type(uint48).max) {
                revert SafeCastOverflowedUintDowncast(48, value);
            }
            return uint48(value);
        }
    
        /**
         * @dev Returns the downcasted uint40 from uint256, reverting on
         * overflow (when the input is greater than largest uint40).
         *
         * Counterpart to Solidity's `uint40` operator.
         *
         * Requirements:
         *
         * - input must fit into 40 bits
         */
        function toUint40(uint256 value) internal pure returns (uint40) {
            if (value > type(uint40).max) {
                revert SafeCastOverflowedUintDowncast(40, value);
            }
            return uint40(value);
        }
    
        /**
         * @dev Returns the downcasted uint32 from uint256, reverting on
         * overflow (when the input is greater than largest uint32).
         *
         * Counterpart to Solidity's `uint32` operator.
         *
         * Requirements:
         *
         * - input must fit into 32 bits
         */
        function toUint32(uint256 value) internal pure returns (uint32) {
            if (value > type(uint32).max) {
                revert SafeCastOverflowedUintDowncast(32, value);
            }
            return uint32(value);
        }
    
        /**
         * @dev Returns the downcasted uint24 from uint256, reverting on
         * overflow (when the input is greater than largest uint24).
         *
         * Counterpart to Solidity's `uint24` operator.
         *
         * Requirements:
         *
         * - input must fit into 24 bits
         */
        function toUint24(uint256 value) internal pure returns (uint24) {
            if (value > type(uint24).max) {
                revert SafeCastOverflowedUintDowncast(24, value);
            }
            return uint24(value);
        }
    
        /**
         * @dev Returns the downcasted uint16 from uint256, reverting on
         * overflow (when the input is greater than largest uint16).
         *
         * Counterpart to Solidity's `uint16` operator.
         *
         * Requirements:
         *
         * - input must fit into 16 bits
         */
        function toUint16(uint256 value) internal pure returns (uint16) {
            if (value > type(uint16).max) {
                revert SafeCastOverflowedUintDowncast(16, value);
            }
            return uint16(value);
        }
    
        /**
         * @dev Returns the downcasted uint8 from uint256, reverting on
         * overflow (when the input is greater than largest uint8).
         *
         * Counterpart to Solidity's `uint8` operator.
         *
         * Requirements:
         *
         * - input must fit into 8 bits
         */
        function toUint8(uint256 value) internal pure returns (uint8) {
            if (value > type(uint8).max) {
                revert SafeCastOverflowedUintDowncast(8, value);
            }
            return uint8(value);
        }
    
        /**
         * @dev Converts a signed int256 into an unsigned uint256.
         *
         * Requirements:
         *
         * - input must be greater than or equal to 0.
         */
        function toUint256(int256 value) internal pure returns (uint256) {
            if (value < 0) {
                revert SafeCastOverflowedIntToUint(value);
            }
            return uint256(value);
        }
    
        /**
         * @dev Returns the downcasted int248 from int256, reverting on
         * overflow (when the input is less than smallest int248 or
         * greater than largest int248).
         *
         * Counterpart to Solidity's `int248` operator.
         *
         * Requirements:
         *
         * - input must fit into 248 bits
         */
        function toInt248(int256 value) internal pure returns (int248 downcasted) {
            downcasted = int248(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(248, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int240 from int256, reverting on
         * overflow (when the input is less than smallest int240 or
         * greater than largest int240).
         *
         * Counterpart to Solidity's `int240` operator.
         *
         * Requirements:
         *
         * - input must fit into 240 bits
         */
        function toInt240(int256 value) internal pure returns (int240 downcasted) {
            downcasted = int240(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(240, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int232 from int256, reverting on
         * overflow (when the input is less than smallest int232 or
         * greater than largest int232).
         *
         * Counterpart to Solidity's `int232` operator.
         *
         * Requirements:
         *
         * - input must fit into 232 bits
         */
        function toInt232(int256 value) internal pure returns (int232 downcasted) {
            downcasted = int232(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(232, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int224 from int256, reverting on
         * overflow (when the input is less than smallest int224 or
         * greater than largest int224).
         *
         * Counterpart to Solidity's `int224` operator.
         *
         * Requirements:
         *
         * - input must fit into 224 bits
         */
        function toInt224(int256 value) internal pure returns (int224 downcasted) {
            downcasted = int224(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(224, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int216 from int256, reverting on
         * overflow (when the input is less than smallest int216 or
         * greater than largest int216).
         *
         * Counterpart to Solidity's `int216` operator.
         *
         * Requirements:
         *
         * - input must fit into 216 bits
         */
        function toInt216(int256 value) internal pure returns (int216 downcasted) {
            downcasted = int216(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(216, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int208 from int256, reverting on
         * overflow (when the input is less than smallest int208 or
         * greater than largest int208).
         *
         * Counterpart to Solidity's `int208` operator.
         *
         * Requirements:
         *
         * - input must fit into 208 bits
         */
        function toInt208(int256 value) internal pure returns (int208 downcasted) {
            downcasted = int208(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(208, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int200 from int256, reverting on
         * overflow (when the input is less than smallest int200 or
         * greater than largest int200).
         *
         * Counterpart to Solidity's `int200` operator.
         *
         * Requirements:
         *
         * - input must fit into 200 bits
         */
        function toInt200(int256 value) internal pure returns (int200 downcasted) {
            downcasted = int200(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(200, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int192 from int256, reverting on
         * overflow (when the input is less than smallest int192 or
         * greater than largest int192).
         *
         * Counterpart to Solidity's `int192` operator.
         *
         * Requirements:
         *
         * - input must fit into 192 bits
         */
        function toInt192(int256 value) internal pure returns (int192 downcasted) {
            downcasted = int192(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(192, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int184 from int256, reverting on
         * overflow (when the input is less than smallest int184 or
         * greater than largest int184).
         *
         * Counterpart to Solidity's `int184` operator.
         *
         * Requirements:
         *
         * - input must fit into 184 bits
         */
        function toInt184(int256 value) internal pure returns (int184 downcasted) {
            downcasted = int184(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(184, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int176 from int256, reverting on
         * overflow (when the input is less than smallest int176 or
         * greater than largest int176).
         *
         * Counterpart to Solidity's `int176` operator.
         *
         * Requirements:
         *
         * - input must fit into 176 bits
         */
        function toInt176(int256 value) internal pure returns (int176 downcasted) {
            downcasted = int176(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(176, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int168 from int256, reverting on
         * overflow (when the input is less than smallest int168 or
         * greater than largest int168).
         *
         * Counterpart to Solidity's `int168` operator.
         *
         * Requirements:
         *
         * - input must fit into 168 bits
         */
        function toInt168(int256 value) internal pure returns (int168 downcasted) {
            downcasted = int168(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(168, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int160 from int256, reverting on
         * overflow (when the input is less than smallest int160 or
         * greater than largest int160).
         *
         * Counterpart to Solidity's `int160` operator.
         *
         * Requirements:
         *
         * - input must fit into 160 bits
         */
        function toInt160(int256 value) internal pure returns (int160 downcasted) {
            downcasted = int160(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(160, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int152 from int256, reverting on
         * overflow (when the input is less than smallest int152 or
         * greater than largest int152).
         *
         * Counterpart to Solidity's `int152` operator.
         *
         * Requirements:
         *
         * - input must fit into 152 bits
         */
        function toInt152(int256 value) internal pure returns (int152 downcasted) {
            downcasted = int152(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(152, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int144 from int256, reverting on
         * overflow (when the input is less than smallest int144 or
         * greater than largest int144).
         *
         * Counterpart to Solidity's `int144` operator.
         *
         * Requirements:
         *
         * - input must fit into 144 bits
         */
        function toInt144(int256 value) internal pure returns (int144 downcasted) {
            downcasted = int144(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(144, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int136 from int256, reverting on
         * overflow (when the input is less than smallest int136 or
         * greater than largest int136).
         *
         * Counterpart to Solidity's `int136` operator.
         *
         * Requirements:
         *
         * - input must fit into 136 bits
         */
        function toInt136(int256 value) internal pure returns (int136 downcasted) {
            downcasted = int136(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(136, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int128 from int256, reverting on
         * overflow (when the input is less than smallest int128 or
         * greater than largest int128).
         *
         * Counterpart to Solidity's `int128` operator.
         *
         * Requirements:
         *
         * - input must fit into 128 bits
         */
        function toInt128(int256 value) internal pure returns (int128 downcasted) {
            downcasted = int128(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(128, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int120 from int256, reverting on
         * overflow (when the input is less than smallest int120 or
         * greater than largest int120).
         *
         * Counterpart to Solidity's `int120` operator.
         *
         * Requirements:
         *
         * - input must fit into 120 bits
         */
        function toInt120(int256 value) internal pure returns (int120 downcasted) {
            downcasted = int120(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(120, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int112 from int256, reverting on
         * overflow (when the input is less than smallest int112 or
         * greater than largest int112).
         *
         * Counterpart to Solidity's `int112` operator.
         *
         * Requirements:
         *
         * - input must fit into 112 bits
         */
        function toInt112(int256 value) internal pure returns (int112 downcasted) {
            downcasted = int112(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(112, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int104 from int256, reverting on
         * overflow (when the input is less than smallest int104 or
         * greater than largest int104).
         *
         * Counterpart to Solidity's `int104` operator.
         *
         * Requirements:
         *
         * - input must fit into 104 bits
         */
        function toInt104(int256 value) internal pure returns (int104 downcasted) {
            downcasted = int104(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(104, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int96 from int256, reverting on
         * overflow (when the input is less than smallest int96 or
         * greater than largest int96).
         *
         * Counterpart to Solidity's `int96` operator.
         *
         * Requirements:
         *
         * - input must fit into 96 bits
         */
        function toInt96(int256 value) internal pure returns (int96 downcasted) {
            downcasted = int96(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(96, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int88 from int256, reverting on
         * overflow (when the input is less than smallest int88 or
         * greater than largest int88).
         *
         * Counterpart to Solidity's `int88` operator.
         *
         * Requirements:
         *
         * - input must fit into 88 bits
         */
        function toInt88(int256 value) internal pure returns (int88 downcasted) {
            downcasted = int88(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(88, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int80 from int256, reverting on
         * overflow (when the input is less than smallest int80 or
         * greater than largest int80).
         *
         * Counterpart to Solidity's `int80` operator.
         *
         * Requirements:
         *
         * - input must fit into 80 bits
         */
        function toInt80(int256 value) internal pure returns (int80 downcasted) {
            downcasted = int80(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(80, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int72 from int256, reverting on
         * overflow (when the input is less than smallest int72 or
         * greater than largest int72).
         *
         * Counterpart to Solidity's `int72` operator.
         *
         * Requirements:
         *
         * - input must fit into 72 bits
         */
        function toInt72(int256 value) internal pure returns (int72 downcasted) {
            downcasted = int72(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(72, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int64 from int256, reverting on
         * overflow (when the input is less than smallest int64 or
         * greater than largest int64).
         *
         * Counterpart to Solidity's `int64` operator.
         *
         * Requirements:
         *
         * - input must fit into 64 bits
         */
        function toInt64(int256 value) internal pure returns (int64 downcasted) {
            downcasted = int64(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(64, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int56 from int256, reverting on
         * overflow (when the input is less than smallest int56 or
         * greater than largest int56).
         *
         * Counterpart to Solidity's `int56` operator.
         *
         * Requirements:
         *
         * - input must fit into 56 bits
         */
        function toInt56(int256 value) internal pure returns (int56 downcasted) {
            downcasted = int56(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(56, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int48 from int256, reverting on
         * overflow (when the input is less than smallest int48 or
         * greater than largest int48).
         *
         * Counterpart to Solidity's `int48` operator.
         *
         * Requirements:
         *
         * - input must fit into 48 bits
         */
        function toInt48(int256 value) internal pure returns (int48 downcasted) {
            downcasted = int48(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(48, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int40 from int256, reverting on
         * overflow (when the input is less than smallest int40 or
         * greater than largest int40).
         *
         * Counterpart to Solidity's `int40` operator.
         *
         * Requirements:
         *
         * - input must fit into 40 bits
         */
        function toInt40(int256 value) internal pure returns (int40 downcasted) {
            downcasted = int40(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(40, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int32 from int256, reverting on
         * overflow (when the input is less than smallest int32 or
         * greater than largest int32).
         *
         * Counterpart to Solidity's `int32` operator.
         *
         * Requirements:
         *
         * - input must fit into 32 bits
         */
        function toInt32(int256 value) internal pure returns (int32 downcasted) {
            downcasted = int32(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(32, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int24 from int256, reverting on
         * overflow (when the input is less than smallest int24 or
         * greater than largest int24).
         *
         * Counterpart to Solidity's `int24` operator.
         *
         * Requirements:
         *
         * - input must fit into 24 bits
         */
        function toInt24(int256 value) internal pure returns (int24 downcasted) {
            downcasted = int24(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(24, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int16 from int256, reverting on
         * overflow (when the input is less than smallest int16 or
         * greater than largest int16).
         *
         * Counterpart to Solidity's `int16` operator.
         *
         * Requirements:
         *
         * - input must fit into 16 bits
         */
        function toInt16(int256 value) internal pure returns (int16 downcasted) {
            downcasted = int16(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(16, value);
            }
        }
    
        /**
         * @dev Returns the downcasted int8 from int256, reverting on
         * overflow (when the input is less than smallest int8 or
         * greater than largest int8).
         *
         * Counterpart to Solidity's `int8` operator.
         *
         * Requirements:
         *
         * - input must fit into 8 bits
         */
        function toInt8(int256 value) internal pure returns (int8 downcasted) {
            downcasted = int8(value);
            if (downcasted != value) {
                revert SafeCastOverflowedIntDowncast(8, value);
            }
        }
    
        /**
         * @dev Converts an unsigned uint256 into a signed int256.
         *
         * Requirements:
         *
         * - input must be less than or equal to maxInt256.
         */
        function toInt256(uint256 value) internal pure returns (int256) {
            // Note: Unsafe cast below is okay because `type(int256).max` is guaranteed to be positive
            if (value > uint256(type(int256).max)) {
                revert SafeCastOverflowedUintToInt(value);
            }
            return int256(value);
        }
    
        /**
         * @dev Cast a boolean (false or true) to a uint256 (0 or 1) with no jump.
         */
        function toUint(bool b) internal pure returns (uint256 u) {
            assembly ("memory-safe") {
                u := iszero(iszero(b))
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/math/SignedMath.sol)
    
    pragma solidity ^0.8.20;
    
    import {SafeCast} from "./SafeCast.sol";
    
    /**
     * @dev Standard signed math utilities missing in the Solidity language.
     */
    library SignedMath {
        /**
         * @dev Branchless ternary evaluation for `a ? b : c`. Gas costs are constant.
         *
         * IMPORTANT: This function may reduce bytecode size and consume less gas when used standalone.
         * However, the compiler may optimize Solidity ternary operations (i.e. `a ? b : c`) to only compute
         * one branch when needed, making this function more expensive.
         */
        function ternary(bool condition, int256 a, int256 b) internal pure returns (int256) {
            unchecked {
                // branchless ternary works because:
                // b ^ (a ^ b) == a
                // b ^ 0 == b
                return b ^ ((a ^ b) * int256(SafeCast.toUint(condition)));
            }
        }
    
        /**
         * @dev Returns the largest of two signed numbers.
         */
        function max(int256 a, int256 b) internal pure returns (int256) {
            return ternary(a > b, a, b);
        }
    
        /**
         * @dev Returns the smallest of two signed numbers.
         */
        function min(int256 a, int256 b) internal pure returns (int256) {
            return ternary(a < b, a, b);
        }
    
        /**
         * @dev Returns the average of two signed numbers without overflow.
         * The result is rounded towards zero.
         */
        function average(int256 a, int256 b) internal pure returns (int256) {
            // Formula from the book "Hacker's Delight"
            int256 x = (a & b) + ((a ^ b) >> 1);
            return x + (int256(uint256(x) >> 255) & (a ^ b));
        }
    
        /**
         * @dev Returns the absolute unsigned value of a signed value.
         */
        function abs(int256 n) internal pure returns (uint256) {
            unchecked {
                // Formula from the "Bit Twiddling Hacks" by Sean Eron Anderson.
                // Since `n` is a signed integer, the generated bytecode will use the SAR opcode to perform the right shift,
                // taking advantage of the most significant (or "sign" bit) in two's complement representation.
                // This opcode adds new most significant bits set to the value of the previous most significant bit. As a result,
                // the mask will either be `bytes32(0)` (if n is positive) or `~bytes32(0)` (if n is negative).
                int256 mask = n >> 255;
    
                // A `bytes32(0)` mask leaves the input unchanged, while a `~bytes32(0)` mask complements it.
                return uint256((n + mask) ^ mask);
            }
        }
    }

    // SPDX-License-Identifier: MIT
    // OpenZeppelin Contracts (last updated v5.1.0) (utils/Panic.sol)
    
    pragma solidity ^0.8.20;
    
    /**
     * @dev Helper library for emitting standardized panic codes.
     *
     * ```solidity
     * contract Example {
     *      using Panic for uint256;
     *
     *      // Use any of the declared internal constants
     *      function foo() { Panic.GENERIC.panic(); }
     *
     *      // Alternatively
     *      function foo() { Panic.panic(Panic.GENERIC); }
     * }
     * ```
     *
     * Follows the list from https://github.com/ethereum/solidity/blob/v0.8.24/libsolutil/ErrorCodes.h[libsolutil].
     *
     * _Available since v5.1._
     */
    // slither-disable-next-line unused-state
    library Panic {
        /// @dev generic / unspecified error
        uint256 internal constant GENERIC = 0x00;
        /// @dev used by the assert() builtin
        uint256 internal constant ASSERT = 0x01;
        /// @dev arithmetic underflow or overflow
        uint256 internal constant UNDER_OVERFLOW = 0x11;
        /// @dev division or modulo by zero
        uint256 internal constant DIVISION_BY_ZERO = 0x12;
        /// @dev enum conversion error
        uint256 internal constant ENUM_CONVERSION_ERROR = 0x21;
        /// @dev invalid encoding in storage
        uint256 internal constant STORAGE_ENCODING_ERROR = 0x22;
        /// @dev empty array pop
        uint256 internal constant EMPTY_ARRAY_POP = 0x31;
        /// @dev array out of bounds access
        uint256 internal constant ARRAY_OUT_OF_BOUNDS = 0x32;
        /// @dev resource error (too large allocation or too large array)
        uint256 internal constant RESOURCE_ERROR = 0x41;
        /// @dev calling invalid internal function
        uint256 internal constant INVALID_INTERNAL_FUNCTION = 0x51;
    
        /// @dev Reverts with a panic code. Recommended to use with
        /// the internal constants with predefined codes.
        function panic(uint256 code) internal pure {
            assembly ("memory-safe") {
                mstore(0x00, 0x4e487b71)
                mstore(0x20, code)
                revert(0x1c, 0x24)
            }
        }
    }

    Please enter a contract address above to load the contract details and source code.

    Context size (optional):