// SPDX-License-Identifier: MIT

pragma solidity >=0.6.2 <0.8.0;

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize, which returns 0 for contracts in
        // construction, since the code is only stored at the end of the
        // constructor execution.

        uint256 size;
        // solhint-disable-next-line no-inline-assembly
        assembly { size := extcodesize(account) }
        return size > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        // solhint-disable-next-line avoid-low-level-calls, avoid-call-value
        (bool success, ) = recipient.call{ value: amount }("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain`call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
      return functionCall(target, data, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        require(isContract(target), "Address: call to non-contract");

        // solhint-disable-next-line avoid-low-level-calls
        (bool success, bytes memory returndata) = target.call{ value: value }(data);
        return _verifyCallResult(success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
        require(isContract(target), "Address: static call to non-contract");

        // solhint-disable-next-line avoid-low-level-calls
        (bool success, bytes memory returndata) = target.staticcall(data);
        return _verifyCallResult(success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionDelegateCall(target, data, "Address: low-level delegate call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
        require(isContract(target), "Address: delegate call to non-contract");

        // solhint-disable-next-line avoid-low-level-calls
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return _verifyCallResult(success, returndata, errorMessage);
    }

    function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
        if (success) {
            return returndata;
        } else {
            // Look for revert reason and bubble it up if present
            if (returndata.length > 0) {
                // The easiest way to bubble the revert reason is using memory via assembly

                // solhint-disable-next-line no-inline-assembly
                assembly {
                    let returndata_size := mload(returndata)
                    revert(add(32, returndata), returndata_size)
                }
            } else {
                revert(errorMessage);
            }
        }
    }
}

// SPDX-License-Identifier: AGPL-3.0-only

pragma solidity 0.7.5;

/**
 * @dev Interface of the PoolEscrow contract.
 */
interface IPoolEscrow {
    /**
    * @dev Event for tracking withdrawn ether.
    * @param sender - the address of the transaction sender.
    * @param payee - the address where the funds were transferred to.
    * @param amount - the amount of ether transferred to payee.
    */
    event Withdrawn(address indexed sender, address indexed payee, uint256 amount);

    /**
    * @dev Event for tracking ownership transfer commits.
    * @param currentOwner - the address of the current owner.
    * @param futureOwner - the address the ownership is planned to be transferred to.
    */
    event OwnershipTransferCommitted(address indexed currentOwner, address indexed futureOwner);

    /**
    * @dev Event for tracking ownership transfers.
    * @param previousOwner - the address the ownership was transferred from.
    * @param newOwner - the address the ownership was transferred to.
    */
    event OwnershipTransferApplied(address indexed previousOwner, address indexed newOwner);

    /**
    * @dev Function for retrieving the address of the current owner.
    */
    function owner() external view returns (address);

    /**
    * @dev Function for retrieving the address of the future owner.
    */
    function futureOwner() external view returns (address);

    /**
     * @dev Commit contract ownership transfer to a new account (`newOwner`).
     * Can only be called by the current owner.
     */
    function commitOwnershipTransfer(address newOwner) external;

    /**
     * @dev Apply contract ownership transfer to a new account (`futureOwner`).
     * Can only be called by the future owner.
     */
    function applyOwnershipTransfer() external;

    /**
     * @dev Withdraw balance for a payee, forwarding all gas to the
     * recipient. Can only be called by the current owner.
     *
     * WARNING: Forwarding all gas opens the door to reentrancy vulnerabilities.
     * Make sure you trust the recipient, or are either following the
     * checks-effects-interactions pattern or using {ReentrancyGuard}.
     *
     * @param payee - the address where the funds will be transferred to.
     * @param amount - the amount of ether to transfer to payee.
     */
    function withdraw(address payable payee, uint256 amount) external;
}

// SPDX-License-Identifier: AGPL-3.0-only

pragma solidity 0.7.5;

import "@openzeppelin/contracts/utils/Address.sol";
import "../interfaces/IPoolEscrow.sol";

/**
 * @title PoolEscrow
 *
 * @dev PoolEscrow contract is used to receive transfers from ETH2 system contract for the pool validators.
 * The withdrawal credentials of the Pool must be set to
 * https://github.com/ethereum/eth2.0-specs/blob/v1.1.0-alpha.2/specs/phase0/validator.md#eth1_address_withdrawal_prefix
 * using the address of this contract as a destination.
 */
contract PoolEscrow is IPoolEscrow {
    using Address for address payable;

    // @dev The address of the current contract owner.
    address public override owner;

    // @dev The address the ownership is planned to be transferred to.
    address public override futureOwner;

    /**
    * @dev Constructor for initializing the PoolEscrow contract.
    * @param _owner - address of the contract owner.
    */
    constructor(address _owner) {
        owner = _owner;
        emit OwnershipTransferApplied(address(0), _owner);
    }

    /**
     * @dev Throws if called by any account other than the owner.
     */
    modifier onlyOwner() {
        require(owner == msg.sender, "PoolEscrow: caller is not the owner");
        _;
    }

    /**
     * @dev See {IPoolEscrow-commitOwnershipTransfer}.
     */
    function commitOwnershipTransfer(address newOwner) external override onlyOwner {
        // can be zero address to reset incorrect future owner
        futureOwner = newOwner;
        emit OwnershipTransferCommitted(msg.sender, newOwner);
    }

    /**
     * @dev See {IPoolEscrow-applyOwnershipTransfer}.
     */
    function applyOwnershipTransfer() external override {
        address newOwner = futureOwner;
        require(newOwner == msg.sender, "PoolEscrow: caller is not the future owner");

        emit OwnershipTransferApplied(owner, newOwner);
        (owner, futureOwner) = (newOwner, address(0));
    }

    /**
     * @dev See {IPoolEscrow-withdraw}.
     */
    function withdraw(address payable payee, uint256 amount) external override onlyOwner {
        require(payee != address(0), "PoolEscrow: payee is the zero address");
        emit Withdrawn(msg.sender, payee, amount);
        payee.sendValue(amount);
    }

    /**
    * @dev Function for receiving withdrawals from ETH2 system contract.
    */
    receive() external payable { }
}

{
  "compilationTarget": {
    "contracts/collectors/PoolEscrow.sol": "PoolEscrow"
  },
  "evmVersion": "istanbul",
  "libraries": {},
  "metadata": {
    "bytecodeHash": "ipfs"
  },
  "optimizer": {
    "enabled": true,
    "runs": 1000000
  },
  "remappings": []
}