LazyVault_LowerRisk_USDC

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/AccessControl.sol)

pragma solidity ^0.8.20;

import {IAccessControl} from "./IAccessControl.sol";
import {Context} from "../utils/Context.sol";
import {ERC165} from "../utils/introspection/ERC165.sol";

/**
 * @dev Contract module that allows children to implement role-based access
 * control mechanisms. This is a lightweight version that doesn't allow enumerating role
 * members except through off-chain means by accessing the contract event logs. Some
 * applications may benefit from on-chain enumerability, for those cases see
 * {AccessControlEnumerable}.
 *
 * Roles are referred to by their `bytes32` identifier. These should be exposed
 * in the external API and be unique. The best way to achieve this is by
 * using `public constant` hash digests:
 *
 * ```solidity
 * bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
 * ```
 *
 * Roles can be used to represent a set of permissions. To restrict access to a
 * function call, use {hasRole}:
 *
 * ```solidity
 * function foo() public {
 *     require(hasRole(MY_ROLE, msg.sender));
 *     ...
 * }
 * ```
 *
 * Roles can be granted and revoked dynamically via the {grantRole} and
 * {revokeRole} functions. Each role has an associated admin role, and only
 * accounts that have a role's admin role can call {grantRole} and {revokeRole}.
 *
 * By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
 * that only accounts with this role will be able to grant or revoke other
 * roles. More complex role relationships can be created by using
 * {_setRoleAdmin}.
 *
 * WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
 * grant and revoke this role. Extra precautions should be taken to secure
 * accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
 * to enforce additional security measures for this role.
 */
abstract contract AccessControl is Context, IAccessControl, ERC165 {
    struct RoleData {
        mapping(address account => bool) hasRole;
        bytes32 adminRole;
    }

    mapping(bytes32 role => RoleData) private _roles;

    bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;

    /**
     * @dev Modifier that checks that an account has a specific role. Reverts
     * with an {AccessControlUnauthorizedAccount} error including the required role.
     */
    modifier onlyRole(bytes32 role) {
        _checkRole(role);
        _;
    }

    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
    }

    /**
     * @dev Returns `true` if `account` has been granted `role`.
     */
    function hasRole(bytes32 role, address account) public view virtual returns (bool) {
        return _roles[role].hasRole[account];
    }

    /**
     * @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
     * is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
     */
    function _checkRole(bytes32 role) internal view virtual {
        _checkRole(role, _msgSender());
    }

    /**
     * @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
     * is missing `role`.
     */
    function _checkRole(bytes32 role, address account) internal view virtual {
        if (!hasRole(role, account)) {
            revert AccessControlUnauthorizedAccount(account, role);
        }
    }

    /**
     * @dev Returns the admin role that controls `role`. See {grantRole} and
     * {revokeRole}.
     *
     * To change a role's admin, use {_setRoleAdmin}.
     */
    function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
        return _roles[role].adminRole;
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleGranted} event.
     */
    function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
        _grantRole(role, account);
    }

    /**
     * @dev Revokes `role` from `account`.
     *
     * If `account` had been granted `role`, emits a {RoleRevoked} event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleRevoked} event.
     */
    function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
        _revokeRole(role, account);
    }

    /**
     * @dev Revokes `role` from the calling account.
     *
     * Roles are often managed via {grantRole} and {revokeRole}: this function's
     * purpose is to provide a mechanism for accounts to lose their privileges
     * if they are compromised (such as when a trusted device is misplaced).
     *
     * If the calling account had been revoked `role`, emits a {RoleRevoked}
     * event.
     *
     * Requirements:
     *
     * - the caller must be `callerConfirmation`.
     *
     * May emit a {RoleRevoked} event.
     */
    function renounceRole(bytes32 role, address callerConfirmation) public virtual {
        if (callerConfirmation != _msgSender()) {
            revert AccessControlBadConfirmation();
        }

        _revokeRole(role, callerConfirmation);
    }

    /**
     * @dev Sets `adminRole` as ``role``'s admin role.
     *
     * Emits a {RoleAdminChanged} event.
     */
    function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
        bytes32 previousAdminRole = getRoleAdmin(role);
        _roles[role].adminRole = adminRole;
        emit RoleAdminChanged(role, previousAdminRole, adminRole);
    }

    /**
     * @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleGranted} event.
     */
    function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
        if (!hasRole(role, account)) {
            _roles[role].hasRole[account] = true;
            emit RoleGranted(role, account, _msgSender());
            return true;
        } else {
            return false;
        }
    }

    /**
     * @dev Attempts to revoke `role` to `account` and returns a boolean indicating if `role` was revoked.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleRevoked} event.
     */
    function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
        if (hasRole(role, account)) {
            _roles[role].hasRole[account] = false;
            emit RoleRevoked(role, account, _msgSender());
            return true;
        } else {
            return false;
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/Address.sol)

pragma solidity ^0.8.20;

import {Errors} from "./Errors.sol";

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev There's no code at `target` (it is not a contract).
     */
    error AddressEmptyCode(address target);

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.8.20/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        if (address(this).balance < amount) {
            revert Errors.InsufficientBalance(address(this).balance, amount);
        }

        (bool success, ) = recipient.call{value: amount}("");
        if (!success) {
            revert Errors.FailedCall();
        }
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason or custom error, it is bubbled
     * up by this function (like regular Solidity function calls). However, if
     * the call reverted with no returned reason, this function reverts with a
     * {Errors.FailedCall} error.
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     */
    function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
        if (address(this).balance < value) {
            revert Errors.InsufficientBalance(address(this).balance, value);
        }
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and reverts if the target
     * was not a contract or bubbling up the revert reason (falling back to {Errors.FailedCall}) in case
     * of an unsuccessful call.
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata
    ) internal view returns (bytes memory) {
        if (!success) {
            _revert(returndata);
        } else {
            // only check if target is a contract if the call was successful and the return data is empty
            // otherwise we already know that it was a contract
            if (returndata.length == 0 && target.code.length == 0) {
                revert AddressEmptyCode(target);
            }
            return returndata;
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and reverts if it wasn't, either by bubbling the
     * revert reason or with a default {Errors.FailedCall} error.
     */
    function verifyCallResult(bool success, bytes memory returndata) internal pure returns (bytes memory) {
        if (!success) {
            _revert(returndata);
        } else {
            return returndata;
        }
    }

    /**
     * @dev Reverts with returndata if present. Otherwise reverts with {Errors.FailedCall}.
     */
    function _revert(bytes memory returndata) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            assembly ("memory-safe") {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert Errors.FailedCall();
        }
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArk} from "../interfaces/IArk.sol";
import {IFleetCommander} from "../interfaces/IFleetCommander.sol";
import {ArkConfig, ArkParams} from "../types/ArkTypes.sol";
import {ArkConfigProvider} from "./ArkConfigProvider.sol";

import {IERC20, SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {Constants} from "@summerfi/constants/Constants.sol";
import {ReentrancyGuardTransient} from "@summerfi/dependencies/openzeppelin-next/ReentrancyGuardTransient.sol";

/**
 * @title Ark
 * @author SummerFi
 * @notice This contract implements the core functionality for the Ark system,
 *         handling asset boarding, disembarking, and harvesting operations.
 * @dev This is an abstract contract that should be inherited by specific Ark implementations.
 *      Inheriting contracts must implement the abstract functions defined here.
 */
abstract contract Ark is IArk, ArkConfigProvider, ReentrancyGuardTransient {
    using SafeERC20 for IERC20;

    /*//////////////////////////////////////////////////////////////
                            CONSTRUCTOR
    //////////////////////////////////////////////////////////////*/

    constructor(ArkParams memory _params) ArkConfigProvider(_params) {}

    /*//////////////////////////////////////////////////////////////
                                MODIFIERS
    //////////////////////////////////////////////////////////////*/

    /**
     * @notice Modifier to validate board data.
     * @dev This modifier calls `_validateCommonData` and `_validateBoardData` to ensure the data is valid.
     * In the base Ark contract, we use generic bytes for the data. It is the responsibility of the Ark
     * implementing contract to override the `_validateBoardData` function to provide specific validation logic.
     * @param data The data to be validated.
     */
    modifier validateBoardData(bytes calldata data) {
        _validateCommonData(data);
        _validateBoardData(data);
        _;
    }

    /**
     * @notice Modifier to validate disembark data.
     * @dev This modifier calls `_validateCommonData` and `_validateDisembarkData` to ensure the data is valid.
     * In the base Ark contract, we use generic bytes for the data. It is the responsibility of the Ark
     * implementing contract to override the `_validateDisembarkData` function to provide specific validation logic.
     * @param data The data to be validated.
     */
    modifier validateDisembarkData(bytes calldata data) {
        _validateCommonData(data);
        _validateDisembarkData(data);
        _;
    }

    /*//////////////////////////////////////////////////////////////
                            EXTERNAL FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /// @inheritdoc IArk
    function totalAssets() external view virtual returns (uint256) {}

    /// @inheritdoc IArk
    function withdrawableTotalAssets() external view returns (uint256) {
        if (config.requiresKeeperData) {
            return 0;
        }
        return _withdrawableTotalAssets();
    }

    /// @inheritdoc IArk
    function harvest(
        bytes calldata additionalData
    )
        external
        onlyRaft
        nonReentrant
        returns (address[] memory rewardTokens, uint256[] memory rewardAmounts)
    {
        (rewardTokens, rewardAmounts) = _harvest(additionalData);
        emit ArkHarvested(rewardTokens, rewardAmounts);
    }

    /// @inheritdoc IArk
    function sweep(
        address[] memory tokens
    )
        external
        onlyRaft
        nonReentrant
        returns (address[] memory sweptTokens, uint256[] memory sweptAmounts)
    {
        sweptTokens = new address[](tokens.length);
        sweptAmounts = new uint256[](tokens.length);
        IERC20 asset = config.asset;

        address bufferArk = address(
            IFleetCommander(config.commander).bufferArk()
        );

        if (asset.balanceOf(address(this)) > 0 && address(this) != bufferArk) {
            asset.forceApprove(bufferArk, asset.balanceOf(address(this)));
            IArk(bufferArk).board(asset.balanceOf(address(this)), bytes(""));
        }
        for (uint256 i = 0; i < tokens.length; i++) {
            uint256 amount = IERC20(tokens[i]).balanceOf(address(this));
            if (amount > 0) {
                IERC20(tokens[i]).safeTransfer(
                    raft(),
                    IERC20(tokens[i]).balanceOf(address(this))
                );
                sweptTokens[i] = tokens[i];
                sweptAmounts[i] = amount;
            }
        }
        emit ArkSwept(sweptTokens, sweptAmounts);
    }

    /// @inheritdoc IArk
    function board(
        uint256 amount,
        bytes calldata boardData
    )
        external
        nonReentrant
        onlyAuthorizedToBoard(this.commander())
        validateBoardData(boardData)
    {
        address msgSender = msg.sender;
        IERC20 asset = config.asset;
        asset.safeTransferFrom(msgSender, address(this), amount);
        _board(amount, boardData);

        emit Boarded(msgSender, address(asset), amount);
    }

    /// @inheritdoc IArk
    function disembark(
        uint256 amount,
        bytes calldata disembarkData
    ) external onlyCommander nonReentrant validateDisembarkData(disembarkData) {
        address msgSender = msg.sender;
        IERC20 asset = config.asset;
        _disembark(amount, disembarkData);
        asset.safeTransfer(msgSender, amount);

        emit Disembarked(msgSender, address(asset), amount);
    }

    /// @inheritdoc IArk
    function move(
        uint256 amount,
        address receiverArk,
        bytes calldata boardData,
        bytes calldata disembarkData
    ) external onlyCommander validateDisembarkData(disembarkData) {
        _disembark(amount, disembarkData);

        IERC20 asset = config.asset;
        asset.forceApprove(receiverArk, amount);
        IArk(receiverArk).board(amount, boardData);

        emit Moved(address(this), receiverArk, address(asset), amount);
    }

    /*//////////////////////////////////////////////////////////////
                            INTERNAL FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /**
     * @notice Internal function to get the total assets that are withdrawable
     * @dev This function should be implemented by derived contracts to define specific withdrawability logic
     * @dev The Ark is withdrawable if it doesnt require keeper data and _withdrawableTotalAssets returns a non-zero
     * value
     * @return uint256 The total assets that are withdrawable
     */
    function _withdrawableTotalAssets() internal view virtual returns (uint256);

    /**
     * @notice Internal function to handle the boarding (depositing) of assets
     * @dev This function should be implemented by derived contracts to define specific boarding logic
     * @param amount The amount of assets to board
     * @param data Additional data for boarding, interpreted by the specific Ark implementation
     */
    function _board(uint256 amount, bytes calldata data) internal virtual;

    /**
     * @notice Internal function to handle the disembarking (withdrawing) of assets
     * @dev This function should be implemented by derived contracts to define specific disembarking logic
     * @param amount The amount of assets to disembark
     * @param data Additional data for disembarking, interpreted by the specific Ark implementation
     */
    function _disembark(uint256 amount, bytes calldata data) internal virtual;

    /**
     * @notice Internal function to handle the harvesting of rewards
     * @dev This function should be implemented by derived contracts to define specific harvesting logic
     * @param additionalData Additional data for harvesting, interpreted by the specific Ark implementation
     * @return rewardTokens The addresses of the reward tokens harvested
     * @return rewardAmounts The amounts of the reward tokens harvested
     */
    function _harvest(
        bytes calldata additionalData
    )
        internal
        virtual
        returns (address[] memory rewardTokens, uint256[] memory rewardAmounts);

    /**
     * @notice Internal function to validate boarding data
     * @dev This function should be implemented by derived contracts to define specific boarding data validation
     * @param data The boarding data to validate
     */
    function _validateBoardData(bytes calldata data) internal virtual;

    /**
     * @notice Internal function to validate disembarking data
     * @dev This function should be implemented by derived contracts to define specific disembarking data validation
     * @param data The disembarking data to validate
     */
    function _validateDisembarkData(bytes calldata data) internal virtual;

    /**
     * @notice Internal function to validate the presence or absence of additional data based on withdrawal restrictions
     * @dev This function checks if the data length is consistent with the Ark's withdrawal restrictions
     * @param data The data to validate
     */
    function _validateCommonData(bytes calldata data) internal view {
        if (data.length > 0 && !config.requiresKeeperData) {
            revert CannotUseKeeperDataWhenNotRequired();
        }
        if (data.length == 0 && config.requiresKeeperData) {
            revert KeeperDataRequired();
        }
    }

    /**
     * @notice Internal function to get the balance of the Ark's asset
     * @dev This function returns the balance of the Ark's token held by this contract
     * @return The balance of the Ark's asset
     */
    function _balanceOfAsset() internal view virtual returns (uint256) {
        return config.asset.balanceOf(address(this));
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArkAccessManaged} from "../interfaces/IArkAccessManaged.sol";

import {IConfigurationManaged} from "../interfaces/IConfigurationManaged.sol";
import {IFleetCommander} from "../interfaces/IFleetCommander.sol";
import {ContractSpecificRoles} from "@summerfi/access-contracts/interfaces/IProtocolAccessManager.sol";

import {ProtocolAccessManaged} from "@summerfi/access-contracts/contracts/ProtocolAccessManaged.sol";

/**
 * @title ArkAccessManaged
 * @author SummerFi
 * @notice This contract manages access control for Ark-related operations.
 * @dev Inherits from ProtocolAccessManaged and implements IArkAccessManaged.
 * @custom:see IArkAccessManaged
 */
contract ArkAccessManaged is IArkAccessManaged, ProtocolAccessManaged {
    /**
     * @notice Initializes the ArkAccessManaged contract.
     * @param accessManager The address of the access manager contract.
     */
    constructor(address accessManager) ProtocolAccessManaged(accessManager) {}

    /**
     * @notice Checks if the caller is authorized to board funds.
     * @dev This modifier allows the Commander, RAFT contract, or active Arks to proceed.
     * @param commander The address of the FleetCommander contract.
     * @custom:internal-logic
     * - Checks if the caller is the registered commander
     * - If not, checks if the caller is the RAFT contract
     * - If not, checks if the caller is an active Ark in the FleetCommander
     * @custom:effects
     * - Reverts if the caller doesn't have the necessary permissions
     * - Allows the function to proceed if the caller is authorized
     * @custom:security-considerations
     * - Ensures that only authorized entities can board funds
     * - Relies on the correct setup of the FleetCommander and RAFT contracts
     */
    modifier onlyAuthorizedToBoard(address commander) {
        if (commander != _msgSender()) {
            address msgSender = _msgSender();
            bool isRaft = msgSender ==
                IConfigurationManaged(address(this)).raft();

            if (!isRaft) {
                bool isArk = IFleetCommander(commander).isArkActiveOrBufferArk(
                    msgSender
                );
                if (!isArk) {
                    revert CallerIsNotAuthorizedToBoard(msgSender);
                }
            }
        }
        _;
    }

    /**
     * @notice Restricts access to only the RAFT contract.
     * @dev Modifier to check that the caller is the RAFT contract
     * @custom:internal-logic
     * - Retrieves the RAFT address from the ConfigurationManaged contract
     * - Compares the caller's address with the RAFT address
     * @custom:effects
     * - Reverts if the caller is not the RAFT contract
     * - Allows the function to proceed if the caller is the RAFT contract
     * @custom:security-considerations
     * - Ensures that only the RAFT contract can call certain functions
     * - Relies on the correct setup of the ConfigurationManaged contract
     */
    modifier onlyRaft() {
        if (_msgSender() != IConfigurationManaged(address(this)).raft()) {
            revert CallerIsNotRaft(_msgSender());
        }
        _;
    }

    /**
     * @notice Checks if the caller has the Commander role.
     * @dev Internal function to check if the caller has the Commander role
     * @return bool True if the caller has the Commander role, false otherwise
     * @custom:internal-logic
     * - Generates the Commander role identifier for this contract
     * - Checks if the caller has the generated role in the access manager
     * @custom:effects
     * - Does not modify any state, view function only
     * @custom:security-considerations
     * - Relies on the correct setup of the access manager
     * - Assumes that the Commander role is properly assigned
     */
    function _hasCommanderRole() internal view returns (bool) {
        return
            _accessManager.hasRole(
                generateRole(
                    ContractSpecificRoles.COMMANDER_ROLE,
                    address(this)
                ),
                _msgSender()
            );
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {ArkConfig, ArkParams} from "../types/ArkTypes.sol";

import {IArkConfigProvider} from "../interfaces/IArkConfigProvider.sol";

import {ArkAccessManaged} from "./ArkAccessManaged.sol";

import {ConfigurationManaged} from "./ConfigurationManaged.sol";
import {IERC20, SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {Percentage, PercentageUtils} from "@summerfi/percentage-solidity/contracts/PercentageUtils.sol";

/**
 * @title ArkConfigProvider
 * @author SummerFi
 * @notice This contract manages the configuration for Ark contracts.
 * @dev Inherits from IArkConfigProvider, ArkAccessManaged, and ConfigurationManaged.
 * @custom:see IArkConfigProvider
 */
abstract contract ArkConfigProvider is
    IArkConfigProvider,
    ArkAccessManaged,
    ConfigurationManaged
{
    ArkConfig public config;

    /**
     * @notice Initializes the ArkConfigProvider contract.
     * @param _params The initial parameters for the Ark configuration.
     * @dev Validates input parameters and sets up the initial configuration.
     */
    constructor(
        ArkParams memory _params
    )
        ArkAccessManaged(_params.accessManager)
        ConfigurationManaged(_params.configurationManager)
    {
        if (_params.asset == address(0)) {
            revert CannotDeployArkWithoutToken();
        }
        if (bytes(_params.name).length == 0) {
            revert CannotDeployArkWithEmptyName();
        }
        if (raft() == address(0)) {
            revert CannotDeployArkWithoutRaft();
        }
        if (
            !PercentageUtils.isPercentageInRange(
                _params.maxDepositPercentageOfTVL
            )
        ) {
            revert MaxDepositPercentageOfTVLTooHigh();
        }

        config = ArkConfig({
            asset: IERC20(_params.asset),
            commander: address(0), // Commander is initially set to address(0)
            raft: raft(),
            depositCap: _params.depositCap,
            maxRebalanceOutflow: _params.maxRebalanceOutflow,
            maxRebalanceInflow: _params.maxRebalanceInflow,
            name: _params.name,
            details: _params.details,
            requiresKeeperData: _params.requiresKeeperData,
            maxDepositPercentageOfTVL: _params.maxDepositPercentageOfTVL
        });

        // The commander address is initially set to address(0).
        // This allows the FleetCommander contract to self-register with the Ark later,
        // using the `registerFleetCommander()` function. This approach ensures that:
        // 1. The FleetCommander's address is not hardcoded during deployment.
        // 2. Only the authorized FleetCommander can register itself.
        // 3. The Ark remains flexible for potential commander changes in the future.
        // See the `registerFleetCommander()` function for the actual registration process.
    }

    /// @inheritdoc IArkConfigProvider
    function name() external view returns (string memory) {
        return config.name;
    }

    /// @inheritdoc IArkConfigProvider
    function details() external view returns (string memory) {
        return config.details;
    }

    /// @inheritdoc IArkConfigProvider
    function depositCap() external view returns (uint256) {
        return config.depositCap;
    }

    /// @inheritdoc IArkConfigProvider
    function asset() external view returns (IERC20) {
        return config.asset;
    }

    function maxDepositPercentageOfTVL() external view returns (Percentage) {
        return config.maxDepositPercentageOfTVL;
    }
    /// @inheritdoc IArkConfigProvider

    function commander() public view returns (address) {
        return config.commander;
    }

    /// @inheritdoc IArkConfigProvider
    function maxRebalanceOutflow() external view returns (uint256) {
        return config.maxRebalanceOutflow;
    }

    /// @inheritdoc IArkConfigProvider
    function maxRebalanceInflow() external view returns (uint256) {
        return config.maxRebalanceInflow;
    }

    /// @inheritdoc IArkConfigProvider
    function requiresKeeperData() external view returns (bool) {
        return config.requiresKeeperData;
    }

    /// @inheritdoc IArkConfigProvider
    function getConfig() external view returns (ArkConfig memory) {
        return config;
    }

    /// @inheritdoc IArkConfigProvider
    function setDepositCap(uint256 newDepositCap) external onlyCommander {
        config.depositCap = newDepositCap;
        emit DepositCapUpdated(newDepositCap);
    }

    /// @inheritdoc IArkConfigProvider
    function setMaxDepositPercentageOfTVL(
        Percentage newMaxDepositPercentageOfTVL
    ) external onlyCommander {
        if (
            !PercentageUtils.isPercentageInRange(newMaxDepositPercentageOfTVL)
        ) {
            revert MaxDepositPercentageOfTVLTooHigh();
        }
        config.maxDepositPercentageOfTVL = newMaxDepositPercentageOfTVL;
        emit MaxDepositPercentageOfTVLUpdated(newMaxDepositPercentageOfTVL);
    }

    /// @inheritdoc IArkConfigProvider
    function setMaxRebalanceOutflow(
        uint256 newMaxRebalanceOutflow
    ) external onlyCommander {
        config.maxRebalanceOutflow = newMaxRebalanceOutflow;
        emit MaxRebalanceOutflowUpdated(newMaxRebalanceOutflow);
    }

    /// @inheritdoc IArkConfigProvider
    function setMaxRebalanceInflow(
        uint256 newMaxRebalanceInflow
    ) external onlyCommander {
        config.maxRebalanceInflow = newMaxRebalanceInflow;
        emit MaxRebalanceInflowUpdated(newMaxRebalanceInflow);
    }

    function registerFleetCommander() external {
        if (!_hasCommanderRole()) {
            revert CallerIsNotCommander(msg.sender);
        }
        if (config.commander != address(0)) {
            revert FleetCommanderAlreadyRegistered();
        }
        config.commander = msg.sender;
        emit FleetCommanderRegistered(msg.sender);
    }

    function unregisterFleetCommander() external {
        if (_msgSender() != config.commander) {
            revert FleetCommanderNotRegistered();
        }
        config.commander = address(0);
        emit FleetCommanderUnregistered(msg.sender);
    }

    modifier onlyCommander() {
        if (_msgSender() != config.commander) {
            revert CallerIsNotCommander(_msgSender());
        }
        _;
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";

/**
 * @title ArkParams
 * @notice Constructor parameters for the Ark contract
 *
 *  @dev This struct is used to initialize an Ark contract with all necessary parameters
 */
struct ArkParams {
    /**
     * @notice The name of the Ark
     * @dev This should be a unique, human-readable identifier for the Ark
     */
    string name;
    /**
     * @notice Additional details about the Ark
     * @dev This can be used to store additional information about the Ark
     */
    string details;
    /**
     * @notice The address of the access manager contract
     * @dev This contract manages roles and permissions for the Ark
     */
    address accessManager;
    /**
     * @notice The address of the configuration manager contract
     * @dev This contract stores global configuration parameters
     */
    address configurationManager;
    /**
     * @notice The address of the ERC20 token managed by this Ark
     * @dev This is the underlying asset that the Ark will handle
     */
    address asset;
    /**
     * @notice The maximum amount of tokens that can be deposited into the Ark
     * @dev This cap helps to manage risk and exposure
     */
    uint256 depositCap;
    /**
     * @notice The maximum amount of tokens that can be moved from this Ark in a single transaction
     * @dev This limit helps to prevent large, sudden outflows
     */
    uint256 maxRebalanceOutflow;
    /**
     * @notice The maximum amount of tokens that can be moved to this Ark in a single transaction
     * @dev This limit helps to prevent large, sudden inflows
     */
    uint256 maxRebalanceInflow;
    /**
     * @notice Whether the Ark requires Keepr data to be passed in with rebalance transactions
     * @dev This flag is used to determine whether Keepr data is required for rebalance transactions
     */
    bool requiresKeeperData;
    /**
     * @notice The maximum percentage of Total Value Locked (TVL) that can be deposited into this Ark
     * @dev This value is represented as a percentage with 18 decimal places (1e18 = 100%)
     *      For example, 0.5e18 represents 50% of TVL
     */
    Percentage maxDepositPercentageOfTVL;
}

/**
 * @title ArkConfig
 * @notice Configuration of the Ark contract
 * @dev This struct stores the current configuration of an Ark, which can be updated during its lifecycle
 */
struct ArkConfig {
    /**
     * @notice The address of the commander (typically a FleetCommander contract)
     * @dev The commander has special permissions to manage the Ark
     */
    address commander;
    /**
     * @notice The address of the associated Raft contract
     * @dev The Raft contract handles reward distribution and other protocol-wide functions
     */
    address raft;
    /**
     * @notice The ERC20 token interface for the asset managed by this Ark
     * @dev This allows direct interaction with the token contract
     */
    IERC20 asset;
    /**
     * @notice The current maximum amount of tokens that can be deposited into the Ark
     * @dev This can be adjusted by the commander to manage capacity
     */
    uint256 depositCap;
    /**
     * @notice The current maximum amount of tokens that can be moved from this Ark in a single transaction
     * @dev This can be adjusted to manage liquidity and risk
     */
    uint256 maxRebalanceOutflow;
    /**
     * @notice The current maximum amount of tokens that can be moved to this Ark in a single transaction
     * @dev This can be adjusted to manage inflows and capacity
     */
    uint256 maxRebalanceInflow;
    /**
     * @notice The name of the Ark
     * @dev This is typically set at initialization and not changed
     */
    string name;
    /**
     * @notice Additional details about the Ark
     * @dev This can be used to store additional information about the Ark
     */
    string details;
    /**
     * @notice Whether the Ark requires Keeper data to be passed in with rebalance transactions
     * @dev This flag is used to determine whether Keeper data is required for rebalance transactions
     */
    bool requiresKeeperData;
    /**
     * @notice The maximum percentage of Total Value Locked (TVL) that can be deposited into this Ark
     * @dev This value is represented as a percentage with 18 decimal places (1e18 = 100%)
     *      For example, 0.5e18 represents 50% of TVL
     */
    Percentage maxDepositPercentageOfTVL;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import "../Ark.sol";

/**
 * @title BufferArk
 * @notice Specialized Ark contract for Fleet Buffer operations.
 * @dev This contract holds a certain percentage of total assets in a buffer,
 *      which are not deployed and not subject to yield-generating strategies.
 *      The buffer ensures quick disembarkation of assets when needed.
 *
 * Key features:
 * - Maintains a minimum buffer balance as per FleetCommander configuration
 * - Does not deploy assets to any yield-generating strategies
 * - Provides quick access to funds for disembarkation
 * (see {IFleetCommanderConfigProvider-config-minimumBufferBalance})
 */
contract BufferArk is Ark {
    /*//////////////////////////////////////////////////////////////
                                CONSTRUCTOR
    //////////////////////////////////////////////////////////////*/
    /**
     * @notice Initializes the BufferArk
     * @param _params The ArkParams struct containing initialization parameters
     * @param commanderAddress The address of the Fleet Commander
     */
    constructor(
        ArkParams memory _params,
        address commanderAddress
    ) Ark(_params) {
        config.commander = commanderAddress;
    }

    /*//////////////////////////////////////////////////////////////
                                FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /**
     * @inheritdoc IArk
     * @dev For BufferArk, total assets are simply the token balance of this contract,
     *      as no assets are deployed to external strategies.
     */
    function totalAssets() public view override returns (uint256) {
        return config.asset.balanceOf(address(this));
    }

    /**
     * @notice Internal function to get the total assets that are withdrawable
     * @dev For Buffer Ark, the total assets are always withdrawable
     */
    function _withdrawableTotalAssets()
        internal
        view
        override
        returns (uint256)
    {
        return totalAssets();
    }

    /**
     * @notice No-op for board function
     * @dev This function is intentionally left empty because the BufferArk doesn't need to perform any
     * additional actions when boarding tokens. The actual token transfer is handled by the Ark.board() function,
     * and the BufferArk simply holds these tokens without deploying them to any strategy.
     * @param amount The amount of tokens being boarded (unused in this implementation)
     * @param data Additional data for boarding (unused in this implementation)
     */
    function _board(uint256 amount, bytes calldata data) internal override {}

    /**
     * @notice No-op for disembark function
     * @dev This function is intentionally left empty because the BufferArk doesn't need to perform any
     * additional actions when disembarking tokens. The actual token transfer is handled by the Ark.disembark()
     * function,
     * and the BufferArk simply releases these tokens without any complex withdrawal process.
     * @param amount The amount of tokens being disembarked (unused in this implementation)
     * @param data Additional data for disembarking (unused in this implementation)
     */
    function _disembark(
        uint256 amount,
        bytes calldata data
    ) internal override {}

    /**
     * @notice No-op for harvest function
     * @dev This function is intentionally left empty and returns empty arrays because the BufferArk
     * does not generate any rewards. It's a simple holding contract for tokens, not an investment strategy.
     * @param data Additional data for harvesting (unused in this implementation)
     * @return rewardTokens An empty array of reward token addresses
     * @return rewardAmounts An empty array of reward amounts
     */
    function _harvest(
        bytes calldata data
    )
        internal
        override
        returns (address[] memory rewardTokens, uint256[] memory rewardAmounts)
    {}

    /**
     * @notice No-op for validateBoardData function
     * @dev This function is intentionally left empty because the BufferArk doesn't require any
     * specific validation for boarding data. It accepts any data without validation.
     * @param data The boarding data to validate (unused in this implementation)
     */
    function _validateBoardData(bytes calldata data) internal override {}

    /**
     * @notice No-op for validateDisembarkData function
     * @dev This function is intentionally left empty because the BufferArk doesn't require any
     * specific validation for disembarking data. It accepts any data without validation.
     * @param data The disembarking data to validate (unused in this implementation)
     */
    function _validateDisembarkData(bytes calldata data) internal override {}
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IConfigurationManaged} from "../interfaces/IConfigurationManaged.sol";
import {IConfigurationManager} from "../interfaces/IConfigurationManager.sol";

/**
 * @title ConfigurationManaged
 * @notice Base contract for contracts that need to read from the ConfigurationManager
 * @custom:see IConfigurationManaged
 */
abstract contract ConfigurationManaged is IConfigurationManaged {
    IConfigurationManager public immutable configurationManager;

    /**
     * @notice Constructs the ConfigurationManaged contract
     * @param _configurationManager The address of the ConfigurationManager contract
     */
    constructor(address _configurationManager) {
        if (_configurationManager == address(0)) {
            revert ConfigurationManagerZeroAddress();
        }
        configurationManager = IConfigurationManager(_configurationManager);
    }

    /// @inheritdoc IConfigurationManaged
    function raft() public view virtual returns (address) {
        return configurationManager.raft();
    }

    /// @inheritdoc IConfigurationManaged
    function tipJar() public view virtual returns (address) {
        return configurationManager.tipJar();
    }

    /// @inheritdoc IConfigurationManaged
    function treasury() public view virtual returns (address) {
        return configurationManager.treasury();
    }

    /// @inheritdoc IConfigurationManaged
    function harborCommand() public view virtual returns (address) {
        return configurationManager.harborCommand();
    }

    /// @inheritdoc IConfigurationManaged
    function fleetCommanderRewardsManagerFactory()
        public
        view
        virtual
        returns (address)
    {
        return configurationManager.fleetCommanderRewardsManagerFactory();
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @notice Initialization parameters for the ConfigurationManager contract
 */
struct ConfigurationManagerParams {
    address raft;
    address tipJar;
    address treasury;
    address harborCommand;
    address fleetCommanderRewardsManagerFactory;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

library Constants {
    // WAD: Common unit, stands for "18 decimals"
    uint256 public constant WAD = 1e18;

    // RAY: Higher precision unit, "27 decimals"
    uint256 public constant RAY = 1e27;

    // Conversion factor from WAD to RAY
    uint256 public constant WAD_TO_RAY = 1e9;

    // Number of seconds in a day
    uint256 public constant SECONDS_PER_DAY = 1 days;

    // Number of seconds in a year (assuming 365 days)
    uint256 public constant SECONDS_PER_YEAR = 365 days;

    // Maximum value for uint256
    uint256 public constant MAX_UINT256 = type(uint256).max;

    // AAVE V3 POOL CONFIG DATA MASK

    uint256 internal constant ACTIVE_MASK =
        0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFF;
    uint256 internal constant FROZEN_MASK =
        0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDFFFFFFFFFFFFFF;
    uint256 internal constant PAUSED_MASK =
        0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFF;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)

pragma solidity ^0.8.20;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }

    function _contextSuffixLength() internal view virtual returns (uint256) {
        return 0;
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {ICooldownEnforcer} from "./ICooldownEnforcer.sol";

import "./ICooldownEnforcerErrors.sol";
import "./ICooldownEnforcerEvents.sol";

/**
 * @title CooldownEnforcer
 * @custom:see ICooldownEnforcer
 */
abstract contract CooldownEnforcer is ICooldownEnforcer {
    /**
     * STATE VARIABLES
     */

    /**
     * Cooldown between actions in seconds
     */
    uint256 private _cooldown;

    /**
     * Timestamp of the last action in Epoch time (block timestamp)
     */
    uint256 private _lastActionTimestamp;

    /**
     * @notice The minimum duration that the contract must remain paused
     */
    uint256 private constant MINIMUM_COOLDOWN_TIME_SECONDS = 1 minutes;

    /**
     * @notice The maximum duration that the contract can enforce
     */
    uint256 private constant MAXIMUM_COOLDOWN_TIME_SECONDS = 1 days;

    /**
     * CONSTRUCTOR
     */

    /**
     * @notice Initializes the cooldown period and sets the last action timestamp to the current block timestamp
     *         if required
     *
     * @param cooldown_ The cooldown period in seconds.
     * @param enforceFromNow If true, the last action timestamp is set to the current block timestamp.
     *
     * @dev The last action timestamp is set to the current block timestamp if enforceFromNow is true,
     *      otherwise it is set to 0 signaling that the cooldown period has not started yet.
     */
    constructor(uint256 cooldown_, bool enforceFromNow) {
        if (cooldown_ < MINIMUM_COOLDOWN_TIME_SECONDS) {
            revert CooldownEnforcerCooldownTooShort();
        }
        if (cooldown_ > MAXIMUM_COOLDOWN_TIME_SECONDS) {
            revert CooldownEnforcerCooldownTooLong();
        }

        _cooldown = cooldown_;

        if (enforceFromNow) {
            _lastActionTimestamp = block.timestamp;
        }
    }

    /**
     * MODIFIERS
     */

    /**
     * @notice Modifier to enforce the cooldown period between actions.
     *
     * @dev If the cooldown period has not elapsed, the function call will revert.
     *      Otherwise, the last action timestamp is updated to the current block timestamp.
     */
    modifier enforceCooldown() {
        if (block.timestamp - _lastActionTimestamp < _cooldown) {
            revert CooldownNotElapsed(
                _lastActionTimestamp,
                _cooldown,
                block.timestamp
            );
        }

        // Update the last action timestamp to the current block timestamp
        // before executing the function so it acts as a reentrancy guard
        // by not allowing a second call to execute
        _lastActionTimestamp = block.timestamp;
        _;
    }

    /**
     * VIEW FUNCTIONS
     */

    /// @inheritdoc ICooldownEnforcer
    function getCooldown() public view returns (uint256) {
        return _cooldown;
    }

    /// @inheritdoc ICooldownEnforcer
    function getLastActionTimestamp() public view returns (uint256) {
        return _lastActionTimestamp;
    }

    /**
     * INTERNAL STATE CHANGE FUNCTIONS
     */

    /**
     * @notice Updates the cooldown period.
     *
     * @param newCooldown The new cooldown period in seconds.
     *
     * @dev The function is internal so it can be wrapped with access modifiers if needed
     */
    function _updateCooldown(uint256 newCooldown) internal {
        if (newCooldown < MINIMUM_COOLDOWN_TIME_SECONDS) {
            revert CooldownEnforcerCooldownTooShort();
        }
        if (newCooldown > MAXIMUM_COOLDOWN_TIME_SECONDS) {
            revert CooldownEnforcerCooldownTooLong();
        }
        emit CooldownUpdated(_cooldown, newCooldown);

        _cooldown = newCooldown;
    }

    /**
     * @notice Resets the last action timestamp
     * @dev Allows for cooldown period to be skipped (IE after force withdrawal)
     */
    function _resetLastActionTimestamp() internal {
        _lastActionTimestamp = 0;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/introspection/ERC165.sol)

pragma solidity ^0.8.20;

import {IERC165} from "./IERC165.sol";

/**
 * @dev Implementation of the {IERC165} interface.
 *
 * Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
 * for the additional interface id that will be supported. For example:
 *
 * ```solidity
 * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
 *     return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
 * }
 * ```
 */
abstract contract ERC165 is IERC165 {
    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
        return interfaceId == type(IERC165).interfaceId;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/ERC20.sol)

pragma solidity ^0.8.20;

import {IERC20} from "./IERC20.sol";
import {IERC20Metadata} from "./extensions/IERC20Metadata.sol";
import {Context} from "../../utils/Context.sol";
import {IERC20Errors} from "../../interfaces/draft-IERC6093.sol";

/**
 * @dev Implementation of the {IERC20} interface.
 *
 * This implementation is agnostic to the way tokens are created. This means
 * that a supply mechanism has to be added in a derived contract using {_mint}.
 *
 * TIP: For a detailed writeup see our guide
 * https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
 * to implement supply mechanisms].
 *
 * The default value of {decimals} is 18. To change this, you should override
 * this function so it returns a different value.
 *
 * We have followed general OpenZeppelin Contracts guidelines: functions revert
 * instead returning `false` on failure. This behavior is nonetheless
 * conventional and does not conflict with the expectations of ERC-20
 * applications.
 */
abstract contract ERC20 is Context, IERC20, IERC20Metadata, IERC20Errors {
    mapping(address account => uint256) private _balances;

    mapping(address account => mapping(address spender => uint256)) private _allowances;

    uint256 private _totalSupply;

    string private _name;
    string private _symbol;

    /**
     * @dev Sets the values for {name} and {symbol}.
     *
     * All two of these values are immutable: they can only be set once during
     * construction.
     */
    constructor(string memory name_, string memory symbol_) {
        _name = name_;
        _symbol = symbol_;
    }

    /**
     * @dev Returns the name of the token.
     */
    function name() public view virtual returns (string memory) {
        return _name;
    }

    /**
     * @dev Returns the symbol of the token, usually a shorter version of the
     * name.
     */
    function symbol() public view virtual returns (string memory) {
        return _symbol;
    }

    /**
     * @dev Returns the number of decimals used to get its user representation.
     * For example, if `decimals` equals `2`, a balance of `505` tokens should
     * be displayed to a user as `5.05` (`505 / 10 ** 2`).
     *
     * Tokens usually opt for a value of 18, imitating the relationship between
     * Ether and Wei. This is the default value returned by this function, unless
     * it's overridden.
     *
     * NOTE: This information is only used for _display_ purposes: it in
     * no way affects any of the arithmetic of the contract, including
     * {IERC20-balanceOf} and {IERC20-transfer}.
     */
    function decimals() public view virtual returns (uint8) {
        return 18;
    }

    /**
     * @dev See {IERC20-totalSupply}.
     */
    function totalSupply() public view virtual returns (uint256) {
        return _totalSupply;
    }

    /**
     * @dev See {IERC20-balanceOf}.
     */
    function balanceOf(address account) public view virtual returns (uint256) {
        return _balances[account];
    }

    /**
     * @dev See {IERC20-transfer}.
     *
     * Requirements:
     *
     * - `to` cannot be the zero address.
     * - the caller must have a balance of at least `value`.
     */
    function transfer(address to, uint256 value) public virtual returns (bool) {
        address owner = _msgSender();
        _transfer(owner, to, value);
        return true;
    }

    /**
     * @dev See {IERC20-allowance}.
     */
    function allowance(address owner, address spender) public view virtual returns (uint256) {
        return _allowances[owner][spender];
    }

    /**
     * @dev See {IERC20-approve}.
     *
     * NOTE: If `value` is the maximum `uint256`, the allowance is not updated on
     * `transferFrom`. This is semantically equivalent to an infinite approval.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     */
    function approve(address spender, uint256 value) public virtual returns (bool) {
        address owner = _msgSender();
        _approve(owner, spender, value);
        return true;
    }

    /**
     * @dev See {IERC20-transferFrom}.
     *
     * Skips emitting an {Approval} event indicating an allowance update. This is not
     * required by the ERC. See {xref-ERC20-_approve-address-address-uint256-bool-}[_approve].
     *
     * NOTE: Does not update the allowance if the current allowance
     * is the maximum `uint256`.
     *
     * Requirements:
     *
     * - `from` and `to` cannot be the zero address.
     * - `from` must have a balance of at least `value`.
     * - the caller must have allowance for ``from``'s tokens of at least
     * `value`.
     */
    function transferFrom(address from, address to, uint256 value) public virtual returns (bool) {
        address spender = _msgSender();
        _spendAllowance(from, spender, value);
        _transfer(from, to, value);
        return true;
    }

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to`.
     *
     * This internal function is equivalent to {transfer}, and can be used to
     * e.g. implement automatic token fees, slashing mechanisms, etc.
     *
     * Emits a {Transfer} event.
     *
     * NOTE: This function is not virtual, {_update} should be overridden instead.
     */
    function _transfer(address from, address to, uint256 value) internal {
        if (from == address(0)) {
            revert ERC20InvalidSender(address(0));
        }
        if (to == address(0)) {
            revert ERC20InvalidReceiver(address(0));
        }
        _update(from, to, value);
    }

    /**
     * @dev Transfers a `value` amount of tokens from `from` to `to`, or alternatively mints (or burns) if `from`
     * (or `to`) is the zero address. All customizations to transfers, mints, and burns should be done by overriding
     * this function.
     *
     * Emits a {Transfer} event.
     */
    function _update(address from, address to, uint256 value) internal virtual {
        if (from == address(0)) {
            // Overflow check required: The rest of the code assumes that totalSupply never overflows
            _totalSupply += value;
        } else {
            uint256 fromBalance = _balances[from];
            if (fromBalance < value) {
                revert ERC20InsufficientBalance(from, fromBalance, value);
            }
            unchecked {
                // Overflow not possible: value <= fromBalance <= totalSupply.
                _balances[from] = fromBalance - value;
            }
        }

        if (to == address(0)) {
            unchecked {
                // Overflow not possible: value <= totalSupply or value <= fromBalance <= totalSupply.
                _totalSupply -= value;
            }
        } else {
            unchecked {
                // Overflow not possible: balance + value is at most totalSupply, which we know fits into a uint256.
                _balances[to] += value;
            }
        }

        emit Transfer(from, to, value);
    }

    /**
     * @dev Creates a `value` amount of tokens and assigns them to `account`, by transferring it from address(0).
     * Relies on the `_update` mechanism
     *
     * Emits a {Transfer} event with `from` set to the zero address.
     *
     * NOTE: This function is not virtual, {_update} should be overridden instead.
     */
    function _mint(address account, uint256 value) internal {
        if (account == address(0)) {
            revert ERC20InvalidReceiver(address(0));
        }
        _update(address(0), account, value);
    }

    /**
     * @dev Destroys a `value` amount of tokens from `account`, lowering the total supply.
     * Relies on the `_update` mechanism.
     *
     * Emits a {Transfer} event with `to` set to the zero address.
     *
     * NOTE: This function is not virtual, {_update} should be overridden instead
     */
    function _burn(address account, uint256 value) internal {
        if (account == address(0)) {
            revert ERC20InvalidSender(address(0));
        }
        _update(account, address(0), value);
    }

    /**
     * @dev Sets `value` as the allowance of `spender` over the `owner` s tokens.
     *
     * This internal function is equivalent to `approve`, and can be used to
     * e.g. set automatic allowances for certain subsystems, etc.
     *
     * Emits an {Approval} event.
     *
     * Requirements:
     *
     * - `owner` cannot be the zero address.
     * - `spender` cannot be the zero address.
     *
     * Overrides to this logic should be done to the variant with an additional `bool emitEvent` argument.
     */
    function _approve(address owner, address spender, uint256 value) internal {
        _approve(owner, spender, value, true);
    }

    /**
     * @dev Variant of {_approve} with an optional flag to enable or disable the {Approval} event.
     *
     * By default (when calling {_approve}) the flag is set to true. On the other hand, approval changes made by
     * `_spendAllowance` during the `transferFrom` operation set the flag to false. This saves gas by not emitting any
     * `Approval` event during `transferFrom` operations.
     *
     * Anyone who wishes to continue emitting `Approval` events on the`transferFrom` operation can force the flag to
     * true using the following override:
     *
     * ```solidity
     * function _approve(address owner, address spender, uint256 value, bool) internal virtual override {
     *     super._approve(owner, spender, value, true);
     * }
     * ```
     *
     * Requirements are the same as {_approve}.
     */
    function _approve(address owner, address spender, uint256 value, bool emitEvent) internal virtual {
        if (owner == address(0)) {
            revert ERC20InvalidApprover(address(0));
        }
        if (spender == address(0)) {
            revert ERC20InvalidSpender(address(0));
        }
        _allowances[owner][spender] = value;
        if (emitEvent) {
            emit Approval(owner, spender, value);
        }
    }

    /**
     * @dev Updates `owner` s allowance for `spender` based on spent `value`.
     *
     * Does not update the allowance value in case of infinite allowance.
     * Revert if not enough allowance is available.
     *
     * Does not emit an {Approval} event.
     */
    function _spendAllowance(address owner, address spender, uint256 value) internal virtual {
        uint256 currentAllowance = allowance(owner, spender);
        if (currentAllowance != type(uint256).max) {
            if (currentAllowance < value) {
                revert ERC20InsufficientAllowance(spender, currentAllowance, value);
            }
            unchecked {
                _approve(owner, spender, currentAllowance - value, false);
            }
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC20Wrapper.sol)

pragma solidity ^0.8.20;

import {IERC20, IERC20Metadata, ERC20} from "../ERC20.sol";
import {SafeERC20} from "../utils/SafeERC20.sol";

/**
 * @dev Extension of the ERC-20 token contract to support token wrapping.
 *
 * Users can deposit and withdraw "underlying tokens" and receive a matching number of "wrapped tokens". This is useful
 * in conjunction with other modules. For example, combining this wrapping mechanism with {ERC20Votes} will allow the
 * wrapping of an existing "basic" ERC-20 into a governance token.
 *
 * WARNING: Any mechanism in which the underlying token changes the {balanceOf} of an account without an explicit transfer
 * may desynchronize this contract's supply and its underlying balance. Please exercise caution when wrapping tokens that
 * may undercollateralize the wrapper (i.e. wrapper's total supply is higher than its underlying balance). See {_recover}
 * for recovering value accrued to the wrapper.
 */
abstract contract ERC20Wrapper is ERC20 {
    IERC20 private immutable _underlying;

    /**
     * @dev The underlying token couldn't be wrapped.
     */
    error ERC20InvalidUnderlying(address token);

    constructor(IERC20 underlyingToken) {
        if (underlyingToken == this) {
            revert ERC20InvalidUnderlying(address(this));
        }
        _underlying = underlyingToken;
    }

    /**
     * @dev See {ERC20-decimals}.
     */
    function decimals() public view virtual override returns (uint8) {
        try IERC20Metadata(address(_underlying)).decimals() returns (uint8 value) {
            return value;
        } catch {
            return super.decimals();
        }
    }

    /**
     * @dev Returns the address of the underlying ERC-20 token that is being wrapped.
     */
    function underlying() public view returns (IERC20) {
        return _underlying;
    }

    /**
     * @dev Allow a user to deposit underlying tokens and mint the corresponding number of wrapped tokens.
     */
    function depositFor(address account, uint256 value) public virtual returns (bool) {
        address sender = _msgSender();
        if (sender == address(this)) {
            revert ERC20InvalidSender(address(this));
        }
        if (account == address(this)) {
            revert ERC20InvalidReceiver(account);
        }
        SafeERC20.safeTransferFrom(_underlying, sender, address(this), value);
        _mint(account, value);
        return true;
    }

    /**
     * @dev Allow a user to burn a number of wrapped tokens and withdraw the corresponding number of underlying tokens.
     */
    function withdrawTo(address account, uint256 value) public virtual returns (bool) {
        if (account == address(this)) {
            revert ERC20InvalidReceiver(account);
        }
        _burn(_msgSender(), value);
        SafeERC20.safeTransfer(_underlying, account, value);
        return true;
    }

    /**
     * @dev Mint wrapped token to cover any underlyingTokens that would have been transferred by mistake or acquired from
     * rebasing mechanisms. Internal function that can be exposed with access control if desired.
     */
    function _recover(address account) internal virtual returns (uint256) {
        uint256 value = _underlying.balanceOf(address(this)) - totalSupply();
        _mint(account, value);
        return value;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/extensions/ERC4626.sol)

pragma solidity ^0.8.20;

import {IERC20, IERC20Metadata, ERC20} from "../ERC20.sol";
import {SafeERC20} from "../utils/SafeERC20.sol";
import {IERC4626} from "../../../interfaces/IERC4626.sol";
import {Math} from "../../../utils/math/Math.sol";

/**
 * @dev Implementation of the ERC-4626 "Tokenized Vault Standard" as defined in
 * https://eips.ethereum.org/EIPS/eip-4626[ERC-4626].
 *
 * This extension allows the minting and burning of "shares" (represented using the ERC-20 inheritance) in exchange for
 * underlying "assets" through standardized {deposit}, {mint}, {redeem} and {burn} workflows. This contract extends
 * the ERC-20 standard. Any additional extensions included along it would affect the "shares" token represented by this
 * contract and not the "assets" token which is an independent contract.
 *
 * [CAUTION]
 * ====
 * In empty (or nearly empty) ERC-4626 vaults, deposits are at high risk of being stolen through frontrunning
 * with a "donation" to the vault that inflates the price of a share. This is variously known as a donation or inflation
 * attack and is essentially a problem of slippage. Vault deployers can protect against this attack by making an initial
 * deposit of a non-trivial amount of the asset, such that price manipulation becomes infeasible. Withdrawals may
 * similarly be affected by slippage. Users can protect against this attack as well as unexpected slippage in general by
 * verifying the amount received is as expected, using a wrapper that performs these checks such as
 * https://github.com/fei-protocol/ERC4626#erc4626router-and-base[ERC4626Router].
 *
 * Since v4.9, this implementation introduces configurable virtual assets and shares to help developers mitigate that risk.
 * The `_decimalsOffset()` corresponds to an offset in the decimal representation between the underlying asset's decimals
 * and the vault decimals. This offset also determines the rate of virtual shares to virtual assets in the vault, which
 * itself determines the initial exchange rate. While not fully preventing the attack, analysis shows that the default
 * offset (0) makes it non-profitable even if an attacker is able to capture value from multiple user deposits, as a result
 * of the value being captured by the virtual shares (out of the attacker's donation) matching the attacker's expected gains.
 * With a larger offset, the attack becomes orders of magnitude more expensive than it is profitable. More details about the
 * underlying math can be found xref:erc4626.adoc#inflation-attack[here].
 *
 * The drawback of this approach is that the virtual shares do capture (a very small) part of the value being accrued
 * to the vault. Also, if the vault experiences losses, the users try to exit the vault, the virtual shares and assets
 * will cause the first user to exit to experience reduced losses in detriment to the last users that will experience
 * bigger losses. Developers willing to revert back to the pre-v4.9 behavior just need to override the
 * `_convertToShares` and `_convertToAssets` functions.
 *
 * To learn more, check out our xref:ROOT:erc4626.adoc[ERC-4626 guide].
 * ====
 */
abstract contract ERC4626 is ERC20, IERC4626 {
    using Math for uint256;

    IERC20 private immutable _asset;
    uint8 private immutable _underlyingDecimals;

    /**
     * @dev Attempted to deposit more assets than the max amount for `receiver`.
     */
    error ERC4626ExceededMaxDeposit(address receiver, uint256 assets, uint256 max);

    /**
     * @dev Attempted to mint more shares than the max amount for `receiver`.
     */
    error ERC4626ExceededMaxMint(address receiver, uint256 shares, uint256 max);

    /**
     * @dev Attempted to withdraw more assets than the max amount for `receiver`.
     */
    error ERC4626ExceededMaxWithdraw(address owner, uint256 assets, uint256 max);

    /**
     * @dev Attempted to redeem more shares than the max amount for `receiver`.
     */
    error ERC4626ExceededMaxRedeem(address owner, uint256 shares, uint256 max);

    /**
     * @dev Set the underlying asset contract. This must be an ERC20-compatible contract (ERC-20 or ERC-777).
     */
    constructor(IERC20 asset_) {
        (bool success, uint8 assetDecimals) = _tryGetAssetDecimals(asset_);
        _underlyingDecimals = success ? assetDecimals : 18;
        _asset = asset_;
    }

    /**
     * @dev Attempts to fetch the asset decimals. A return value of false indicates that the attempt failed in some way.
     */
    function _tryGetAssetDecimals(IERC20 asset_) private view returns (bool ok, uint8 assetDecimals) {
        (bool success, bytes memory encodedDecimals) = address(asset_).staticcall(
            abi.encodeCall(IERC20Metadata.decimals, ())
        );
        if (success && encodedDecimals.length >= 32) {
            uint256 returnedDecimals = abi.decode(encodedDecimals, (uint256));
            if (returnedDecimals <= type(uint8).max) {
                return (true, uint8(returnedDecimals));
            }
        }
        return (false, 0);
    }

    /**
     * @dev Decimals are computed by adding the decimal offset on top of the underlying asset's decimals. This
     * "original" value is cached during construction of the vault contract. If this read operation fails (e.g., the
     * asset has not been created yet), a default of 18 is used to represent the underlying asset's decimals.
     *
     * See {IERC20Metadata-decimals}.
     */
    function decimals() public view virtual override(IERC20Metadata, ERC20) returns (uint8) {
        return _underlyingDecimals + _decimalsOffset();
    }

    /** @dev See {IERC4626-asset}. */
    function asset() public view virtual returns (address) {
        return address(_asset);
    }

    /** @dev See {IERC4626-totalAssets}. */
    function totalAssets() public view virtual returns (uint256) {
        return _asset.balanceOf(address(this));
    }

    /** @dev See {IERC4626-convertToShares}. */
    function convertToShares(uint256 assets) public view virtual returns (uint256) {
        return _convertToShares(assets, Math.Rounding.Floor);
    }

    /** @dev See {IERC4626-convertToAssets}. */
    function convertToAssets(uint256 shares) public view virtual returns (uint256) {
        return _convertToAssets(shares, Math.Rounding.Floor);
    }

    /** @dev See {IERC4626-maxDeposit}. */
    function maxDeposit(address) public view virtual returns (uint256) {
        return type(uint256).max;
    }

    /** @dev See {IERC4626-maxMint}. */
    function maxMint(address) public view virtual returns (uint256) {
        return type(uint256).max;
    }

    /** @dev See {IERC4626-maxWithdraw}. */
    function maxWithdraw(address owner) public view virtual returns (uint256) {
        return _convertToAssets(balanceOf(owner), Math.Rounding.Floor);
    }

    /** @dev See {IERC4626-maxRedeem}. */
    function maxRedeem(address owner) public view virtual returns (uint256) {
        return balanceOf(owner);
    }

    /** @dev See {IERC4626-previewDeposit}. */
    function previewDeposit(uint256 assets) public view virtual returns (uint256) {
        return _convertToShares(assets, Math.Rounding.Floor);
    }

    /** @dev See {IERC4626-previewMint}. */
    function previewMint(uint256 shares) public view virtual returns (uint256) {
        return _convertToAssets(shares, Math.Rounding.Ceil);
    }

    /** @dev See {IERC4626-previewWithdraw}. */
    function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
        return _convertToShares(assets, Math.Rounding.Ceil);
    }

    /** @dev See {IERC4626-previewRedeem}. */
    function previewRedeem(uint256 shares) public view virtual returns (uint256) {
        return _convertToAssets(shares, Math.Rounding.Floor);
    }

    /** @dev See {IERC4626-deposit}. */
    function deposit(uint256 assets, address receiver) public virtual returns (uint256) {
        uint256 maxAssets = maxDeposit(receiver);
        if (assets > maxAssets) {
            revert ERC4626ExceededMaxDeposit(receiver, assets, maxAssets);
        }

        uint256 shares = previewDeposit(assets);
        _deposit(_msgSender(), receiver, assets, shares);

        return shares;
    }

    /** @dev See {IERC4626-mint}. */
    function mint(uint256 shares, address receiver) public virtual returns (uint256) {
        uint256 maxShares = maxMint(receiver);
        if (shares > maxShares) {
            revert ERC4626ExceededMaxMint(receiver, shares, maxShares);
        }

        uint256 assets = previewMint(shares);
        _deposit(_msgSender(), receiver, assets, shares);

        return assets;
    }

    /** @dev See {IERC4626-withdraw}. */
    function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256) {
        uint256 maxAssets = maxWithdraw(owner);
        if (assets > maxAssets) {
            revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
        }

        uint256 shares = previewWithdraw(assets);
        _withdraw(_msgSender(), receiver, owner, assets, shares);

        return shares;
    }

    /** @dev See {IERC4626-redeem}. */
    function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256) {
        uint256 maxShares = maxRedeem(owner);
        if (shares > maxShares) {
            revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
        }

        uint256 assets = previewRedeem(shares);
        _withdraw(_msgSender(), receiver, owner, assets, shares);

        return assets;
    }

    /**
     * @dev Internal conversion function (from assets to shares) with support for rounding direction.
     */
    function _convertToShares(uint256 assets, Math.Rounding rounding) internal view virtual returns (uint256) {
        return assets.mulDiv(totalSupply() + 10 ** _decimalsOffset(), totalAssets() + 1, rounding);
    }

    /**
     * @dev Internal conversion function (from shares to assets) with support for rounding direction.
     */
    function _convertToAssets(uint256 shares, Math.Rounding rounding) internal view virtual returns (uint256) {
        return shares.mulDiv(totalAssets() + 1, totalSupply() + 10 ** _decimalsOffset(), rounding);
    }

    /**
     * @dev Deposit/mint common workflow.
     */
    function _deposit(address caller, address receiver, uint256 assets, uint256 shares) internal virtual {
        // If _asset is ERC-777, `transferFrom` can trigger a reentrancy BEFORE the transfer happens through the
        // `tokensToSend` hook. On the other hand, the `tokenReceived` hook, that is triggered after the transfer,
        // calls the vault, which is assumed not malicious.
        //
        // Conclusion: we need to do the transfer before we mint so that any reentrancy would happen before the
        // assets are transferred and before the shares are minted, which is a valid state.
        // slither-disable-next-line reentrancy-no-eth
        SafeERC20.safeTransferFrom(_asset, caller, address(this), assets);
        _mint(receiver, shares);

        emit Deposit(caller, receiver, assets, shares);
    }

    /**
     * @dev Withdraw/redeem common workflow.
     */
    function _withdraw(
        address caller,
        address receiver,
        address owner,
        uint256 assets,
        uint256 shares
    ) internal virtual {
        if (caller != owner) {
            _spendAllowance(owner, caller, shares);
        }

        // If _asset is ERC-777, `transfer` can trigger a reentrancy AFTER the transfer happens through the
        // `tokensReceived` hook. On the other hand, the `tokensToSend` hook, that is triggered before the transfer,
        // calls the vault, which is assumed not malicious.
        //
        // Conclusion: we need to do the transfer after the burn so that any reentrancy would happen after the
        // shares are burned and after the assets are transferred, which is a valid state.
        _burn(owner, shares);
        SafeERC20.safeTransfer(_asset, receiver, assets);

        emit Withdraw(caller, receiver, owner, assets, shares);
    }

    function _decimalsOffset() internal view virtual returns (uint8) {
        return 0;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/structs/EnumerableSet.sol)
// This file was procedurally generated from scripts/generate/templates/EnumerableSet.js.

pragma solidity ^0.8.20;

/**
 * @dev Library for managing
 * https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
 * types.
 *
 * Sets have the following properties:
 *
 * - Elements are added, removed, and checked for existence in constant time
 * (O(1)).
 * - Elements are enumerated in O(n). No guarantees are made on the ordering.
 *
 * ```solidity
 * contract Example {
 *     // Add the library methods
 *     using EnumerableSet for EnumerableSet.AddressSet;
 *
 *     // Declare a set state variable
 *     EnumerableSet.AddressSet private mySet;
 * }
 * ```
 *
 * As of v3.3.0, sets of type `bytes32` (`Bytes32Set`), `address` (`AddressSet`)
 * and `uint256` (`UintSet`) are supported.
 *
 * [WARNING]
 * ====
 * Trying to delete such a structure from storage will likely result in data corruption, rendering the structure
 * unusable.
 * See https://github.com/ethereum/solidity/pull/11843[ethereum/solidity#11843] for more info.
 *
 * In order to clean an EnumerableSet, you can either remove all elements one by one or create a fresh instance using an
 * array of EnumerableSet.
 * ====
 */
library EnumerableSet {
    // To implement this library for multiple types with as little code
    // repetition as possible, we write it in terms of a generic Set type with
    // bytes32 values.
    // The Set implementation uses private functions, and user-facing
    // implementations (such as AddressSet) are just wrappers around the
    // underlying Set.
    // This means that we can only create new EnumerableSets for types that fit
    // in bytes32.

    struct Set {
        // Storage of set values
        bytes32[] _values;
        // Position is the index of the value in the `values` array plus 1.
        // Position 0 is used to mean a value is not in the set.
        mapping(bytes32 value => uint256) _positions;
    }

    /**
     * @dev Add a value to a set. O(1).
     *
     * Returns true if the value was added to the set, that is if it was not
     * already present.
     */
    function _add(Set storage set, bytes32 value) private returns (bool) {
        if (!_contains(set, value)) {
            set._values.push(value);
            // The value is stored at length-1, but we add 1 to all indexes
            // and use 0 as a sentinel value
            set._positions[value] = set._values.length;
            return true;
        } else {
            return false;
        }
    }

    /**
     * @dev Removes a value from a set. O(1).
     *
     * Returns true if the value was removed from the set, that is if it was
     * present.
     */
    function _remove(Set storage set, bytes32 value) private returns (bool) {
        // We cache the value's position to prevent multiple reads from the same storage slot
        uint256 position = set._positions[value];

        if (position != 0) {
            // Equivalent to contains(set, value)
            // To delete an element from the _values array in O(1), we swap the element to delete with the last one in
            // the array, and then remove the last element (sometimes called as 'swap and pop').
            // This modifies the order of the array, as noted in {at}.

            uint256 valueIndex = position - 1;
            uint256 lastIndex = set._values.length - 1;

            if (valueIndex != lastIndex) {
                bytes32 lastValue = set._values[lastIndex];

                // Move the lastValue to the index where the value to delete is
                set._values[valueIndex] = lastValue;
                // Update the tracked position of the lastValue (that was just moved)
                set._positions[lastValue] = position;
            }

            // Delete the slot where the moved value was stored
            set._values.pop();

            // Delete the tracked position for the deleted slot
            delete set._positions[value];

            return true;
        } else {
            return false;
        }
    }

    /**
     * @dev Returns true if the value is in the set. O(1).
     */
    function _contains(Set storage set, bytes32 value) private view returns (bool) {
        return set._positions[value] != 0;
    }

    /**
     * @dev Returns the number of values on the set. O(1).
     */
    function _length(Set storage set) private view returns (uint256) {
        return set._values.length;
    }

    /**
     * @dev Returns the value stored at position `index` in the set. O(1).
     *
     * Note that there are no guarantees on the ordering of values inside the
     * array, and it may change when more values are added or removed.
     *
     * Requirements:
     *
     * - `index` must be strictly less than {length}.
     */
    function _at(Set storage set, uint256 index) private view returns (bytes32) {
        return set._values[index];
    }

    /**
     * @dev Return the entire set in an array
     *
     * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
     * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
     * this function has an unbounded cost, and using it as part of a state-changing function may render the function
     * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
     */
    function _values(Set storage set) private view returns (bytes32[] memory) {
        return set._values;
    }

    // Bytes32Set

    struct Bytes32Set {
        Set _inner;
    }

    /**
     * @dev Add a value to a set. O(1).
     *
     * Returns true if the value was added to the set, that is if it was not
     * already present.
     */
    function add(Bytes32Set storage set, bytes32 value) internal returns (bool) {
        return _add(set._inner, value);
    }

    /**
     * @dev Removes a value from a set. O(1).
     *
     * Returns true if the value was removed from the set, that is if it was
     * present.
     */
    function remove(Bytes32Set storage set, bytes32 value) internal returns (bool) {
        return _remove(set._inner, value);
    }

    /**
     * @dev Returns true if the value is in the set. O(1).
     */
    function contains(Bytes32Set storage set, bytes32 value) internal view returns (bool) {
        return _contains(set._inner, value);
    }

    /**
     * @dev Returns the number of values in the set. O(1).
     */
    function length(Bytes32Set storage set) internal view returns (uint256) {
        return _length(set._inner);
    }

    /**
     * @dev Returns the value stored at position `index` in the set. O(1).
     *
     * Note that there are no guarantees on the ordering of values inside the
     * array, and it may change when more values are added or removed.
     *
     * Requirements:
     *
     * - `index` must be strictly less than {length}.
     */
    function at(Bytes32Set storage set, uint256 index) internal view returns (bytes32) {
        return _at(set._inner, index);
    }

    /**
     * @dev Return the entire set in an array
     *
     * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
     * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
     * this function has an unbounded cost, and using it as part of a state-changing function may render the function
     * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
     */
    function values(Bytes32Set storage set) internal view returns (bytes32[] memory) {
        bytes32[] memory store = _values(set._inner);
        bytes32[] memory result;

        assembly ("memory-safe") {
            result := store
        }

        return result;
    }

    // AddressSet

    struct AddressSet {
        Set _inner;
    }

    /**
     * @dev Add a value to a set. O(1).
     *
     * Returns true if the value was added to the set, that is if it was not
     * already present.
     */
    function add(AddressSet storage set, address value) internal returns (bool) {
        return _add(set._inner, bytes32(uint256(uint160(value))));
    }

    /**
     * @dev Removes a value from a set. O(1).
     *
     * Returns true if the value was removed from the set, that is if it was
     * present.
     */
    function remove(AddressSet storage set, address value) internal returns (bool) {
        return _remove(set._inner, bytes32(uint256(uint160(value))));
    }

    /**
     * @dev Returns true if the value is in the set. O(1).
     */
    function contains(AddressSet storage set, address value) internal view returns (bool) {
        return _contains(set._inner, bytes32(uint256(uint160(value))));
    }

    /**
     * @dev Returns the number of values in the set. O(1).
     */
    function length(AddressSet storage set) internal view returns (uint256) {
        return _length(set._inner);
    }

    /**
     * @dev Returns the value stored at position `index` in the set. O(1).
     *
     * Note that there are no guarantees on the ordering of values inside the
     * array, and it may change when more values are added or removed.
     *
     * Requirements:
     *
     * - `index` must be strictly less than {length}.
     */
    function at(AddressSet storage set, uint256 index) internal view returns (address) {
        return address(uint160(uint256(_at(set._inner, index))));
    }

    /**
     * @dev Return the entire set in an array
     *
     * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
     * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
     * this function has an unbounded cost, and using it as part of a state-changing function may render the function
     * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
     */
    function values(AddressSet storage set) internal view returns (address[] memory) {
        bytes32[] memory store = _values(set._inner);
        address[] memory result;

        assembly ("memory-safe") {
            result := store
        }

        return result;
    }

    // UintSet

    struct UintSet {
        Set _inner;
    }

    /**
     * @dev Add a value to a set. O(1).
     *
     * Returns true if the value was added to the set, that is if it was not
     * already present.
     */
    function add(UintSet storage set, uint256 value) internal returns (bool) {
        return _add(set._inner, bytes32(value));
    }

    /**
     * @dev Removes a value from a set. O(1).
     *
     * Returns true if the value was removed from the set, that is if it was
     * present.
     */
    function remove(UintSet storage set, uint256 value) internal returns (bool) {
        return _remove(set._inner, bytes32(value));
    }

    /**
     * @dev Returns true if the value is in the set. O(1).
     */
    function contains(UintSet storage set, uint256 value) internal view returns (bool) {
        return _contains(set._inner, bytes32(value));
    }

    /**
     * @dev Returns the number of values in the set. O(1).
     */
    function length(UintSet storage set) internal view returns (uint256) {
        return _length(set._inner);
    }

    /**
     * @dev Returns the value stored at position `index` in the set. O(1).
     *
     * Note that there are no guarantees on the ordering of values inside the
     * array, and it may change when more values are added or removed.
     *
     * Requirements:
     *
     * - `index` must be strictly less than {length}.
     */
    function at(UintSet storage set, uint256 index) internal view returns (uint256) {
        return uint256(_at(set._inner, index));
    }

    /**
     * @dev Return the entire set in an array
     *
     * WARNING: This operation will copy the entire storage to memory, which can be quite expensive. This is designed
     * to mostly be used by view accessors that are queried without any gas fees. Developers should keep in mind that
     * this function has an unbounded cost, and using it as part of a state-changing function may render the function
     * uncallable if the set grows to a point where copying to memory consumes too much gas to fit in a block.
     */
    function values(UintSet storage set) internal view returns (uint256[] memory) {
        bytes32[] memory store = _values(set._inner);
        uint256[] memory result;

        assembly ("memory-safe") {
            result := store
        }

        return result;
    }
}

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.20;

/**
 * @dev Collection of common custom errors used in multiple contracts
 *
 * IMPORTANT: Backwards compatibility is not guaranteed in future versions of the library.
 * It is recommended to avoid relying on the error API for critical functionality.
 *
 * _Available since v5.1._
 */
library Errors {
    /**
     * @dev The ETH balance of the account is not enough to perform the operation.
     */
    error InsufficientBalance(uint256 balance, uint256 needed);

    /**
     * @dev A call to an address target failed. The target may have reverted.
     */
    error FailedCall();

    /**
     * @dev The deployment failed.
     */
    error FailedDeployment();

    /**
     * @dev A necessary precompile is missing.
     */
    error MissingPrecompile(address);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArk} from "../interfaces/IArk.sol";
import {IFleetCommander} from "../interfaces/IFleetCommander.sol";
import {ArkData, FleetCommanderParams, FleetConfig, RebalanceData} from "../types/FleetCommanderTypes.sol";

import {CooldownEnforcer} from "../utils/CooldownEnforcer/CooldownEnforcer.sol";

import {FleetCommanderCache} from "./FleetCommanderCache.sol";
import {FleetCommanderConfigProvider} from "./FleetCommanderConfigProvider.sol";

import {Tipper} from "./Tipper.sol";
import {ERC20, ERC4626, IERC20, IERC4626, SafeERC20} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";

import {IFleetCommanderRewardsManager} from "../interfaces/IFleetCommanderRewardsManager.sol";
import {Constants} from "@summerfi/constants/Constants.sol";
import {Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";
import {PercentageUtils} from "@summerfi/percentage-solidity/contracts/PercentageUtils.sol";

/**
 * @title FleetCommander
 * @notice Manages a fleet of Arks, coordinating deposits, withdrawals, and rebalancing operations
 * @dev Implements IFleetCommander interface and inherits from various utility contracts
 */
contract FleetCommander is
    IFleetCommander,
    FleetCommanderConfigProvider,
    ERC4626,
    Tipper,
    FleetCommanderCache,
    CooldownEnforcer
{
    using SafeERC20 for IERC20;
    using PercentageUtils for uint256;
    using Math for uint256;

    /*//////////////////////////////////////////////////////////////
                            CONSTRUCTOR
    //////////////////////////////////////////////////////////////*/

    /**
     * @notice Initializes the FleetCommander contract
     * @param params FleetCommanderParams struct containing initialization parameters
     */
    constructor(
        FleetCommanderParams memory params
    )
        ERC4626(IERC20(params.asset))
        ERC20(params.name, params.symbol)
        FleetCommanderConfigProvider(params)
        Tipper(params.initialTipRate)
        CooldownEnforcer(params.initialRebalanceCooldown, false)
    {}

    /*//////////////////////////////////////////////////////////////
                            MODIFIERS
    //////////////////////////////////////////////////////////////*/

    /**
     * @dev Modifier to collect the tip before any other action is taken
     */
    modifier collectTip() {
        _setIsCollectingTip(true);
        _accrueTip(tipJar(), totalSupply());

        _;
        _setIsCollectingTip(false);
    }

    /**
     * @dev Modifier to cache ark data for deposit operations.
     * @notice This modifier retrieves ark data before the function execution,
     *         allows the modified function to run, and then flushes the cache.
     * @dev The cache is required due to multiple calls to `totalAssets` in the same transaction.
     *         those calls migh be gas expensive for some arks.
     */
    modifier useCache() {
        _getArksData(config.bufferArk);
        _;
        _flushCache();
    }

    /**
     * @dev Modifier to cache withdrawable ark data for withdraw operations.
     * @notice This modifier retrieves withdrawable ark data before the function execution,
     *         allows the modified function to run, and then flushes the cache.
     * @dev The cache is required due to multiple calls to `totalAssets` in the same transaction.
     *         those calls migh be gas expensive for some arks.
     */
    modifier useWithdrawCache() {
        _getWithdrawableArksData(config.bufferArk);
        _;
        _flushCache();
    }

    /*//////////////////////////////////////////////////////////////
                        PUBLIC USER FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /// @inheritdoc IFleetCommander
    function withdrawFromBuffer(
        uint256 assets,
        address receiver,
        address owner
    ) public whenNotPaused collectTip useCache returns (uint256 shares) {
        shares = previewWithdraw(assets);
        _validateBufferWithdraw(assets, shares, owner);

        uint256 prevQueueBalance = config.bufferArk.totalAssets();

        _disembark(address(config.bufferArk), assets);
        _withdraw(_msgSender(), receiver, owner, assets, shares);

        emit FundsBufferBalanceUpdated(
            _msgSender(),
            prevQueueBalance,
            config.bufferArk.totalAssets()
        );
    }

    /// @inheritdoc IFleetCommander
    function redeem(
        uint256 shares,
        address receiver,
        address owner
    )
        public
        override(ERC4626, IFleetCommander)
        collectTip
        useCache
        whenNotPaused
        returns (uint256 assets)
    {
        uint256 bufferBalance = config.bufferArk.totalAssets();
        uint256 bufferBalanceInShares = convertToShares(bufferBalance);

        if (shares == Constants.MAX_UINT256) {
            shares = balanceOf(owner);
        }

        if (shares <= bufferBalanceInShares) {
            assets = redeemFromBuffer(shares, receiver, owner);
        } else {
            assets = redeemFromArks(shares, receiver, owner);
        }
    }

    /// @inheritdoc IFleetCommander
    function redeemFromBuffer(
        uint256 shares,
        address receiver,
        address owner
    ) public collectTip useCache whenNotPaused returns (uint256 assets) {
        _validateBufferRedeem(shares, owner);

        uint256 previousFundsBufferBalance = config.bufferArk.totalAssets();

        assets = previewRedeem(shares);
        _disembark(address(config.bufferArk), assets);
        _withdraw(_msgSender(), receiver, owner, assets, shares);

        emit FundsBufferBalanceUpdated(
            _msgSender(),
            previousFundsBufferBalance,
            config.bufferArk.totalAssets()
        );
    }

    /// @inheritdoc IFleetCommander
    function withdraw(
        uint256 assets,
        address receiver,
        address owner
    )
        public
        override(ERC4626, IFleetCommander)
        collectTip
        useCache
        whenNotPaused
        returns (uint256 shares)
    {
        uint256 bufferBalance = config.bufferArk.totalAssets();

        if (assets == Constants.MAX_UINT256) {
            uint256 totalUserShares = balanceOf(owner);
            assets = previewRedeem(totalUserShares);
        }

        if (assets <= bufferBalance) {
            shares = withdrawFromBuffer(assets, receiver, owner);
        } else {
            shares = withdrawFromArks(assets, receiver, owner);
        }
    }

    /// @inheritdoc IFleetCommander
    function withdrawFromArks(
        uint256 assets,
        address receiver,
        address owner
    )
        public
        override(IFleetCommander)
        collectTip
        useWithdrawCache
        whenNotPaused
        returns (uint256 totalSharesToRedeem)
    {
        totalSharesToRedeem = previewWithdraw(assets);

        _validateWithdrawFromArks(assets, totalSharesToRedeem, owner);

        _forceDisembarkFromSortedArks(assets);
        _withdraw(_msgSender(), receiver, owner, assets, totalSharesToRedeem);
        _resetLastActionTimestamp();

        emit FleetCommanderWithdrawnFromArks(owner, receiver, assets);
    }

    /// @inheritdoc IFleetCommander
    function redeemFromArks(
        uint256 shares,
        address receiver,
        address owner
    )
        public
        override(IFleetCommander)
        collectTip
        useWithdrawCache
        whenNotPaused
        returns (uint256 totalAssetsToWithdraw)
    {
        _validateRedeemFromArks(shares, owner);

        totalAssetsToWithdraw = previewRedeem(shares);
        _forceDisembarkFromSortedArks(totalAssetsToWithdraw);
        _withdraw(_msgSender(), receiver, owner, totalAssetsToWithdraw, shares);
        _resetLastActionTimestamp();
        emit FleetCommanderRedeemedFromArks(owner, receiver, shares);
    }

    /// @inheritdoc IERC4626
    function deposit(
        uint256 assets,
        address receiver
    )
        public
        override(ERC4626, IERC4626)
        collectTip
        useCache
        whenNotPaused
        returns (uint256 shares)
    {
        _validateDeposit(assets, _msgSender());

        uint256 previousFundsBufferBalance = config.bufferArk.totalAssets();

        shares = previewDeposit(assets);
        _deposit(_msgSender(), receiver, assets, shares);
        _board(address(config.bufferArk), assets);

        emit FundsBufferBalanceUpdated(
            _msgSender(),
            previousFundsBufferBalance,
            config.bufferArk.totalAssets()
        );
    }

    /// @inheritdoc IFleetCommander
    function deposit(
        uint256 assets,
        address receiver,
        bytes memory referralCode
    ) external returns (uint256) {
        emit FleetCommanderReferral(receiver, referralCode);
        return deposit(assets, receiver);
    }

    /// @inheritdoc IERC4626
    function mint(
        uint256 shares,
        address receiver
    )
        public
        override(ERC4626, IERC4626)
        collectTip
        useCache
        whenNotPaused
        returns (uint256 assets)
    {
        _validateMint(shares, _msgSender());

        uint256 previousFundsBufferBalance = config.bufferArk.totalAssets();
        assets = previewMint(shares);

        _deposit(_msgSender(), receiver, assets, shares);
        _board(address(config.bufferArk), assets);

        emit FundsBufferBalanceUpdated(
            _msgSender(),
            previousFundsBufferBalance,
            config.bufferArk.totalAssets()
        );
    }

    /// @inheritdoc IFleetCommander
    function tip() public whenNotPaused returns (uint256) {
        return _accrueTip(tipJar(), totalSupply());
    }

    /*//////////////////////////////////////////////////////////////
                        PUBLIC VIEW FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /**
     * @dev Overrides the totalSupply function to include the tip shares
     * @dev This is done to ensure that the totalSupply is always accurate, even when tips are being accrued
     * @dev This is done by checking if the _isCollectingTip flag is set, and if it is, return the totalSupply
     * @dev If the _isCollectingTip flag is not set, then we need to accrue the tips and return the totalSupply + the
     * previewTip
     * @dev when collecting fee we require totalSupply to be the pre tip totalSupply, after the tip is collected the
     * totalSupply will include the tip shares
     * @dev when called in view functions we need to return the totalSupply + the previewTip
     * @return uint256 The total supply of the FleetCommander, including tip shares
     */
    function totalSupply()
        public
        view
        override(ERC20, IERC20)
        returns (uint256)
    {
        if (_isCollectingTip()) {
            return super.totalSupply();
        }
        uint256 _totalSupply = super.totalSupply();
        return _totalSupply + previewTip(tipJar(), _totalSupply);
    }

    /// @inheritdoc IFleetCommander
    function totalAssets()
        public
        view
        override(IFleetCommander, ERC4626)
        returns (uint256)
    {
        return _totalAssets(config.bufferArk);
    }

    /// @inheritdoc IFleetCommander
    function withdrawableTotalAssets() public view returns (uint256) {
        return _withdrawableTotalAssets(config.bufferArk);
    }

    /// @inheritdoc IERC4626
    function maxDeposit(
        address owner
    ) public view override(ERC4626, IERC4626) returns (uint256 _maxDeposit) {
        uint256 _totalAssets = totalAssets();
        uint256 maxAssets = _totalAssets > config.depositCap
            ? 0
            : config.depositCap - _totalAssets;

        _maxDeposit = Math.min(maxAssets, IERC20(asset()).balanceOf(owner));
    }

    /// @inheritdoc IERC4626
    function maxMint(
        address owner
    ) public view override(ERC4626, IERC4626) returns (uint256 _maxMint) {
        uint256 _totalAssets = totalAssets();
        uint256 maxAssets = _totalAssets > config.depositCap
            ? 0
            : config.depositCap - _totalAssets;
        _maxMint = previewDeposit(
            Math.min(maxAssets, IERC20(asset()).balanceOf(owner))
        );
    }

    /// @inheritdoc IFleetCommander
    function maxBufferWithdraw(
        address owner
    ) public view returns (uint256 _maxBufferWithdraw) {
        _maxBufferWithdraw = Math.min(
            config.bufferArk.totalAssets(),
            previewRedeem(balanceOf(owner))
        );
    }

    /// @inheritdoc IERC4626
    function maxWithdraw(
        address owner
    ) public view override(ERC4626, IERC4626) returns (uint256 _maxWithdraw) {
        _maxWithdraw = Math.min(
            withdrawableTotalAssets(),
            previewRedeem(balanceOf(owner))
        );
    }

    /// @inheritdoc IERC4626
    function maxRedeem(
        address owner
    ) public view override(ERC4626, IERC4626) returns (uint256 _maxRedeem) {
        _maxRedeem = Math.min(
            convertToShares(withdrawableTotalAssets()),
            balanceOf(owner)
        );
    }

    /// @inheritdoc IFleetCommander
    function maxBufferRedeem(
        address owner
    ) public view returns (uint256 _maxBufferRedeem) {
        _maxBufferRedeem = Math.min(
            previewWithdraw(config.bufferArk.totalAssets()),
            balanceOf(owner)
        );
    }

    /*//////////////////////////////////////////////////////////////
                        EXTERNAL KEEPER FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /// @inheritdoc IFleetCommander
    function rebalance(
        RebalanceData[] calldata rebalanceData
    ) external onlyKeeper enforceCooldown collectTip whenNotPaused {
        _validateReallocateAllAssets(rebalanceData);
        _validateAdjustBuffer(rebalanceData);
        _reallocateAllAssets(rebalanceData);
    }

    /*//////////////////////////////////////////////////////////////
                        EXTERNAL GOVERNOR FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /// @inheritdoc IFleetCommander
    function setTipRate(
        Percentage newTipRate
    ) external onlyGovernor whenNotPaused {
        // The newTipRate uses the Percentage type from @summerfi/percentage-solidity
        // Percentages have 18 decimals of precision
        // For example, 1% would be represented as 1 * 10^18 (assuming PERCENTAGE_DECIMALS is 18)
        _setTipRate(newTipRate, tipJar(), totalSupply());
    }

    /// @inheritdoc IFleetCommander
    function setMinimumPauseTime(
        uint256 _newMinimumPauseTime
    ) public onlyGovernor whenNotPaused {
        _setMinimumPauseTime(_newMinimumPauseTime);
    }

    /// @inheritdoc IFleetCommander
    function updateRebalanceCooldown(
        uint256 newCooldown
    ) external onlyCurator(address(this)) whenNotPaused {
        _updateCooldown(newCooldown);
    }

    /// @inheritdoc IFleetCommander
    function forceRebalance(
        RebalanceData[] calldata rebalanceData
    ) external onlyGovernor collectTip whenNotPaused {
        _validateReallocateAllAssets(rebalanceData);
        _validateAdjustBuffer(rebalanceData);
        _reallocateAllAssets(rebalanceData);
    }

    /// @inheritdoc IFleetCommander
    function pause() external onlyGuardianOrGovernor {
        _pause();
    }

    /// @inheritdoc IFleetCommander
    function unpause() external onlyGuardianOrGovernor {
        _unpause();
    }

    /*//////////////////////////////////////////////////////////////
                        PUBLIC ERC20 FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /// @inheritdoc IERC20
    function transfer(
        address to,
        uint256 amount
    ) public override(IERC20, ERC20) returns (bool) {
        if (transfersEnabled || _msgSender() == config.stakingRewardsManager) {
            return super.transfer(to, amount);
        }

        revert FleetCommanderTransfersDisabled();
    }

    /// @inheritdoc IERC20
    function transferFrom(
        address from,
        address to,
        uint256 amount
    ) public override(IERC20, ERC20) returns (bool) {
        if (transfersEnabled || _msgSender() == config.stakingRewardsManager) {
            return super.transferFrom(from, to, amount);
        }
        revert FleetCommanderTransfersDisabled();
    }

    /*//////////////////////////////////////////////////////////////
                        INTERNAL FUNCTIONS
    //////////////////////////////////////////////////////////////*/

    /**
     * @notice Mints new shares as tips to the specified account
     * @dev This function overrides the abstract _mintTip function from the Tipper contract.
     *      It is called internally by the _accrueTip function to mint new shares as tips.
     *      In the context of FleetCommander, this creates new shares without requiring
     *      additional underlying assets, effectively diluting existing shareholders slightly
     *      to pay for the protocol's ongoing operations.
     * @param account The address to receive the minted tip shares
     * @param amount The amount of shares to mint as a tip
     */
    function _mintTip(
        address account,
        uint256 amount
    ) internal virtual override {
        _mint(account, amount);
    }

    /**
     * @notice Reallocates all assets based on the provided rebalance data
     * @param rebalanceData Array of RebalanceData structs containing information about the reallocation
     */
    function _reallocateAllAssets(
        RebalanceData[] calldata rebalanceData
    ) internal {
        for (uint256 i = 0; i < rebalanceData.length; i++) {
            _reallocateAssets(rebalanceData[i]);
        }
        emit Rebalanced(_msgSender(), rebalanceData);
    }

    /* INTERNAL - ARK */

    /**
     * @notice Approves and boards a specified amount of assets to an Ark
     * @param ark The address of the Ark
     * @param amount The amount of assets to board
     */
    function _board(address ark, uint256 amount) internal {
        IERC20(asset()).forceApprove(ark, amount);
        IArk(ark).board(amount, bytes(""));
    }

    /**
     * @notice Disembarks a specified amount of assets from an Ark
     * @param ark The address of the Ark
     * @param amount The amount of assets to disembark
     */
    function _disembark(address ark, uint256 amount) internal {
        IArk(ark).disembark(amount, bytes(""));
    }

    /**
     * @notice Moves a specified amount of assets from one Ark to another
     * @param fromArk The address of the Ark to move assets from
     * @param toArk The address of the Ark to move assets to
     * @param amount The amount of assets to move
     * @param boardData Additional data for the board operation
     * @param disembarkData Additional data for the disembark operation
     */
    function _move(
        address fromArk,
        address toArk,
        uint256 amount,
        bytes memory boardData,
        bytes memory disembarkData
    ) internal {
        IArk(fromArk).move(amount, toArk, boardData, disembarkData);
    }

    /* INTERNAL */

    /**
     * @notice Reallocates assets from one Ark to another
     * @dev This function handles the reallocation of assets between Arks, considering:
     *      1. The maximum allocation of the destination Ark
     *      2. The current allocation of the destination Ark
     * @param data The RebalanceData struct containing information about the reallocation
     * @custom:error FleetCommanderEffectiveDepositCapExceeded Thrown when the destination Ark is already at or above
     * its maximum
     * allocation
     */
    function _reallocateAssets(RebalanceData memory data) internal {
        IArk toArk = IArk(data.toArk);
        IArk fromArk = IArk(data.fromArk);
        uint256 amount;
        if (data.amount == Constants.MAX_UINT256) {
            amount = fromArk.totalAssets();
        } else {
            amount = data.amount;
        }
        // The validation has to take into account the actual amount that will be moved
        _validateReallocateAssets(data.fromArk, data.toArk, amount);

        uint256 toArkDepositCap = getEffectiveArkDepositCap(toArk);
        uint256 toArkAllocation = toArk.totalAssets();

        if (toArkAllocation + amount > toArkDepositCap) {
            revert FleetCommanderEffectiveDepositCapExceeded(
                address(toArk),
                amount,
                toArkDepositCap
            );
        }

        _move(
            address(fromArk),
            address(toArk),
            amount,
            data.boardData,
            data.disembarkData
        );
    }
    /**
     * @notice Calculates the effective deposit cap for an Ark
     * @dev This function returns the lower of two caps: a percentage-based cap derived from TVL,
     *      and the absolute deposit cap set for the Ark
     * @param ark The address of the Ark
     * @return The effective deposit cap in token units
     */

    function getEffectiveArkDepositCap(IArk ark) public view returns (uint256) {
        uint256 tvl = this.totalAssets();
        uint256 pctBasedCap = tvl.applyPercentage(
            ark.maxDepositPercentageOfTVL()
        );
        return Math.min(pctBasedCap, ark.depositCap());
    }

    /**
     * @notice Withdraws assets from multiple arks in a specific order
     * @dev This function attempts to withdraw the requested amount from arks,
     *      that allow such operations, in the order of total assets held
     * @param assets The total amount of assets to withdraw
     */
    function _forceDisembarkFromSortedArks(uint256 assets) internal {
        ArkData[] memory withdrawableArks = _getWithdrawableArksDataFromCache();
        for (uint256 i = 0; i < withdrawableArks.length; i++) {
            uint256 assetsInArk = withdrawableArks[i].totalAssets;
            if (assetsInArk >= assets) {
                _disembark(withdrawableArks[i].arkAddress, assets);
                break;
            } else if (assetsInArk > 0) {
                _disembark(withdrawableArks[i].arkAddress, assetsInArk);
                assets -= assetsInArk;
            }
        }
    }

    /* INTERNAL - VALIDATIONS */

    /**
     * @notice Validates the data for adjusting the buffer
     * @dev This function checks if all operations in the rebalance data are consistent
     *      (either all moving to buffer or all moving from buffer) and ensures that
     *      the buffer balance remains above the minimum required balance.
     *      When moving to the buffer, using MAX_UINT256 as the amount will move all funds from the source Ark.
     * @param rebalanceData An array of RebalanceData structs containing the rebalance operations
     * @custom:error FleetCommanderNoExcessFunds Thrown when trying to move funds out of an already minimum buffer
     * @custom:error FleetCommanderInsufficientBuffer Thrown when trying to move more funds than available excess
     * @custom:error FleetCommanderCantUseMaxUintMovingFromBuffer Thrown when trying to use MAX_UINT256 amount when
     * moving from buffer
     */
    function _validateAdjustBuffer(
        RebalanceData[] calldata rebalanceData
    ) internal view {
        uint256 initialBufferBalance = config.bufferArk.totalAssets();
        int256 netBufferChange;
        address _bufferArkAddress = address(config.bufferArk);
        for (uint256 i = 0; i < rebalanceData.length; i++) {
            if (
                rebalanceData[i].toArk == _bufferArkAddress ||
                rebalanceData[i].fromArk == _bufferArkAddress
            ) {
                bool isMovingToBuffer = rebalanceData[i].toArk ==
                    _bufferArkAddress;
                uint256 amount = rebalanceData[i].amount;
                if (amount == Constants.MAX_UINT256) {
                    if (!isMovingToBuffer) {
                        revert FleetCommanderCantUseMaxUintMovingFromBuffer();
                    }
                    amount = IArk(rebalanceData[i].fromArk).totalAssets();
                }
                if (isMovingToBuffer) {
                    netBufferChange += int256(amount);
                } else {
                    netBufferChange -= int256(amount);
                }
            }
        }
        if (netBufferChange < 0) {
            _validateBufferExcessFunds(
                initialBufferBalance,
                uint256(-netBufferChange)
            );
        }
    }

    /**
     * @notice Validates that there are sufficient excess funds in the buffer for withdrawal
     * @dev This function checks two conditions:
     *      1. The initial buffer balance is greater than the minimum required balance
     *      2. The amount to move does not exceed the excess funds in the buffer
     * @param initialBufferBalance The current balance of the buffer before the adjustment
     * @param totalToMove The total amount of assets to be moved from the buffer
     * @custom:error FleetCommanderNoExcessFunds Thrown when the buffer balance is at or below the minimum required
     * balance
     * @custom:error FleetCommanderInsufficientBuffer Thrown when the amount to move exceeds the available excess funds
     * in the buffer
     */
    function _validateBufferExcessFunds(
        uint256 initialBufferBalance,
        uint256 totalToMove
    ) internal view {
        uint256 minimumBufferBalance = config.minimumBufferBalance;
        if (initialBufferBalance <= minimumBufferBalance) {
            revert FleetCommanderNoExcessFunds();
        }
        uint256 excessFunds = initialBufferBalance - minimumBufferBalance;
        if (totalToMove > excessFunds) {
            revert FleetCommanderInsufficientBuffer();
        }
    }

    /**
     * @notice Validates the asset reallocation data for correctness and consistency
     * @dev This function checks various conditions of the rebalance operations:
     *      - Number of operations is within limits
     * @param rebalanceData An array of RebalanceData structs containing the rebalance operations
     */
    function _validateReallocateAllAssets(
        RebalanceData[] calldata rebalanceData
    ) internal view {
        if (rebalanceData.length > config.maxRebalanceOperations) {
            revert FleetCommanderRebalanceTooManyOperations(
                rebalanceData.length
            );
        }
        if (rebalanceData.length == 0) {
            revert FleetCommanderRebalanceNoOperations();
        }
    }

    /**
     * @notice Validates the reallocation of assets between two ARKs.
     * @param fromArk The address of the source ARK.
     * @param toArk The address of the destination ARK.
     * @param amount The amount of assets to be reallocated.
     * @custom:error FleetCommanderRebalanceAmountZero if the amount is zero.
     * @custom:error FleetCommanderArkNotFound if the source or destination ARK is not found.
     * @custom:error FleetCommanderArkNotActive if the source or destination ARK is not active.
     * @custom:error FleetCommanderExceedsMaxOutflow if the amount exceeds the maximum move from limit of the source
     * ARK.
     * @custom:error FleetCommanderExceedsMaxInflow if the amount exceeds the maximum move to limit of the destination
     * ARK.
     * @custom:error FleetCommanderArkDepositCapZero if the deposit cap of the destination ARK is zero.
     */
    function _validateReallocateAssets(
        address fromArk,
        address toArk,
        uint256 amount
    ) internal {
        if (amount == 0) {
            revert FleetCommanderRebalanceAmountZero(toArk);
        }
        if (toArk == address(0)) {
            revert FleetCommanderArkNotFound(toArk);
        }
        if (fromArk == address(0)) {
            revert FleetCommanderArkNotFound(fromArk);
        }
        if (!isArkActiveOrBufferArk(toArk)) {
            revert FleetCommanderArkNotActive(toArk);
        }
        if (!isArkActiveOrBufferArk(fromArk)) {
            revert FleetCommanderArkNotActive(fromArk);
        }
        if (IArk(toArk).depositCap() == 0) {
            revert FleetCommanderArkDepositCapZero(toArk);
        }
        (
            uint256 inflowBalance,
            uint256 outflowBalance,
            uint256 maxRebalanceInflow,
            uint256 maxRebalanceOutflow
        ) = _cacheArkFlow(fromArk, toArk, amount);
        if (outflowBalance > maxRebalanceOutflow) {
            revert FleetCommanderExceedsMaxOutflow(
                fromArk,
                outflowBalance,
                maxRebalanceOutflow
            );
        }
        if (inflowBalance > maxRebalanceInflow) {
            revert FleetCommanderExceedsMaxInflow(
                toArk,
                inflowBalance,
                maxRebalanceInflow
            );
        }
    }

    /**
     * @notice Validates the withdraw request
     * @dev This function checks two conditions:
     *      1. The caller is authorized to withdraw on behalf of the owner
     *      2. The withdrawal amount does not exceed the maximum allowed
     * @param assets The amount of assets to withdraw
     * @param shares The number of shares to redeem
     * @param owner The address of the owner of the assets
     * @custom:error FleetCommanderUnauthorizedWithdrawal Thrown when the caller is not authorized to withdraw
     * @custom:error IERC4626ExceededMaxWithdraw Thrown when the withdrawal amount exceeds the maximum allowed
     * @custom:error FleetCommanderZeroAmount Thrown when the withdrawal amount is zero
     */
    function _validateBufferWithdraw(
        uint256 assets,
        uint256 shares,
        address owner
    ) internal view {
        if (shares == 0) {
            revert FleetCommanderZeroAmount();
        }
        if (
            _msgSender() != owner &&
            IERC20(address(this)).allowance(owner, _msgSender()) < shares
        ) {
            revert FleetCommanderUnauthorizedWithdrawal(_msgSender(), owner);
        }
        uint256 maxAssets = maxBufferWithdraw(owner);
        if (assets > maxAssets) {
            revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
        }
    }

    /**
     * @notice Validates the redemption request
     * @dev This function checks two conditions:
     *      1. The caller is authorized to redeem on behalf of the owner
     *      2. The redemption amount does not exceed the maximum allowed
     * @param shares The number of shares to redeem
     * @param owner The address of the owner of the shares
     * @custom:error FleetCommanderUnauthorizedRedemption Thrown when the caller is not authorized to redeem
     * @custom:error IERC4626ExceededMaxRedeem Thrown when the redemption amount exceeds the maximum allowed
     * @custom:error FleetCommanderZeroAmount Thrown when the redemption amount is zero
     */
    function _validateBufferRedeem(
        uint256 shares,
        address owner
    ) internal view {
        if (shares == 0) {
            revert FleetCommanderZeroAmount();
        }
        if (
            _msgSender() != owner &&
            IERC20(address(this)).allowance(owner, _msgSender()) < shares
        ) {
            revert FleetCommanderUnauthorizedRedemption(_msgSender(), owner);
        }

        uint256 maxShares = maxBufferRedeem(owner);
        if (shares > maxShares) {
            revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
        }
    }

    /**
     * @notice Validates the deposit request
     * @dev This function checks if the requested deposit amount exceeds the maximum allowed
     * @param assets The amount of assets to deposit
     * @param owner The address of the account making the deposit
     * @custom:error FleetCommanderZeroAmount Thrown when the deposit amount is zero
     * @custom:error IERC4626ExceededMaxDeposit Thrown when the deposit amount exceeds the maximum allowed
     */
    function _validateDeposit(uint256 assets, address owner) internal view {
        if (assets == 0) {
            revert FleetCommanderZeroAmount();
        }
        uint256 maxAssets = maxDeposit(owner);
        if (assets > maxAssets) {
            revert ERC4626ExceededMaxDeposit(owner, assets, maxAssets);
        }
    }

    /**
     * @notice Validates the mint request
     * @dev This function checks if the requested mint amount exceeds the maximum allowed
     * @param shares The number of shares to mint
     * @param owner The address of the account minting the shares
     * @custom:error FleetCommanderZeroAmount Thrown when the mint amount is zero
     * @custom:error IERC4626ExceededMaxMint Thrown when the mint amount exceeds the maximum allowed
     */
    function _validateMint(uint256 shares, address owner) internal view {
        if (shares == 0) {
            revert FleetCommanderZeroAmount();
        }
        uint256 maxShares = maxMint(owner);
        if (shares > maxShares) {
            revert ERC4626ExceededMaxMint(owner, shares, maxShares);
        }
    }

    /**
     * @notice Validates the force withdraw request
     * @dev This function checks two conditions:
     *      1. The caller is authorized to withdraw on behalf of the owner
     *      2. The withdrawal amount does not exceed the maximum allowed
     * @param assets The amount of assets to withdraw
     * @param shares The amount of shares to redeem
     * @param owner The address of the owner of the assets
     * @custom:error FleetCommanderUnauthorizedWithdrawal Thrown when the caller is not authorized to withdraw
     * @custom:error IERC4626ExceededMaxWithdraw Thrown when the withdrawal amount exceeds the maximum allowed
     * @custom:error FleetCommanderZeroAmount Thrown when the withdrawal amount is zero
     */
    function _validateWithdrawFromArks(
        uint256 assets,
        uint256 shares,
        address owner
    ) internal view {
        if (shares == 0) {
            revert FleetCommanderZeroAmount();
        }
        if (
            _msgSender() != owner &&
            IERC20(address(this)).allowance(owner, _msgSender()) < shares
        ) {
            revert FleetCommanderUnauthorizedWithdrawal(_msgSender(), owner);
        }
        uint256 maxAssets = maxWithdraw(owner);

        if (assets > maxAssets) {
            revert ERC4626ExceededMaxWithdraw(owner, assets, maxAssets);
        }
    }

    /**
     * @notice Validates the force redeem request
     * @dev This function checks two conditions:
     *      1. The caller is authorized to redeem on behalf of the owner
     *      2. The redemption amount does not exceed the maximum allowed
     * @param shares The amount of shares to redeem
     * @param owner The address of the owner of the assets
     * @custom:error FleetCommanderUnauthorizedRedemption Thrown when the caller is not authorized to redeem
     * @custom:error IERC4626ExceededMaxRedeem Thrown when the redemption amount exceeds the maximum allowed
     * @custom:error FleetCommanderZeroAmount Thrown when the redemption amount is zero
     */
    function _validateRedeemFromArks(
        uint256 shares,
        address owner
    ) internal view {
        if (shares == 0) {
            revert FleetCommanderZeroAmount();
        }
        if (
            _msgSender() != owner &&
            IERC20(address(this)).allowance(owner, _msgSender()) < shares
        ) {
            revert FleetCommanderUnauthorizedRedemption(_msgSender(), owner);
        }
        uint256 maxShares = maxRedeem(owner);
        if (shares > maxShares) {
            revert ERC4626ExceededMaxRedeem(owner, shares, maxShares);
        }
    }

    function _getActiveArksAddresses()
        internal
        view
        override(FleetCommanderCache)
        returns (address[] memory)
    {
        return getActiveArks();
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {StorageSlot} from "@summerfi/dependencies/openzeppelin-next/StorageSlot.sol";

import {IArk} from "../interfaces/IArk.sol";
import {ArkData} from "../types/FleetCommanderTypes.sol";
import {StorageSlots} from "./libraries/StorageSlots.sol";

/**
 * @title FleetCommanderCache - Caching System
 * @dev This contract implements a caching mechanism
 *      for efficient asset tracking and operations.
 *
 * Caching System:
 * 1. Purpose: The caching system is designed to optimize gas costs and improve performance
 *    for operations that require frequent access to total assets and ark data.
 *
 * 2. Key Components:
 *    - FleetCommanderCache: A contract that this FleetCommander inherits from, providing
 *      caching functionality.
 *    - Cache Modifiers: 'useDepositCache' and 'useWithdrawCache' are used to manage the
 *      caching lifecycle for deposit and withdrawal operations.
 *
 * 3. Caching Mechanism:
 *    - Before Operation: The cache is populated with current ark data.
 *    - During Operation: The contract uses cached data instead of making repeated calls to arks.
 *    - After Operation: The cache is flushed to ensure data freshness for subsequent operations.
 *
 * 4. Benefits:
 *    - Gas Optimization: Reduces the number of external calls to arks, saving gas.
 *    - Consistency: Ensures that a single operation uses consistent data throughout its execution.
 *
 * 5. Cache Usage:
 *    - Deposit Operations: Uses 'useDepositCache' modifier to cache all ark data.
 *    - Withdrawal Operations: Uses 'useWithdrawCache' modifier to cache data for withdrawable arks.
 *    - Rebalance Operations: Does not use cache as it directly interacts with arks.
 *
 * 6. Cache Management:
 *    - Cache population: Performed by '_getArksData' and '_getWithdrawableArksData' functions.
 *    - Cache flushing: Done by '_flushCache' function after each operation.
 *
 * This caching system is crucial for maintaining efficient operations in the FleetCommander,
 * especially when dealing with multiple arks and frequent asset calculations.
 */
contract FleetCommanderCache {
    using StorageSlot for *;

    /**
     * @dev Checks if the FleetCommander is currently performing a trnsaction that includes a tip
     * @return bool True if collecting tips, false otherwise
     */
    function _isCollectingTip() internal view returns (bool) {
        return StorageSlots.TIP_TAKEN_STORAGE.asBoolean().tload();
    }

    /**
     * @dev Sets the isCollectingTip flag
     * @param value The value to set the flag to
     */
    function _setIsCollectingTip(bool value) internal {
        StorageSlots.TIP_TAKEN_STORAGE.asBoolean().tstore(value);
    }

    /**
     * @dev Calculates the total assets across all arks
     * @param bufferArk The buffer ark instance
     * @return total The sum of total assets across all arks
     * @custom:internal-logic
     * - Checks if total assets are cached
     * - If cached, returns the cached value
     * - If not cached, calculates the sum of total assets across all arks
     * @custom:effects
     * - No state changes
     * @custom:security-considerations
     * - Relies on accurate reporting of total assets by individual arks
     * - Caching mechanism must be properly managed to ensure data freshness
     * - Assumes no changes in total assets throughout the execution of function that use this cache
     */
    function _totalAssets(
        IArk bufferArk
    ) internal view returns (uint256 total) {
        bool isTotalAssetsCached = StorageSlots
            .IS_TOTAL_ASSETS_CACHED_STORAGE
            .asBoolean()
            .tload();
        if (isTotalAssetsCached) {
            return StorageSlots.TOTAL_ASSETS_STORAGE.asUint256().tload();
        }
        return
            _sumTotalAssets(_getAllArks(_getActiveArksAddresses(), bufferArk));
    }

    /**
     * @dev Calculates the total assets of withdrawable arks
     * @param bufferArk The buffer ark instance
     * @return withdrawableTotalAssets The sum of total assets across withdrawable arks
     *  - arks that don't require additional data to be boarded or disembarked from.
     * @custom:internal-logic
     * - Checks if withdrawable total assets are cached
     * - If cached, returns the cached value
     * - If not cached, calculates the sum of total assets across withdrawable arks
     * @custom:effects
     * - No state changes
     * @custom:security-considerations
     * - Relies on accurate reporting of total assets by individual arks
     * - Depends on the correctness of the withdrawableTotalAssets function
     */
    function _withdrawableTotalAssets(
        IArk bufferArk
    ) internal view returns (uint256 withdrawableTotalAssets) {
        bool isWithdrawableTotalAssetsCached = StorageSlots
            .IS_WITHDRAWABLE_ARKS_TOTAL_ASSETS_CACHED_STORAGE
            .asBoolean()
            .tload();
        if (isWithdrawableTotalAssetsCached) {
            return
                StorageSlots
                    .WITHDRAWABLE_ARKS_TOTAL_ASSETS_STORAGE
                    .asUint256()
                    .tload();
        }

        IArk[] memory allArks = _getAllArks(
            _getActiveArksAddresses(),
            bufferArk
        );
        for (uint256 i = 0; i < allArks.length; i++) {
            uint256 withdrawableAssets = IArk(allArks[i])
                .withdrawableTotalAssets();
            if (withdrawableAssets > 0) {
                withdrawableTotalAssets += withdrawableAssets;
            }
        }
    }

    /**
     * @dev Retrieves an array of all Arks, including regular Arks and the buffer Ark
     * @param arks Array of regular ark addresses
     * @param bufferArk The buffer ark instance
     * @return An array of IArk interfaces representing all Arks in the system
     * @custom:internal-logic
     * - Creates a new array with length of regular arks plus one (for buffer ark)
     * - Populates the array with regular arks and appends the buffer ark
     * @custom:effects
     * - No state changes
     * @custom:security-considerations
     * - Ensures the buffer ark is always included at the end of the array
     */
    function _getAllArks(
        address[] memory arks,
        IArk bufferArk
    ) private pure returns (IArk[] memory) {
        IArk[] memory allArks = new IArk[](arks.length + 1);
        for (uint256 i = 0; i < arks.length; i++) {
            allArks[i] = IArk(arks[i]);
        }
        allArks[arks.length] = IArk(bufferArk);
        return allArks;
    }

    /**
     * @dev Calculates the sum of total assets across all provided Arks
     * @param _arks An array of IArk interfaces representing the Arks to sum assets from
     * @return total The sum of total assets across all provided Arks
     * @custom:internal-logic
     * - Iterates through the provided array of Arks
     * - Accumulates the total assets from each Ark
     * @custom:effects
     * - No state changes
     * @custom:security-considerations
     * - Relies on accurate reporting of total assets by individual arks
     * - Vulnerable to integer overflow if total assets become extremely large
     */
    function _sumTotalAssets(
        IArk[] memory _arks
    ) private view returns (uint256 total) {
        for (uint256 i = 0; i < _arks.length; i++) {
            total += _arks[i].totalAssets();
        }
    }

    /**
     * @dev Flushes the cache for all arks and related data
     * @custom:internal-logic
     * - Resets the cached data for all arks and related data
     * @custom:effects
     * - Sets IS_TOTAL_ASSETS_CACHED_STORAGE to false
     * - Sets IS_WITHDRAWABLE_ARKS_TOTAL_ASSETS_CACHED_STORAGE to false
     * - Resets WITHDRAWABLE_ARKS_LENGTH_STORAGE to 0
     * - Resets ARKS_LENGTH_STORAGE to 0
     * @custom:security-considerations
     * - Ensures that the next call to totalAssets or withdrawableTotalAssets recalculates values
     * - Critical for maintaining data freshness and preventing stale cache issues
     * - Flushes cache in case of reentrancy
     * - That also allows efficient testing using Forge (transient storage is persistent during single test)
     */
    function _flushCache() internal {
        StorageSlots.IS_TOTAL_ASSETS_CACHED_STORAGE.asBoolean().tstore(false);
        StorageSlots
            .IS_WITHDRAWABLE_ARKS_TOTAL_ASSETS_CACHED_STORAGE
            .asBoolean()
            .tstore(false);
        StorageSlots.WITHDRAWABLE_ARKS_LENGTH_STORAGE.asUint256().tstore(0);
        StorageSlots.ARKS_LENGTH_STORAGE.asUint256().tstore(0);
    }

    /**
     * @dev Retrieves the data (address, totalAssets) for all arks and the buffer ark
     * @param bufferArk The buffer ark instance
     * @return _arksData An array of ArkData structs containing the ark addresses and their total assets
     * @custom:internal-logic
     * - Initializes data for all arks including the buffer ark
     * - Populates data for regular arks and buffer ark
     * - Caches the total assets and ark data
     * - buffer ark is always at the end of the array
     * @custom:effects
     * - Caches total assets and ark data
     * - Modifies storage slots related to ark data
     * @custom:security-considerations
     * - Relies on accurate reporting of total assets by individual arks
     */
    function _getArksData(
        IArk bufferArk
    ) internal returns (ArkData[] memory _arksData) {
        if (StorageSlots.IS_TOTAL_ASSETS_CACHED_STORAGE.asBoolean().tload()) {
            return _getAllArksDataFromCache();
        }

        address[] memory arks = _getActiveArksAddresses();
        // Initialize data for all arks
        _arksData = new ArkData[](arks.length + 1); // +1 for buffer ark
        uint256 totalAssets = 0;

        // Populate data for regular arks
        for (uint256 i = 0; i < arks.length; i++) {
            uint256 arkAssets = IArk(arks[i]).totalAssets();
            _arksData[i] = ArkData(arks[i], arkAssets);
            totalAssets += arkAssets;
        }

        // Add buffer ark data
        uint256 bufferArkAssets = bufferArk.totalAssets();
        _arksData[arks.length] = ArkData(address(bufferArk), bufferArkAssets);
        totalAssets += bufferArkAssets;

        _cacheAllArksTotalAssets(totalAssets);
        _cacheAllArks(_arksData);
    }

    /**
     * @notice Retrieves a storage slot based on the provided prefix and index
     * @param prefix The prefix for the storage slot
     * @param index The index for the storage slot
     * @return bytes32 The storage slot value
     */
    function _getStorageSlot(
        bytes32 prefix,
        uint256 index
    ) internal pure returns (bytes32) {
        return keccak256(abi.encodePacked(prefix, index));
    }

    /**
     * @dev Caches the inflow and outflow balances for the specified Ark addresses.
     *      Updates the maximum inflow and outflow balances if they are not set.
     * @param outflowArkAddress The address of the Ark from which the outflow is occurring.
     * @param inflowArkAddress The address of the Ark to which the inflow is occurring.
     * @param amount The amount to be added to both inflow and outflow balances.
     * @return newInflowBalance The updated inflow balance for the inflow Ark.
     * @return newOutflowBalance The updated outflow balance for the outflow Ark.
     * @return maxInflow The maximum inflow balance for the inflow Ark.
     * @return maxOutflow The maximum outflow balance for the outflow Ark.
     */
    function _cacheArkFlow(
        address outflowArkAddress,
        address inflowArkAddress,
        uint256 amount
    )
        internal
        returns (
            uint256 newInflowBalance,
            uint256 newOutflowBalance,
            uint256 maxInflow,
            uint256 maxOutflow
        )
    {
        bytes32 inflowSlot = _getStorageSlot(
            StorageSlots.ARK_INFLOW_BALANCE_STORAGE,
            uint256(uint160(inflowArkAddress))
        );
        bytes32 outflowSlot = _getStorageSlot(
            StorageSlots.ARK_OUTFLOW_BALANCE_STORAGE,
            uint256(uint160(outflowArkAddress))
        );
        bytes32 maxInflowSlot = _getStorageSlot(
            StorageSlots.ARK_MAX_INFLOW_BALANCE_STORAGE,
            uint256(uint160(inflowArkAddress))
        );
        bytes32 maxOutflowSlot = _getStorageSlot(
            StorageSlots.ARK_MAX_OUTFLOW_BALANCE_STORAGE,
            uint256(uint160(outflowArkAddress))
        );

        maxInflow = maxInflowSlot.asUint256().tload();
        maxOutflow = maxOutflowSlot.asUint256().tload();

        if (maxInflow == 0) {
            maxInflow = IArk(inflowArkAddress).maxRebalanceInflow();
            maxInflowSlot.asUint256().tstore(maxInflow);
        }
        if (maxOutflow == 0) {
            maxOutflow = IArk(outflowArkAddress).maxRebalanceOutflow();
            maxOutflowSlot.asUint256().tstore(maxOutflow);
        }

        // Load current balance (if it's the first time, it will be 0)
        newInflowBalance = inflowSlot.asUint256().tload() + amount;
        newOutflowBalance = outflowSlot.asUint256().tload() + amount;

        inflowSlot.asUint256().tstore(newInflowBalance);
        outflowSlot.asUint256().tstore(newOutflowBalance);
    }

    /**
     * @notice Retrieves the data (address, totalAssets) for all withdrawable arks from cache
     * @return arksData An array of ArkData structs containing the ark addresses and their total assets
     */
    function _getWithdrawableArksDataFromCache()
        internal
        view
        returns (ArkData[] memory arksData)
    {
        uint256 arksLength = StorageSlots
            .WITHDRAWABLE_ARKS_LENGTH_STORAGE
            .asUint256()
            .tload();
        arksData = new ArkData[](arksLength);
        for (uint256 i = 0; i < arksLength; i++) {
            address arkAddress = _getStorageSlot(
                StorageSlots.WITHDRAWABLE_ARKS_ADDRESS_ARRAY_STORAGE,
                i
            ).asAddress().tload();
            uint256 totalAssets = _getStorageSlot(
                StorageSlots.WITHDRAWABLE_ARKS_TOTAL_ASSETS_ARRAY_STORAGE,
                i
            ).asUint256().tload();
            arksData[i] = ArkData(arkAddress, totalAssets);
        }
    }

    function _getAllArksDataFromCache()
        internal
        view
        returns (ArkData[] memory arksData)
    {
        uint256 arksLength = StorageSlots
            .ARKS_LENGTH_STORAGE
            .asUint256()
            .tload();
        arksData = new ArkData[](arksLength);
        for (uint256 i = 0; i < arksLength; i++) {
            address arkAddress = _getStorageSlot(
                StorageSlots.ARKS_ADDRESS_ARRAY_STORAGE,
                i
            ).asAddress().tload();
            uint256 totalAssets = _getStorageSlot(
                StorageSlots.ARKS_TOTAL_ASSETS_ARRAY_STORAGE,
                i
            ).asUint256().tload();
            arksData[i] = ArkData(arkAddress, totalAssets);
        }
    }
    /**
     * @notice Caches the data for all arks in the specified storage slots
     * @param arksData The array of ArkData structs containing the ark addresses and their total assets
     * @param totalAssetsPrefix The prefix for the ark total assets storage slot
     * @param addressPrefix The prefix for the ark addresses storage slot
     * @param lengthSlot The storage slot containing the number of arks
     */
    function _cacheArks(
        ArkData[] memory arksData,
        bytes32 totalAssetsPrefix,
        bytes32 addressPrefix,
        bytes32 lengthSlot
    ) internal {
        for (uint256 i = 0; i < arksData.length; i++) {
            _getStorageSlot(totalAssetsPrefix, i).asUint256().tstore(
                arksData[i].totalAssets
            );
            _getStorageSlot(addressPrefix, i).asAddress().tstore(
                arksData[i].arkAddress
            );
        }
        lengthSlot.asUint256().tstore(arksData.length);
    }

    /**
     * @notice Caches the data for all arks in the specified storage slots
     * @param _arksData The array of ArkData structs containing the ark addresses and their total assets
     */
    function _cacheAllArks(ArkData[] memory _arksData) internal {
        _cacheArks(
            _arksData,
            StorageSlots.ARKS_TOTAL_ASSETS_ARRAY_STORAGE,
            StorageSlots.ARKS_ADDRESS_ARRAY_STORAGE,
            StorageSlots.ARKS_LENGTH_STORAGE
        );
    }

    /**
     * @notice Caches the data for all withdrawable arks in the specified storage slots
     * @param _withdrawableArksData The array of ArkData structs containing the ark addresses and their total assets
     */
    function _cacheWithdrawableArksTotalAssetsArray(
        ArkData[] memory _withdrawableArksData
    ) internal {
        _cacheArks(
            _withdrawableArksData,
            StorageSlots.WITHDRAWABLE_ARKS_TOTAL_ASSETS_ARRAY_STORAGE,
            StorageSlots.WITHDRAWABLE_ARKS_ADDRESS_ARRAY_STORAGE,
            StorageSlots.WITHDRAWABLE_ARKS_LENGTH_STORAGE
        );
    }

    /**
     * @dev Retrieves and processes data for withdrawable arks
     * @param bufferArk The buffer ark instance
     * @custom:internal-logic
     * - Fetches data for all arks using _getArksData
     * - Filters arks based on withdrawability
     * - Accumulates total assets of withdrawable arks
     * - Resizes the array to remove empty slots
     * - Sorts the withdrawable arks by total assets
     * - Caches the processed data
     * - checks if the arks are cached, if yes skips the rest of the function
     * - cache check is important for nested calls e.g. withdraw (withdrawFromArks)
     * @custom:effects
     * - Modifies storage by caching withdrawable arks data
     * - Updates the total assets of withdrawable arks in storage
     * @custom:security-considerations
     * - Assumes the withdrawableTotalAssets function is correctly implemented by Ark contracts
     * - Uses assembly for array resizing, which bypasses Solidity's safety checks
     * - Relies on the correctness of _getArksData, _cacheWithdrawableArksTotalAssets,
     *   _sortArkDataByTotalAssets, and _cacheWithdrawableArksTotalAssetsArray functions
     */
    function _getWithdrawableArksData(IArk bufferArk) internal {
        if (
            StorageSlots
                .IS_WITHDRAWABLE_ARKS_TOTAL_ASSETS_CACHED_STORAGE
                .asBoolean()
                .tload()
        ) {
            return;
        }
        ArkData[] memory _arksData = _getArksData(bufferArk);
        // Initialize data for withdrawable arks
        ArkData[] memory _withdrawableArksData = new ArkData[](
            _arksData.length
        );
        uint256 withdrawableTotalAssets = 0;
        uint256 withdrawableCount = 0;

        // Populate data for withdrawable arks
        for (uint256 i = 0; i < _arksData.length; i++) {
            uint256 withdrawableAssets = IArk(_arksData[i].arkAddress)
                .withdrawableTotalAssets();
            if (withdrawableAssets > 0) {
                // overwrite the ArkData struct with the withdrawable assets
                _withdrawableArksData[withdrawableCount] = ArkData(
                    _arksData[i].arkAddress,
                    withdrawableAssets
                );

                withdrawableTotalAssets += withdrawableAssets;
                withdrawableCount++;
            }
        }

        // Resize _withdrawableArksData array to remove empty slots
        assembly {
            mstore(_withdrawableArksData, withdrawableCount)
        }
        _cacheWithdrawableArksTotalAssets(withdrawableTotalAssets);
        _sortArkDataByTotalAssets(_withdrawableArksData);
        _cacheWithdrawableArksTotalAssetsArray(_withdrawableArksData);
    }

    /**
     * @notice Caches the total assets for all arks in the specified storage slot
     * @param totalAssets The total assets to cache
     */
    function _cacheAllArksTotalAssets(uint256 totalAssets) internal {
        StorageSlots.TOTAL_ASSETS_STORAGE.asUint256().tstore(totalAssets);
        StorageSlots.IS_TOTAL_ASSETS_CACHED_STORAGE.asBoolean().tstore(true);
    }

    /**
     * @notice Caches the total assets for all withdrawable arks in the specified storage slot
     * @param withdrawableTotalAssets The total assets to cache
     */
    function _cacheWithdrawableArksTotalAssets(
        uint256 withdrawableTotalAssets
    ) internal {
        StorageSlots.WITHDRAWABLE_ARKS_TOTAL_ASSETS_STORAGE.asUint256().tstore(
            withdrawableTotalAssets
        );
        StorageSlots
            .IS_WITHDRAWABLE_ARKS_TOTAL_ASSETS_CACHED_STORAGE
            .asBoolean()
            .tstore(true);
    }

    /**
     * @dev Sorts the ArkData structs based on their total assets in ascending order
     * @param arkDataArray An array of ArkData structs to be sorted
     * @custom:internal-logic
     * - Implements a simple bubble sort algorithm
     * - Compares adjacent elements and swaps them if they are in the wrong order
     * - Continues until no more swaps are needed
     * @custom:effects
     * - Modifies the input array in-place, sorting it by totalAssets
     * @custom:security-considerations
     * - Time complexity is O(n^2), which may be inefficient for large arrays
     * - Assumes that the totalAssets values fit within uint256 and won't overflow during comparisons
     */
    function _sortArkDataByTotalAssets(
        ArkData[] memory arkDataArray
    ) internal pure {
        for (uint256 i = 0; i < arkDataArray.length; i++) {
            for (uint256 j = i + 1; j < arkDataArray.length; j++) {
                if (arkDataArray[i].totalAssets > arkDataArray[j].totalAssets) {
                    (arkDataArray[i], arkDataArray[j]) = (
                        arkDataArray[j],
                        arkDataArray[i]
                    );
                }
            }
        }
    }

    /**
     * @notice Returns an array of addresses for all currently active Arks in the fleet
     * @dev This is an abstract internal function that must be implemented by the FleetCommander contract
     *      It serves as a critical component in the caching system for efficient ark management
     *
     * @return address[] An array containing the addresses of all active Arks
     *
     * @custom:purpose
     * - Provides the foundation for the caching system by identifying which Arks are currently active
     * - Used by _getArksData and _getWithdrawableArksData to populate cache data
     * - Essential for operations that need to iterate over or manage all active Arks
     * - Defined as virtual to be overridden by the FleetCommander contract and avoid calling it before it's required
     *
     * @custom:implementation-notes
     * - Must be implemented by the inheriting FleetCommander contract
     * - Should return a fresh array of addresses each time it's called
     * - Buffer Ark should NOT be included in this list (it's handled separately)
     * - Only truly active and operational Arks should be included
     *
     * @custom:related-functions
     * - _getArksData: Uses this function to get data for all active Arks
     * - _getWithdrawableArksData: Uses this function to identify withdrawable Arks
     * - _getAllArks: Combines these addresses with the buffer Ark
     */
    function _getActiveArksAddresses()
        internal
        view
        virtual
        returns (address[] memory)
    {}
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArk} from "../interfaces/IArk.sol";
import {FleetCommanderParams} from "../types/FleetCommanderTypes.sol";
import {FleetCommanderPausable} from "./FleetCommanderPausable.sol";

import {IFleetCommanderConfigProvider} from "../interfaces/IFleetCommanderConfigProvider.sol";

import {IFleetCommanderRewardsManagerFactory} from "../interfaces/IFleetCommanderRewardsManagerFactory.sol";
import {FleetConfig} from "../types/FleetCommanderTypes.sol";
import {ConfigurationManaged} from "./ConfigurationManaged.sol";
import {FleetCommanderRewardsManager} from "./FleetCommanderRewardsManager.sol";
import {ArkParams, BufferArk} from "./arks/BufferArk.sol";

import {IERC4626} from "@openzeppelin/contracts/interfaces/IERC4626.sol";
import {EnumerableSet} from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
import {ProtocolAccessManaged} from "@summerfi/access-contracts/contracts/ProtocolAccessManaged.sol";
import {ContractSpecificRoles, IProtocolAccessManager} from "@summerfi/access-contracts/interfaces/IProtocolAccessManager.sol";
import {Constants} from "@summerfi/constants/Constants.sol";
import {PERCENTAGE_100, Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";

/**
 * @title FleetCommanderConfigProvider
 * @author SummerFi
 * @notice This contract provides configuration management for the FleetCommander
 * @custom:see IFleetCommanderConfigProvider
 */
contract FleetCommanderConfigProvider is
    ProtocolAccessManaged,
    FleetCommanderPausable,
    ConfigurationManaged,
    IFleetCommanderConfigProvider
{
    using EnumerableSet for EnumerableSet.AddressSet;

    FleetConfig public config;
    string public details;
    EnumerableSet.AddressSet private _activeArks;

    uint256 public constant MAX_REBALANCE_OPERATIONS = 50;
    uint256 public constant INITIAL_MINIMUM_PAUSE_TIME = 2 days;

    bool public transfersEnabled;

    constructor(
        FleetCommanderParams memory params
    )
        ProtocolAccessManaged(params.accessManager)
        FleetCommanderPausable(INITIAL_MINIMUM_PAUSE_TIME)
        ConfigurationManaged(params.configurationManager)
    {
        BufferArk _bufferArk = new BufferArk(
            ArkParams({
                name: "BufferArk",
                details: "BufferArk details",
                accessManager: address(params.accessManager),
                asset: params.asset,
                configurationManager: address(params.configurationManager),
                depositCap: Constants.MAX_UINT256,
                maxRebalanceOutflow: Constants.MAX_UINT256,
                maxRebalanceInflow: Constants.MAX_UINT256,
                requiresKeeperData: false,
                maxDepositPercentageOfTVL: PERCENTAGE_100
            }),
            address(this)
        );
        emit ArkAdded(address(_bufferArk));
        config = FleetConfig({
            bufferArk: IArk(address(_bufferArk)),
            minimumBufferBalance: params.initialMinimumBufferBalance,
            depositCap: params.depositCap,
            maxRebalanceOperations: MAX_REBALANCE_OPERATIONS,
            stakingRewardsManager: IFleetCommanderRewardsManagerFactory(
                fleetCommanderRewardsManagerFactory()
            ).createRewardsManager(address(_accessManager), address(this))
        });
        details = params.details;
    }

    /**
     * @dev Modifier to restrict function access to only active Arks (excluding the buffer ark)
     * @param arkAddress The address of the Ark to check
     * @custom:internal-logic
     * - Checks if the provided arkAddress is in the _activeArks set
     * - If not found, reverts with FleetCommanderArkNotFound error
     * - If the arkAddress is the buffer ark, it will revert, due to the buffer ark being a special case
     * @custom:effects
     * - No direct state changes, but may revert the transaction
     * @custom:security-considerations
     * - Ensures that only active Arks can perform certain operations
     * - Prevents unauthorized access from inactive or non-existent Arks
     * - Critical for maintaining the integrity and security of Ark-specific operations
     */
    modifier onlyActiveArk(address arkAddress) {
        if (!_activeArks.contains(arkAddress)) {
            revert FleetCommanderArkNotFound(arkAddress);
        }
        _;
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function isArkActiveOrBufferArk(
        address arkAddress
    ) public view returns (bool) {
        return
            _activeArks.contains(arkAddress) ||
            arkAddress == address(config.bufferArk);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function arks(uint256 index) public view returns (address) {
        return _activeArks.at(index);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function getActiveArks() public view returns (address[] memory) {
        return _activeArks.values();
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function getConfig() external view override returns (FleetConfig memory) {
        return config;
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function bufferArk() external view returns (address) {
        return address(config.bufferArk);
    }

    // ARK MANAGEMENT

    ///@inheritdoc IFleetCommanderConfigProvider
    function addArk(address ark) external onlyGovernor whenNotPaused {
        _addArk(ark);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function removeArk(address ark) external onlyGovernor whenNotPaused {
        _removeArk(ark);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setArkDepositCap(
        address ark,
        uint256 newDepositCap
    ) external onlyCurator(address(this)) onlyActiveArk(ark) whenNotPaused {
        IArk(ark).setDepositCap(newDepositCap);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setArkMaxDepositPercentageOfTVL(
        address ark,
        Percentage newMaxDepositPercentageOfTVL
    ) external onlyCurator(address(this)) onlyActiveArk(ark) whenNotPaused {
        IArk(ark).setMaxDepositPercentageOfTVL(newMaxDepositPercentageOfTVL);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setArkMaxRebalanceOutflow(
        address ark,
        uint256 newMaxRebalanceOutflow
    ) external onlyCurator(address(this)) onlyActiveArk(ark) whenNotPaused {
        IArk(ark).setMaxRebalanceOutflow(newMaxRebalanceOutflow);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setArkMaxRebalanceInflow(
        address ark,
        uint256 newMaxRebalanceInflow
    ) external onlyCurator(address(this)) onlyActiveArk(ark) whenNotPaused {
        IArk(ark).setMaxRebalanceInflow(newMaxRebalanceInflow);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setMinimumBufferBalance(
        uint256 newMinimumBalance
    ) external onlyCurator(address(this)) whenNotPaused {
        config.minimumBufferBalance = newMinimumBalance;
        emit FleetCommanderminimumBufferBalanceUpdated(newMinimumBalance);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setFleetDepositCap(
        uint256 newCap
    ) external onlyCurator(address(this)) whenNotPaused {
        config.depositCap = newCap;
        emit FleetCommanderDepositCapUpdated(newCap);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function updateStakingRewardsManager()
        external
        onlyCurator(address(this))
        whenNotPaused
    {
        config.stakingRewardsManager = IFleetCommanderRewardsManagerFactory(
            fleetCommanderRewardsManagerFactory()
        ).createRewardsManager(address(_accessManager), address(this));
        emit FleetCommanderStakingRewardsUpdated(config.stakingRewardsManager);
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setMaxRebalanceOperations(
        uint256 newMaxRebalanceOperations
    ) external onlyCurator(address(this)) whenNotPaused {
        if (newMaxRebalanceOperations > MAX_REBALANCE_OPERATIONS) {
            revert FleetCommanderMaxRebalanceOperationsTooHigh(
                newMaxRebalanceOperations
            );
        }
        config.maxRebalanceOperations = newMaxRebalanceOperations;
        emit FleetCommanderMaxRebalanceOperationsUpdated(
            newMaxRebalanceOperations
        );
    }

    ///@inheritdoc IFleetCommanderConfigProvider
    function setFleetTokenTransferability()
        external
        onlyGovernor
        whenNotPaused
    {
        if (!transfersEnabled) {
            transfersEnabled = true;
            emit TransfersEnabled();
        }
    }

    // INTERNAL FUNCTIONS
    /**
     * @dev Internal function to add a new Ark to the fleet
     * @param ark The address of the Ark to be added
     * @custom:internal-logic
     * - Checks if the ark address is valid (not zero)
     * - Verifies the ark is not already active
     * - Sets the ark as active and determines its withdrawability
     * - Checks if the ark already has a commander
     * - Registers this contract as the ark's FleetCommander
     * - Adds the ark to the list of active arks
     * @custom:effects
     * - Modifies isArkActiveOrBufferArk mapping
     * - Updates the arks array
     * - Emits an ArkAdded event
     * @custom:security-considerations
     * - Ensures no duplicate arks are added
     * - Prevents adding arks that already have a commander
     * - Only callable internally, typically by privileged roles
     */
    function _addArk(address ark) internal {
        if (ark == address(0)) {
            revert FleetCommanderInvalidArkAddress();
        }
        if (isArkActiveOrBufferArk(ark)) {
            revert FleetCommanderArkAlreadyExists(ark);
        }
        if (address(IArk(ark).asset()) != IERC4626(address(this)).asset()) {
            revert FleetCommanderAssetMismatch();
        }
        IArk(ark).registerFleetCommander();
        _activeArks.add(ark);
        emit ArkAdded(ark);
    }

    /**
     * @dev Internal function to remove an Ark from the fleet
     * @param ark The address of the Ark to be removed
     * @custom:internal-logic
     * - Checks if the ark is currently active
     * - Locates and removes the ark from the active arks list
     * - Validates that the ark can be safely removed
     * - Marks the ark as inactive
     * - Unregisters this contract as the ark's FleetCommander
     * - Revokes the COMMANDER_ROLE for this contract on the ark
     * @custom:effects
     * - Modifies the isArkActiveOrBufferArk mapping
     * - Updates the arks array
     * - Changes the ark's FleetCommander status
     * - Revokes a role in the access manager
     * - Emits an ArkRemoved event
     * @custom:security-considerations
     * - Ensures only active arks can be removed
     * - Validates ark state before removal to prevent inconsistencies
     * - Only callable internally, typically by privileged roles
     */
    function _removeArk(address ark) internal onlyActiveArk(ark) {
        _validateArkRemoval(ark);
        _activeArks.remove(ark);

        IArk(ark).unregisterFleetCommander();
        _accessManager.selfRevokeContractSpecificRole(
            ContractSpecificRoles.COMMANDER_ROLE,
            address(ark)
        );
        emit ArkRemoved(ark);
    }

    /**
     * @dev Internal function to validate if an Ark can be safely removed
     * @param ark The address of the Ark to be validated for removal
     * @custom:internal-logic
     * - Checks if the ark's deposit cap is zero
     * - Verifies that the ark holds no assets
     * @custom:effects
     * - No direct state changes, but may revert the transaction
     * @custom:security-considerations
     * - Prevents removal of arks with non-zero deposit caps or assets
     * - Ensures arks are in a safe state before removal
     * - Critical for maintaining the integrity of the fleet
     */
    function _validateArkRemoval(address ark) internal view {
        IArk _ark = IArk(ark);
        if (_ark.depositCap() > 0) {
            revert FleetCommanderArkDepositCapGreaterThanZero(ark);
        }
        if (_ark.totalAssets() != 0) {
            revert FleetCommanderArkAssetsNotZero(ark);
        }
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {Pausable} from "@openzeppelin/contracts/utils/Pausable.sol";

/// @title FleetCommanderPausable
/// @notice An abstract contract that extends OpenZeppelin's Pausable with a minimum pause time functionality
/// @dev This contract should be inherited by other contracts that require a minimum pause duration
abstract contract FleetCommanderPausable is Pausable {
    /// @notice The minimum duration that the contract must remain paused
    uint256 public minimumPauseTime;

    /// @notice The timestamp when the contract was last paused
    uint256 public pauseStartTime;

    /// @notice The minimum duration that the contract must remain paused
    uint256 constant MINIMUM_PAUSE_TIME_SECONDS = 2 days;

    /// @notice Emitted when the minimum pause time is updated
    /// @param newMinimumPauseTime The new minimum pause time value
    event MinimumPauseTimeUpdated(uint256 newMinimumPauseTime);

    /// @notice Error thrown when trying to unpause before the minimum pause time has elapsed
    error FleetCommanderPausableMinimumPauseTimeNotElapsed();

    /// @notice Error thrown when trying to set a minimum pause time that is too short
    error FleetCommanderPausableMinimumPauseTimeTooShort();

    /**
     * @notice Initializes the FleetCommanderPausable contract with a specified minimum pause time
     * @param _initialMinimumPauseTime The initial minimum pause time in seconds
     */
    constructor(uint256 _initialMinimumPauseTime) {
        if (_initialMinimumPauseTime < MINIMUM_PAUSE_TIME_SECONDS) {
            revert FleetCommanderPausableMinimumPauseTimeTooShort();
        }
        minimumPauseTime = _initialMinimumPauseTime;
        emit MinimumPauseTimeUpdated(_initialMinimumPauseTime);
    }

    /**
     * @notice Internal function to pause the contract
     * @dev Overrides the _pause function from OpenZeppelin's Pausable
     */
    function _pause() internal override {
        super._pause();
        pauseStartTime = block.timestamp;
    }

    /**
     * @notice Internal function to unpause the contract
     * @dev Overrides the _unpause function from OpenZeppelin's Pausable
     * @dev Reverts if the minimum pause time has not elapsed
     */
    function _unpause() internal override {
        if (block.timestamp < pauseStartTime + minimumPauseTime) {
            revert FleetCommanderPausableMinimumPauseTimeNotElapsed();
        }
        super._unpause();
    }

    /**
     * @notice Internal function to set a new minimum pause time
     * @param _newMinimumPauseTime The new minimum pause time in seconds
     * @dev Emits a MinimumPauseTimeUpdated event
     */
    function _setMinimumPauseTime(uint256 _newMinimumPauseTime) internal {
        if (_newMinimumPauseTime < MINIMUM_PAUSE_TIME_SECONDS) {
            revert FleetCommanderPausableMinimumPauseTimeTooShort();
        }
        minimumPauseTime = _newMinimumPauseTime;
        emit MinimumPauseTimeUpdated(_newMinimumPauseTime);
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IFleetCommander} from "../interfaces/IFleetCommander.sol";
import {IFleetCommanderRewardsManager} from "../interfaces/IFleetCommanderRewardsManager.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {StakingRewardsManagerBase, EnumerableSet} from "@summerfi/rewards-contracts/contracts/StakingRewardsManagerBase.sol";
import {IStakingRewardsManagerBase} from "@summerfi/rewards-contracts/interfaces/IStakingRewardsManagerBase.sol";
/**
 * @title FleetCommanderRewardsManager
 * @notice Contract for managing staking rewards specific to the Fleet system
 * @dev Extends StakingRewardsManagerBase with Fleet-specific functionality
 */

contract FleetCommanderRewardsManager is
    IFleetCommanderRewardsManager,
    StakingRewardsManagerBase
{
    using EnumerableSet for EnumerableSet.AddressSet;
    address public immutable fleetCommander;

    /**
     * @notice Initializes the FleetStakingRewardsManager contract
     * @param _accessManager Address of the AccessManager contract
     * @param _fleetCommander Address of the FleetCommander contract
     */
    constructor(
        address _accessManager,
        address _fleetCommander
    ) StakingRewardsManagerBase(_accessManager) {
        fleetCommander = _fleetCommander;
        stakingToken = fleetCommander;
    }

    /// @inheritdoc IStakingRewardsManagerBase
    function stakeOnBehalfOf(
        address receiver,
        uint256 amount
    ) external override updateReward(receiver) {
        _stake(_msgSender(), receiver, amount);
    }

    /// @inheritdoc IStakingRewardsManagerBase
    function notifyRewardAmount(
        address rewardToken,
        uint256 reward,
        uint256 newRewardsDuration
    )
        external
        override(StakingRewardsManagerBase, IStakingRewardsManagerBase)
        onlyGovernor
        updateReward(address(0))
    {
        if (address(rewardToken) == address(stakingToken)) {
            revert CantAddStakingTokenAsReward();
        }
        _notifyRewardAmount(rewardToken, reward, newRewardsDuration);
    }

    function unstakeAndWithdrawOnBehalfOf(
        address owner,
        uint256 amount,
        bool claimRewards
    ) external override updateReward(owner) {
        // Check if the caller is the same as the 'owner' address or has the required role
        if (_msgSender() != owner && !hasAdmiralsQuartersRole(_msgSender())) {
            revert CallerNotAdmiralsQuarters();
        }

        _unstake(owner, address(this), amount);
        IFleetCommander(fleetCommander).redeem(amount, owner, address(this));

        if (claimRewards) {
            uint256 rewardTokenCount = _rewardTokensList.length();
            for (uint256 i = 0; i < rewardTokenCount; i++) {
                address rewardTokenAddress = _rewardTokensList.at(i);
                _getReward(owner, rewardTokenAddress);
            }
        }
    }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArk} from "../interfaces/IArk.sol";

import {IFleetCommanderRewardsManager} from "../interfaces/IFleetCommanderRewardsManager.sol";
import {Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";

/**
 * @notice Configuration parameters for the FleetCommander contract
 */
struct FleetCommanderParams {
    string name;
    string details;
    string symbol;
    address configurationManager;
    address accessManager;
    address asset;
    uint256 initialMinimumBufferBalance;
    uint256 initialRebalanceCooldown;
    uint256 depositCap;
    Percentage initialTipRate;
}

/**
 * @title FleetConfig
 * @notice Configuration parameters for the FleetCommander contract
 * @dev This struct encapsulates the mutable configuration settings of a FleetCommander.
 *      These parameters can be updated during the contract's lifecycle to adjust its behavior.
 */
struct FleetConfig {
    /**
     * @notice The buffer Ark associated with this FleetCommander
     * @dev This Ark is used as a temporary holding area for funds before they are allocated
     *      to other Arks or when they need to be quickly accessed for withdrawals.
     */
    IArk bufferArk;
    /**
     * @notice The minimum balance that should be maintained in the buffer Ark
     * @dev This value is used to ensure there's always a certain amount of funds readily
     *      available for withdrawals or rebalancing operations. It's denominated in the
     *      smallest unit of the underlying asset (e.g., wei for ETH).
     */
    uint256 minimumBufferBalance;
    /**
     * @notice The maximum total value of assets that can be deposited into the FleetCommander
     * @dev This cap helps manage the total assets under management and can be used to
     *      implement controlled growth strategies. It's denominated in the smallest unit
     *      of the underlying asset.
     */
    uint256 depositCap;
    /**
     * @notice The maximum number of rebalance operations in a single rebalance
     */
    uint256 maxRebalanceOperations;
    /**
     * @notice The address of the staking rewards contract
     */
    address stakingRewardsManager;
}

/**
 * @notice Data structure for the rebalance event
 * @param fromArk The address of the Ark from which assets are moved
 * @param toArk The address of the Ark to which assets are moved
 * @param amount The amount of assets being moved
 * @param boardData The data to be passed to the `board` function of the `toArk`
 * @param disembarkData The data to be passed to the `disembark` function of the `fromArk`
 * @dev if the `boardData` or `disembarkData` is not needed, it should be an empty byte array
 */
struct RebalanceData {
    address fromArk;
    address toArk;
    uint256 amount;
    bytes boardData;
    bytes disembarkData;
}

/**
 * @title ArkData
 * @dev Struct to store information about an Ark.
 * This struct holds the address of the Ark and the total assets it holds.
 * @dev used in the caching mechanism for the FleetCommander
 */
struct ArkData {
    /// @notice The address of the Ark.
    address arkAddress;
    /// @notice The total assets held by the Ark.
    uint256 totalAssets;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (access/IAccessControl.sol)

pragma solidity ^0.8.20;

/**
 * @dev External interface of AccessControl declared to support ERC-165 detection.
 */
interface IAccessControl {
    /**
     * @dev The `account` is missing a role.
     */
    error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);

    /**
     * @dev The caller of a function is not the expected one.
     *
     * NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
     */
    error AccessControlBadConfirmation();

    /**
     * @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
     *
     * `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
     * {RoleAdminChanged} not being emitted signaling this.
     */
    event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);

    /**
     * @dev Emitted when `account` is granted `role`.
     *
     * `sender` is the account that originated the contract call. This account bears the admin role (for the granted role).
     * Expected in cases where the role was granted using the internal {AccessControl-_grantRole}.
     */
    event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);

    /**
     * @dev Emitted when `account` is revoked `role`.
     *
     * `sender` is the account that originated the contract call:
     *   - if using `revokeRole`, it is the admin role bearer
     *   - if using `renounceRole`, it is the role bearer (i.e. `account`)
     */
    event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);

    /**
     * @dev Returns `true` if `account` has been granted `role`.
     */
    function hasRole(bytes32 role, address account) external view returns (bool);

    /**
     * @dev Returns the admin role that controls `role`. See {grantRole} and
     * {revokeRole}.
     *
     * To change a role's admin, use {AccessControl-_setRoleAdmin}.
     */
    function getRoleAdmin(bytes32 role) external view returns (bytes32);

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     */
    function grantRole(bytes32 role, address account) external;

    /**
     * @dev Revokes `role` from `account`.
     *
     * If `account` had been granted `role`, emits a {RoleRevoked} event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     */
    function revokeRole(bytes32 role, address account) external;

    /**
     * @dev Revokes `role` from the calling account.
     *
     * Roles are often managed via {grantRole} and {revokeRole}: this function's
     * purpose is to provide a mechanism for accounts to lose their privileges
     * if they are compromised (such as when a trusted device is misplaced).
     *
     * If the calling account had been granted `role`, emits a {RoleRevoked}
     * event.
     *
     * Requirements:
     *
     * - the caller must be `callerConfirmation`.
     */
    function renounceRole(bytes32 role, address callerConfirmation) external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IAccessControlErrors
 * @dev This file contains custom error definitions for access control in the system.
 * @notice These custom errors provide more gas-efficient and informative error handling
 * compared to traditional require statements with string messages.
 */
interface IAccessControlErrors {
    /**
     * @notice Thrown when a caller does not have the required role.
     */
    error CallerIsNotContractSpecificRole(address caller, bytes32 role);

    /**
     * @notice Thrown when a caller is not the curator.
     */
    error CallerIsNotCurator(address caller);

    /**
     * @notice Thrown when a caller is not the governor.
     */
    error CallerIsNotGovernor(address caller);

    /**
     * @notice Thrown when a caller is not a keeper.
     */
    error CallerIsNotKeeper(address caller);

    /**
     * @notice Thrown when a caller is not a super keeper.
     */
    error CallerIsNotSuperKeeper(address caller);

    /**
     * @notice Thrown when a caller is not the commander.
     */
    error CallerIsNotCommander(address caller);

    /**
     * @notice Thrown when a caller is neither the Raft nor the commander.
     */
    error CallerIsNotRaftOrCommander(address caller);

    /**
     * @notice Thrown when a caller is not the Raft.
     */
    error CallerIsNotRaft(address caller);

    /**
     * @notice Thrown when a caller is not an admin.
     */
    error CallerIsNotAdmin(address caller);

    /**
     * @notice Thrown when a caller is not the guardian.
     */
    error CallerIsNotGuardian(address caller);

    /**
     * @notice Thrown when a caller is not the guardian or governor.
     */
    error CallerIsNotGuardianOrGovernor(address caller);

    /**
     * @notice Thrown when a caller is not the decay controller.
     */
    error CallerIsNotDecayController(address caller);

    /**
     * @notice Thrown when a caller is not authorized to board.
     */
    error CallerIsNotAuthorizedToBoard(address caller);

    /**
     * @notice Thrown when direct grant is disabled.
     */
    error DirectGrantIsDisabled(address caller);

    /**
     * @notice Thrown when direct revoke is disabled.
     */
    error DirectRevokeIsDisabled(address caller);

    /**
     * @notice Thrown when an invalid access manager address is provided.
     */
    error InvalidAccessManagerAddress(address invalidAddress);

    /**
     * @notice Error thrown when a caller is not the Foundation
     * @param caller The address that attempted the operation
     */
    error CallerIsNotFoundation(address caller);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArkErrors} from "../errors/IArkErrors.sol";

import {IArkEvents} from "../events/IArkEvents.sol";
import {IArkAccessManaged} from "./IArkAccessManaged.sol";
import {IArkConfigProvider} from "./IArkConfigProvider.sol";

/**
 * @title IArk
 * @notice Interface for the Ark contract, which manages funds and interacts with Rafts
 * @dev Inherits from IArkAccessManaged for access control and IArkEvents for event definitions
 */
interface IArk is
    IArkAccessManaged,
    IArkEvents,
    IArkErrors,
    IArkConfigProvider
{
    /**
     * @notice Returns the current underlying balance of the Ark
     * @return The total assets in the Ark, in token precision
     */
    function totalAssets() external view returns (uint256);

    /**
     * @notice Triggers a harvest operation to collect rewards
     * @param additionalData Optional bytes that might be required by a specific protocol to harvest
     * @return rewardTokens The reward token addresses
     * @return rewardAmounts The reward amounts
     */
    function harvest(
        bytes calldata additionalData
    )
        external
        returns (address[] memory rewardTokens, uint256[] memory rewardAmounts);

    /**
     * @notice Sweeps tokens from the Ark
     * @param tokens The tokens to sweep
     * @return sweptTokens The swept tokens
     * @return sweptAmounts The swept amounts
     */
    function sweep(
        address[] calldata tokens
    )
        external
        returns (address[] memory sweptTokens, uint256[] memory sweptAmounts);

    /**
     * @notice Deposits (boards) tokens into the Ark
     * @dev This function is called by the Fleet Commander to deposit assets into the Ark.
     *      It transfers tokens from the caller to this contract and then calls the internal _board function.
     * @param amount The amount of assets to board
     * @param boardData Additional data required for boarding, specific to the Ark implementation
     * @custom:security-note This function is only callable by authorized entities
     */
    function board(uint256 amount, bytes calldata boardData) external;

    /**
     * @notice Withdraws (disembarks) tokens from the Ark
     * @param amount The amount of tokens to withdraw
     * @param disembarkData Additional data that might be required by a specific protocol to withdraw funds
     */
    function disembark(uint256 amount, bytes calldata disembarkData) external;

    /**
     * @notice Moves tokens from one ark to another
     * @param amount The amount of tokens to move
     * @param receiver The address of the Ark the funds will be boarded to
     * @param boardData Additional data that might be required by a specific protocol to board funds
     * @param disembarkData Additional data that might be required by a specific protocol to disembark funds
     */
    function move(
        uint256 amount,
        address receiver,
        bytes calldata boardData,
        bytes calldata disembarkData
    ) external;

    /**
     * @notice Internal function to get the total assets that are withdrawable
     * @return uint256 The total assets that are withdrawable
     * @dev _withdrawableTotalAssets is an internal function that should be implemented by derived contracts to define
     * specific withdrawability logic
     * @dev the ark is withdrawable if it doesnt require keeper data and _isWithdrawable returns true
     */
    function withdrawableTotalAssets() external view returns (uint256);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IArkAccessManaged
 * @notice Extends the ProtocolAccessManaged contract with Ark specific AccessControl
 *         Used to specifically tie one FleetCommander to each Ark
 *
 * @dev One Ark specific role is defined:
 *   - Commander: is the fleet commander contract itself and couples an
 *        Ark to specific Fleet Commander
 *
 *   The Commander role is still declared on the access manager to centralise
 *   role definitions.
 */
interface IArkAccessManaged {}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IArkConfigProviderErrors} from "../errors/IArkConfigProviderErrors.sol";
import {IArkAccessManaged} from "./IArkAccessManaged.sol";

import {IArkConfigProviderEvents} from "../events/IArkConfigProviderEvents.sol";
import {ArkConfig} from "../types/ArkTypes.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";

/**
 * @title IArkConfigProvider
 * @notice Interface for configuration of Ark contracts
 * @dev Inherits from IArkAccessManaged for access control and IArkConfigProviderEvents for event definitions
 */
interface IArkConfigProvider is
    IArkAccessManaged,
    IArkConfigProviderErrors,
    IArkConfigProviderEvents
{
    /**
     * @notice Retrieves the current fleet config
     */
    function getConfig() external view returns (ArkConfig memory);

    /**
     * @dev Returns the name of the Ark.
     * @return The name of the Ark as a string.
     */
    function name() external view returns (string memory);

    /**
     * @notice Returns the details of the Ark
     * @return The details of the Ark as a string
     */
    function details() external view returns (string memory);

    /**
     * @notice Returns the deposit cap for this Ark
     * @return The maximum amount of tokens that can be deposited into the Ark
     */
    function depositCap() external view returns (uint256);

    /**
     * @notice Returns the maximum percentage of TVL that can be deposited into the Ark
     * @return The maximum percentage of TVL that can be deposited into the Ark
     */
    function maxDepositPercentageOfTVL() external view returns (Percentage);

    /**
     * @notice Returns the maximum amount that can be moved to this Ark in one rebalance
     * @return maximum amount that can be moved to this Ark in one rebalance
     */
    function maxRebalanceInflow() external view returns (uint256);

    /**
     * @notice Returns the maximum amount that can be moved from this Ark in one rebalance
     * @return maximum amount that can be moved from this Ark in one rebalance
     */
    function maxRebalanceOutflow() external view returns (uint256);

    /**
     * @notice Returns whether the Ark requires keeper data to board/disembark
     * @return true if the Ark requires keeper data, false otherwise
     */
    function requiresKeeperData() external view returns (bool);

    /**
     * @notice Returns the ERC20 token managed by this Ark
     * @return The IERC20 interface of the managed token
     */
    function asset() external view returns (IERC20);

    /**
     * @notice Returns the address of the Fleet commander managing the ark
     * @return address Address of Fleet commander managing the ark if a Commander is assigned, address(0) otherwise
     */
    function commander() external view returns (address);

    /**
     * @notice Sets a new maximum allocation for the Ark
     * @param newDepositCap The new maximum allocation amount
     */
    function setDepositCap(uint256 newDepositCap) external;

    /**
     * @notice Sets a new maximum deposit percentage of TVL for the Ark
     * @param newMaxDepositPercentageOfTVL The new maximum deposit percentage of TVL
     */
    function setMaxDepositPercentageOfTVL(
        Percentage newMaxDepositPercentageOfTVL
    ) external;

    /**
     * @notice Sets a new maximum amount that can be moved from the Ark in one rebalance
     * @param newMaxRebalanceOutflow The new maximum amount that can be moved from the Ark
     */
    function setMaxRebalanceOutflow(uint256 newMaxRebalanceOutflow) external;

    /**
     * @notice Sets a new maximum amount that can be moved to the Ark in one rebalance
     * @param newMaxRebalanceInflow The new maximum amount that can be moved to the Ark
     */
    function setMaxRebalanceInflow(uint256 newMaxRebalanceInflow) external;

    /**
     * @notice Registers the Fleet commander for the Ark
     * @dev This function is used to register the Fleet commander for the Ark
     * it's called by the FleetCommander when ark is added to the fleet
     */
    function registerFleetCommander() external;

    /**
     * @notice Unregisters the Fleet commander for the Ark
     * @dev This function is used to unregister the Fleet commander for the Ark
     * it's called by the FleetCommander when ark is removed from the fleet
     * all balance checks are done within the FleetCommander
     */
    function unregisterFleetCommander() external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IArkConfigProviderErrors
 * @dev This file contains custom error definitions for the ArkConfigProvider contract.
 * @notice These custom errors provide more gas-efficient and informative error handling
 * compared to traditional require statements with string messages.
 */
interface IArkConfigProviderErrors {
    /**
     * @notice Thrown when attempting to deploy an Ark without specifying a configuration manager.
     */
    error CannotDeployArkWithoutConfigurationManager();

    /**
     * @notice Thrown when attempting to deploy an Ark without specifying a Raft address.
     */
    error CannotDeployArkWithoutRaft();

    /**
     * @notice Thrown when attempting to deploy an Ark without specifying a token address.
     */
    error CannotDeployArkWithoutToken();

    /**
     * @notice Thrown when attempting to deploy an Ark with an empty name.
     */
    error CannotDeployArkWithEmptyName();

    /**
     * @notice Thrown when an invalid vault address is provided.
     */
    error InvalidVaultAddress();

    /**
     * @notice Thrown when there's a mismatch between expected and actual assets in an ERC4626 operation.
     */
    error ERC4626AssetMismatch();

    /**
     * @notice Thrown when the max deposit percentage of TVL is greater than 100%.
     */
    error MaxDepositPercentageOfTVLTooHigh();

    /**
     * @notice Thrown when attempting to register a FleetCommander when one is already registered.
     */
    error FleetCommanderAlreadyRegistered();

    /**
     * @notice Thrown when attempting to unregister a FleetCommander by a non-registered address.
     */
    error FleetCommanderNotRegistered();
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {Percentage} from "@summerfi/percentage-solidity/contracts/Percentage.sol";

/**
 * @title IArkConfigProviderEvents
 * @notice Interface for events emitted by ArkConfigProvider contracts
 */
interface IArkConfigProviderEvents {
    /**
     * @notice Emitted when the deposit cap of the Ark is updated
     * @param newCap The new deposit cap value
     */
    event DepositCapUpdated(uint256 newCap);

    /**
     * @notice Emitted when the maximum deposit percentage of TVL is updated
     * @param newMaxDepositPercentageOfTVL The new maximum deposit percentage of TVL
     */
    event MaxDepositPercentageOfTVLUpdated(
        Percentage newMaxDepositPercentageOfTVL
    );

    /**
     * @notice Emitted when the Raft address associated with the Ark is updated
     * @param newRaft The address of the new Raft
     */
    event RaftUpdated(address newRaft);

    /**
     * @notice Emitted when the maximum outflow limit for the Ark during rebalancing is updated
     * @param newMaxOutflow The new maximum amount that can be transferred out of the Ark during a rebalance
     */
    event MaxRebalanceOutflowUpdated(uint256 newMaxOutflow);

    /**
     * @notice Emitted when the maximum inflow limit for the Ark during rebalancing is updated
     * @param newMaxInflow The new maximum amount that can be transferred into the Ark during a rebalance
     */
    event MaxRebalanceInflowUpdated(uint256 newMaxInflow);

    /**
     * @notice Emitted when the Fleet Commander is registered
     * @param commander The address of the Fleet Commander
     */
    event FleetCommanderRegistered(address commander);

    /**
     * @notice Emitted when the Fleet Commander is unregistered
     * @param commander The address of the Fleet Commander
     */
    event FleetCommanderUnregistered(address commander);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IArkErrors
 * @dev This file contains custom error definitions for the Ark contract.
 * @notice These custom errors provide more gas-efficient and informative error handling
 * compared to traditional require statements with string messages.
 */
interface IArkErrors {
    /**
     * @notice Thrown when attempting to remove a commander from an Ark that still has assets.
     */
    error CannotRemoveCommanderFromArkWithAssets();

    /**
     * @notice Thrown when trying to add a commander to an Ark that already has one.
     */
    error CannotAddCommanderToArkWithCommander();

    /**
     * @notice Thrown when attempting to use keeper data when it's not required.
     */
    error CannotUseKeeperDataWhenNotRequired();

    /**
     * @notice Thrown when keeper data is required but not provided.
     */
    error KeeperDataRequired();

    /**
     * @notice Thrown when invalid board data is provided.
     */
    error InvalidBoardData();

    /**
     * @notice Thrown when invalid disembark data is provided.
     */
    error InvalidDisembarkData();
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IArkEvents
 * @notice Interface for events emitted by Ark contracts
 */
interface IArkEvents {
    /**
     * @notice Emitted when rewards are harvested from an Ark
     * @param rewardTokens The addresses of the harvested reward tokens
     * @param rewardAmounts The amounts of the harvested reward tokens
     */
    event ArkHarvested(
        address[] indexed rewardTokens,
        uint256[] indexed rewardAmounts
    );

    /**
     * @notice Emitted when tokens are boarded (deposited) into the Ark
     * @param commander The address of the FleetCommander initiating the boarding
     * @param token The address of the token being boarded
     * @param amount The amount of tokens boarded
     */
    event Boarded(address indexed commander, address token, uint256 amount);

    /**
     * @notice Emitted when tokens are disembarked (withdrawn) from the Ark
     * @param commander The address of the FleetCommander initiating the disembarking
     * @param token The address of the token being disembarked
     * @param amount The amount of tokens disembarked
     */
    event Disembarked(address indexed commander, address token, uint256 amount);

    /**
     * @notice Emitted when tokens are moved from one address to another
     * @param from Ark being boarded from
     * @param to Ark being boarded to
     * @param token The address of the token being moved
     * @param amount The amount of tokens moved
     */
    event Moved(
        address indexed from,
        address indexed to,
        address token,
        uint256 amount
    );

    /**
     * @notice Emitted when the Ark is poked and the share price is updated
     * @param currentPrice Current share price of the Ark
     * @param timestamp The timestamp of the poke
     */
    event ArkPoked(uint256 currentPrice, uint256 timestamp);

    /**
     * @notice Emitted when the Ark is swept
     * @param sweptTokens The addresses of the swept tokens
     * @param sweptAmounts The amounts of the swept tokens
     */
    event ArkSwept(
        address[] indexed sweptTokens,
        uint256[] indexed sweptAmounts
    );
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IConfigurationManager} from "./IConfigurationManager.sol";

/**
 * @title IConfigurationManaged
 * @notice Interface for contracts that need to read from the ConfigurationManager
 * @dev This interface defines the standard methods for accessing configuration values
 *      from the ConfigurationManager. It should be implemented by contracts that
 *      need to read these configurations.
 */
interface IConfigurationManaged {
    /**
     * @notice Gets the address of the ConfigurationManager contract
     * @return The address of the ConfigurationManager contract
     */
    function configurationManager()
        external
        view
        returns (IConfigurationManager);

    /**
     * @notice Gets the address of the Raft contract
     * @return The address of the Raft contract
     */
    function raft() external view returns (address);

    /**
     * @notice Gets the address of the TipJar contract
     * @return The address of the TipJar contract
     */
    function tipJar() external view returns (address);

    /**
     * @notice Gets the address of the Treasury contract
     * @return The address of the Treasury contract
     */
    function treasury() external view returns (address);

    /**
     * @notice Gets the address of the HarborCommand contract
     * @return The address of the HarborCommand contract
     */
    function harborCommand() external view returns (address);

    /**
     * @notice Gets the address of the Fleet Commander Rewards Manager Factory contract
     * @return The address of the Fleet Commander Rewards Manager Factory contract
     */
    function fleetCommanderRewardsManagerFactory()
        external
        view
        returns (address);

    error ConfigurationManagerZeroAddress();
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

import {IConfigurationManagerErrors} from "../errors/IConfigurationManagerErrors.sol";
import {IConfigurationManagerEvents} from "../events/IConfigurationManagerEvents.sol";
import {ConfigurationManagerParams} from "../types/ConfigurationManagerTypes.sol";

/**
 * @title IConfigurationManager
 * @notice Interface for the ConfigurationManager contract, which manages system-wide parameters
 * @dev This interface defines the getters and setters for system-wide parameters
 */

interface IConfigurationManager is
    IConfigurationManagerEvents,
    IConfigurationManagerErrors
{
    /**
     * @notice Initialize the configuration with the given parameters
     * @param params The parameters to initialize the configuration with
     * @dev Can only be called by the governor
     */
    function initializeConfiguration(
        ConfigurationManagerParams memory params
    ) external;

    /**
     * @notice Get the address of the Raft contract
     * @return The address of the Raft contract
     * @dev This is where rewards and farmed tokens are sent for processing
     */
    function raft() external view returns (address);

    /**
     * @notice Get the current tip jar address
     * @return The current tip jar address
     * @dev This is the contract that owns tips and is responsible for
     *     dispensing them to claimants
     */
    function tipJar() external view returns (address);

    /**
     * @notice Get the current treasury address
     * @return The current treasury address
     *       @dev This is the contract that owns the treasury and is responsible for
     *      dispensing funds to the protocol's operations
     */
    function treasury() external view returns (address);

    /**
     * @notice Get the address of theHarbor command
     * @return The address of theHarbor command
     * @dev This is the contract that's the registry of all Fleet Commanders
     */
    function harborCommand() external view returns (address);

    /**
     * @notice Get the address of the Fleet Commander Rewards Manager Factory contract
     * @return The address of the Fleet Commander Rewards Manager Factory contract
     */
    function fleetCommanderRewardsManagerFactory()
        external
        view
        returns (address);

    /**
     * @notice Set a new address for the Raft contract
     * @param newRaft The new address for the Raft contract
     * @dev Can only be called by the governor
     */
    function setRaft(address newRaft) external;

    /**
     * @notice Set a new tip ar address
     * @param newTipJar The address of the new tip jar
     * @dev Can only be called by the governor
     */
    function setTipJar(address newTipJar) external;

    /**
     * @notice Set a new treasury address
     * @param newTreasury The address of the new treasury
     * @dev Can only be called by the governor
     */
    function setTreasury(address newTreasury) external;

    /**
     * @notice Set a new harbor command address
     * @param newHarborCommand The address of the new harbor command
     * @dev Can only be called by the governor
     */
    function setHarborCommand(address newHarborCommand) external;

    /**
     * @notice Set a new fleet commander rewards manager factory address
     * @param newFleetCommanderRewardsManagerFactory The address of the new fleet commander rewards manager factory
     * @dev Can only be called by the governor
     */
    function setFleetCommanderRewardsManagerFactory(
        address newFleetCommanderRewardsManagerFactory
    ) external;
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IConfigurationManagerErrors
 * @dev This file contains custom error definitions for the ConfigurationManager contract.
 * @notice These custom errors provide more gas-efficient and informative error handling
 * compared to traditional require statements with string messages.
 */
interface IConfigurationManagerErrors {
    /**
     * @notice Thrown when an operation is attempted with a zero address where a non-zero address is required.
     */
    error ZeroAddress();
    /**
     * @notice Thrown when ConfigurationManager was already initialized.
     */
    error ConfigurationManagerAlreadyInitialized();

    /**
     * @notice Thrown when the Raft address is not set.
     */
    error RaftNotSet();

    /**
     * @notice Thrown when the TipJar address is not set.
     */
    error TipJarNotSet();

    /**
     * @notice Thrown when the Treasury address is not set.
     */
    error TreasuryNotSet();

    /**
     * @notice Thrown when constructor address is set to the zero address.
     */
    error AddressZero();

    /**
     * @notice Thrown when the HarborCommand address is not set.
     */
    error HarborCommandNotSet();
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title IConfigurationManagerEvents
 * @notice Interface for events emitted by the Configuration Manager
 */
interface IConfigurationManagerEvents {
    /**
     * @notice Emitted when the Raft address is updated
     * @param newRaft The address of the new Raft
     */
    event RaftUpdated(address oldRaft, address newRaft);

    /**
     * @notice Emitted when the tip jar address is updated
     * @param newTipJar The address of the new tip jar
     */
    event TipJarUpdated(address oldTipJar, address newTipJar);

    /**
     * @notice Emitted when the tip rate is updated
     * @param newTipRate The new tip rate value
     */
    event TipRateUpdated(uint8 oldTipRate, uint8 newTipRate);

    /**
     * @notice Emitted when the Treasury address is updated
     * @param newTreasury The address of the new Treasury
     */
    event TreasuryUpdated(address oldTreasury, address newTreasury);

    /**
     * @notice Emitted when the Harbor Command address is updated
     * @param oldHarborCommand The address of the old Harbor Command
     * @param newHarborCommand The address of the new Harbor Command
     */
    event HarborCommandUpdated(
        address oldHarborCommand,
        address newHarborCommand
    );

    /**
     * @notice Emitted when the Fleet Commander Rewards Manager Factory address is updated
     * @param oldFleetCommanderRewardsManagerFactory The address of the old Fleet Commander Rewards Manager Factory
     * @param newFleetCommanderRewardsManagerFactory The address of the new Fleet Commander Rewards Manager Factory
     */
    event FleetCommanderRewardsManagerFactoryUpdated(
        address oldFleetCommanderRewardsManagerFactory,
        address newFleetCommanderRewardsManagerFactory
    );
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @title ICooldownEnforcer
 * @notice Enforces a cooldown period between actions. It provides the basic management for a cooldown
 *            period, allows to update the cooldown period and provides a modifier to enforce the cooldown.
 */
interface ICooldownEnforcer {
    /**
     * ERRORS
     */

    /**
     * @notice Error thrown when the cooldown period is too short
     */
    error CooldownEnforcerCooldownTooShort();

    /**
     * @notice Error thrown when the cooldown period is too long
     */
    error CooldownEnforcerCooldownTooLong();

    /**
     * VIEW FUNCTIONS
     */

    /**
     * @notice Returns the cooldown period in seoonds.
     */
    function getCooldown() external view returns (uint256);

    /**
     * @notice Returns the timestamp of the last action in Epoch time (block timestamp).
     */
    function getLastActionTimestamp() external view returns (uint256);
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * @notice Emitted by the modifier when the cooldown period has not elapsed.
 *
 * @param lastActionTimestamp The timestamp of the last action in Epoch time (block timestamp).
 * @param cooldown The cooldown period in seconds.
 * @param currentTimestamp The current block timestamp.
 */
error CooldownNotElapsed(
    uint256 lastActionTimestamp,
    uint256 cooldown,
    uint256 currentTimestamp
);

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.28;

/**
 * EVENTS
 */

/**
 * @param previousCooldown The previous cooldown period in seconds.
 * @param newCooldown The new cooldown period in seconds.
 */
event CooldownUpdated(uint256 previousCooldown, uint256 newCooldown);

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1363.sol)

pragma solidity ^0.8.20;

import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";

/**
 * @title IERC1363
 * @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
 *
 * Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
 * after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
 */
interface IERC1363 is IERC20, IERC165 {
    /*
     * Note: the ERC-165 identifier for this interface is 0xb0202a11.
     * 0xb0202a11 ===
     *   bytes4(keccak256('transferAndCall(address,uint256)')) ^
     *   bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
     *   bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
     *   bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
     *   bytes4(keccak256('approveAndCall(address,uint256)')) ^
     *   bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
     */

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferAndCall(address to, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from the caller's account to `to`
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @param data Additional data with no specified format, sent in call to `to`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param from The address which you want to send tokens from.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferFromAndCall(address from, address to, uint256 value) external returns (bool);

    /**
     * @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
     * and then calls {IERC1363Receiver-onTransferReceived} on `to`.
     * @param from The address which you want to send tokens from.
     * @param to The address which you want to transfer to.
     * @param value The amount of tokens to be transferred.
     * @param data Additional data with no specified format, sent in call to `to`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
     * @param spender The address which will spend the funds.
     * @param value The amount of tokens to be spent.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function approveAndCall(address spender, uint256 value) external returns (bool);

    /**
     * @dev Sets a `value` amount of tokens as the allowance of `spender` over the
     * caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
     * @param spender The address which will spend the funds.
     * @param value The amount of tokens to be spent.
     * @param data Additional data with no specified format, sent in call to `spender`.
     * @return A boolean value indicating whether the operation succeeded unless throwing.
     */
    function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}