FDX

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (access/AccessControl.sol)

pragma solidity ^0.8.0;

import "./IAccessControlUpgradeable.sol";
import "../utils/ContextUpgradeable.sol";
import "../utils/StringsUpgradeable.sol";
import "../utils/introspection/ERC165Upgradeable.sol";
import "../proxy/utils/Initializable.sol";

/**
 * @dev Contract module that allows children to implement role-based access
 * control mechanisms. This is a lightweight version that doesn't allow enumerating role
 * members except through off-chain means by accessing the contract event logs. Some
 * applications may benefit from on-chain enumerability, for those cases see
 * {AccessControlEnumerable}.
 *
 * Roles are referred to by their `bytes32` identifier. These should be exposed
 * in the external API and be unique. The best way to achieve this is by
 * using `public constant` hash digests:
 *
 * ```
 * bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
 * ```
 *
 * Roles can be used to represent a set of permissions. To restrict access to a
 * function call, use {hasRole}:
 *
 * ```
 * function foo() public {
 *     require(hasRole(MY_ROLE, msg.sender));
 *     ...
 * }
 * ```
 *
 * Roles can be granted and revoked dynamically via the {grantRole} and
 * {revokeRole} functions. Each role has an associated admin role, and only
 * accounts that have a role's admin role can call {grantRole} and {revokeRole}.
 *
 * By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
 * that only accounts with this role will be able to grant or revoke other
 * roles. More complex role relationships can be created by using
 * {_setRoleAdmin}.
 *
 * WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
 * grant and revoke this role. Extra precautions should be taken to secure
 * accounts that have been granted it.
 */
abstract contract AccessControlUpgradeable is Initializable, ContextUpgradeable, IAccessControlUpgradeable, ERC165Upgradeable {
    function __AccessControl_init() internal onlyInitializing {
    }

    function __AccessControl_init_unchained() internal onlyInitializing {
    }
    struct RoleData {
        mapping(address => bool) members;
        bytes32 adminRole;
    }

    mapping(bytes32 => RoleData) private _roles;

    bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;

    /**
     * @dev Modifier that checks that an account has a specific role. Reverts
     * with a standardized message including the required role.
     *
     * The format of the revert reason is given by the following regular expression:
     *
     *  /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
     *
     * _Available since v4.1._
     */
    modifier onlyRole(bytes32 role) {
        _checkRole(role);
        _;
    }

    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IAccessControlUpgradeable).interfaceId || super.supportsInterface(interfaceId);
    }

    /**
     * @dev Returns `true` if `account` has been granted `role`.
     */
    function hasRole(bytes32 role, address account) public view virtual override returns (bool) {
        return _roles[role].members[account];
    }

    /**
     * @dev Revert with a standard message if `_msgSender()` is missing `role`.
     * Overriding this function changes the behavior of the {onlyRole} modifier.
     *
     * Format of the revert message is described in {_checkRole}.
     *
     * _Available since v4.6._
     */
    function _checkRole(bytes32 role) internal view virtual {
        _checkRole(role, _msgSender());
    }

    /**
     * @dev Revert with a standard message if `account` is missing `role`.
     *
     * The format of the revert reason is given by the following regular expression:
     *
     *  /^AccessControl: account (0x[0-9a-f]{40}) is missing role (0x[0-9a-f]{64})$/
     */
    function _checkRole(bytes32 role, address account) internal view virtual {
        if (!hasRole(role, account)) {
            revert(
                string(
                    abi.encodePacked(
                        "AccessControl: account ",
                        StringsUpgradeable.toHexString(account),
                        " is missing role ",
                        StringsUpgradeable.toHexString(uint256(role), 32)
                    )
                )
            );
        }
    }

    /**
     * @dev Returns the admin role that controls `role`. See {grantRole} and
     * {revokeRole}.
     *
     * To change a role's admin, use {_setRoleAdmin}.
     */
    function getRoleAdmin(bytes32 role) public view virtual override returns (bytes32) {
        return _roles[role].adminRole;
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleGranted} event.
     */
    function grantRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
        _grantRole(role, account);
    }

    /**
     * @dev Revokes `role` from `account`.
     *
     * If `account` had been granted `role`, emits a {RoleRevoked} event.
     *
     * Requirements:
     *
     * - the caller must have ``role``'s admin role.
     *
     * May emit a {RoleRevoked} event.
     */
    function revokeRole(bytes32 role, address account) public virtual override onlyRole(getRoleAdmin(role)) {
        _revokeRole(role, account);
    }

    /**
     * @dev Revokes `role` from the calling account.
     *
     * Roles are often managed via {grantRole} and {revokeRole}: this function's
     * purpose is to provide a mechanism for accounts to lose their privileges
     * if they are compromised (such as when a trusted device is misplaced).
     *
     * If the calling account had been revoked `role`, emits a {RoleRevoked}
     * event.
     *
     * Requirements:
     *
     * - the caller must be `account`.
     *
     * May emit a {RoleRevoked} event.
     */
    function renounceRole(bytes32 role, address account) public virtual override {
        require(account == _msgSender(), "AccessControl: can only renounce roles for self");

        _revokeRole(role, account);
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * If `account` had not been already granted `role`, emits a {RoleGranted}
     * event. Note that unlike {grantRole}, this function doesn't perform any
     * checks on the calling account.
     *
     * May emit a {RoleGranted} event.
     *
     * [WARNING]
     * ====
     * This function should only be called from the constructor when setting
     * up the initial roles for the system.
     *
     * Using this function in any other way is effectively circumventing the admin
     * system imposed by {AccessControl}.
     * ====
     *
     * NOTE: This function is deprecated in favor of {_grantRole}.
     */
    function _setupRole(bytes32 role, address account) internal virtual {
        _grantRole(role, account);
    }

    /**
     * @dev Sets `adminRole` as ``role``'s admin role.
     *
     * Emits a {RoleAdminChanged} event.
     */
    function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
        bytes32 previousAdminRole = getRoleAdmin(role);
        _roles[role].adminRole = adminRole;
        emit RoleAdminChanged(role, previousAdminRole, adminRole);
    }

    /**
     * @dev Grants `role` to `account`.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleGranted} event.
     */
    function _grantRole(bytes32 role, address account) internal virtual {
        if (!hasRole(role, account)) {
            _roles[role].members[account] = true;
            emit RoleGranted(role, account, _msgSender());
        }
    }

    /**
     * @dev Revokes `role` from `account`.
     *
     * Internal function without access restriction.
     *
     * May emit a {RoleRevoked} event.
     */
    function _revokeRole(bytes32 role, address account) internal virtual {
        if (hasRole(role, account)) {
            _roles[role].members[account] = false;
            emit RoleRevoked(role, account, _msgSender());
        }
    }

    /**
     * @dev This empty reserved space is put in place to allow future versions to add new
     * variables without shifting down storage in the inheritance chain.
     * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
     */
    uint256[49] private __gap;
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { SafeCastUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/utils/math/SafeCastUpgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";

import { IRewarder } from "./interfaces/IRewarder.sol";
import { IStaking } from "./interfaces/IStaking.sol";
import { MintableTokenInterface } from "./interfaces/MintableTokenInterface.sol";

contract AdHocMintRewarder is OwnableUpgradeable {
  using SafeCastUpgradeable for uint256;
  using SafeCastUpgradeable for uint128;
  using SafeCastUpgradeable for int256;
  using SafeERC20Upgradeable for IERC20Upgradeable;

  string public name;
  address public rewardToken;
  address public staking;

  // Reward calculation parameters
  uint64 constant YEAR = 365 days;
  mapping(address => uint64) public userLastRewards;
  mapping(address => uint256) public userAccRewards;

  uint256 public rewardRate;

  // Events
  event LogOnDeposit(address indexed user, uint256 shareAmount);
  event LogOnWithdraw(address indexed user, uint256 shareAmount);
  event LogHarvest(address indexed user, uint256 pendingRewardAmount);

  // Error
  error AdHocMintRewarderError_NotStakingContract();

  modifier onlyStakingContract() {
    if (msg.sender != staking) revert AdHocMintRewarderError_NotStakingContract();
    _;
  }

  function initialize(
    string memory name_,
    address rewardToken_,
    address staking_
  ) external initializer {
    OwnableUpgradeable.__Ownable_init();

    // Sanity check
    IERC20Upgradeable(rewardToken_).totalSupply();
    IStaking(staking_).isRewarder(address(this));
    name = name_;
    rewardToken = rewardToken_;
    staking = staking_;

    // For compatability only, no calculation usage on chain
    rewardRate = 31709791983 wei; // = 1 ether / 365 day
  }

  function onDeposit(address user, uint256 shareAmount) external onlyStakingContract {
    // Accumulate user reward
    userAccRewards[user] += _calculateUserAccReward(user);
    userLastRewards[user] = block.timestamp.toUint64();
    emit LogOnDeposit(user, shareAmount);
  }

  function onWithdraw(address user, uint256 shareAmount) external onlyStakingContract {
    // Reset user reward
    // The rule is whenever withdraw occurs, no matter the size, reward calculation should restart.
    userAccRewards[user] = 0;
    userLastRewards[user] = block.timestamp.toUint64();
    emit LogOnWithdraw(user, shareAmount);
  }

  function onHarvest(address user, address receiver) external onlyStakingContract {
    uint256 pendingRewardAmount = _pendingReward(user);

    // Reset user reward accumulation.
    // The next action will start accum reward from zero again.
    userAccRewards[user] = 0;
    userLastRewards[user] = block.timestamp.toUint64();

    if (pendingRewardAmount != 0) {
      _harvestToken(receiver, pendingRewardAmount);
    }

    emit LogHarvest(user, pendingRewardAmount);
  }

  function pendingReward(address user) external view returns (uint256) {
    return _pendingReward(user);
  }

  function _pendingReward(address user) internal view returns (uint256) {
    // (accumulated reward since the last action) + (jotted reward from the past)
    return _calculateUserAccReward(user) + userAccRewards[user];
  }

  function _calculateUserAccReward(address user) internal view returns (uint256) {
    // [100% APR] If a user stake N shares for a year, he will be rewarded with N tokens.
    if (userLastRewards[user] > 0) {
      return ((block.timestamp - userLastRewards[user]) * _userShare(user)) / YEAR;
    } else {
      return 0;
    }
  }

  function _userShare(address user) private view returns (uint256) {
    return IStaking(staking).calculateShare(address(this), user);
  }

  function _harvestToken(address receiver, uint256 pendingRewardAmount) internal virtual {
    MintableTokenInterface(rewardToken).mint(receiver, pendingRewardAmount);
  }

  /// @custom:oz-upgrades-unsafe-allow constructor
  constructor() {
    _disableInitializers();
  }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)

pragma solidity ^0.8.1;

/**
 * @dev Collection of functions related to the address type
 */
library Address {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     * ====
     *
     * [IMPORTANT]
     * ====
     * You shouldn't rely on `isContract` to protect against flash loan attacks!
     *
     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
     * constructor.
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize/address.code.length, which returns 0
        // for contracts in construction, since the code is only stored at the end
        // of the constructor execution.

        return account.code.length > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        (bool success, ) = recipient.call{value: amount}("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value,
        string memory errorMessage
    ) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionDelegateCall(target, data, "Address: low-level delegate call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a delegate call.
     *
     * _Available since v3.4._
     */
    function functionDelegateCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        (bool success, bytes memory returndata) = target.delegatecall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
     *
     * _Available since v4.8._
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        if (success) {
            if (returndata.length == 0) {
                // only check isContract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                require(isContract(target), "Address: call to non-contract");
            }
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
     * revert reason or using the provided one.
     *
     * _Available since v4.3._
     */
    function verifyCallResult(
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal pure returns (bytes memory) {
        if (success) {
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    function _revert(bytes memory returndata, string memory errorMessage) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            /// @solidity memory-safe-assembly
            assembly {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert(errorMessage);
        }
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)

pragma solidity ^0.8.1;

/**
 * @dev Collection of functions related to the address type
 */
library AddressUpgradeable {
    /**
     * @dev Returns true if `account` is a contract.
     *
     * [IMPORTANT]
     * ====
     * It is unsafe to assume that an address for which this function returns
     * false is an externally-owned account (EOA) and not a contract.
     *
     * Among others, `isContract` will return false for the following
     * types of addresses:
     *
     *  - an externally-owned account
     *  - a contract in construction
     *  - an address where a contract will be created
     *  - an address where a contract lived, but was destroyed
     * ====
     *
     * [IMPORTANT]
     * ====
     * You shouldn't rely on `isContract` to protect against flash loan attacks!
     *
     * Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
     * like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
     * constructor.
     * ====
     */
    function isContract(address account) internal view returns (bool) {
        // This method relies on extcodesize/address.code.length, which returns 0
        // for contracts in construction, since the code is only stored at the end
        // of the constructor execution.

        return account.code.length > 0;
    }

    /**
     * @dev Replacement for Solidity's `transfer`: sends `amount` wei to
     * `recipient`, forwarding all available gas and reverting on errors.
     *
     * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
     * of certain opcodes, possibly making contracts go over the 2300 gas limit
     * imposed by `transfer`, making them unable to receive funds via
     * `transfer`. {sendValue} removes this limitation.
     *
     * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
     *
     * IMPORTANT: because control is transferred to `recipient`, care must be
     * taken to not create reentrancy vulnerabilities. Consider using
     * {ReentrancyGuard} or the
     * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
     */
    function sendValue(address payable recipient, uint256 amount) internal {
        require(address(this).balance >= amount, "Address: insufficient balance");

        (bool success, ) = recipient.call{value: amount}("");
        require(success, "Address: unable to send value, recipient may have reverted");
    }

    /**
     * @dev Performs a Solidity function call using a low level `call`. A
     * plain `call` is an unsafe replacement for a function call: use this
     * function instead.
     *
     * If `target` reverts with a revert reason, it is bubbled up by this
     * function (like regular Solidity function calls).
     *
     * Returns the raw returned data. To convert to the expected return value,
     * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
     *
     * Requirements:
     *
     * - `target` must be a contract.
     * - calling `target` with `data` must not revert.
     *
     * _Available since v3.1._
     */
    function functionCall(address target, bytes memory data) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, "Address: low-level call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
     * `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, 0, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but also transferring `value` wei to `target`.
     *
     * Requirements:
     *
     * - the calling contract must have an ETH balance of at least `value`.
     * - the called Solidity function must be `payable`.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value
    ) internal returns (bytes memory) {
        return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
    }

    /**
     * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
     * with `errorMessage` as a fallback revert reason when `target` reverts.
     *
     * _Available since v3.1._
     */
    function functionCallWithValue(
        address target,
        bytes memory data,
        uint256 value,
        string memory errorMessage
    ) internal returns (bytes memory) {
        require(address(this).balance >= value, "Address: insufficient balance for call");
        (bool success, bytes memory returndata) = target.call{value: value}(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
        return functionStaticCall(target, data, "Address: low-level static call failed");
    }

    /**
     * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
     * but performing a static call.
     *
     * _Available since v3.3._
     */
    function functionStaticCall(
        address target,
        bytes memory data,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        (bool success, bytes memory returndata) = target.staticcall(data);
        return verifyCallResultFromTarget(target, success, returndata, errorMessage);
    }

    /**
     * @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
     * the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
     *
     * _Available since v4.8._
     */
    function verifyCallResultFromTarget(
        address target,
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal view returns (bytes memory) {
        if (success) {
            if (returndata.length == 0) {
                // only check isContract if the call was successful and the return data is empty
                // otherwise we already know that it was a contract
                require(isContract(target), "Address: call to non-contract");
            }
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    /**
     * @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
     * revert reason or using the provided one.
     *
     * _Available since v4.3._
     */
    function verifyCallResult(
        bool success,
        bytes memory returndata,
        string memory errorMessage
    ) internal pure returns (bytes memory) {
        if (success) {
            return returndata;
        } else {
            _revert(returndata, errorMessage);
        }
    }

    function _revert(bytes memory returndata, string memory errorMessage) private pure {
        // Look for revert reason and bubble it up if present
        if (returndata.length > 0) {
            // The easiest way to bubble the revert reason is using memory via assembly
            /// @solidity memory-safe-assembly
            assembly {
                let returndata_size := mload(returndata)
                revert(add(32, returndata), returndata_size)
            }
        } else {
            revert(errorMessage);
        }
    }
}

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.0;

import "./OFTCoreV2.sol";
import "./IOFTV2.sol";
import "lib/openzeppelin-contracts/contracts/utils/introspection/ERC165.sol";

abstract contract BaseOFTV2 is OFTCoreV2, ERC165, IOFTV2 {

    constructor(uint8 _sharedDecimals, address _lzEndpoint) OFTCoreV2(_sharedDecimals, _lzEndpoint) {
    }

    /************************************************************************
    * public functions
    ************************************************************************/
    function sendFrom(address _from, uint16 _dstChainId, bytes32 _toAddress, uint _amount, LzCallParams calldata _callParams) public payable virtual override {
        _send(_from, _dstChainId, _toAddress, _amount, _callParams.refundAddress, _callParams.zroPaymentAddress, _callParams.adapterParams);
    }

    function sendAndCall(address _from, uint16 _dstChainId, bytes32 _toAddress, uint _amount, bytes calldata _payload, uint64 _dstGasForCall, LzCallParams calldata _callParams) public payable virtual override {
        _sendAndCall(_from, _dstChainId, _toAddress, _amount, _payload, _dstGasForCall, _callParams.refundAddress, _callParams.zroPaymentAddress, _callParams.adapterParams);
    }

    /************************************************************************
    * public view functions
    ************************************************************************/
    function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
        return interfaceId == type(IOFTV2).interfaceId || super.supportsInterface(interfaceId);
    }

    function estimateSendFee(uint16 _dstChainId, bytes32 _toAddress, uint _amount, bool _useZro, bytes calldata _adapterParams) public view virtual override returns (uint nativeFee, uint zroFee) {
        return _estimateSendFee(_dstChainId, _toAddress, _amount, _useZro, _adapterParams);
    }

    function estimateSendAndCallFee(uint16 _dstChainId, bytes32 _toAddress, uint _amount, bytes calldata _payload, uint64 _dstGasForCall, bool _useZro, bytes calldata _adapterParams) public view virtual override returns (uint nativeFee, uint zroFee) {
        return _estimateSendAndCallFee(_dstChainId, _toAddress, _amount, _payload, _dstGasForCall, _useZro, _adapterParams);
    }

    function circulatingSupply() public view virtual override returns (uint);

    function token() public view virtual override returns (address);
}

// SPDX-License-Identifier: Unlicense
/*
 * @title Solidity Bytes Arrays Utils
 * @author Gonçalo Sá <goncalo.sa@consensys.net>
 *
 * @dev Bytes tightly packed arrays utility library for ethereum contracts written in Solidity.
 *      The library lets you concatenate, slice and type cast bytes arrays both in memory and storage.
 */
pragma solidity >=0.8.0 <0.9.0;


library BytesLib {
    function concat(
        bytes memory _preBytes,
        bytes memory _postBytes
    )
    internal
    pure
    returns (bytes memory)
    {
        bytes memory tempBytes;

        assembly {
        // Get a location of some free memory and store it in tempBytes as
        // Solidity does for memory variables.
            tempBytes := mload(0x40)

        // Store the length of the first bytes array at the beginning of
        // the memory for tempBytes.
            let length := mload(_preBytes)
            mstore(tempBytes, length)

        // Maintain a memory counter for the current write location in the
        // temp bytes array by adding the 32 bytes for the array length to
        // the starting location.
            let mc := add(tempBytes, 0x20)
        // Stop copying when the memory counter reaches the length of the
        // first bytes array.
            let end := add(mc, length)

            for {
            // Initialize a copy counter to the start of the _preBytes data,
            // 32 bytes into its memory.
                let cc := add(_preBytes, 0x20)
            } lt(mc, end) {
            // Increase both counters by 32 bytes each iteration.
                mc := add(mc, 0x20)
                cc := add(cc, 0x20)
            } {
            // Write the _preBytes data into the tempBytes memory 32 bytes
            // at a time.
                mstore(mc, mload(cc))
            }

        // Add the length of _postBytes to the current length of tempBytes
        // and store it as the new length in the first 32 bytes of the
        // tempBytes memory.
            length := mload(_postBytes)
            mstore(tempBytes, add(length, mload(tempBytes)))

        // Move the memory counter back from a multiple of 0x20 to the
        // actual end of the _preBytes data.
            mc := end
        // Stop copying when the memory counter reaches the new combined
        // length of the arrays.
            end := add(mc, length)

            for {
                let cc := add(_postBytes, 0x20)
            } lt(mc, end) {
                mc := add(mc, 0x20)
                cc := add(cc, 0x20)
            } {
                mstore(mc, mload(cc))
            }

        // Update the free-memory pointer by padding our last write location
        // to 32 bytes: add 31 bytes to the end of tempBytes to move to the
        // next 32 byte block, then round down to the nearest multiple of
        // 32. If the sum of the length of the two arrays is zero then add
        // one before rounding down to leave a blank 32 bytes (the length block with 0).
            mstore(0x40, and(
            add(add(end, iszero(add(length, mload(_preBytes)))), 31),
            not(31) // Round down to the nearest 32 bytes.
            ))
        }

        return tempBytes;
    }

    function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {
        assembly {
        // Read the first 32 bytes of _preBytes storage, which is the length
        // of the array. (We don't need to use the offset into the slot
        // because arrays use the entire slot.)
            let fslot := sload(_preBytes.slot)
        // Arrays of 31 bytes or less have an even value in their slot,
        // while longer arrays have an odd value. The actual length is
        // the slot divided by two for odd values, and the lowest order
        // byte divided by two for even values.
        // If the slot is even, bitwise and the slot with 255 and divide by
        // two to get the length. If the slot is odd, bitwise and the slot
        // with -1 and divide by two.
            let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
            let mlength := mload(_postBytes)
            let newlength := add(slength, mlength)
        // slength can contain both the length and contents of the array
        // if length < 32 bytes so let's prepare for that
        // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
            switch add(lt(slength, 32), lt(newlength, 32))
            case 2 {
            // Since the new array still fits in the slot, we just need to
            // update the contents of the slot.
            // uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length
                sstore(
                _preBytes.slot,
                // all the modifications to the slot are inside this
                // next block
                add(
                // we can just add to the slot contents because the
                // bytes we want to change are the LSBs
                fslot,
                add(
                mul(
                div(
                // load the bytes from memory
                mload(add(_postBytes, 0x20)),
                // zero all bytes to the right
                exp(0x100, sub(32, mlength))
                ),
                // and now shift left the number of bytes to
                // leave space for the length in the slot
                exp(0x100, sub(32, newlength))
                ),
                // increase length by the double of the memory
                // bytes length
                mul(mlength, 2)
                )
                )
                )
            }
            case 1 {
            // The stored value fits in the slot, but the combined value
            // will exceed it.
            // get the keccak hash to get the contents of the array
                mstore(0x0, _preBytes.slot)
                let sc := add(keccak256(0x0, 0x20), div(slength, 32))

            // save new length
                sstore(_preBytes.slot, add(mul(newlength, 2), 1))

            // The contents of the _postBytes array start 32 bytes into
            // the structure. Our first read should obtain the `submod`
            // bytes that can fit into the unused space in the last word
            // of the stored array. To get this, we read 32 bytes starting
            // from `submod`, so the data we read overlaps with the array
            // contents by `submod` bytes. Masking the lowest-order
            // `submod` bytes allows us to add that value directly to the
            // stored value.

                let submod := sub(32, slength)
                let mc := add(_postBytes, submod)
                let end := add(_postBytes, mlength)
                let mask := sub(exp(0x100, submod), 1)

                sstore(
                sc,
                add(
                and(
                fslot,
                0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00
                ),
                and(mload(mc), mask)
                )
                )

                for {
                    mc := add(mc, 0x20)
                    sc := add(sc, 1)
                } lt(mc, end) {
                    sc := add(sc, 1)
                    mc := add(mc, 0x20)
                } {
                    sstore(sc, mload(mc))
                }

                mask := exp(0x100, sub(mc, end))

                sstore(sc, mul(div(mload(mc), mask), mask))
            }
            default {
            // get the keccak hash to get the contents of the array
                mstore(0x0, _preBytes.slot)
            // Start copying to the last used word of the stored array.
                let sc := add(keccak256(0x0, 0x20), div(slength, 32))

            // save new length
                sstore(_preBytes.slot, add(mul(newlength, 2), 1))

            // Copy over the first `submod` bytes of the new data as in
            // case 1 above.
                let slengthmod := mod(slength, 32)
                let mlengthmod := mod(mlength, 32)
                let submod := sub(32, slengthmod)
                let mc := add(_postBytes, submod)
                let end := add(_postBytes, mlength)
                let mask := sub(exp(0x100, submod), 1)

                sstore(sc, add(sload(sc), and(mload(mc), mask)))

                for {
                    sc := add(sc, 1)
                    mc := add(mc, 0x20)
                } lt(mc, end) {
                    sc := add(sc, 1)
                    mc := add(mc, 0x20)
                } {
                    sstore(sc, mload(mc))
                }

                mask := exp(0x100, sub(mc, end))

                sstore(sc, mul(div(mload(mc), mask), mask))
            }
        }
    }

    function slice(
        bytes memory _bytes,
        uint256 _start,
        uint256 _length
    )
    internal
    pure
    returns (bytes memory)
    {
        require(_length + 31 >= _length, "slice_overflow");
        require(_bytes.length >= _start + _length, "slice_outOfBounds");

        bytes memory tempBytes;

        assembly {
            switch iszero(_length)
            case 0 {
            // Get a location of some free memory and store it in tempBytes as
            // Solidity does for memory variables.
                tempBytes := mload(0x40)

            // The first word of the slice result is potentially a partial
            // word read from the original array. To read it, we calculate
            // the length of that partial word and start copying that many
            // bytes into the array. The first word we copy will start with
            // data we don't care about, but the last `lengthmod` bytes will
            // land at the beginning of the contents of the new array. When
            // we're done copying, we overwrite the full first word with
            // the actual length of the slice.
                let lengthmod := and(_length, 31)

            // The multiplication in the next line is necessary
            // because when slicing multiples of 32 bytes (lengthmod == 0)
            // the following copy loop was copying the origin's length
            // and then ending prematurely not copying everything it should.
                let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
                let end := add(mc, _length)

                for {
                // The multiplication in the next line has the same exact purpose
                // as the one above.
                    let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
                } lt(mc, end) {
                    mc := add(mc, 0x20)
                    cc := add(cc, 0x20)
                } {
                    mstore(mc, mload(cc))
                }

                mstore(tempBytes, _length)

            //update free-memory pointer
            //allocating the array padded to 32 bytes like the compiler does now
                mstore(0x40, and(add(mc, 31), not(31)))
            }
            //if we want a zero-length slice let's just return a zero-length array
            default {
                tempBytes := mload(0x40)
            //zero out the 32 bytes slice we are about to return
            //we need to do it because Solidity does not garbage collect
                mstore(tempBytes, 0)

                mstore(0x40, add(tempBytes, 0x20))
            }
        }

        return tempBytes;
    }

    function toAddress(bytes memory _bytes, uint256 _start) internal pure returns (address) {
        require(_bytes.length >= _start + 20, "toAddress_outOfBounds");
        address tempAddress;

        assembly {
            tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
        }

        return tempAddress;
    }

    function toUint8(bytes memory _bytes, uint256 _start) internal pure returns (uint8) {
        require(_bytes.length >= _start + 1 , "toUint8_outOfBounds");
        uint8 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x1), _start))
        }

        return tempUint;
    }

    function toUint16(bytes memory _bytes, uint256 _start) internal pure returns (uint16) {
        require(_bytes.length >= _start + 2, "toUint16_outOfBounds");
        uint16 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x2), _start))
        }

        return tempUint;
    }

    function toUint32(bytes memory _bytes, uint256 _start) internal pure returns (uint32) {
        require(_bytes.length >= _start + 4, "toUint32_outOfBounds");
        uint32 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x4), _start))
        }

        return tempUint;
    }

    function toUint64(bytes memory _bytes, uint256 _start) internal pure returns (uint64) {
        require(_bytes.length >= _start + 8, "toUint64_outOfBounds");
        uint64 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x8), _start))
        }

        return tempUint;
    }

    function toUint96(bytes memory _bytes, uint256 _start) internal pure returns (uint96) {
        require(_bytes.length >= _start + 12, "toUint96_outOfBounds");
        uint96 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0xc), _start))
        }

        return tempUint;
    }

    function toUint128(bytes memory _bytes, uint256 _start) internal pure returns (uint128) {
        require(_bytes.length >= _start + 16, "toUint128_outOfBounds");
        uint128 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x10), _start))
        }

        return tempUint;
    }

    function toUint256(bytes memory _bytes, uint256 _start) internal pure returns (uint256) {
        require(_bytes.length >= _start + 32, "toUint256_outOfBounds");
        uint256 tempUint;

        assembly {
            tempUint := mload(add(add(_bytes, 0x20), _start))
        }

        return tempUint;
    }

    function toBytes32(bytes memory _bytes, uint256 _start) internal pure returns (bytes32) {
        require(_bytes.length >= _start + 32, "toBytes32_outOfBounds");
        bytes32 tempBytes32;

        assembly {
            tempBytes32 := mload(add(add(_bytes, 0x20), _start))
        }

        return tempBytes32;
    }

    function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {
        bool success = true;

        assembly {
            let length := mload(_preBytes)

        // if lengths don't match the arrays are not equal
            switch eq(length, mload(_postBytes))
            case 1 {
            // cb is a circuit breaker in the for loop since there's
            //  no said feature for inline assembly loops
            // cb = 1 - don't breaker
            // cb = 0 - break
                let cb := 1

                let mc := add(_preBytes, 0x20)
                let end := add(mc, length)

                for {
                    let cc := add(_postBytes, 0x20)
                // the next line is the loop condition:
                // while(uint256(mc < end) + cb == 2)
                } eq(add(lt(mc, end), cb), 2) {
                    mc := add(mc, 0x20)
                    cc := add(cc, 0x20)
                } {
                // if any of these checks fails then arrays are not equal
                    if iszero(eq(mload(mc), mload(cc))) {
                    // unsuccess:
                        success := 0
                        cb := 0
                    }
                }
            }
            default {
            // unsuccess:
                success := 0
            }
        }

        return success;
    }

    function equalStorage(
        bytes storage _preBytes,
        bytes memory _postBytes
    )
    internal
    view
    returns (bool)
    {
        bool success = true;

        assembly {
        // we know _preBytes_offset is 0
            let fslot := sload(_preBytes.slot)
        // Decode the length of the stored array like in concatStorage().
            let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
            let mlength := mload(_postBytes)

        // if lengths don't match the arrays are not equal
            switch eq(slength, mlength)
            case 1 {
            // slength can contain both the length and contents of the array
            // if length < 32 bytes so let's prepare for that
            // v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
                if iszero(iszero(slength)) {
                    switch lt(slength, 32)
                    case 1 {
                    // blank the last byte which is the length
                        fslot := mul(div(fslot, 0x100), 0x100)

                        if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
                        // unsuccess:
                            success := 0
                        }
                    }
                    default {
                    // cb is a circuit breaker in the for loop since there's
                    //  no said feature for inline assembly loops
                    // cb = 1 - don't breaker
                    // cb = 0 - break
                        let cb := 1

                    // get the keccak hash to get the contents of the array
                        mstore(0x0, _preBytes.slot)
                        let sc := keccak256(0x0, 0x20)

                        let mc := add(_postBytes, 0x20)
                        let end := add(mc, mlength)

                    // the next line is the loop condition:
                    // while(uint256(mc < end) + cb == 2)
                        for {} eq(add(lt(mc, end), cb), 2) {
                            sc := add(sc, 1)
                            mc := add(mc, 0x20)
                        } {
                            if iszero(eq(sload(sc), mload(mc))) {
                            // unsuccess:
                                success := 0
                                cb := 0
                            }
                        }
                    }
                }
            }
            default {
            // unsuccess:
                success := 0
            }
        }

        return success;
    }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { UniV3LiquidityMining } from "src/staking/UniV3LiquidityMining.sol";

import { IStaking } from "./interfaces/IStaking.sol";
import { TLCStaking } from "./TLCStaking.sol";

contract Compounder is OwnableUpgradeable {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  error Compounder_InconsistentLength();

  address public dp;
  address public destinationCompoundPool;
  address[] public tokens;
  mapping(address => bool) public isCompoundableTokens;
  address public tlcStaking;
  address public uniV3LiquidityMining;

  event LogAddToken(address token, bool isCompoundToken);
  event LogRemoveToken(address token);
  event LogSetCompoundToken(address token, bool isCompoundToken);
  event LogUniV3LiquidityMining(address uniV3LiquidityMining);
  event LogSetDestinationCompoundPool(
    address oldDestinationCompoundPool_,
    address newDestinationCompoundPool
  );

  function initialize(
    address dp_,
    address destinationCompoundPool_,
    address[] memory tokens_,
    bool[] memory isCompoundTokens_,
    address tlcStaking_,
    address uniV3LiquidityMining_
  ) external initializer {
    OwnableUpgradeable.__Ownable_init();

    dp = dp_;
    destinationCompoundPool = destinationCompoundPool_;
    addToken(tokens_, isCompoundTokens_);
    tlcStaking = tlcStaking_;
    uniV3LiquidityMining = uniV3LiquidityMining_;
  }

  function addToken(
    address[] memory newTokens,
    bool[] memory newIsCompoundTokens
  ) public onlyOwner {
    uint256 length = newTokens.length;
    if (length != newIsCompoundTokens.length) revert Compounder_InconsistentLength();

    for (uint256 i = 0; i < length; ) {
      tokens.push(newTokens[i]);
      setCompoundToken(newTokens[i], newIsCompoundTokens[i]);

      emit LogAddToken(newTokens[i], newIsCompoundTokens[i]);
      unchecked {
        ++i;
      }
    }
  }

  function removeToken(address token) external onlyOwner {
    uint256 length = tokens.length;

    for (uint256 i = 0; i < length; ) {
      if (tokens[i] == token) {
        tokens[i] = tokens[tokens.length - 1];
        tokens.pop();

        setCompoundToken(token, false);
        emit LogRemoveToken(token);
        break;
      }

      unchecked {
        ++i;
      }
    }
  }

  function setCompoundToken(address token, bool isCompoundToken) public onlyOwner {
    isCompoundableTokens[token] = isCompoundToken;

    if (isCompoundToken)
      IERC20Upgradeable(token).approve(destinationCompoundPool, type(uint256).max);

    emit LogSetCompoundToken(token, isCompoundToken);
  }

  function setDestinationCompoundPool(address _destinationCompoundPool) external onlyOwner {
    emit LogSetDestinationCompoundPool(destinationCompoundPool, _destinationCompoundPool);

    destinationCompoundPool = _destinationCompoundPool;
  }

  function setUniV3LiquidityMining(address uniV3LiquidityMining_) public onlyOwner {
    uniV3LiquidityMining = uniV3LiquidityMining_;
    emit LogUniV3LiquidityMining(uniV3LiquidityMining_);
  }

  function claimAll(
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs,
    uint256[] calldata tokenIds
  ) external {
    _claimAll(pools, rewarders, startEpochTimestamp, noOfEpochs);
    _claimUniV3(tokenIds);
    _compoundOrTransfer(false);
  }

  function compound(
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs,
    uint256[] calldata tokenIds
  ) external {
    _claimAll(pools, rewarders, startEpochTimestamp, noOfEpochs);
    _claimUniV3(tokenIds);
    _compoundOrTransfer(true);
  }

  function _compoundOrTransfer(bool isCompound) internal {
    uint256 length = tokens.length;
    for (uint256 i = 0; i < length; ) {
      uint256 amount = IERC20Upgradeable(tokens[i]).balanceOf(address(this));
      if (amount > 0) {
        // always compound dragon point
        if (tokens[i] == dp || (isCompound && isCompoundableTokens[tokens[i]])) {
          IERC20Upgradeable(tokens[i]).approve(destinationCompoundPool, type(uint256).max);
          IStaking(destinationCompoundPool).deposit(msg.sender, tokens[i], amount);
          IERC20Upgradeable(tokens[i]).approve(destinationCompoundPool, 0);
        } else {
          IERC20Upgradeable(tokens[i]).safeTransfer(msg.sender, amount);
        }
      }

      unchecked {
        ++i;
      }
    }
  }

  function _claimAll(
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs
  ) internal {
    uint256 length = pools.length;
    for (uint256 i = 0; i < length; ) {
      if (tlcStaking == pools[i]) {
        TLCStaking(pools[i]).harvestToCompounder(
          msg.sender,
          startEpochTimestamp,
          noOfEpochs,
          rewarders[i]
        );
      } else {
        IStaking(pools[i]).harvestToCompounder(msg.sender, rewarders[i]);
      }

      unchecked {
        ++i;
      }
    }
  }

  function _claimUniV3(uint256[] memory tokenIds) internal {
    if (uniV3LiquidityMining == address(0)) return;
    UniV3LiquidityMining pool = UniV3LiquidityMining(uniV3LiquidityMining);
    uint256 activeIncentiveId = pool.activeIncentiveId();
    uint128 liquidity;
    for (uint256 i = 0; i < tokenIds.length; ) {
      (, liquidity) = pool.stakes(tokenIds[i], activeIncentiveId);
      if (liquidity > 0) {
        // Unstake LP to update rewards
        pool.unstake(tokenIds[i]);
      }

      // Restake LP in case the current incentive is still active
      (, , , , uint64 endTime) = pool.incentives(activeIncentiveId);
      if (block.timestamp < endTime) pool.stake(tokenIds[i]);

      unchecked {
        ++i;
      }
    }
    if (pool.rewards(msg.sender) > 0)
      pool.harvestToCompounder(msg.sender, type(uint256).max, address(this));
  }

  receive() external payable {}

  /// @custom:oz-upgrades-unsafe-allow constructor
  constructor() {
    _disableInitializers();
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";

import { IStaking } from "./interfaces/IStaking.sol";
import { ITLCStaking } from "./interfaces/ITLCStaking.sol";
import { NonblockingLzAppUpgradeable } from "src/vendors/LayerZeroV1/NonblockingLzAppUpgradeable.sol";
import { Transfer as TransferLib } from "src/libraries/Transfer.sol";
import { IOFTV2 } from "lib/layer-zero-example/contracts/token/oft/v2/IOFTV2.sol";
import { LzLib } from "lib/layer-zero-example/contracts/libraries/LzLib.sol";
import { ICommonOFT } from "lib/layer-zero-example/contracts/token/oft/v2/ICommonOFT.sol";
import { IOApp } from "src/interfaces/IOApp.sol";

// @dev Compounder2: remove Uni V3 LP rewards and add cross-chain functionality

contract Compounder2 is NonblockingLzAppUpgradeable {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  error Compounder2_InconsistentLength();

  address public dp;
  address public destinationCompoundPool;
  address[] public tokens;
  mapping(address => bool) public isCompoundableTokens;
  address public tlcStaking;
  address[] public defaultPools;
  address[][] public defaultRewarders;
  uint256 public defaultStartEpochTimestamp;
  mapping(address => uint16) public bridgeTokenLzEid;
  uint16[] public destinationLzEid;
  uint256 public gasForDestinationLzReceive;

  event LogAddToken(address token, bool isCompoundToken);
  event LogRemoveToken(address token);
  event LogSetCompoundToken(address token, bool isCompoundToken);
  event LogSetDestinationCompoundPool(
    address oldDestinationCompoundPool_,
    address newDestinationCompoundPool
  );
  event LogSetBridgeTokenLzEid(address token, uint16 lzEid);
  event LogAddDestinationLzEid(uint16 lzEid);
  event LogSetGasForDestinationLzReceive(uint256 oldGasLimit, uint256 newGasLimit);

  function initialize(
    address dp_,
    address destinationCompoundPool_,
    address[] memory tokens_,
    bool[] memory isCompoundTokens_,
    address tlcStaking_,
    address lzEndpointV1_
  ) external initializer {
    NonblockingLzAppUpgradeable.__NonblockingLzAppUpgradeable_init(lzEndpointV1_);

    dp = dp_;
    destinationCompoundPool = destinationCompoundPool_;
    addToken(tokens_, isCompoundTokens_);
    tlcStaking = tlcStaking_;
  }

  function addToken(
    address[] memory newTokens,
    bool[] memory newIsCompoundTokens
  ) public onlyOwner {
    uint256 length = newTokens.length;
    if (length != newIsCompoundTokens.length) revert Compounder2_InconsistentLength();

    for (uint256 i = 0; i < length; ) {
      tokens.push(newTokens[i]);
      setCompoundToken(newTokens[i], newIsCompoundTokens[i]);

      emit LogAddToken(newTokens[i], newIsCompoundTokens[i]);
      unchecked {
        ++i;
      }
    }
  }

  function removeToken(address token) external onlyOwner {
    uint256 length = tokens.length;

    for (uint256 i = 0; i < length; ) {
      if (tokens[i] == token) {
        tokens[i] = tokens[tokens.length - 1];
        tokens.pop();

        setCompoundToken(token, false);
        emit LogRemoveToken(token);
        break;
      }

      unchecked {
        ++i;
      }
    }
  }

  function setCompoundToken(address token, bool isCompoundToken) public onlyOwner {
    isCompoundableTokens[token] = isCompoundToken;

    if (isCompoundToken)
      IERC20Upgradeable(token).approve(destinationCompoundPool, type(uint256).max);

    emit LogSetCompoundToken(token, isCompoundToken);
  }

  function setDefaultConfigs(
    address[] memory _defaultPools,
    address[][] memory _defaultRewarders,
    uint256 _defaultStartEpochTimestamp
  ) external onlyOwner {
    defaultPools = _defaultPools;
    defaultRewarders = _defaultRewarders;
    defaultStartEpochTimestamp = _defaultStartEpochTimestamp;
  }

  function setDestinationCompoundPool(address _destinationCompoundPool) external onlyOwner {
    emit LogSetDestinationCompoundPool(destinationCompoundPool, _destinationCompoundPool);

    destinationCompoundPool = _destinationCompoundPool;
  }

  function setBridgeTokenLzEids(
    address[] memory _tokens,
    uint16[] memory _lzEids
  ) external onlyOwner {
    if (_tokens.length != _lzEids.length) revert Compounder2_InconsistentLength();
    for (uint256 i = 0; i < _tokens.length; ) {
      emit LogSetBridgeTokenLzEid(_tokens[i], _lzEids[i]);
      bridgeTokenLzEid[_tokens[i]] = _lzEids[i];
      unchecked {
        ++i;
      }
    }
  }

  function addDestinationLzEid(uint16[] memory _lzEids) external onlyOwner {
    for (uint256 i = 0; i < _lzEids.length; ) {
      emit LogAddDestinationLzEid(_lzEids[i]);
      destinationLzEid.push(_lzEids[i]);
      unchecked {
        ++i;
      }
    }
  }

  function setGasForDestinationLzReceive(uint256 gasLimit) external onlyOwner {
    emit LogSetGasForDestinationLzReceive(gasForDestinationLzReceive, gasLimit);
    gasForDestinationLzReceive = gasLimit;
  }

  function compound(
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs
  ) external payable {
    _claimAll(msg.sender, pools, rewarders, startEpochTimestamp, noOfEpochs);
    _compoundOrTransfer(msg.sender, true);
  }

  function compound(
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs,
    bool isCrossChain
  ) external payable {
    _claimAll(msg.sender, pools, rewarders, startEpochTimestamp, noOfEpochs);
    uint256 msgValueLeft = _compoundOrTransfer(msg.sender, true);
    if (isCrossChain) _broadcastClaim(msg.sender, msgValueLeft);
  }

  struct LocalVars {
    uint256 length;
    uint256 amount;
    bytes adapterParams;
    uint256 msgValue;
    IOApp tokenOApp;
  }

  function _compoundOrTransfer(address user, bool isCompound) internal returns (uint256 msgValue) {
    LocalVars memory vars;
    vars.length = tokens.length;
    vars.msgValue = msg.value;
    for (uint256 i = 0; i < vars.length; ) {
      vars.amount = IERC20Upgradeable(tokens[i]).balanceOf(address(this));
      vars.adapterParams = "";
      if (vars.amount > 0) {
        // always compound dragon point
        if (tokens[i] == dp || (isCompound && isCompoundableTokens[tokens[i]])) {
          IERC20Upgradeable(tokens[i]).approve(destinationCompoundPool, type(uint256).max);
          IStaking(destinationCompoundPool).deposit(user, tokens[i], vars.amount);
          IERC20Upgradeable(tokens[i]).approve(destinationCompoundPool, 0);
        } else if (bridgeTokenLzEid[tokens[i]] > 0) {
          // Check for OFT dust
          if (
            ERC20Upgradeable(tokens[i]).decimals() == 6 ||
            (ERC20Upgradeable(tokens[i]).decimals() == 18 && vars.amount > 1e12)
          ) {
            vars.tokenOApp = IOApp(tokens[i]);
            if (vars.tokenOApp.useCustomAdapterParams()) {
              vars.adapterParams = abi.encodePacked(
                uint16(1),
                vars.tokenOApp.minDstGasLookup(bridgeTokenLzEid[tokens[i]], 0)
              );
            }
            (uint256 nativeFee, ) = lzEndpoint.estimateFees(
              bridgeTokenLzEid[tokens[i]],
              tokens[i],
              abi.encodePacked(uint8(0), LzLib.addressToBytes32(user), vars.amount),
              false,
              vars.adapterParams
            );
            IOFTV2(tokens[i]).sendFrom{ value: nativeFee }(
              address(this),
              bridgeTokenLzEid[tokens[i]],
              LzLib.addressToBytes32(user),
              vars.amount,
              ICommonOFT.LzCallParams({
                refundAddress: payable(user),
                zroPaymentAddress: address(0),
                adapterParams: vars.adapterParams
              })
            );
            if (vars.msgValue > nativeFee) {
              vars.msgValue -= nativeFee;
            } else {
              vars.msgValue = 0;
            }
          }
        } else {
          IERC20Upgradeable(tokens[i]).safeTransfer(user, vars.amount);
        }
      }

      unchecked {
        ++i;
      }
    }
    return vars.msgValue;
  }

  function _claimAll(
    address user,
    address[] memory pools,
    address[][] memory rewarders,
    uint256 startEpochTimestamp,
    uint256 noOfEpochs
  ) internal {
    uint256 length = pools.length;
    for (uint256 i = 0; i < length; ) {
      if (tlcStaking == pools[i]) {
        ITLCStaking(pools[i]).harvestToCompounder(
          user,
          startEpochTimestamp,
          noOfEpochs,
          rewarders[i]
        );
      } else {
        IStaking(pools[i]).harvestToCompounder(user, rewarders[i]);
      }

      unchecked {
        ++i;
      }
    }
  }

  function claimAndCompound(address user, bool isCrossChain) public payable {
    _claimAll(user, defaultPools, defaultRewarders, defaultStartEpochTimestamp, type(uint256).max);
    uint256 msgValueLeft = _compoundOrTransfer(user, true);
    if (isCrossChain) _broadcastClaim(user, msgValueLeft);
  }

  function _broadcastClaim(address user, uint256 msgValue) internal {
    uint16 version = 1;
    bytes memory adapterParams = abi.encodePacked(version, gasForDestinationLzReceive);

    for (uint256 i = 0; i < destinationLzEid.length; ) {
      // send LayerZero message
      _lzSend(
        destinationLzEid[i],
        abi.encode(user), // payload
        payable(user), // refund address
        address(0x0), // unused
        adapterParams, // v1 adapterParams, specify custom destination gas qty
        msgValue
      );
      unchecked {
        ++i;
      }
    }
  }

  function _nonblockingLzReceive(
    uint16 /*_srcChainId*/,
    bytes memory /*_srcAddress*/,
    uint64 /*_nonce*/,
    bytes memory _payload
  ) internal override {
    address user = abi.decode(_payload, (address));
    claimAndCompound(user, false);
  }

  function recoverToken(address _token, address _to, uint256 _amount) external onlyOwner {
    TransferLib.nativeOrToken(_token, _to, _amount);
  }

  receive() external payable {}

  /// @custom:oz-upgrades-unsafe-allow constructor
  constructor() {
    _disableInitializers();
  }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)

pragma solidity ^0.8.0;

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract Context {
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)

pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";

/**
 * @dev Provides information about the current execution context, including the
 * sender of the transaction and its data. While these are generally available
 * via msg.sender and msg.data, they should not be accessed in such a direct
 * manner, since when dealing with meta-transactions the account sending and
 * paying for execution may not be the actual sender (as far as an application
 * is concerned).
 *
 * This contract is only required for intermediate, library-like contracts.
 */
abstract contract ContextUpgradeable is Initializable {
    function __Context_init() internal onlyInitializing {
    }

    function __Context_init_unchained() internal onlyInitializing {
    }
    function _msgSender() internal view virtual returns (address) {
        return msg.sender;
    }

    function _msgData() internal view virtual returns (bytes calldata) {
        return msg.data;
    }

    /**
     * @dev This empty reserved space is put in place to allow future versions to add new
     * variables without shifting down storage in the inheritance chain.
     * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
     */
    uint256[50] private __gap;
}

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.18;

contract Counter {
    uint256 private count;

    function increment() public {
        count += 1;
    }

    function incrementArr(uint256[] calldata values) public {
        for (uint256 i = 0; i < values.length; i++) {
            count += 1;
        }
    }

    function getCount() public view returns (uint256) {
        return count;
    }
}

// SPDX-License-Identifier: MIT
pragma solidity 0.8.18;

import { Ownable } from "lib/openzeppelin-contracts/contracts/access/Ownable.sol";
import { IERC20 } from "lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol";
import { SafeERC20 } from "lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
import { ReentrancyGuard } from "lib/openzeppelin-contracts/contracts/security/ReentrancyGuard.sol";

contract Dog is Ownable, ReentrancyGuard {
  using SafeERC20 for IERC20;

  uint256 private constant ONE_MONTH_TIMESTAMP = 30 days;

  string public name;
  IERC20 public token;
  uint128 public endCliffTimestamp;
  uint128 public lockedMonth;
  uint128 public lockedAmount;
  uint128 public claimedAmount;

  event LogLeggo(address who, uint256 amount);

  constructor(string memory _name, IERC20 _token) {
    name = _name;
    token = _token;
  }

  function bite(
    uint128 _endCliffTimestamp,
    uint128 _lockedMonth,
    uint128 _lockedAmount
  ) external onlyOwner {
    // Check
    require(_endCliffTimestamp > block.timestamp, "bad timestamp");

    // Effect
    endCliffTimestamp = _endCliffTimestamp;
    lockedMonth = _lockedMonth;
    lockedAmount = _lockedAmount;

    // Interaction
    token.safeTransferFrom(msg.sender, address(this), _lockedAmount);
  }

  function claimable() public view returns (uint128) {
    return unlocked() - claimedAmount;
  }

  function unlocked() public view returns (uint128) {
    if (block.timestamp < endCliffTimestamp) return 0;

    // Calculate the elapsed months since the end of the lock period.
    uint256 elapsedMonths = (block.timestamp - endCliffTimestamp) / ONE_MONTH_TIMESTAMP;

    // Calculate the unlock amount
    return
      elapsedMonths >= lockedMonth
        ? lockedAmount
        : uint128((lockedAmount * elapsedMonths) / lockedMonth);
  }

  function leggo(uint128 _amount) external onlyOwner {
    // Check
    require(_amount <= claimable(), "bad _amount");

    // Effect
    // Update the claimed amount for the user
    claimedAmount += _amount;

    // Interaction
    // Transfer tokens from this contract
    token.safeTransfer(msg.sender, _amount);

    emit LogLeggo(msg.sender, _amount);
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";

contract DragonPoint is ERC20Upgradeable, OwnableUpgradeable {
  mapping(address => bool) public isTransferrer;
  mapping(address => bool) public isMinter;

  event DragonPoint_SetMinter(address minter, bool prevAllow, bool newAllow);

  error DragonPoint_isNotTransferrer();
  error DragonPoint_NotMinter();

  modifier onlyMinter() {
    if (!isMinter[msg.sender]) revert DragonPoint_NotMinter();
    _;
  }

  function initialize() external initializer {
    OwnableUpgradeable.__Ownable_init();
    ERC20Upgradeable.__ERC20_init("Dragon Point", "DP");
  }

  function setMinter(address minter, bool allow) external onlyOwner {
    emit DragonPoint_SetMinter(minter, isMinter[minter], allow);
    isMinter[minter] = allow;
  }

  function mint(address to, uint256 amount) public onlyMinter {
    _mint(to, amount);
  }

  function burn(address from, uint256 amount) public onlyMinter {
    _burn(from, amount);
  }

  function setTransferrer(address transferrer, bool isActive) external onlyOwner {
    isTransferrer[transferrer] = isActive;
  }

  function _transfer(address from, address to, uint256 amount) internal virtual override {
    if (!isTransferrer[msg.sender]) revert DragonPoint_isNotTransferrer();

    super._transfer(from, to, amount);
  }

  function transferFrom(
    address from,
    address to,
    uint256 amount
  ) public virtual override returns (bool) {
    _transfer(from, to, amount);
    return true;
  }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)

pragma solidity ^0.8.0;

import "./IERC165.sol";

/**
 * @dev Implementation of the {IERC165} interface.
 *
 * Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
 * for the additional interface id that will be supported. For example:
 *
 * ```solidity
 * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
 *     return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
 * }
 * ```
 *
 * Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
 */
abstract contract ERC165 is IERC165 {
    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IERC165).interfaceId;
    }
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)

pragma solidity ^0.8.0;

import "./IERC165Upgradeable.sol";
import "../../proxy/utils/Initializable.sol";

/**
 * @dev Implementation of the {IERC165} interface.
 *
 * Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
 * for the additional interface id that will be supported. For example:
 *
 * ```solidity
 * function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
 *     return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
 * }
 * ```
 *
 * Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
 */
abstract contract ERC165Upgradeable is Initializable, IERC165Upgradeable {
    function __ERC165_init() internal onlyInitializing {
    }

    function __ERC165_init_unchained() internal onlyInitializing {
    }
    /**
     * @dev See {IERC165-supportsInterface}.
     */
    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
        return interfaceId == type(IERC165Upgradeable).interfaceId;
    }

    /**
     * @dev This empty reserved space is put in place to allow future versions to add new
     * variables without shifting down storage in the inheritance chain.
     * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
     */
    uint256[50] private __gap;
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)

pragma solidity ^0.8.0;

import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";

/**
 * @dev Implementation of the {IERC20} interface.
 *
 * This implementation is agnostic to the way tokens are created. This means
 * that a supply mechanism has to be added in a derived contract using {_mint}.
 * For a generic mechanism see {ERC20PresetMinterPauser}.
 *
 * TIP: For a detailed writeup see our guide
 * https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
 * to implement supply mechanisms].
 *
 * We have followed general OpenZeppelin Contracts guidelines: functions revert
 * instead returning `false` on failure. This behavior is nonetheless
 * conventional and does not conflict with the expectations of ERC20
 * applications.
 *
 * Additionally, an {Approval} event is emitted on calls to {transferFrom}.
 * This allows applications to reconstruct the allowance for all accounts just
 * by listening to said events. Other implementations of the EIP may not emit
 * these events, as it isn't required by the specification.
 *
 * Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
 * functions have been added to mitigate the well-known issues around setting
 * allowances. See {IERC20-approve}.
 */
contract ERC20 is Context, IERC20, IERC20Metadata {
    mapping(address => uint256) private _balances;

    mapping(address => mapping(address => uint256)) private _allowances;

    uint256 private _totalSupply;

    string private _name;
    string private _symbol;

    /**
     * @dev Sets the values for {name} and {symbol}.
     *
     * The default value of {decimals} is 18. To select a different value for
     * {decimals} you should overload it.
     *
     * All two of these values are immutable: they can only be set once during
     * construction.
     */
    constructor(string memory name_, string memory symbol_) {
        _name = name_;
        _symbol = symbol_;
    }

    /**
     * @dev Returns the name of the token.
     */
    function name() public view virtual override returns (string memory) {
        return _name;
    }

    /**
     * @dev Returns the symbol of the token, usually a shorter version of the
     * name.
     */
    function symbol() public view virtual override returns (string memory) {
        return _symbol;
    }

    /**
     * @dev Returns the number of decimals used to get its user representation.
     * For example, if `decimals` equals `2`, a balance of `505` tokens should
     * be displayed to a user as `5.05` (`505 / 10 ** 2`).
     *
     * Tokens usually opt for a value of 18, imitating the relationship between
     * Ether and Wei. This is the value {ERC20} uses, unless this function is
     * overridden;
     *
     * NOTE: This information is only used for _display_ purposes: it in
     * no way affects any of the arithmetic of the contract, including
     * {IERC20-balanceOf} and {IERC20-transfer}.
     */
    function decimals() public view virtual override returns (uint8) {
        return 18;
    }

    /**
     * @dev See {IERC20-totalSupply}.
     */
    function totalSupply() public view virtual override returns (uint256) {
        return _totalSupply;
    }

    /**
     * @dev See {IERC20-balanceOf}.
     */
    function balanceOf(address account) public view virtual override returns (uint256) {
        return _balances[account];
    }

    /**
     * @dev See {IERC20-transfer}.
     *
     * Requirements:
     *
     * - `to` cannot be the zero address.
     * - the caller must have a balance of at least `amount`.
     */
    function transfer(address to, uint256 amount) public virtual override returns (bool) {
        address owner = _msgSender();
        _transfer(owner, to, amount);
        return true;
    }

    /**
     * @dev See {IERC20-allowance}.
     */
    function allowance(address owner, address spender) public view virtual override returns (uint256) {
        return _allowances[owner][spender];
    }

    /**
     * @dev See {IERC20-approve}.
     *
     * NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
     * `transferFrom`. This is semantically equivalent to an infinite approval.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     */
    function approve(address spender, uint256 amount) public virtual override returns (bool) {
        address owner = _msgSender();
        _approve(owner, spender, amount);
        return true;
    }

    /**
     * @dev See {IERC20-transferFrom}.
     *
     * Emits an {Approval} event indicating the updated allowance. This is not
     * required by the EIP. See the note at the beginning of {ERC20}.
     *
     * NOTE: Does not update the allowance if the current allowance
     * is the maximum `uint256`.
     *
     * Requirements:
     *
     * - `from` and `to` cannot be the zero address.
     * - `from` must have a balance of at least `amount`.
     * - the caller must have allowance for ``from``'s tokens of at least
     * `amount`.
     */
    function transferFrom(
        address from,
        address to,
        uint256 amount
    ) public virtual override returns (bool) {
        address spender = _msgSender();
        _spendAllowance(from, spender, amount);
        _transfer(from, to, amount);
        return true;
    }

    /**
     * @dev Atomically increases the allowance granted to `spender` by the caller.
     *
     * This is an alternative to {approve} that can be used as a mitigation for
     * problems described in {IERC20-approve}.
     *
     * Emits an {Approval} event indicating the updated allowance.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     */
    function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
        address owner = _msgSender();
        _approve(owner, spender, allowance(owner, spender) + addedValue);
        return true;
    }

    /**
     * @dev Atomically decreases the allowance granted to `spender` by the caller.
     *
     * This is an alternative to {approve} that can be used as a mitigation for
     * problems described in {IERC20-approve}.
     *
     * Emits an {Approval} event indicating the updated allowance.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     * - `spender` must have allowance for the caller of at least
     * `subtractedValue`.
     */
    function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
        address owner = _msgSender();
        uint256 currentAllowance = allowance(owner, spender);
        require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
        unchecked {
            _approve(owner, spender, currentAllowance - subtractedValue);
        }

        return true;
    }

    /**
     * @dev Moves `amount` of tokens from `from` to `to`.
     *
     * This internal function is equivalent to {transfer}, and can be used to
     * e.g. implement automatic token fees, slashing mechanisms, etc.
     *
     * Emits a {Transfer} event.
     *
     * Requirements:
     *
     * - `from` cannot be the zero address.
     * - `to` cannot be the zero address.
     * - `from` must have a balance of at least `amount`.
     */
    function _transfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {
        require(from != address(0), "ERC20: transfer from the zero address");
        require(to != address(0), "ERC20: transfer to the zero address");

        _beforeTokenTransfer(from, to, amount);

        uint256 fromBalance = _balances[from];
        require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
        unchecked {
            _balances[from] = fromBalance - amount;
            // Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
            // decrementing then incrementing.
            _balances[to] += amount;
        }

        emit Transfer(from, to, amount);

        _afterTokenTransfer(from, to, amount);
    }

    /** @dev Creates `amount` tokens and assigns them to `account`, increasing
     * the total supply.
     *
     * Emits a {Transfer} event with `from` set to the zero address.
     *
     * Requirements:
     *
     * - `account` cannot be the zero address.
     */
    function _mint(address account, uint256 amount) internal virtual {
        require(account != address(0), "ERC20: mint to the zero address");

        _beforeTokenTransfer(address(0), account, amount);

        _totalSupply += amount;
        unchecked {
            // Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
            _balances[account] += amount;
        }
        emit Transfer(address(0), account, amount);

        _afterTokenTransfer(address(0), account, amount);
    }

    /**
     * @dev Destroys `amount` tokens from `account`, reducing the
     * total supply.
     *
     * Emits a {Transfer} event with `to` set to the zero address.
     *
     * Requirements:
     *
     * - `account` cannot be the zero address.
     * - `account` must have at least `amount` tokens.
     */
    function _burn(address account, uint256 amount) internal virtual {
        require(account != address(0), "ERC20: burn from the zero address");

        _beforeTokenTransfer(account, address(0), amount);

        uint256 accountBalance = _balances[account];
        require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
        unchecked {
            _balances[account] = accountBalance - amount;
            // Overflow not possible: amount <= accountBalance <= totalSupply.
            _totalSupply -= amount;
        }

        emit Transfer(account, address(0), amount);

        _afterTokenTransfer(account, address(0), amount);
    }

    /**
     * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
     *
     * This internal function is equivalent to `approve`, and can be used to
     * e.g. set automatic allowances for certain subsystems, etc.
     *
     * Emits an {Approval} event.
     *
     * Requirements:
     *
     * - `owner` cannot be the zero address.
     * - `spender` cannot be the zero address.
     */
    function _approve(
        address owner,
        address spender,
        uint256 amount
    ) internal virtual {
        require(owner != address(0), "ERC20: approve from the zero address");
        require(spender != address(0), "ERC20: approve to the zero address");

        _allowances[owner][spender] = amount;
        emit Approval(owner, spender, amount);
    }

    /**
     * @dev Updates `owner` s allowance for `spender` based on spent `amount`.
     *
     * Does not update the allowance amount in case of infinite allowance.
     * Revert if not enough allowance is available.
     *
     * Might emit an {Approval} event.
     */
    function _spendAllowance(
        address owner,
        address spender,
        uint256 amount
    ) internal virtual {
        uint256 currentAllowance = allowance(owner, spender);
        if (currentAllowance != type(uint256).max) {
            require(currentAllowance >= amount, "ERC20: insufficient allowance");
            unchecked {
                _approve(owner, spender, currentAllowance - amount);
            }
        }
    }

    /**
     * @dev Hook that is called before any transfer of tokens. This includes
     * minting and burning.
     *
     * Calling conditions:
     *
     * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
     * will be transferred to `to`.
     * - when `from` is zero, `amount` tokens will be minted for `to`.
     * - when `to` is zero, `amount` of ``from``'s tokens will be burned.
     * - `from` and `to` are never both zero.
     *
     * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
     */
    function _beforeTokenTransfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {}

    /**
     * @dev Hook that is called after any transfer of tokens. This includes
     * minting and burning.
     *
     * Calling conditions:
     *
     * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
     * has been transferred to `to`.
     * - when `from` is zero, `amount` tokens have been minted for `to`.
     * - when `to` is zero, `amount` of ``from``'s tokens have been burned.
     * - `from` and `to` are never both zero.
     *
     * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
     */
    function _afterTokenTransfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {}
}

// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)

pragma solidity ^0.8.0;

import "./IERC20Upgradeable.sol";
import "./extensions/IERC20MetadataUpgradeable.sol";
import "../../utils/ContextUpgradeable.sol";
import "../../proxy/utils/Initializable.sol";

/**
 * @dev Implementation of the {IERC20} interface.
 *
 * This implementation is agnostic to the way tokens are created. This means
 * that a supply mechanism has to be added in a derived contract using {_mint}.
 * For a generic mechanism see {ERC20PresetMinterPauser}.
 *
 * TIP: For a detailed writeup see our guide
 * https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
 * to implement supply mechanisms].
 *
 * We have followed general OpenZeppelin Contracts guidelines: functions revert
 * instead returning `false` on failure. This behavior is nonetheless
 * conventional and does not conflict with the expectations of ERC20
 * applications.
 *
 * Additionally, an {Approval} event is emitted on calls to {transferFrom}.
 * This allows applications to reconstruct the allowance for all accounts just
 * by listening to said events. Other implementations of the EIP may not emit
 * these events, as it isn't required by the specification.
 *
 * Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
 * functions have been added to mitigate the well-known issues around setting
 * allowances. See {IERC20-approve}.
 */
contract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20Upgradeable, IERC20MetadataUpgradeable {
    mapping(address => uint256) private _balances;

    mapping(address => mapping(address => uint256)) private _allowances;

    uint256 private _totalSupply;

    string private _name;
    string private _symbol;

    /**
     * @dev Sets the values for {name} and {symbol}.
     *
     * The default value of {decimals} is 18. To select a different value for
     * {decimals} you should overload it.
     *
     * All two of these values are immutable: they can only be set once during
     * construction.
     */
    function __ERC20_init(string memory name_, string memory symbol_) internal onlyInitializing {
        __ERC20_init_unchained(name_, symbol_);
    }

    function __ERC20_init_unchained(string memory name_, string memory symbol_) internal onlyInitializing {
        _name = name_;
        _symbol = symbol_;
    }

    /**
     * @dev Returns the name of the token.
     */
    function name() public view virtual override returns (string memory) {
        return _name;
    }

    /**
     * @dev Returns the symbol of the token, usually a shorter version of the
     * name.
     */
    function symbol() public view virtual override returns (string memory) {
        return _symbol;
    }

    /**
     * @dev Returns the number of decimals used to get its user representation.
     * For example, if `decimals` equals `2`, a balance of `505` tokens should
     * be displayed to a user as `5.05` (`505 / 10 ** 2`).
     *
     * Tokens usually opt for a value of 18, imitating the relationship between
     * Ether and Wei. This is the value {ERC20} uses, unless this function is
     * overridden;
     *
     * NOTE: This information is only used for _display_ purposes: it in
     * no way affects any of the arithmetic of the contract, including
     * {IERC20-balanceOf} and {IERC20-transfer}.
     */
    function decimals() public view virtual override returns (uint8) {
        return 18;
    }

    /**
     * @dev See {IERC20-totalSupply}.
     */
    function totalSupply() public view virtual override returns (uint256) {
        return _totalSupply;
    }

    /**
     * @dev See {IERC20-balanceOf}.
     */
    function balanceOf(address account) public view virtual override returns (uint256) {
        return _balances[account];
    }

    /**
     * @dev See {IERC20-transfer}.
     *
     * Requirements:
     *
     * - `to` cannot be the zero address.
     * - the caller must have a balance of at least `amount`.
     */
    function transfer(address to, uint256 amount) public virtual override returns (bool) {
        address owner = _msgSender();
        _transfer(owner, to, amount);
        return true;
    }

    /**
     * @dev See {IERC20-allowance}.
     */
    function allowance(address owner, address spender) public view virtual override returns (uint256) {
        return _allowances[owner][spender];
    }

    /**
     * @dev See {IERC20-approve}.
     *
     * NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
     * `transferFrom`. This is semantically equivalent to an infinite approval.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     */
    function approve(address spender, uint256 amount) public virtual override returns (bool) {
        address owner = _msgSender();
        _approve(owner, spender, amount);
        return true;
    }

    /**
     * @dev See {IERC20-transferFrom}.
     *
     * Emits an {Approval} event indicating the updated allowance. This is not
     * required by the EIP. See the note at the beginning of {ERC20}.
     *
     * NOTE: Does not update the allowance if the current allowance
     * is the maximum `uint256`.
     *
     * Requirements:
     *
     * - `from` and `to` cannot be the zero address.
     * - `from` must have a balance of at least `amount`.
     * - the caller must have allowance for ``from``'s tokens of at least
     * `amount`.
     */
    function transferFrom(
        address from,
        address to,
        uint256 amount
    ) public virtual override returns (bool) {
        address spender = _msgSender();
        _spendAllowance(from, spender, amount);
        _transfer(from, to, amount);
        return true;
    }

    /**
     * @dev Atomically increases the allowance granted to `spender` by the caller.
     *
     * This is an alternative to {approve} that can be used as a mitigation for
     * problems described in {IERC20-approve}.
     *
     * Emits an {Approval} event indicating the updated allowance.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     */
    function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
        address owner = _msgSender();
        _approve(owner, spender, allowance(owner, spender) + addedValue);
        return true;
    }

    /**
     * @dev Atomically decreases the allowance granted to `spender` by the caller.
     *
     * This is an alternative to {approve} that can be used as a mitigation for
     * problems described in {IERC20-approve}.
     *
     * Emits an {Approval} event indicating the updated allowance.
     *
     * Requirements:
     *
     * - `spender` cannot be the zero address.
     * - `spender` must have allowance for the caller of at least
     * `subtractedValue`.
     */
    function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
        address owner = _msgSender();
        uint256 currentAllowance = allowance(owner, spender);
        require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
        unchecked {
            _approve(owner, spender, currentAllowance - subtractedValue);
        }

        return true;
    }

    /**
     * @dev Moves `amount` of tokens from `from` to `to`.
     *
     * This internal function is equivalent to {transfer}, and can be used to
     * e.g. implement automatic token fees, slashing mechanisms, etc.
     *
     * Emits a {Transfer} event.
     *
     * Requirements:
     *
     * - `from` cannot be the zero address.
     * - `to` cannot be the zero address.
     * - `from` must have a balance of at least `amount`.
     */
    function _transfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {
        require(from != address(0), "ERC20: transfer from the zero address");
        require(to != address(0), "ERC20: transfer to the zero address");

        _beforeTokenTransfer(from, to, amount);

        uint256 fromBalance = _balances[from];
        require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
        unchecked {
            _balances[from] = fromBalance - amount;
            // Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
            // decrementing then incrementing.
            _balances[to] += amount;
        }

        emit Transfer(from, to, amount);

        _afterTokenTransfer(from, to, amount);
    }

    /** @dev Creates `amount` tokens and assigns them to `account`, increasing
     * the total supply.
     *
     * Emits a {Transfer} event with `from` set to the zero address.
     *
     * Requirements:
     *
     * - `account` cannot be the zero address.
     */
    function _mint(address account, uint256 amount) internal virtual {
        require(account != address(0), "ERC20: mint to the zero address");

        _beforeTokenTransfer(address(0), account, amount);

        _totalSupply += amount;
        unchecked {
            // Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
            _balances[account] += amount;
        }
        emit Transfer(address(0), account, amount);

        _afterTokenTransfer(address(0), account, amount);
    }

    /**
     * @dev Destroys `amount` tokens from `account`, reducing the
     * total supply.
     *
     * Emits a {Transfer} event with `to` set to the zero address.
     *
     * Requirements:
     *
     * - `account` cannot be the zero address.
     * - `account` must have at least `amount` tokens.
     */
    function _burn(address account, uint256 amount) internal virtual {
        require(account != address(0), "ERC20: burn from the zero address");

        _beforeTokenTransfer(account, address(0), amount);

        uint256 accountBalance = _balances[account];
        require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
        unchecked {
            _balances[account] = accountBalance - amount;
            // Overflow not possible: amount <= accountBalance <= totalSupply.
            _totalSupply -= amount;
        }

        emit Transfer(account, address(0), amount);

        _afterTokenTransfer(account, address(0), amount);
    }

    /**
     * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
     *
     * This internal function is equivalent to `approve`, and can be used to
     * e.g. set automatic allowances for certain subsystems, etc.
     *
     * Emits an {Approval} event.
     *
     * Requirements:
     *
     * - `owner` cannot be the zero address.
     * - `spender` cannot be the zero address.
     */
    function _approve(
        address owner,
        address spender,
        uint256 amount
    ) internal virtual {
        require(owner != address(0), "ERC20: approve from the zero address");
        require(spender != address(0), "ERC20: approve to the zero address");

        _allowances[owner][spender] = amount;
        emit Approval(owner, spender, amount);
    }

    /**
     * @dev Updates `owner` s allowance for `spender` based on spent `amount`.
     *
     * Does not update the allowance amount in case of infinite allowance.
     * Revert if not enough allowance is available.
     *
     * Might emit an {Approval} event.
     */
    function _spendAllowance(
        address owner,
        address spender,
        uint256 amount
    ) internal virtual {
        uint256 currentAllowance = allowance(owner, spender);
        if (currentAllowance != type(uint256).max) {
            require(currentAllowance >= amount, "ERC20: insufficient allowance");
            unchecked {
                _approve(owner, spender, currentAllowance - amount);
            }
        }
    }

    /**
     * @dev Hook that is called before any transfer of tokens. This includes
     * minting and burning.
     *
     * Calling conditions:
     *
     * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
     * will be transferred to `to`.
     * - when `from` is zero, `amount` tokens will be minted for `to`.
     * - when `to` is zero, `amount` of ``from``'s tokens will be burned.
     * - `from` and `to` are never both zero.
     *
     * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
     */
    function _beforeTokenTransfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {}

    /**
     * @dev Hook that is called after any transfer of tokens. This includes
     * minting and burning.
     *
     * Calling conditions:
     *
     * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
     * has been transferred to `to`.
     * - when `from` is zero, `amount` tokens have been minted for `to`.
     * - when `to` is zero, `amount` of ``from``'s tokens have been burned.
     * - `from` and `to` are never both zero.
     *
     * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
     */
    function _afterTokenTransfer(
        address from,
        address to,
        uint256 amount
    ) internal virtual {}

    /**
     * @dev This empty reserved space is put in place to allow future versions to add new
     * variables without shifting down storage in the inheritance chain.
     * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
     */
    uint256[45] private __gap;
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { TLCStaking } from "./TLCStaking.sol";
import { IRewarder } from "./interfaces/IRewarder.sol";
import { IEpochRewarder } from "./interfaces/IEpochRewarder.sol";

contract EpochFeedableRewarder is OwnableUpgradeable {
  using SafeERC20Upgradeable for ERC20Upgradeable;

  string public name;
  address public rewardToken;
  address public staking;
  address public feeder;
  uint256 public epochLength;

  mapping(uint256 => uint256) public accRewardPerShareByEpochTimestamp;
  mapping(uint256 => uint256) public rewardBalanceMapByEpochTimestamp;
  mapping(uint256 => mapping(address => bool)) public isClaimed;
  uint256 private constant ACC_REWARD_PRECISION = 1e30;

  // Events
  event LogOnDeposit(uint256 epochTimestamp, address indexed user, uint256 shareAmount);
  event LogOnWithdraw(uint256 epochTimestamp, address indexed user, uint256 shareAmount);
  event LogHarvest(uint256 epochTimestamp, address indexed user, uint256 pendingRewardAmount);
  event LogFeed(uint256 epochTimestamp, uint256 feedAmount, uint256 totalEpochReward);
  event LogSetFeeder(address oldFeeder, address newFeeder);

  // Error
  error EpochFeedableRewarderError_FeedAmountDecayed();
  error EpochFeedableRewarderError_NotStakingContract();
  error EpochFeedableRewarderError_NotFeeder();
  error EpochFeedableRewarderError_BadDuration();
  error EpochFeedableRewarderError_WithdrawalNotAllowed();
  error EpochFeedableRewarderError_EpochNotEnded();
  error EpochFeedableRewarderError_AlreadyFeed();

  modifier onlyStakingContract() {
    if (msg.sender != staking) revert EpochFeedableRewarderError_NotStakingContract();
    _;
  }

  modifier onlyFeeder() {
    if (msg.sender != feeder) revert EpochFeedableRewarderError_NotFeeder();
    _;
  }

  function initialize(
    string memory name_,
    address rewardToken_,
    address staking_
  ) external initializer {
    OwnableUpgradeable.__Ownable_init();

    name = name_;
    rewardToken = rewardToken_;
    staking = staking_;

    // At initialization, assume the feeder to be the contract owner
    feeder = owner();

    epochLength = 1 weeks;

    // Sanity check
    ERC20Upgradeable(rewardToken_).totalSupply();
    TLCStaking(staking_).isRewarder(address(this));
  }

  function onDeposit(
    uint256 epochTimestamp,
    address user,
    uint256 shareAmount
  ) external onlyStakingContract {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    _updateRewardCalculationParams(epochTimestamp);

    emit LogOnDeposit(epochTimestamp, user, shareAmount);
  }

  function onWithdraw(
    uint256 epochTimestamp,
    address user,
    uint256 shareAmount
  ) external onlyStakingContract {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    // Withdrawal will not be allowed when the epoch has ended.
    if (epochTimestamp >= getCurrentEpochTimestamp() + epochLength)
      revert EpochFeedableRewarderError_WithdrawalNotAllowed();

    _updateRewardCalculationParams(epochTimestamp);

    emit LogOnWithdraw(epochTimestamp, user, shareAmount);
  }

  function onHarvest(
    uint256 epochTimestamp,
    address user,
    address receiver
  ) external onlyStakingContract {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    if (!isClaimed[epochTimestamp][user]) {
      _updateRewardCalculationParams(epochTimestamp);

      uint256 accumulatedRewards = (_userShare(epochTimestamp, user) *
        accRewardPerShareByEpochTimestamp[epochTimestamp]) / ACC_REWARD_PRECISION;

      if (accumulatedRewards != 0) {
        isClaimed[epochTimestamp][user] = true;
        _harvestToken(receiver, accumulatedRewards);
      }

      emit LogHarvest(epochTimestamp, user, accumulatedRewards);
    }
  }

  function pendingReward(
    uint256 startEpochTimestamp,
    uint256 noOfEpochs,
    address userAddress
  ) external view returns (uint256) {
    uint256 userShare;
    uint256 accumRewardPerShare;
    uint256 pendingRewardAmount;
    uint256 totalRewardAmount;
    uint256 epochTimestamp = (startEpochTimestamp / epochLength) * epochLength;
    for (uint256 i = 0; i < noOfEpochs; ) {
      // If the epoch is in the future, then break the loop
      if (epochTimestamp + epochLength > block.timestamp) break;

      // Get user balance of the epoch
      userShare = TLCStaking(staking).calculateShare(epochTimestamp, userAddress);
      // Get accum reward per share of the epoch
      accumRewardPerShare = accRewardPerShareByEpochTimestamp[epochTimestamp];

      // If userShare is zero, then the user will not be eligible for reward in that epoch.
      // If accumRewardPerShare is zero, then the reward might not be distributed for that epoch yet. We will skip without burning user share.
      if (!isClaimed[epochTimestamp][userAddress] && userShare > 0 && accumRewardPerShare > 0) {
        // Calculate pending reward
        pendingRewardAmount = (userShare * accumRewardPerShare) / ACC_REWARD_PRECISION;
        totalRewardAmount += pendingRewardAmount;
      }

      // Increment epoch timestamp
      epochTimestamp += epochLength;

      unchecked {
        ++i;
      }
    }
    return totalRewardAmount;
  }

  function feed(uint256 epochTimestamp, uint256 feedAmount) external onlyFeeder {
    _feed(epochTimestamp, feedAmount);
  }

  function setFeeder(address feeder_) external onlyOwner {
    emit LogSetFeeder(feeder, feeder_);
    feeder = feeder_;
  }

  function _feed(uint256 epochTimestamp, uint256 feedAmount) internal {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    if (epochTimestamp + epochLength > block.timestamp)
      revert EpochFeedableRewarderError_EpochNotEnded();
    if (rewardBalanceMapByEpochTimestamp[epochTimestamp] > 0)
      revert EpochFeedableRewarderError_AlreadyFeed();

    {
      // Transfer token, with decay check
      uint256 balanceBefore = ERC20Upgradeable(rewardToken).balanceOf(address(this));
      ERC20Upgradeable(rewardToken).safeTransferFrom(msg.sender, address(this), feedAmount);

      if (ERC20Upgradeable(rewardToken).balanceOf(address(this)) - balanceBefore != feedAmount)
        revert EpochFeedableRewarderError_FeedAmountDecayed();
    }

    rewardBalanceMapByEpochTimestamp[epochTimestamp] += feedAmount;

    _updateRewardCalculationParams(epochTimestamp);

    emit LogFeed(epochTimestamp, feedAmount, rewardBalanceMapByEpochTimestamp[epochTimestamp]);
  }

  function _updateRewardCalculationParams(uint256 epochTimestamp) internal {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    uint256 totalShare = _totalShare(epochTimestamp);
    if (totalShare > 0) {
      accRewardPerShareByEpochTimestamp[epochTimestamp] =
        (rewardBalanceMapByEpochTimestamp[epochTimestamp] * ACC_REWARD_PRECISION) /
        totalShare;
    }
  }

  function _totalShare(uint256 epochTimestamp) private view returns (uint256) {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    return TLCStaking(staking).calculateTotalShare(epochTimestamp);
  }

  function _userShare(uint256 epochTimestamp, address user) private view returns (uint256) {
    // Floor down the timestamp, in case it is incorrectly formatted
    epochTimestamp = (epochTimestamp / epochLength) * epochLength;

    return TLCStaking(staking).calculateShare(epochTimestamp, user);
  }

  function _harvestToken(address receiver, uint256 pendingRewardAmount) internal virtual {
    ERC20Upgradeable(rewardToken).safeTransfer(receiver, pendingRewardAmount);
  }

  function getCurrentEpochTimestamp() public view returns (uint256 epochTimestamp) {
    return (block.timestamp / epochLength) * epochLength;
  }

  function getIsClaimed(uint256 epochTimestamp, address user) external view returns (bool) {
    return isClaimed[epochTimestamp][user];
  }

  /// @custom:oz-upgrades-unsafe-allow constructor
  constructor() {
    _disableInitializers();
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";

contract EsFDX is ERC20Upgradeable, OwnableUpgradeable {
  mapping(address => bool) public isTransferrer;
  mapping(address => bool) public isMinter;
  uint256 public maxTotalSupply;
  bool public allowTransfer;

  event EsFDX_SetMinter(address minter, bool prevAllow, bool newAllow);

  error EsFDX_isNotTransferrer();
  error EsFDX_NotMinter();
  error EsFDX_ExceedTotalSupply();

  modifier onlyMinter() {
    if (!isMinter[msg.sender]) revert EsFDX_NotMinter();
    _;
  }

  function initialize() external initializer {
    OwnableUpgradeable.__Ownable_init();
    ERC20Upgradeable.__ERC20_init("Escrowed FDX", "EsFDX");

    maxTotalSupply = 5_000_000 ether;
  }

  function setMinter(address minter, bool allow) external onlyOwner {
    emit EsFDX_SetMinter(minter, isMinter[minter], allow);
    isMinter[minter] = allow;
  }

  function mint(address to, uint256 amount) public onlyMinter {
    if (totalSupply() + amount > maxTotalSupply) revert EsFDX_ExceedTotalSupply();
    _mint(to, amount);
  }

  function setTransferrer(address transferrer, bool isActive) external onlyOwner {
    isTransferrer[transferrer] = isActive;
  }

  function setAllowTransfer(bool value) external onlyOwner {
    allowTransfer = value;
  }

  function _transfer(address from, address to, uint256 amount) internal virtual override {
    if (!allowTransfer && !isTransferrer[msg.sender]) revert EsFDX_isNotTransferrer();

    super._transfer(from, to, amount);
  }

  function transferFrom(
    address from,
    address to,
    uint256 amount
  ) public virtual override returns (bool) {
    _transfer(from, to, amount);
    return true;
  }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { ReentrancyGuardUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/security/ReentrancyGuardUpgradeable.sol";

import { IHMXStaking } from "src/staking/interfaces/IHMXStaking.sol";
import { MerkleProof } from "./MerkleProof.sol";

contract EsFDXAirdrop is OwnableUpgradeable, ReentrancyGuardUpgradeable {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  /**
   * Errors
   */
  error EsHMXAirdrop_Initialized();
  error EsHMXAirdrop_AlreadyClaimed();
  error EsHMXAirdrop_InvalidProof();
  error EsHMXAirdrop_Unauthorized();
  error EsHMXAirdrop_InvalidClaimTimestamp();
  error EsHMXAirdrop_ClaimHasNotStarted();

  /**
   * Events
   */
  // This event is triggered whenever a call to #claim succeeds.
  event Claimed(address indexed account, uint256 amount);
  event SetFeeder(address oldFeeder, address indexed newFeeder);
  event SetHmxStaking(address oldHmxStaking, address indexed newHmsStaking);
  event Init(bytes32 merkleRoot, uint256 claimStartTimestamp);

  /**
   * States
   */

  address public token;
  address public feeder;
  address public hmxStaking;
  uint256 public claimStartTimestamp;
  bytes32 public merkleRoot;
  bool public initialized;

  mapping(address => bool) public isClaimed; // Track the status is user already claimed

  /**
   * Modifiers
   */
  modifier onlyFeederOrOwner() {
    if (msg.sender != feeder && msg.sender != owner()) revert EsHMXAirdrop_Unauthorized();
    _;
  }

  /**
   * Initialize
   */
  function initialize(address _token, address _feeder, address _hmxStaking) external initializer {
    OwnableUpgradeable.__Ownable_init();
    ReentrancyGuardUpgradeable.__ReentrancyGuard_init();
    token = _token;
    feeder = _feeder;
    hmxStaking = _hmxStaking;
    IERC20Upgradeable(_token).safeApprove(_hmxStaking, type(uint256).max);
  }

  /**
   * Core Functions
   */

  function init(bytes32 _merkleRoot, uint256 _claimStartTimestamp) external onlyFeederOrOwner {
    if (initialized) revert EsHMXAirdrop_Initialized();
    if (_claimStartTimestamp < block.timestamp) revert EsHMXAirdrop_InvalidClaimTimestamp();
    merkleRoot = _merkleRoot;
    claimStartTimestamp = _claimStartTimestamp;
    initialized = true;

    emit Init(_merkleRoot, _claimStartTimestamp);
  }

  function claim(
    address _account,
    uint256 _amount,
    bytes32[] calldata _merkleProof
  ) external nonReentrant {
    _claim(_account, _amount, _merkleProof);
  }

  function emergencyWithdraw(address _receiver) external onlyOwner {
    IERC20Upgradeable tokenContract = IERC20Upgradeable(token);
    tokenContract.safeTransfer(_receiver, tokenContract.balanceOf(address(this)));
  }

  /**
   * Internal Functions
   */

  function _claim(address _account, uint256 _amount, bytes32[] calldata _merkleProof) internal {
    if (block.timestamp < claimStartTimestamp) revert EsHMXAirdrop_ClaimHasNotStarted();

    if (isClaimed[_account]) revert EsHMXAirdrop_AlreadyClaimed();

    // Verify the merkle proof.
    bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(_account, _amount))));
    if (!MerkleProof.verify(_merkleProof, merkleRoot, leaf)) revert EsHMXAirdrop_InvalidProof();

    // Mark it claimed and stake the token.
    isClaimed[_account] = true;
    IHMXStaking(hmxStaking).deposit(_account, token, _amount);
    emit Claimed(_account, _amount);
  }

  /**
   * Setter
   */

  function setFeeder(address _newFeeder) external onlyOwner {
    emit SetFeeder(feeder, _newFeeder);
    feeder = _newFeeder;
  }

  function setHmxStaking(address _newHmxStaking) external onlyOwner {
    emit SetHmxStaking(hmxStaking, _newHmxStaking);
    hmxStaking = _newHmxStaking;
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IHMXStaking } from "src/staking/interfaces/IHMXStaking.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { IEsHMXComposer } from "src/lz-composer/interfaces/IEsHMXComposer.sol";

contract EsFDXComposer is OwnableUpgradeable, IEsHMXComposer {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  IHMXStaking public hmxStaking;
  IERC20Upgradeable public esHMX;
  FailedRequest[] public failedRequests;
  address public proxyEsHMX;

  modifier onlyProxyEsHMX() {
    if (msg.sender != proxyEsHMX) revert EsHMXComposer_Unauthorized();
    _;
  }

  function initialize(address _hmxStaking, address _esHMX) external initializer {
    OwnableUpgradeable.__Ownable_init();

    hmxStaking = IHMXStaking(_hmxStaking);
    esHMX = IERC20Upgradeable(_esHMX);

    esHMX.approve(address(hmxStaking), type(uint256).max);
  }

  function setProxyEsHMX(address _proxyEsHMX) external onlyOwner {
    emit LogSetProxyEsHMX(proxyEsHMX, _proxyEsHMX);

    proxyEsHMX = _proxyEsHMX;
  }

  function stakeFor(address user, uint256 amount) external onlyProxyEsHMX {
    esHMX.safeTransferFrom(msg.sender, address(this), amount);
    try hmxStaking.deposit(user, address(esHMX), amount) {
      // Execution succeeded
      emit LogStakeForSuccess(user, amount);
    } catch Error(string memory /*errMsg*/) {
      _handleFailure(user, amount);
    } catch Panic(uint /*errorCode*/) {
      _handleFailure(user, amount);
    } catch (bytes memory /*errMsg*/) {
      _handleFailure(user, amount);
    }
  }

  function _handleFailure(address user, uint256 amount) internal {
    failedRequests.push(FailedRequest({ user: user, amount: amount, isResolved: false }));
    emit LogStakeForFailed(user, amount);
  }

  function retry(uint256[] memory indexes) external onlyOwner {
    uint256 index;
    for (uint256 i = 0; i < indexes.length; ) {
      index = indexes[i];
      hmxStaking.deposit(failedRequests[index].user, address(esHMX), failedRequests[index].amount);

      failedRequests[index].isResolved = true;

      unchecked {
        ++i;
      }
    }
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";

contract EsHMX is ERC20Upgradeable, OwnableUpgradeable {
  mapping(address => bool) public isTransferrer;
  mapping(address => bool) public isMinter;
  uint256 public maxTotalSupply;

  event EsHMX_SetMinter(address minter, bool prevAllow, bool newAllow);

  error EsHMX_isNotTransferrer();
  error EsHMX_NotMinter();
  error EsHMX_ExceedTotalSupply();

  modifier onlyMinter() {
    if (!isMinter[msg.sender]) revert EsHMX_NotMinter();
    _;
  }

  function initialize() external initializer {
    OwnableUpgradeable.__Ownable_init();
    ERC20Upgradeable.__ERC20_init("Escrowed HMX", "EsHMX");

    maxTotalSupply = 10_000_000 ether;
  }

  function setMinter(address minter, bool allow) external onlyOwner {
    emit EsHMX_SetMinter(minter, isMinter[minter], allow);
    isMinter[minter] = allow;
  }

  function mint(address to, uint256 amount) public onlyMinter {
    if (totalSupply() + amount > maxTotalSupply) revert EsHMX_ExceedTotalSupply();
    _mint(to, amount);
  }

  function setTransferrer(address transferrer, bool isActive) external onlyOwner {
    isTransferrer[transferrer] = isActive;
  }

  function _transfer(address from, address to, uint256 amount) internal virtual override {
    if (!isTransferrer[msg.sender]) revert EsHMX_isNotTransferrer();

    super._transfer(from, to, amount);
  }

  function transferFrom(
    address from,
    address to,
    uint256 amount
  ) public virtual override returns (bool) {
    _transfer(from, to, amount);
    return true;
  }
}

// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { ReentrancyGuardUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/security/ReentrancyGuardUpgradeable.sol";

import { IHMXStaking } from "src/staking/interfaces/IHMXStaking.sol";
import { MerkleProof } from "./MerkleProof.sol";

contract EsHMXAirdrop is OwnableUpgradeable, ReentrancyGuardUpgradeable {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  /**
   * Errors
   */
  error EsHMXAirdrop_Initialized();
  error EsHMXAirdrop_AlreadyClaimed();
  error EsHMXAirdrop_InvalidProof();
  error EsHMXAirdrop_Unauthorized();
  error EsHMXAirdrop_InvalidClaimTimestamp();
  error EsHMXAirdrop_ClaimHasNotStarted();

  /**
   * Events
   */
  // This event is triggered whenever a call to #claim succeeds.
  event Claimed(address indexed account, uint256 amount);
  event SetFeeder(address oldFeeder, address indexed newFeeder);
  event SetHmxStaking(address oldHmxStaking, address indexed newHmsStaking);
  event Init(bytes32 merkleRoot, uint256 claimStartTimestamp);

  /**
   * States
   */

  address public token;
  address public feeder;
  address public hmxStaking;
  uint256 public claimStartTimestamp;
  bytes32 public merkleRoot;
  bool public initialized;

  mapping(address => bool) public isClaimed; // Track the status is user already claimed

  /**
   * Modifiers
   */
  modifier onlyFeederOrOwner() {
    if (msg.sender != feeder && msg.sender != owner()) revert EsHMXAirdrop_Unauthorized();
    _;
  }

  /**
   * Initialize
   */
  function initialize(address _token, address _feeder, address _hmxStaking) external initializer {
    OwnableUpgradeable.__Ownable_init();
    ReentrancyGuardUpgradeable.__ReentrancyGuard_init();
    token = _token;
    feeder = _feeder;
    hmxStaking = _hmxStaking;
    IERC20Upgradeable(_token).safeApprove(_hmxStaking, type(uint256).max);
  }

  /**
   * Core Functions
   */

  function init(bytes32 _merkleRoot, uint256 _claimStartTimestamp) external onlyFeederOrOwner {
    if (initialized) revert EsHMXAirdrop_Initialized();
    if (_claimStartTimestamp < block.timestamp) revert EsHMXAirdrop_InvalidClaimTimestamp();
    merkleRoot = _merkleRoot;
    claimStartTimestamp = _claimStartTimestamp;
    initialized = true;

    emit Init(_merkleRoot, _claimStartTimestamp);
  }

  function claim(
    address _account,
    uint256 _amount,
    bytes32[] calldata _merkleProof
  ) external nonReentrant {
    _claim(_account, _amount, _merkleProof);
  }

  function emergencyWithdraw(address _receiver) external onlyOwner {
    IERC20Upgradeable tokenContract = IERC20Upgradeable(token);
    tokenContract.safeTransfer(_receiver, tokenContract.balanceOf(address(this)));
  }

  /**
   * Internal Functions
   */

  function _claim(address _account, uint256 _amount, bytes32[] calldata _merkleProof) internal {
    if (block.timestamp < claimStartTimestamp) revert EsHMXAirdrop_ClaimHasNotStarted();

    if (isClaimed[_account]) revert EsHMXAirdrop_AlreadyClaimed();

    // Verify the merkle proof.
    bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(_account, _amount))));
    if (!MerkleProof.verify(_merkleProof, merkleRoot, leaf)) revert EsHMXAirdrop_InvalidProof();

    // Mark it claimed and stake the token.
    isClaimed[_account] = true;
    IHMXStaking(hmxStaking).deposit(_account, token, _amount);
    emit Claimed(_account, _amount);
  }

  /**
   * Setter
   */

  function setFeeder(address _newFeeder) external onlyOwner {
    emit SetFeeder(feeder, _newFeeder);
    feeder = _newFeeder;
  }

  function setHmxStaking(address _newHmxStaking) external onlyOwner {
    emit SetHmxStaking(hmxStaking, _newHmxStaking);
    hmxStaking = _newHmxStaking;
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IHMXStaking } from "src/staking/interfaces/IHMXStaking.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { IEsHMXComposer } from "src/lz-composer/interfaces/IEsHMXComposer.sol";

contract EsHMXComposer is OwnableUpgradeable, IEsHMXComposer {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  IHMXStaking public hmxStaking;
  IERC20Upgradeable public esHMX;
  FailedRequest[] public failedRequests;
  address public proxyEsHMX;

  modifier onlyProxyEsHMX() {
    if (msg.sender != proxyEsHMX) revert EsHMXComposer_Unauthorized();
    _;
  }

  function initialize(address _hmxStaking, address _esHMX) external initializer {
    OwnableUpgradeable.__Ownable_init();

    hmxStaking = IHMXStaking(_hmxStaking);
    esHMX = IERC20Upgradeable(_esHMX);

    esHMX.approve(address(hmxStaking), type(uint256).max);
  }

  function setProxyEsHMX(address _proxyEsHMX) external onlyOwner {
    emit LogSetProxyEsHMX(proxyEsHMX, _proxyEsHMX);

    proxyEsHMX = _proxyEsHMX;
  }

  function stakeFor(address user, uint256 amount) external onlyProxyEsHMX {
    esHMX.safeTransferFrom(msg.sender, address(this), amount);
    try hmxStaking.deposit(user, address(esHMX), amount) {
      // Execution succeeded
      emit LogStakeForSuccess(user, amount);
    } catch Error(string memory /*errMsg*/) {
      _handleFailure(user, amount);
    } catch Panic(uint /*errorCode*/) {
      _handleFailure(user, amount);
    } catch (bytes memory /*errMsg*/) {
      _handleFailure(user, amount);
    }
  }

  function _handleFailure(address user, uint256 amount) internal {
    failedRequests.push(FailedRequest({ user: user, amount: amount, isResolved: false }));
    emit LogStakeForFailed(user, amount);
  }

  function retry(uint256[] memory indexes) external onlyOwner {
    uint256 index;
    for (uint256 i = 0; i < indexes.length; ) {
      index = indexes[i];
      hmxStaking.deposit(failedRequests[index].user, address(esHMX), failedRequests[index].amount);

      failedRequests[index].isResolved = true;

      unchecked {
        ++i;
      }
    }
  }
}

// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.7.6;

library ExcessivelySafeCall {
    uint256 constant LOW_28_MASK =
    0x00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff;

    /// @notice Use when you _really_ really _really_ don't trust the called
    /// contract. This prevents the called contract from causing reversion of
    /// the caller in as many ways as we can.
    /// @dev The main difference between this and a solidity low-level call is
    /// that we limit the number of bytes that the callee can cause to be
    /// copied to caller memory. This prevents stupid things like malicious
    /// contracts returning 10,000,000 bytes causing a local OOG when copying
    /// to memory.
    /// @param _target The address to call
    /// @param _gas The amount of gas to forward to the remote contract
    /// @param _maxCopy The maximum number of bytes of returndata to copy
    /// to memory.
    /// @param _calldata The data to send to the remote contract
    /// @return success and returndata, as `.call()`. Returndata is capped to
    /// `_maxCopy` bytes.
    function excessivelySafeCall(
        address _target,
        uint256 _gas,
        uint16 _maxCopy,
        bytes memory _calldata
    ) internal returns (bool, bytes memory) {
        // set up for assembly call
        uint256 _toCopy;
        bool _success;
        bytes memory _returnData = new bytes(_maxCopy);
        // dispatch message to recipient
        // by assembly calling "handle" function
        // we call via assembly to avoid memcopying a very large returndata
        // returned by a malicious contract
        assembly {
            _success := call(
            _gas, // gas
            _target, // recipient
            0, // ether value
            add(_calldata, 0x20), // inloc
            mload(_calldata), // inlen
            0, // outloc
            0 // outlen
            )
        // limit our copy to 256 bytes
            _toCopy := returndatasize()
            if gt(_toCopy, _maxCopy) {
                _toCopy := _maxCopy
            }
        // Store the length of the copied bytes
            mstore(_returnData, _toCopy)
        // copy the bytes from returndata[0:_toCopy]
            returndatacopy(add(_returnData, 0x20), 0, _toCopy)
        }
        return (_success, _returnData);
    }

    /// @notice Use when you _really_ really _really_ don't trust the called
    /// contract. This prevents the called contract from causing reversion of
    /// the caller in as many ways as we can.
    /// @dev The main difference between this and a solidity low-level call is
    /// that we limit the number of bytes that the callee can cause to be
    /// copied to caller memory. This prevents stupid things like malicious
    /// contracts returning 10,000,000 bytes causing a local OOG when copying
    /// to memory.
    /// @param _target The address to call
    /// @param _gas The amount of gas to forward to the remote contract
    /// @param _maxCopy The maximum number of bytes of returndata to copy
    /// to memory.
    /// @param _calldata The data to send to the remote contract
    /// @return success and returndata, as `.call()`. Returndata is capped to
    /// `_maxCopy` bytes.
    function excessivelySafeStaticCall(
        address _target,
        uint256 _gas,
        uint16 _maxCopy,
        bytes memory _calldata
    ) internal view returns (bool, bytes memory) {
        // set up for assembly call
        uint256 _toCopy;
        bool _success;
        bytes memory _returnData = new bytes(_maxCopy);
        // dispatch message to recipient
        // by assembly calling "handle" function
        // we call via assembly to avoid memcopying a very large returndata
        // returned by a malicious contract
        assembly {
            _success := staticcall(
            _gas, // gas
            _target, // recipient
            add(_calldata, 0x20), // inloc
            mload(_calldata), // inlen
            0, // outloc
            0 // outlen
            )
        // limit our copy to 256 bytes
            _toCopy := returndatasize()
            if gt(_toCopy, _maxCopy) {
                _toCopy := _maxCopy
            }
        // Store the length of the copied bytes
            mstore(_returnData, _toCopy)
        // copy the bytes from returndata[0:_toCopy]
            returndatacopy(add(_returnData, 0x20), 0, _toCopy)
        }
        return (_success, _returnData);
    }

    /**
     * @notice Swaps function selectors in encoded contract calls
     * @dev Allows reuse of encoded calldata for functions with identical
     * argument types but different names. It simply swaps out the first 4 bytes
     * for the new selector. This function modifies memory in place, and should
     * only be used with caution.
     * @param _newSelector The new 4-byte selector
     * @param _buf The encoded contract args
     */
    function swapSelector(bytes4 _newSelector, bytes memory _buf)
    internal
    pure
    {
        require(_buf.length >= 4);
        uint256 _mask = LOW_28_MASK;
        assembly {
        // load the first word of
            let _word := mload(add(_buf, 0x20))
        // mask out the top 4 bytes
        // /x
            _word := and(_word, _mask)
            _word := or(_newSelector, _word)
            mstore(add(_buf, 0x20), _word)
        }
    }
}

// SPDX-License-Identifier: MIT
pragma solidity 0.8.18;

import { ERC20 } from "lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol";

contract FDX is ERC20 {
  constructor(uint256 _initialSupply) ERC20("FDX", "FDX") {
    _mint(_msgSender(), _initialSupply);
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { IRewarder } from "./interfaces/IRewarder.sol";
import { IStaking } from "./interfaces/IStaking.sol";
import { IPool } from "src/interfaces/aerodrome/IPool.sol";

interface IStakingExtended is IStaking {
  // stFDXLPStaking Contract
  function stakingToken() external view returns (address);

  // FDXStaking Contract
  function getRewarderStakingTokens(address rewarder) external view returns (address[] memory);
}

/**
 * @title FDXLPRewardSplitter
 * @notice This contract splits rewards between two staking pools: `fdxStaking` and `stFDXLPStaking`
 * based on their respective values in the FDX token.
 */
contract FDXLPRewardSplitter is OwnableUpgradeable, IRewarder {
  using SafeERC20Upgradeable for IERC20Upgradeable;

  // Public variables
  string public name;
  address public wethToken;
  address public rewardToken;
  address public feeder;

  IStakingExtended public fdxStaking;
  IRewarder public fdxStakingRewarder;

  IStakingExtended public stFDXLPStaking;
  IRewarder public stFDXLPStakingRewarder;

  // Events
  event LogSetFeeder(address indexed oldFeeder, address indexed newFeeder);
  event LogFeedReward(
    uint256 feedAmount,
    uint256 fdxStakingFeedAmount,
    uint256 stFDXLPStakingFeedAmount,
    uint256 duration
  );

  // Errors
  error FDXLPRewardSplitter_NotFeeder();
  error FDXLPRewardSplitter_FeedAmountDecayed();
  error FDXLPRewardSplitter_NotImplemented();

  /// @dev Modifier to restrict access to the feeder (owner)
  modifier onlyFeeder() {
    if (msg.sender != feeder) revert FDXLPRewardSplitter_NotFeeder();
    _;
  }

  /**
   * @notice Initializes the FDXLPRewardSplitter contract.
   * @dev This function sets up the staking contracts and rewarder addresses.
   * @param name_ The name of the reward splitter.
   * @param rewardToken_ The address of the reward token to distribute.
   * @param fdxStaking_ The address of the FDX staking contract.
   * @param fdxStakingRewarder_ The address of the rewarder for FDX staking.
   * @param stFDXLPStaking_ The address of the stFDXLP staking contract.
   * @param stFDXLPStakingRewarder_ The address of the rewarder for stFDXLP staking.
   */
  function initialize(
    string memory name_,
    address rewardToken_,
    address wethToken_,
    address fdxStaking_,
    address fdxStakingRewarder_,
    address stFDXLPStaking_,
    address stFDXLPStakingRewarder_
  ) external virtual initializer {
    OwnableUpgradeable.__Ownable_init();

    // Sanity check to ensure the reward token is valid
    IERC20Upgradeable(rewardToken_).totalSupply();

    name = name_;
    rewardToken = rewardToken_;
    wethToken = wethToken_;

    fdxStaking = IStakingExtended(fdxStaking_);
    fdxStakingRewarder = IRewarder(fdxStakingRewarder_);
    stFDXLPStaking = IStakingExtended(stFDXLPStaking_);
    stFDXLPStakingRewarder = IRewarder(stFDXLPStakingRewarder_);

    // Assume the contract owner is the initial feeder
    feeder = super.owner();
  }

  /**
   * @notice Sets the feeder address.
   * @param feeder_ The address of the new feeder.
   */
  function setFeeder(address feeder_) external onlyOwner {
    emit LogSetFeeder(feeder, feeder_);
    feeder = feeder_;
  }

  /**
   * @notice Feeds the reward token to the staking rewarders based on their share of the total value.
   * @param feedAmount The amount of reward token to feed.
   * @param duration The duration for which to distribute the reward.
   */
  function feed(uint256 feedAmount, uint256 duration) external onlyFeeder {
    _feed(feedAmount, duration);
  }

  /**
   * @notice Feeds the reward token to the staking rewarders based on their share of the total value, with an expiration time.
   * @param feedAmount The amount of reward token to feed.
   * @param expiredAt The timestamp at which the reward feeding expires.
   */
  function feedWithExpiredAt(uint256 feedAmount, uint256 expiredAt) external onlyFeeder {
    _feed(feedAmount, expiredAt - block.timestamp);
  }

  /**
   * @dev Internal function to split and feed rewards based on staking pool values.
   * @param feedAmount The amount of reward token to feed.
   * @param duration The duration for which to distribute the reward.
   */
  function _feed(uint256 feedAmount, uint256 duration) internal {
    {
      // Transfer token, with decay check
      uint256 balanceBefore = IERC20Upgradeable(rewardToken).balanceOf(address(this));
      IERC20Upgradeable(rewardToken).safeTransferFrom(msg.sender, address(this), feedAmount);

      if (IERC20Upgradeable(rewardToken).balanceOf(address(this)) - balanceBefore != feedAmount)
        revert FDXLPRewardSplitter_FeedAmountDecayed();
    }

    uint256 fdxStakingValue = _calculateFDXStakingValueInFDX();
    uint256 stFDXLPStakingValue = _calculateStFDXLPStakingValueInFDX();
    uint256 totalFDXValue = fdxStakingValue + stFDXLPStakingValue;

    uint256 fdxStakingFeedAmount = totalFDXValue == 0
      ? feedAmount / 2
      : (feedAmount * fdxStakingValue) / totalFDXValue;
    uint256 stFDXLPStakingFeedAmount = feedAmount - fdxStakingFeedAmount;

    // Feed the sstaking rewarders
    IERC20Upgradeable(rewardToken).approve(address(fdxStakingRewarder), fdxStakingFeedAmount);
    fdxStakingRewarder.feed(fdxStakingFeedAmount, duration);
    IERC20Upgradeable(rewardToken).approve(
      address(stFDXLPStakingRewarder),
      stFDXLPStakingFeedAmount
    );
    stFDXLPStakingRewarder.feed(stFDXLPStakingFeedAmount, duration);

    // Emit the LogFeedReward event
    emit LogFeedReward(feedAmount, fdxStakingFeedAmount, stFDXLPStakingFeedAmount, duration);
  }

  /**
   * @dev Calculates the FDX value in the FDX staking pool.
   * @return stakingShares The total shares in the FDX staking pool.
   */
  function _calculateFDXStakingValueInFDX() internal view returns (uint256 stakingShares) {
    stakingShares = fdxStaking.calculateTotalShare(address(fdxStakingRewarder));
  }

  /**
   * @dev Calculates the FDX value in the stFDXLP staking pool.
   * @return The calculated FDX value.
   */
  function _calculateStFDXLPStakingValueInFDX() internal view returns (uint256) {
    uint256 stakingShares = stFDXLPStaking.calculateTotalShare(address(stFDXLPStakingRewarder));
    address poolAddress = stFDXLPStaking.stakingToken();
    IPool pool = IPool(poolAddress);

    (uint256 reserve0, uint256 reserve1, ) = pool.getReserves();
    uint256 totalShares = IERC20Upgradeable(poolAddress).totalSupply();
    uint256 token0Amount = (reserve0 * stakingShares) / totalShares;
    uint256 token1Amount = (reserve1 * stakingShares) / totalShares;
    uint256 fdxAmount = wethToken == pool.token0() ? token1Amount : token0Amount;
    return fdxAmount * 2;
  }

  // ----------------- Unimplemented Functions -----------------

  /**
   * @notice Returns the current reward rate.
   * @return rewardRate The current reward rate.
   */
  function rewardRate() external view returns (uint256) {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Called when a user deposits into the staking contract.
   * @param user The address of the user.
   * @param shareAmount The amount of shares the user deposits.
   */
  function onDeposit(address user, uint256 shareAmount) external {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Called when a user withdraws from the staking contract.
   * @param user The address of the user.
   * @param shareAmount The amount of shares the user withdraws.
   */
  function onWithdraw(address user, uint256 shareAmount) external {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Called when a user harvests rewards from the staking contract.
   * @param user The address of the user.
   * @param receiver The address that will receive the rewards.
   */
  function onHarvest(address user, address receiver) external {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Returns the pending reward for a user.
   * @param user The address of the user.
   * @return The pending reward for the user.
   */
  function pendingReward(address user) external view returns (uint256) {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Returns the accumulated reward per share.
   * @return accReward The accumulated reward per share.
   */
  function accRewardPerShare() external view returns (uint128) {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Returns the reward debts for a user.
   * @param user The address of the user.
   * @return The reward debts for the user.
   */
  function userRewardDebts(address user) external view returns (int256) {
    revert FDXLPRewardSplitter_NotImplemented();
  }

  /**
   * @notice Returns the last reward time.
   * @return lastRewardTime The timestamp of the last reward distribution.
   */
  function lastRewardTime() external view returns (uint64) {
    revert FDXLPRewardSplitter_NotImplemented();
  }
}

// SPDX-License-Identifier: BUSL-1.1
// This code is made available under the terms and conditions of the Business Source License 1.1 (BUSL-1.1).
// The act of publishing this code is driven by the aim to promote transparency and facilitate its utilization for educational purposes.

pragma solidity 0.8.18;

import { OwnableUpgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
import { IERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/IERC20Upgradeable.sol";
import { ERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/ERC20Upgradeable.sol";
import { SafeERC20Upgradeable } from "lib/openzeppelin-contracts-upgradeable/contracts/token/ERC20/utils/SafeERC20Upgradeable.sol";

import { IRewarder } from "src/staking/interfaces/IRewarder.sol";
import { IHMXStaking } from "src/staking/interfaces/IHMXStaking.sol";
import { DragonPoint } from "src/tokens/DragonPoint.sol";
import { IVester } from "src/vesting/interfaces/IVester.sol";
import { IStakingLocker } from "src/staking/interfaces/IStakingLocker.sol";

interface IFdxLpRewarder is IRewarder {
  function convertLPtoFDX(uint256 lpAmount) external view returns (uint256);
}

contract FDXStaking is OwnableUpgradeable, IHMXStaking {
  using SafeERC20Upgradeable for IERC20Upgradeable;
  uint256 private constant SIX_MONTHS = 180 days;

  // Events
  event LogAddStakingToken(address newToken, address[] newRewarders);
  event LogAddRewarder(address newRewarder, address[] newTokens);
  event LogSetCompounder(address oldCompounder, address newCompounder);
  event LogSetIsCompounder(address compounder, bool isCompounder);
  event LogDeposit(address indexed caller, address indexed user, address token, uint256 amount);
  event LogWithdraw(address indexed caller, address token, uint256 amount);
  event LogWithdrawWithCooldown(address indexed caller, address token, uint256 amount);
  event LogSetAllRewarders(address[] oldRewarders, address[] newRewarders);
  event LogSetAllStakingTokens(address[] oldStakingTokens, address[] newStakingTokens);
  event LogAddLockedReward(
    address indexed account,
    address reward,
    uint256 amount,
    uint256 endRewardLockTimestamp
  );
  event LogSetStakingLocker(address oldStakingLocker, address newStakingLocker);

  // Errors
  error HMXStaking_BadDecimals();
  error HMXStaking_InvalidTokenAmount();
  error HMXStaking_UnknownStakingToken();
  error HMXStaking_InsufficientTokenAmount();
  error HMXStaking_InconsistentLength();
  error HMXStaking_NotRewarder();
  error HMXStaking_NotCompounder();
  error HMXStaking_OnlyLHMXStakingTokenAllowed();
  error HMXStaking_RemainUnclaimReward();
  error HMXStaking_DragonPointWithdrawForbid();

  /**
   * States
   */

  // stakingToken => amount
  mapping(address => mapping(address => uint256)) public userTokenAmount;
  mapping(address => bool) public isStakingLHMX;
  mapping(address => bool) public isRewarder;
  mapping(address => bool) public isStakingToken;
  mapping(address => address[]) public stakingTokenRewarders;
  mapping(address => address[]) public rewarderStakingTokens;
  mapping(address => LockedReward[]) public userLockedRewards;
  mapping(address => uint256) public userLockedRewardsStartIndex;

  address public lhmx;
  address public compounder;
  address[] public allRewarders; // keeping all existing rewarders
  address[] public allStakingTokens; // keeping all existing staking tokens

  DragonPoint public dp;
  IRewarder public dragonPointRewarder;
  address public esHmx;
  address public vester;

  IStakingLocker public stakingLocker;

  /// Compounder allow list
  mapping(address compounder => bool isAllowed) public isCompounder;

  IFdxLpRewarder public stFdxLpMintRewarder;
  IHMXStaking public stFdxLpStaking;

  function initialize(
    address lhmx_,
    address dp_,
    address esHmx_,
    address vester_
  ) external initializer {
    OwnableUpgradeable.__Ownable_init();
    lhmx = lhmx_;
    dp = DragonPoint(dp_);
    esHmx = esHmx_;
    vester = vester_;

    // Sanity check
    ERC20Upgradeable(lhmx).decimals();
    dp.decimals();
    ERC20Upgradeable(esHmx).decimals();
    IVester(vester).itemLastIndex(address(this));

    // Unlimited approve vester
    IERC20Upgradeable(esHmx).approve(vester, type(uint256).max);
  }

  function addStakingToken(
    address newStakingToken,
    address[] memory newRewarders
  ) external onlyOwner {
    if (ERC20Upgradeable(newStakingToken).decimals() != 18) revert HMXStaking_BadDecimals();

    uint256 length = newRewarders.length;
    for (uint256 i = 0; i < length; ) {
      _updatePool(newStakingToken, newRewarders[i]);

      emit LogAddStakingToken(newStakingToken, newRewarders);
      unchecked {
        ++i;
      }
    }
  }

  function addRewarder(address newRewarder, address[] memory newStakingToken) external onlyOwner {
    uint256 length = newStakingToken.length;
    for (uint256 i = 0; i < length; ) {
      if (ERC20Upgradeable(newStakingToken[i]).decimals() != 18) revert HMXStaking_BadDecimals();
      _updatePool(newStakingToken[i], newRewarder);

      emit LogAddRewarder(newRewarder, newStakingToken);
      unchecked {
        ++i;
      }
    }
  }

  /// @dev Removes a rewarder from an array of rewarders for a given staking token, as well as removing the staking token from the rewarder's array of staking tokens.
  /// @param removeRewarderIndex The index of the rewarder to remove from the array of rewarders for the staking token.
  /// @param stakingToken The address of the staking token associated with the rewarder.
  function removeRewarderFoStakingTokenByIndex(
    uint256 removeRewarderIndex,
    address stakingToken
  ) external onlyOwner {
    address removedRewarder = stakingTokenRewarders[stakingToken][removeRewarderIndex];
    {
      // Replace the rewarder to be removed with the last rewarder in the array and then remove it from the array.
      uint256 tokenLength = stakingTokenRewarders[stakingToken].length;
      stakingTokenRewarders[stakingToken][removeRewarderIndex] = stakingTokenRewarders[
        stakingToken
      ][tokenLength - 1];
      stakingTokenRewarders[stakingToken].pop();
      // If this is the only rewarder associated with the staking token, remove the staking token.
      if (tokenLength == 1) isStakingToken[stakingToken] = false;
    }

    {
      // Find the index of the staking token in the rewarder's array of staking tokens and remove it.
      uint256 rewarderLength = rewarderStakingTokens[removedRewarder].length;
      for (uint256 i = 0; i < rewarderLength; ) {
        if (rewarderStakingTokens[removedRewarder][i] == stakingToken) {
          rewarderStakingTokens[removedRewarder][i] = rewarderStakingTokens[removedRewarder][
            rewarderLength - 1
          ];
          rewarderStakingTokens[removedRewarder].pop();
          // If this is the only staking token associated with the rewarder, remove the rewarder.
          if (rewarderLength == 1) isRewarder[removedRewarder] = false;
          break;
        }
        unchecked {
          ++i;
        }
      }
    }
  }

  /// @dev Deposits an amount of a given staking token for a specified user, calling each associated rewarder's `onDeposit` function.
  /// @param account The address of the user depositing the staking token.
  /// @param token The address of the staking token being deposited.
  /// @param amount The amount of the staking token being deposited.
  function deposit(address account, address token, uint256 amount) external {
    _deposit(msg.sender, account, token, amount);
  }

  /// @dev Helper function that performs the deposit logic for the deposit() function.
  /// @param account The address of the user depositing the staking token.
  /// @param stakingToken The address of the staking token being deposited.
  /// @param amount The amount of the staking token being deposited.
  function _deposit(address from, address account, address stakingToken, uint256 amount) internal {
    // Verify that the staking token is a known staking token in the contract.
    if (!isStakingToken[stakingToken]) revert HMXStaking_UnknownStakingToken();

    // Call each associated rewarder's `onDeposit` function.
    address[] storage rewarders = stakingTokenRewarders[stakingToken];
    for (uint256 i = 0; i < rewarders.length; ) {
      IRewarder(rewarders[i]).onDeposit(account, amount);
      unchecked {
        ++i;
      }
    }

    // Add the deposited amount to the user's token balance and transfer the staking token to the contract.
    userTokenAmount[stakingToken][account] += amount;
    IERC20Upgradeable(stakingToken).safeTransferFrom(from, address(this), amount);

    // Emit a LogDeposit event.
    emit LogDeposit(from, account, stakingToken, amount);
  }

  /// @dev Withdraws an amount of a given staking token for the calling user, burning Dragon Points and depositing the remaining balance.
  /// @param stakingToken The address of the staking token being withdrawn.
  /// @param amount The amount of the staking token being withdrawn.
  function withdraw(address stakingToken, uint256 amount) public {
    if (amount == 0) revert HMXStaking_InvalidTokenAmount();
    if (stakingToken == address(dp)) revert HMXStaking_DragonPointWithdrawForbid();

    _processDragonPointBeforeWithdraw(msg.sender);

    // Withdraw the actual token, while we note down the share before/after (which already exclude Dragon Point)
    uint256 shareBefore = getTotalShareInFdxFromAllStakings(msg.sender);
    _withdraw(stakingToken, msg.sender, amount);
    uint256 shareAfter = getTotalShareInFdxFromAllStakings(msg.sender);

    _processDragonPointAfterWithdraw(msg.sender, shareBefore, shareAfter);
  }

  /**
   * @dev Helper function that withdraws an amount of a given staking token for the calling user.
   * @param stakingToken The address of the staking token being withdrawn.
   * @param amount The amount of the staking token being withdrawn.
   */
  function _withdraw(address stakingToken, address user, uint256 amount) internal {
    // Verify that the staking token is a known staking token in the contract.
    if (!isStakingToken[stakingToken]) revert HMXStaking_UnknownStakingToken();

    // Verify that the user has enough tokens to withdraw.
    if (userTokenAmount[stakingToken][user] < amount)
      revert HMXStaking_InsufficientTokenAmount();

    // Call each associated rewarder's `onWithdraw` function.
    uint256 length = stakingTokenRewarders[stakingToken].length;
    for (uint256 i = 0; i < length; ) {
      address rewarder = stakingTokenRewarders[stakingToken][i];
      IRewarder(rewarder).onWithdraw(user, amount);
      unchecked {
        ++i;
      }
    }

    // Subtract the withdrawn amount from the user's token balance and transfer the staking token to the user.
    userTokenAmount[stakingToken][user] -= amount;
    if (
      address(stakingLocker) != address(0) &&
      stakingLocker.unstakingCooldownPeriod(stakingToken) > 0
    ) {
      stakingLocker.lock(user, stakingToken, amount);

      emit LogWithdrawWithCooldown(user, stakingToken, amount);
    } else {
      IERC20Upgradeable(stakingToken).safeTransfer(user, amount);

      emit LogWithdraw(user, stakingToken, amount);
    }
  }

  /// @dev Calculates the total share for dragon point rewards. FDX in FDXStaking + CONVERT_LP_TO_FDX(LP in StFdxLpStaking)
  /// @param user address to calculate share
  function getTotalShareInFdxFromAllStakings(address user) public view returns (uint256) {
    uint256 shareInFdxStaking = _calculateShare(address(dragonPointRewarder), user);
    uint256 shareInStFdxLpStaking = stFdxLpMintRewarder.convertLPtoFDX(
      stFdxLpStaking.calculateShare(address(stFdxLpMintRewarder), user)
    );
    return shareInFdxStaking + shareInStFdxLpStaking;
  }

  /// @dev Public function that processes rewards for dragon point, called by StFdxLpStaking
  /// @param user address to process whose dragon point
  function processDragonPointBeforeWithdraw(address user) external {
    require(msg.sender == address(stFdxLpStaking), "Caller must be StFdxLpStaking Contract");
    _processDragonPointBeforeWithdraw(user);
  }

  /// @dev Process rewards for dragon point
  /// @param user address to process whose dragon point
  function _processDragonPointBeforeWithdraw(address user) internal {
    // Clear all of user dragon point
    dragonPointRewarder.onHarvest(user, user);
    stFdxLpMintRewarder.onHarvest(user, user);
    _withdraw(address(dp), user, userTokenAmount[address(dp)][user]);
  }

  /// @dev Public function that processes rewards for dragon point, called by StFdxLpStaking
  /// @param user address to process whose dragon point
  /// @param shareBefore Share amount before withdraw
  /// @param shareAfter Share amount after withdraw
  function processDragonPointAfterWithdraw(
    address user,
    uint256 shareBefore,
    uint256 shareAfter
  ) external {
    require(msg.sender == address(stFdxLpStaking), "Caller must be StFdxLpStaking Contract");
    _processDragonPointAfterWithdraw(user, shareBefore, shareAfter);
  }

  /// @dev Process rewards for dragon point
  /// @param user address to process whose dragon point
  /// @param shareBefore Share amount before withdraw
  /// @param shareAfter Share amount after withdraw
  function _processDragonPointAfterWithdraw(
    address user,
    uint256 shareBefore,
    uint256 shareAfter
  ) internal {
    // Find the burn amount
    uint256 dpBalance = dp.balanceOf(user);
    uint256 targetDpBalance = shareBefore > 0 ? (dpBalance * shareAfter) / shareBefore : 0;
    uint256 amountToBurn = dpBalance - targetDpBalance;

    // Burn from user, transfer the rest to here, and got deposited
    if (amountToBurn > 0) dp.burn(user, dpBalance - targetDpBalance);
    if (dp.balanceOf(user) > 0) _deposit(user, user, address(dp), dp.balanceOf(user));
  }

  function vestEsHmx(uint256 amount, uint256 duration) external {
    if (amount > userTokenAmount[esHmx][msg.sender] || amount == 0)
      revert HMXStaking_InvalidTokenAmount();
    withdraw(esHmx, amount);
    IERC20Upgradeable(esHmx).safeTransferFrom(msg.sender, address(this), amount);
    IVester(vester).vestFor(msg.sender, amount, duration);
  }

  /// @dev Harvests rewards for the calling user and transfers them to the same user.
  /// @param rewarders An array of rewarder addresses whose rewards are being harvested.
  function harvest(address[] memory rewarders) external {
    // Call the internal _harvestFor function with the same user as the receiver.
    _harvestFor(msg.sender, msg.sender, rewarders);
  }

  function harvestToCompounder(address user, address[] memory _rewarders) external {
    if (!isCompounder[msg.sender]) revert HMXStaking_NotCompounder();
    _harvestFor(user, msg.sender, _rewarders);
  }

  /// @dev Helper function that harvests rewards for a given user and transfers them to a given receiver.
  /// @param user The address of the user whose rewards are being harvested.
  /// @param receiver The address of the receiver for the harvested rewards.
  /// @param rewarders An array of rewarder addresses whose rewards are being harvested.
  function _harvestFor(address user, address receiver, address[] memory rewarders) internal {
    // Loop over each rewarder address and call its `onHarvest` function if it is a registered rewarder.
    uint256 length = rewarders.length;
    for (uint256 i = 0; i < length; ) {
      // Check if the current rewarder is registered, otherwise revert the transaction.
      if (!isRewarder[rewarders[i]]) revert HMXStaking_NotRewarder();

      IRewarder(rewarders[i]).onHarvest(user, receiver);

      unchecked {
        ++i;
      }
    }
  }

  /// @dev Claims locked rewards for a given user.
  /// @param user The address of the user claiming the locked rewards.
  function claimLockedReward(address user) external {
    // Get the array of locked rewards for the user
    LockedReward[] storage lockedRewards = userLockedRewards[user];
    uint256 length = lockedRewards.length;

    for (uint256 i = userLockedRewardsStartIndex[user]; i < length; ) {
      // Check if the reward lock period has ended
      if (lockedRewards[i].endRewardLockTimestamp > block.timestamp) {
        // Update the start index for the user
        userLockedRewardsStartIndex[user] = i;
        break;
      }

      // Transfer the locked reward to the user's account
      IERC20Upgradeable(lockedRewards[i].reward).safeTransfer(
        lockedRewards[i].account,
        lockedRewards[i].amount
      );

      // Remove the claimed reward from the lockedRewards array
      delete lockedRewards[i];

      // Check if it was the last index
      if (i == length - 1) userLockedRewardsStartIndex[user] = length;

      unchecked {
        ++i;
      }
    }
  }

  /// @dev Calculates the share of a given user in a given rewarder.
  /// @param rewarder The address of the rewarder.
  /// @param user The address of the user.
  /// @return The share of the user in the rewarder.
  function calculateShare(address rewarder, address user) external view returns (uint256) {
    return _calculateShare(rewarder, user);
  }

  /// @dev Helper function that calculates the share of a given user in a given rewarder.
  /// @param rewarder The address of the rewarder.
  /// @param user The address of the user.
  /// @return The share of the user in the rewarder.
  function _calculateShare(address rewarder, address user) internal view returns (uint256) {
    // Get the staking tokens associated with the rewarder and calculate the user's share in each.
    address[] memory stakingTokens = rewarderStakingTokens[rewarder];
    uint256 share = 0;
    uint256 length = stakingTokens.length;

    for (uint256 i = 0; i < length; ) {
      share += userTokenAmount[stakingTokens[i]][user];
      unchecked {
        ++i;
      }
    }
    return share;
  }

  function calculateTotalShare(address rewarder) external view returns (uint256) {
    address[] memory stakingTokens = rewarderStakingTokens[rewarder];
    uint256 totalShare = 0;
    uint256 length = stakingTokens.length;
    for (uint256 i = 0; i < length; ) {
      totalShare += IERC20Upgradeable(stakingTokens[i]).balanceOf(address(this));
      unchecked {
        ++i;
      }
    }
    return totalShare;
  }

  /**
   * Setter
   */
  function setStakingLocker(address _stakingLocker, address _tokenWithCooldown) external onlyOwner {
    emit LogSetStakingLocker(address(stakingLocker), _stakingLocker);
    stakingLocker = IStakingLocker(_stakingLocker);

    IERC20Upgradeable(_tokenWithCooldown).approve(address(stakingLocker), type(uint256).max);
  }

  function setCompounder(address _compounder) external onlyOwner {
    emit LogSetCompounder(compounder, _compounder);
    compounder = _compounder;
  }

  function setIsCompounders(
    address[] memory compounders,
    bool[] memory isAllowed
  ) external onlyOwner {
    uint256 length = compounders.length;
    if (length != isAllowed.length) revert HMXStaking_InconsistentLength();

    for (uint256 i; i < length; ) {
      isCompounder[compounders[i]] = isAllowed[i];
      emit LogSetIsCompounder(compounders[i], isAllowed[i]);
      unchecked {
        ++i;
      }
    }
  }

  function setAllRewarders(address[] memory _allRewarders) external onlyOwner {
    emit LogSetAllRewarders(allRewarders, _allRewarders);
    allRewarders = _allRewarders;
  }

  function setAllStakingTokens(address[] memory _allStakingTokens) external onlyOwner {
    emit LogSetAllStakingTokens(allStakingTokens, _allStakingTokens);
    allStakingTokens = _allStakingTokens;
  }

  function setDragonPointRewarder(address rewarder) external onlyOwner {
    dragonPointRewarder = IRewarder(rewarder);
  }

  function setStFdxLpMintRewarder(address rewarder) external onlyOwner {
    stFdxLpMintRewarder = IFdxLpRewarder(rewarder);
  }

  function setStFdxLpStaking(address _stFdxLpStaking) external onlyOwner {
    stFdxLpStaking = IHMXStaking(_stFdxLpStaking);
  }

  function setDragonPoint(address _dp) external onlyOwner {
    dp = DragonPoint(_dp);
  }

  /**
   * Getters
   */
  function getUserTokenAmount(
    address stakingToken,
    address account
  ) external view returns (uint256) {
    return userTokenAmount[stakingToken][account];
  }

  function getUserLockedRewards(address account) external view returns (LockedReward[] memory) {
    return userLockedRewards[account];
  }

  function getStakingTokenRewarders(address stakingToken) external view returns (address[] memory) {
    return stakingTokenRewarders[stakingToken];
  }

  function getRewarderStakingTokens(address rewarder) external view returns (address[] memory) {
    return rewarderStakingTokens[rewarder];
  }

  function getAllRewarders() external view returns (address[] memory) {
    return allRewarders;
  }

  function getAllStakingTokens() external view returns (address[] memory) {
    return allStakingTokens;
  }

  function getAccumulatedLockedReward(
    address user,
    address[] memory rewards,
    bool isOnlyClaimAble
  ) external view returns (address[] memory, uint256[] memory) {
    LockedReward[] storage lockedRewards = userLockedRewards[user];
    uint256[] memory lockedAmounts = new uint256[](rewards.length);

    for (uint256 i = userLockedRewardsStartIndex[user]; i < lockedRewards.length; ) {
      if (isOnlyClaimAble && lockedRewards[i].endRewardLockTimestamp > block.timestamp) break;

      for (uint256 j = 0; i < rewards.length; ) {
        if (lockedRewards[i].reward == rewards[j]) {
          lockedAmounts[j] = lockedRewards[i].amount;
          break;
        }

        unchecked {
          ++j;
        }
      }

      unchecked {
        ++i;
      }
    }

    return (rewards, lockedAmounts);
  }

  /**
   * Private Functions
   */

  /// @notice
  function _updatePool(address newToken, address newRewarder) internal {
    if (!_isDuplicatedRewarder(newToken, newRewarder)) {
      stakingTokenRewarders[newToken].push(newRewarder);
    }
    if (!_isDuplicatedStakingToken(newToken, newRewarder)) {
      rewarderStakingTokens[newRewarder].push(newToken);
    }

    // update new staking token
    isStakingToken[newToken] = true;

    // update new rewarding token
    if (!isRewarder[newRewarder]) {
      isRewarder[newRewarder] = true;
    }
  }

  /// @notice check whether this staking token already contained new reward token
  function _isDuplicatedRewarder(
    address stakingToken,
    address rewarder
  ) internal view returns (bool) {
    uint256 length = stakingTokenRewarders[stakingToken].length;
    for (uint256 i = 0; i < length; ) {
      if (stakingTokenRewarders[stakingToken][i] == rewarder) return true;
      unchecked {
        ++i;
      }
    }
    return false;
  }

  /// @notice check whether this reward token already contained in satking token
  function _isDuplicatedStakingToken(
    address stakingToken,
    address rewarder
  ) internal view returns (bool) {
    uint256 length = rewarderStakingTokens[rewarder].length;
    for (uint256 i = 0; i < length; ) {
      if (rewarderStakingTokens[rewarder][i] == stakingToken) return true;
      unchecked {
        ++i;
      }
    }
    return false;
  }

  /// @custom:oz-upgrades-unsafe-allow constructor
  constructor() {
    _disableInitializers();
  }
}