+
+
+
+
+[](https://www.npmjs.org/package/openzeppelin-solidity)
+[](https://travis-ci.com/OpenZeppelin/openzeppelin-solidity)
+[](https://coveralls.io/github/OpenZeppelin/openzeppelin-solidity?branch=master)
+
+**OpenZeppelin is a library for secure smart contract development.** It provides implementations of standards like ERC20 and ERC721 which you can deploy as-is or extend to suit your needs, as well as Solidity components to build custom contracts and more complex decentralized systems.
+
+## Install
+
+```
+npm install openzeppelin-solidity
+```
+
+OpenZeppelin features a stable API, which means your contracts won't break unexpectedly when upgrading to a newer minor version. You can read ṫhe details in our [API Stability](https://forum.zeppelin.solutions/t/api-stability/138) document.
+
+## Usage
+
+To write your custom contracts, import ours and extend them through inheritance.
+
+```solidity
+pragma solidity ^0.5.0;
+
+import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Full.sol';
+import 'openzeppelin-solidity/contracts/token/ERC721/ERC721Mintable.sol';
+
+contract MyNFT is ERC721Full, ERC721Mintable {
+ constructor() ERC721Full("MyNFT", "MNFT") {
+ }
+}
+```
+
+> You need an ethereum development framework for the above import statements to work! Check out these guides for [Truffle], [Embark] or [Buidler].
+
+On our site you will find a few [guides] to learn about the different parts of OpenZeppelin, as well as [documentation for the API][API docs]. Keep in mind that the API docs are work in progress, and don’t hesitate to ask questions in [our forum][forum].
+
+## Security
+
+OpenZeppelin the project is maintained by [Zeppelin] the company, and developed following our high standards for code quality and security. OpenZeppelin is meant to provide tested and community-audited code, but please use common sense when doing anything that deals with real money! We take no responsibility for your implementation decisions and any security problems you might experience.
+
+The core development principles and strategies that OpenZeppelin is based on include: security in depth, simple and modular code, clarity-driven naming conventions, comprehensive unit testing, pre-and-post-condition sanity checks, code consistency, and regular audits.
+
+The latest audit was done on October 2018 on version 2.0.0.
+
+Please report any security issues you find to security@openzeppelin.org.
+
+## Contribute
+
+OpenZeppelin exists thanks to its contributors. There are many ways you can participate and help build high quality software. Check out the [contribution guide]!
+
+## License
+
+OpenZeppelin is released under the [MIT License](LICENSE).
+
+
+[API docs]: https://openzeppelin.org/api/docs/token_ERC721_ERC721BasicToken.html
+[guides]: https://openzeppelin.org/api/docs/get-started.html
+[forum]: https://forum.zeppelin.solutions
+[Zeppelin]: https://zeppelin.solutions
+[contribution guide]: CONTRIBUTING.md
+[Truffle]: https://truffleframework.com/docs/truffle/quickstart
+[Embark]: https://embark.status.im/docs/quick_start.html
+[Buidler]: https://buidler.dev/guides/#getting-started
diff --git a/bridge/contracts/zeppelin/access/Roles.sol b/bridge/contracts/zeppelin/access/Roles.sol
new file mode 100644
index 000000000..b42c67127
--- /dev/null
+++ b/bridge/contracts/zeppelin/access/Roles.sol
@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+/**
+ * @title Roles
+ * @dev Library for managing addresses assigned to a Role.
+ */
+library Roles {
+ struct Role {
+ mapping (address => bool) bearer;
+ }
+
+ /**
+ * @dev Give an account access to this role.
+ */
+ function add(Role storage role, address account) internal {
+ require(!has(role, account), "Roles: account already has role");
+ role.bearer[account] = true;
+ }
+
+ /**
+ * @dev Remove an account's access to this role.
+ */
+ function remove(Role storage role, address account) internal {
+ require(has(role, account), "Roles: account doesn't have role");
+ role.bearer[account] = false;
+ }
+
+ /**
+ * @dev Check if an account has this role.
+ * @return bool
+ */
+ function has(Role storage role, address account) internal view returns (bool) {
+ require(account != address(0), "Roles: account is the zero address");
+ return role.bearer[account];
+ }
+}
diff --git a/bridge/contracts/zeppelin/access/roles/MinterRole.sol b/bridge/contracts/zeppelin/access/roles/MinterRole.sol
new file mode 100644
index 000000000..14fb2742d
--- /dev/null
+++ b/bridge/contracts/zeppelin/access/roles/MinterRole.sol
@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../../GSN/Context.sol";
+import "../Roles.sol";
+
+abstract contract MinterRole is Context {
+ using Roles for Roles.Role;
+
+ event MinterAdded(address indexed account);
+ event MinterRemoved(address indexed account);
+
+ Roles.Role private _minters;
+
+ constructor () {
+ _addMinter(_msgSender());
+ }
+
+ modifier onlyMinter() {
+ require(isMinter(_msgSender()), "MinterRole: caller doesn't have the role");
+ _;
+ }
+
+ function isMinter(address account) public view returns (bool) {
+ return _minters.has(account);
+ }
+
+ function addMinter(address account) public onlyMinter {
+ _addMinter(account);
+ }
+
+ function renounceMinter() public {
+ _removeMinter(_msgSender());
+ }
+
+ function _addMinter(address account) internal {
+ _minters.add(account);
+ emit MinterAdded(account);
+ }
+
+ function _removeMinter(address account) internal {
+ _minters.remove(account);
+ emit MinterRemoved(account);
+ }
+}
diff --git a/bridge/contracts/zeppelin/access/roles/PauserRole.sol b/bridge/contracts/zeppelin/access/roles/PauserRole.sol
new file mode 100644
index 000000000..aeed3f7aa
--- /dev/null
+++ b/bridge/contracts/zeppelin/access/roles/PauserRole.sol
@@ -0,0 +1,47 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../../GSN/Context.sol";
+import "../Roles.sol";
+
+abstract contract PauserRole is Context {
+ using Roles for Roles.Role;
+
+ event PauserAdded(address indexed account);
+ event PauserRemoved(address indexed account);
+
+ Roles.Role private _pausers;
+
+ constructor () {
+ _addPauser(_msgSender());
+ }
+
+ modifier onlyPauser() {
+ require(isPauser(_msgSender()), "PauserRole: caller doesn't have the role");
+ _;
+ }
+
+ function isPauser(address account) public view returns (bool) {
+ return _pausers.has(account);
+ }
+
+ function addPauser(address account) public onlyPauser {
+ _addPauser(account);
+ }
+
+ function renouncePauser() public {
+ _removePauser(_msgSender());
+ }
+
+ function _addPauser(address account) internal {
+ _pausers.add(account);
+ emit PauserAdded(account);
+ }
+
+ function _removePauser(address account) internal {
+ _pausers.remove(account);
+ emit PauserRemoved(account);
+ }
+}
diff --git a/bridge/contracts/zeppelin/introspection/ERC165.sol b/bridge/contracts/zeppelin/introspection/ERC165.sol
new file mode 100644
index 000000000..cb120911a
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/ERC165.sol
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+import "./IERC165.sol";
+
+/**
+ * @dev Implementation of the {IERC165} interface.
+ *
+ * Contracts may inherit from this and call {_registerInterface} to declare
+ * their support of an interface.
+ */
+abstract contract ERC165 is IERC165 {
+ /*
+ * bytes4(keccak256('supportsInterface(bytes4)')) == 0x01ffc9a7
+ */
+ bytes4 private constant _INTERFACE_ID_ERC165 = 0x01ffc9a7;
+
+ /**
+ * @dev Mapping of interface ids to whether or not it's supported.
+ */
+ mapping(bytes4 => bool) private _supportedInterfaces;
+
+ constructor () {
+ // Derived contracts need only register support for their own interfaces,
+ // we register support for ERC165 itself here
+ _registerInterface(_INTERFACE_ID_ERC165);
+ }
+
+ /**
+ * @dev See {IERC165-supportsInterface}.
+ *
+ * Time complexity O(1), guaranteed to always use less than 30 000 gas.
+ */
+ function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
+ return _supportedInterfaces[interfaceId];
+ }
+
+ /**
+ * @dev Registers the contract as an implementer of the interface defined by
+ * `interfaceId`. Support of the actual ERC165 interface is automatic and
+ * registering its interface id is not required.
+ *
+ * See {IERC165-supportsInterface}.
+ *
+ * Requirements:
+ *
+ * - `interfaceId` cannot be the ERC165 invalid interface (`0xffffffff`).
+ */
+ function _registerInterface(bytes4 interfaceId) internal virtual {
+ require(interfaceId != 0xffffffff, "ERC165: invalid interface id");
+ _supportedInterfaces[interfaceId] = true;
+ }
+}
diff --git a/bridge/contracts/zeppelin/introspection/ERC165Checker.sol b/bridge/contracts/zeppelin/introspection/ERC165Checker.sol
new file mode 100644
index 000000000..8f5ff744a
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/ERC165Checker.sol
@@ -0,0 +1,131 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+/**
+ * @dev Library used to query support of an interface declared via {IERC165}.
+ *
+ * Note that these functions return the actual result of the query: they do not
+ * `revert` if an interface is not supported. It is up to the caller to decide
+ * what to do in these cases.
+ */
+library ERC165Checker {
+ // As per the EIP-165 spec, no interface should ever match 0xffffffff
+ bytes4 private constant _INTERFACE_ID_INVALID = 0xffffffff;
+
+ /*
+ * bytes4(keccak256('supportsInterface(bytes4)')) == 0x01ffc9a7
+ */
+ bytes4 private constant _INTERFACE_ID_ERC165 = 0x01ffc9a7;
+
+ /**
+ * @dev Returns true if `account` supports the {IERC165} interface,
+ */
+ function supportsERC165(address account) internal view returns (bool) {
+ // Any contract that implements ERC165 must explicitly indicate support of
+ // InterfaceId_ERC165 and explicitly indicate non-support of InterfaceId_Invalid
+ return _supportsERC165Interface(account, _INTERFACE_ID_ERC165) &&
+ !_supportsERC165Interface(account, _INTERFACE_ID_INVALID);
+ }
+
+ /**
+ * @dev Returns true if `account` supports the interface defined by
+ * `interfaceId`. Support for {IERC165} itself is queried automatically.
+ *
+ * See {IERC165-supportsInterface}.
+ */
+ function supportsInterface(address account, bytes4 interfaceId) internal view returns (bool) {
+ // query support of both ERC165 as per the spec and support of _interfaceId
+ return supportsERC165(account) &&
+ _supportsERC165Interface(account, interfaceId);
+ }
+
+ /**
+ * @dev Returns a boolean array where each value corresponds to the
+ * interfaces passed in and whether they're supported or not. This allows
+ * you to batch check interfaces for a contract where your expectation
+ * is that some interfaces may not be supported.
+ *
+ * See {IERC165-supportsInterface}.
+ *
+ * _Available since v3.4._
+ */
+ function getSupportedInterfaces(address account, bytes4[] memory interfaceIds) internal view returns (bool[] memory) {
+ // an array of booleans corresponding to interfaceIds and whether they're supported or not
+ bool[] memory interfaceIdsSupported = new bool[](interfaceIds.length);
+
+ // query support of ERC165 itself
+ if (supportsERC165(account)) {
+ // query support of each interface in interfaceIds
+ for (uint256 i = 0; i < interfaceIds.length; i++) {
+ interfaceIdsSupported[i] = _supportsERC165Interface(account, interfaceIds[i]);
+ }
+ }
+
+ return interfaceIdsSupported;
+ }
+
+ /**
+ * @dev Returns true if `account` supports all the interfaces defined in
+ * `interfaceIds`. Support for {IERC165} itself is queried automatically.
+ *
+ * Batch-querying can lead to gas savings by skipping repeated checks for
+ * {IERC165} support.
+ *
+ * See {IERC165-supportsInterface}.
+ */
+ function supportsAllInterfaces(address account, bytes4[] memory interfaceIds) internal view returns (bool) {
+ // query support of ERC165 itself
+ if (!supportsERC165(account)) {
+ return false;
+ }
+
+ // query support of each interface in _interfaceIds
+ for (uint256 i = 0; i < interfaceIds.length; i++) {
+ if (!_supportsERC165Interface(account, interfaceIds[i])) {
+ return false;
+ }
+ }
+
+ // all interfaces supported
+ return true;
+ }
+
+ /**
+ * @notice Query if a contract implements an interface, does not check ERC165 support
+ * @param account The address of the contract to query for support of an interface
+ * @param interfaceId The interface identifier, as specified in ERC-165
+ * @return true if the contract at account indicates support of the interface with
+ * identifier interfaceId, false otherwise
+ * @dev Assumes that account contains a contract that supports ERC165, otherwise
+ * the behavior of this method is undefined. This precondition can be checked
+ * with {supportsERC165}.
+ * Interface identification is specified in ERC-165.
+ */
+ function _supportsERC165Interface(address account, bytes4 interfaceId) private view returns (bool) {
+ // success determines whether the staticcall succeeded and result determines
+ // whether the contract at account indicates support of _interfaceId
+ (bool success, bool result) = _callERC165SupportsInterface(account, interfaceId);
+
+ return (success && result);
+ }
+
+ /**
+ * @notice Calls the function with selector 0x01ffc9a7 (ERC165) and suppresses throw
+ * @param account The address of the contract to query for support of an interface
+ * @param interfaceId The interface identifier, as specified in ERC-165
+ * @return success true if the STATICCALL succeeded, false otherwise
+ * @return result true if the STATICCALL succeeded and the contract at account
+ * indicates support of the interface with identifier interfaceId, false otherwise
+ */
+ function _callERC165SupportsInterface(address account, bytes4 interfaceId)
+ private
+ view
+ returns (bool, bool)
+ {
+ bytes memory encodedParams = abi.encodeWithSelector(_INTERFACE_ID_ERC165, interfaceId);
+ (bool success, bytes memory result) = account.staticcall{ gas: 30000 }(encodedParams);
+ if (result.length < 32) return (false, false);
+ return (success, abi.decode(result, (bool)));
+ }
+}
diff --git a/bridge/contracts/zeppelin/introspection/IERC165.sol b/bridge/contracts/zeppelin/introspection/IERC165.sol
new file mode 100644
index 000000000..01c9c0864
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/IERC165.sol
@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+
+/**
+ * @dev Interface of the ERC165 standard, as defined in the
+ * https://eips.ethereum.org/EIPS/eip-165[EIP].
+ *
+ * Implementers can declare support of contract interfaces, which can then be
+ * queried by others ({ERC165Checker}).
+ *
+ * For an implementation, see {ERC165}.
+ */
+interface IERC165 {
+ /**
+ * @dev Returns true if this contract implements the interface defined by
+ * `interfaceId`. See the corresponding
+ * https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
+ * to learn more about how these ids are created.
+ *
+ * This function call must use less than 30 000 gas.
+ */
+ function supportsInterface(bytes4 interfaceId) external view returns (bool);
+}
diff --git a/bridge/contracts/zeppelin/introspection/IERC1820Implementer.sol b/bridge/contracts/zeppelin/introspection/IERC1820Implementer.sol
new file mode 100644
index 000000000..16b0d9a05
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/IERC1820Implementer.sol
@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+/**
+ * @dev Interface for an ERC1820 implementer, as defined in the
+ * https://eips.ethereum.org/EIPS/eip-1820#interface-implementation-erc1820implementerinterface[EIP].
+ * Used by contracts that will be registered as implementers in the
+ * {IERC1820Registry}.
+ */
+interface IERC1820Implementer {
+ /**
+ * @dev Returns a special value (`ERC1820_ACCEPT_MAGIC`) if this contract
+ * implements `_interfaceHash` for `_account`.
+ *
+ * See {IERC1820Registry-setInterfaceImplementer}.
+ */
+ function canImplementInterfaceForAddress(bytes32 _interfaceHash, address _account) external view returns (bytes32);
+}
diff --git a/bridge/contracts/zeppelin/introspection/IERC1820Registry.sol b/bridge/contracts/zeppelin/introspection/IERC1820Registry.sol
new file mode 100644
index 000000000..bbc7c82aa
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/IERC1820Registry.sol
@@ -0,0 +1,112 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+/**
+ * @dev Interface of the global ERC1820 Registry, as defined in the
+ * https://eips.ethereum.org/EIPS/eip-1820[EIP]. Accounts may register
+ * implementers for interfaces in this registry, as well as query support.
+ *
+ * Implementers may be shared by multiple accounts, and can also implement more
+ * than a single interface for each account. Contracts can implement interfaces
+ * for themselves, but externally-owned accounts (EOA) must delegate this to a
+ * contract.
+ *
+ * {IERC165} interfaces can also be queried via the registry.
+ *
+ * For an in-depth explanation and source code analysis, see the EIP text.
+ */
+interface IERC1820Registry {
+ /**
+ * @dev Sets `newManager` as the manager for `account`. A manager of an
+ * account is able to set interface implementers for it.
+ *
+ * By default, each account is its own manager. Passing a value of `0x0` in
+ * `newManager` will reset the manager to this initial state.
+ *
+ * Emits a {ManagerChanged} event.
+ *
+ * Requirements:
+ *
+ * - the caller must be the current manager for `account`.
+ */
+ function setManager(address account, address newManager) external;
+
+ /**
+ * @dev Returns the manager for `account`.
+ *
+ * See {setManager}.
+ */
+ function getManager(address account) external view returns (address);
+
+ /**
+ * @dev Sets the `implementer` contract as `account`'s implementer for
+ * `interfaceHash`.
+ *
+ * `account` being the zero address is an alias for the caller's address.
+ * The zero address can also be used in `implementer` to remove an old one.
+ *
+ * See {interfaceHash} to learn how these are created.
+ *
+ * Emits an {InterfaceImplementerSet} event.
+ *
+ * Requirements:
+ *
+ * - the caller must be the current manager for `_account`.
+ * - `_interfaceHash` must not be an {IERC165} interface id (i.e. it must not
+ * end in 28 zeroes).
+ * - `_implementer` must implement {IERC1820Implementer} and return true when
+ * queried for support, unless `implementer` is the caller. See
+ * {IERC1820Implementer-canImplementInterfaceForAddress}.
+ */
+ function setInterfaceImplementer(address _account, bytes32 _interfaceHash, address _implementer) external;
+
+ /**
+ * @dev Returns the implementer of `_interfaceHash` for `_account`. If no such
+ * implementer is registered, returns the zero address.
+ *
+ * If `_interfaceHash` is an {IERC165} interface id (i.e. it ends with 28
+ * zeroes), `_account` will be queried for support of it.
+ *
+ * `account` being the zero address is an alias for the caller's address.
+ */
+ function getInterfaceImplementer(address _account, bytes32 _interfaceHash) external view returns (address);
+
+ /**
+ * @dev Returns the interface hash for an `interfaceName`, as defined in the
+ * corresponding
+ * https://eips.ethereum.org/EIPS/eip-1820#interface-name[section of the EIP].
+ */
+ function interfaceHash(string calldata interfaceName) external pure returns (bytes32);
+
+ /**
+ * @notice Updates the cache with whether the contract implements an ERC165 interface or not.
+ * @param account Address of the contract for which to update the cache.
+ * @param interfaceId ERC165 interface for which to update the cache.
+ */
+ function updateERC165Cache(address account, bytes4 interfaceId) external;
+
+ /**
+ * @notice Checks whether a contract implements an ERC165 interface or not.
+ * If the result is not cached a direct lookup on the contract address is performed.
+ * If the result is not cached or the cached value is out-of-date, the cache MUST be updated manually by calling
+ * {updateERC165Cache} with the contract address.
+ * @param account Address of the contract to check.
+ * @param interfaceId ERC165 interface to check.
+ * @return True if `account` implements `interfaceId`, false otherwise.
+ */
+ function implementsERC165Interface(address account, bytes4 interfaceId) external view returns (bool);
+
+ /**
+ * @notice Checks whether a contract implements an ERC165 interface or not without using nor updating the cache.
+ * @param account Address of the contract to check.
+ * @param interfaceId ERC165 interface to check.
+ * @return True if `account` implements `interfaceId`, false otherwise.
+ */
+ function implementsERC165InterfaceNoCache(address account, bytes4 interfaceId) external view returns (bool);
+
+ event InterfaceImplementerSet(address indexed account, bytes32 indexed interfaceHash, address indexed implementer);
+
+ event ManagerChanged(address indexed account, address indexed newManager);
+}
diff --git a/bridge/contracts/zeppelin/introspection/README.md b/bridge/contracts/zeppelin/introspection/README.md
new file mode 100644
index 000000000..239b9c4aa
--- /dev/null
+++ b/bridge/contracts/zeppelin/introspection/README.md
@@ -0,0 +1,23 @@
+---
+sections:
+ - title: Local
+ contracts:
+ - IERC165
+ - ERC165
+ - ERC165Checker
+ - title: Global
+ contracts:
+ - IERC1820Registry
+ - IERC1820Implementer
+ - ERC1820Implementer
+---
+
+This set of interfaces and contracts deal with [type introspection](https://en.wikipedia.org/wiki/Type_introspection) of contracts, that is, examining which functions can be called on them. This is usually referred to as a contract's _interface_.
+
+Ethereum contracts have no native concept of an interface, so applications must usually simply trust they are not making an incorrect call. For trusted setups this is a non-issue, but often unknown and untrusted third-party addresses need to be interacted with. There may even not be any direct calls to them! (e.g. `ERC20` tokens may be sent to a contract that lacks a way to transfer them out of it, locking them forever). In these cases, a contract _declaring_ its interface can be very helpful in preventing errors.
+
+There are two main ways to approach this.
+ - Locally, where a contract implements `IERC165` and declares an interface, and a second one queries it directly via `ERC165Checker`.
+ - Globally, where a global and unique registry (`IERC1820Registry`) is used to register implementers of a certain interface (`IERC1820Implementer`). It is then the registry that is queried, which allows for more complex setups, like contracts implementing interfaces for externally-owned accounts.
+
+Note that, in all cases, accounts simply _declare_ their interfaces, but they are not required to actually implement them. This mechanism can therefore be used to both prevent errors and allow for complex interactions (see `ERC777`), but it must not be relied on for security.
diff --git a/bridge/contracts/zeppelin/lifecycle/Destructible.sol b/bridge/contracts/zeppelin/lifecycle/Destructible.sol
deleted file mode 100644
index c10630d88..000000000
--- a/bridge/contracts/zeppelin/lifecycle/Destructible.sol
+++ /dev/null
@@ -1,22 +0,0 @@
-pragma solidity ^0.4.24;
-
-
-import "../ownership/Ownable.sol";
-
-
-/**
- * @title Destructible
- * @dev Base contract that can be destroyed by owner. All funds in contract will be sent to the owner.
- */
-contract Destructible is Ownable {
- /**
- * @dev Transfers the current balance to the owner and terminates the contract.
- */
- function destroy() public onlyOwner {
- selfdestruct(owner);
- }
-
- function destroyAndSend(address _recipient) public onlyOwner {
- selfdestruct(_recipient);
- }
-}
diff --git a/bridge/contracts/zeppelin/lifecycle/Pausable.sol b/bridge/contracts/zeppelin/lifecycle/Pausable.sol
new file mode 100644
index 000000000..43c08998b
--- /dev/null
+++ b/bridge/contracts/zeppelin/lifecycle/Pausable.sol
@@ -0,0 +1,77 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../GSN/Context.sol";
+import "../access/roles/PauserRole.sol";
+
+/**
+ * @dev Contract module which allows children to implement an emergency stop
+ * mechanism that can be triggered by an authorized account.
+ *
+ * This module is used through inheritance. It will make available the
+ * modifiers `whenNotPaused` and `whenPaused`, which can be applied to
+ * the functions of your contract. Note that they will not be pausable by
+ * simply including this module, only once the modifiers are put in place.
+ */
+abstract contract Pausable is Context, PauserRole {
+ /**
+ * @dev Emitted when the pause is triggered by a pauser (`account`).
+ */
+ event Paused(address account);
+
+ /**
+ * @dev Emitted when the pause is lifted by a pauser (`account`).
+ */
+ event Unpaused(address account);
+
+ bool private _paused;
+
+ /**
+ * @dev Initializes the contract in unpaused state. Assigns the Pauser role
+ * to the deployer.
+ */
+ constructor () {
+ _paused = false;
+ }
+
+ /**
+ * @dev Returns true if the contract is paused, and false otherwise.
+ */
+ function paused() public view returns (bool) {
+ return _paused;
+ }
+
+ /**
+ * @dev Modifier to make a function callable only when the contract is not paused.
+ */
+ modifier whenNotPaused() {
+ require(!_paused, "Pausable: paused");
+ _;
+ }
+
+ /**
+ * @dev Modifier to make a function callable only when the contract is paused.
+ */
+ modifier whenPaused() {
+ require(_paused, "Pausable: not paused");
+ _;
+ }
+
+ /**
+ * @dev Called by a pauser to pause, triggers stopped state.
+ */
+ function pause() public onlyPauser whenNotPaused {
+ _paused = true;
+ emit Paused(_msgSender());
+ }
+
+ /**
+ * @dev Called by a pauser to unpause, returns to normal state.
+ */
+ function unpause() public onlyPauser whenPaused {
+ _paused = false;
+ emit Unpaused(_msgSender());
+ }
+}
diff --git a/bridge/contracts/zeppelin/lifecycle/TokenDestructible.sol b/bridge/contracts/zeppelin/lifecycle/TokenDestructible.sol
deleted file mode 100644
index 0a43590a0..000000000
--- a/bridge/contracts/zeppelin/lifecycle/TokenDestructible.sol
+++ /dev/null
@@ -1,36 +0,0 @@
-pragma solidity ^0.4.24;
-
-import "../ownership/Ownable.sol";
-import "../token/ERC20/ERC20Basic.sol";
-
-
-/**
- * @title TokenDestructible:
- * @author Remco Bloemen
+
+## OpenZeppelin Contracts Ethereum Package
+
+[](https://www.npmjs.org/package/@openzeppelin/contracts-ethereum-package)
+[](https://circleci.com/gh/OpenZeppelin/openzeppelin-contracts-ethereum-package)
+
+**OpenZeppelin Contracts is a library for secure smart contract development.** It provides implementations of standards like ERC20 and ERC721 which you can deploy as-is or extend to suit your needs, as well as Solidity components to build custom contracts and more complex decentralized systems.
+
+This fork of OpenZeppelin is set up as a **reusable Ethereum Package**. It is deployed to the kovan, rinkeby, and ropsten test networks, as well as to the main Ethereum network. You can reuse any of the pre-deployed on-chain contracts by simply linking to them using the [OpenZeppelin SDK](https://github.com/openzeppelin/openzeppelin-sdk), or reuse their Solidity source code as with the [vanilla version of OpenZeppelin Contracts](https://github.com/OpenZeppelin/openzeppelin-contracts).
+
+## Differences with openzeppelin-contracts
+
+This package contains the same contracts as the vanilla [openzeppelin-contracts](https://github.com/openZeppelin/openzeppelin-contracts). The main difference is that _all contracts in this package are potentially upgradeable_: you will notice that no contracts have constructors defined, but use [initializer functions](https://docs.zeppelinos.org/docs/writing_contracts.html#initializers) instead. Also, this package is set up as an Ethereum package, and provides a small set of pre-deployed logic contracts that can be used directly via the OpenZeppelin SDK, without needing to deploy them again.
+
+All in all, **you should use this package instead of openzeppelin-solidity if you are managing your project via the OpenZeppelin CLI**.
+
+## Install
+
+```
+npm install @openzeppelin/contracts-ethereum-package
+```
+
+## Deployed logic contracts
+
+- [StandaloneERC20](contracts/token/ERC20/StandaloneERC20.sol): ERC20 token implementation, optionally mintable and pausable.
+- [StandaloneERC721](contracts/token/ERC721/StandaloneERC721.sol): ERC721 non-fungible token implementation with metadata and enumerable extensions, optionally mintable and pausable.
+- [TokenVesting](contracts/drafts/TokenVesting.sol): tToken holder contract that can release its token balance gradually like a typical vesting scheme, with a cliff and vesting period, optionally revocable.
+- [PaymentSplitter](contracts/payment/PaymentSplitter.sol): Splits payments among a group of addresses proportionately to some number of shares they own.
+
+## Using via the OpenZeppelin CLI
+
+You can easily create upgradeable instances of any of the logic contracts listed above using the OpenZeppelin CLI. This will rely on the pre-deployed instances in mainnet, kovan, ropsten, or rinkeby, greatly reducing your gas deployment costs. To do this, just [create a new OpenZeppelin SDK project](https://docs.zeppelinos.org/docs/deploying.html) and [link to this package](https://docs.zeppelinos.org/docs/linking.html).
+
+```bash
+$ npm install -g @openzeppelin/cli
+$ openzeppelin init
+$ openzeppelin link @openzeppelin/contracts-ethereum-package
+> Installing...
+$ openzeppelin create @openzeppelin/contracts-ethereum-package/StandaloneERC20
+> Creating...
+```
+
+To create an instance of a contract, use the `openzeppelin create` command. As an example, you can run the following to create an upgradeable ERC20 named MyToken, with symbol TKN and 8 decimals, and an initial supply of 100 tokens assigned to the address HOLDER, with a MINTER and a PAUSER. Remember to replace $HOLDER, $MINTER, and $PAUSER with actual addresses when you run this command; you can specify more than one (or none at all) minters and pausers.
+
+```
+$ openzeppelin create
+? Pick a contract to instantiate: @openzeppelin/contracts-ethereum-package/StandaloneERC20
+? Pick a network: development
+✓ Deploying @openzeppelin/contracts-ethereum-package dependency to network
+? Do you want to call a function on the instance after creating it?: Yes
+? Select which function: * initialize(name: string, symbol: string, decimals: uint8, initialSupply: uint256, initialHolder: address, minters: address[], pausers: address[])
+? name (string): MyToken
+? symbol (string): MYT
+? decimals (uint8): 18
+? initialSupply (uint256): 100e18
+? initialHolder (address): 0x90f8bf6a479f320ead074411a4b0e7944ea8c9c1
+? minters (address[]):
+? pausers (address[]):
+✓ Setting everything up to create contract instances
+✓ Instance created at 0x2612Af3A521c2df9EAF28422Ca335b04AdF3ac66
+```
+
+OpenZeppelin will create an upgradeable ERC20 instance and keep track of its address in the `.openzeppelin/rinkeby.json` file. Should you update your version of the openzeppelin contracts ethereum package later down the road, you can simply run `openzeppelin update` to upgrade all your ERC20 instances to the latest version.
+
+You can also deploy a ERC721 token by choosing the `StandaloneERC721` contract when running `openzeppelin create`. Refer to the `initialize` function of each of the predeployed logic contracts to see which parameters are required for initialization.
+
+## Extending contracts
+
+If you prefer to write your custom contracts, import the ones from this package and extend them through inheritance. Note that **you must use this package and not `@openzeppelin/contracts` if you are [writing upgradeable contracts](https://docs.zeppelinos.org/docs/writing_contracts.html)**.
+
+```solidity
+pragma solidity ^0.5.0;
+
+import '@openzeppelin/upgrades/contracts/Initializable.sol';
+import '@openzeppelin/contracts-ethereum-package/contracts/token/ERC721/ERC721Full.sol';
+import '@openzeppelin/contracts-ethereum-package/contracts/token/ERC721/ERC721Mintable.sol';
+
+contract MyNFT is Initializable, ERC721Full, ERC721Mintable {
+ function initialize() public initializer {
+ ERC721.initialize();
+ ERC721Enumerable.initialize();
+ ERC721Metadata.initialize("MyNFT", "MNFT");
+ ERC721Mintable.initialize(msg.sender);
+ }
+}
+```
+
+On our site you will find a few [guides] to learn about the different parts of OpenZeppelin, as well as [documentation for the API][API docs]. Keep in mind that the API docs are work in progress, and don’t hesitate to ask questions in [our forum][forum].
+
+## Security
+
+OpenZeppelin Contracts is maintained by [OpenZeppelin](https://openzeppelin.com) the company, and developed following our high standards for code quality and security. OpenZeppelin Contracts is meant to provide tested and community-audited code, but please use common sense when doing anything that deals with real money! We take no responsibility for your implementation decisions and any security problems you might experience.
+
+The core development principles and strategies that OpenZeppelin Contracts is based on include: security in depth, simple and modular code, clarity-driven naming conventions, comprehensive unit testing, pre-and-post-condition sanity checks, code consistency, and regular audits.
+
+The latest audit was done on October 2018 on version 2.0.0.
+
+Please report any security issues you find to security@openzeppelin.org.
+
+## Contribute
+
+OpenZeppelin exists thanks to its contributors. There are many ways you can participate and help build high quality software. Check out the [contribution guide]!
+
+## License
+
+OpenZeppelin is released under the [MIT License](LICENSE).
+
+[API docs]: https://docs.openzeppelin.org/v2.8.0/api/token/erc20
+[guides]: https://docs.openzeppelin.org/v2.8.0/get-started
+[forum]: https://forum.zeppelin.solutions
+[Zeppelin]: https://zeppelin.solutions
+[contribution guide]: CONTRIBUTING.md
diff --git a/bridge/contracts/zeppelin/upgradable/access/README.md b/bridge/contracts/zeppelin/upgradable/access/README.md
new file mode 100644
index 000000000..e39860b62
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/access/README.md
@@ -0,0 +1,9 @@
+---
+sections:
+ - title: Library
+ contracts:
+ - Roles
+ - subdirectory: roles
+---
+
+> This page is incomplete. We're working to improve it for the next release. Stay tuned!
diff --git a/bridge/contracts/zeppelin/upgradable/access/roles/UpgradablePauserRole.sol b/bridge/contracts/zeppelin/upgradable/access/roles/UpgradablePauserRole.sol
new file mode 100644
index 000000000..a5dc48673
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/access/roles/UpgradablePauserRole.sol
@@ -0,0 +1,51 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../../Initializable.sol";
+
+import "../../../GSN/Context.sol";
+import "../../../access/Roles.sol";
+
+contract UpgradablePauserRole is Initializable, Context {
+ using Roles for Roles.Role;
+
+ event PauserAdded(address indexed account);
+ event PauserRemoved(address indexed account);
+
+ Roles.Role private _pausers;
+
+ function __PauserRol_init(address sender) public initializer {
+ if (!isPauser(sender)) {
+ _addPauser(sender);
+ }
+ }
+
+ modifier onlyPauser() {
+ require(isPauser(_msgSender()), "PauserRole: caller doesn't have the role");
+ _;
+ }
+
+ function isPauser(address account) public view returns (bool) {
+ return _pausers.has(account);
+ }
+
+ function addPauser(address account) public onlyPauser {
+ _addPauser(account);
+ }
+
+ function renouncePauser() public {
+ _removePauser(_msgSender());
+ }
+
+ function _addPauser(address account) internal {
+ _pausers.add(account);
+ emit PauserAdded(account);
+ }
+
+ function _removePauser(address account) internal {
+ _pausers.remove(account);
+ emit PauserRemoved(account);
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/lifecycle/UpgradablePausable.sol b/bridge/contracts/zeppelin/upgradable/lifecycle/UpgradablePausable.sol
new file mode 100644
index 000000000..380bb4f84
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/lifecycle/UpgradablePausable.sol
@@ -0,0 +1,81 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../Initializable.sol";
+
+import "../../GSN/Context.sol";
+import "../access/roles/UpgradablePauserRole.sol";
+
+/**
+ * @dev Contract module which allows children to implement an emergency stop
+ * mechanism that can be triggered by an authorized account.
+ *
+ * This module is used through inheritance. It will make available the
+ * modifiers `whenNotPaused` and `whenPaused`, which can be applied to
+ * the functions of your contract. Note that they will not be pausable by
+ * simply including this module, only once the modifiers are put in place.
+ */
+contract UpgradablePausable is Initializable, Context, UpgradablePauserRole {
+ /**
+ * @dev Emitted when the pause is triggered by a pauser (`account`).
+ */
+ event Paused(address account);
+
+ /**
+ * @dev Emitted when the pause is lifted by a pauser (`account`).
+ */
+ event Unpaused(address account);
+
+ bool private _paused;
+
+ /**
+ * @dev Initializes the contract in unpaused state. Assigns the Pauser role
+ * to the deployer.
+ */
+ function __Pausable_init(address sender) public initializer {
+ UpgradablePauserRole.__PauserRol_init(sender);
+
+ _paused = false;
+ }
+
+ /**
+ * @dev Returns true if the contract is paused, and false otherwise.
+ */
+ function paused() public view returns (bool) {
+ return _paused;
+ }
+
+ /**
+ * @dev Modifier to make a function callable only when the contract is not paused.
+ */
+ modifier whenNotPaused() {
+ require(!_paused, "Pausable: paused");
+ _;
+ }
+
+ /**
+ * @dev Modifier to make a function callable only when the contract is paused.
+ */
+ modifier whenPaused() {
+ require(_paused, "Pausable: not paused");
+ _;
+ }
+
+ /**
+ * @dev Called by a pauser to pause, triggers stopped state.
+ */
+ function pause() public onlyPauser whenNotPaused {
+ _paused = true;
+ emit Paused(_msgSender());
+ }
+
+ /**
+ * @dev Called by a pauser to unpause, returns to normal state.
+ */
+ function unpause() public onlyPauser whenPaused {
+ _paused = false;
+ emit Unpaused(_msgSender());
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/ownership/README.md b/bridge/contracts/zeppelin/upgradable/ownership/README.md
new file mode 100644
index 000000000..5e112d068
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/ownership/README.md
@@ -0,0 +1,3 @@
+Contract modules for simple authorization and access control mechanisms.
+
+For more complex needs see [Access](access).
diff --git a/bridge/contracts/zeppelin/upgradable/ownership/UpgradableOwnable.sol b/bridge/contracts/zeppelin/upgradable/ownership/UpgradableOwnable.sol
new file mode 100644
index 000000000..e862b44d4
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/ownership/UpgradableOwnable.sol
@@ -0,0 +1,83 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../Initializable.sol";
+
+import "../../GSN/Context.sol";
+
+/**
+ * @dev Contract module which provides a basic access control mechanism, where
+ * there is an account (an owner) that can be granted exclusive access to
+ * specific functions.
+ *
+ * This module is used through inheritance. It will make available the modifier
+ * `onlyOwner`, which can be aplied to your functions to restrict their use to
+ * the owner.
+ */
+contract UpgradableOwnable is Initializable, Context {
+ address private _owner;
+
+ event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
+
+ /**
+ * @dev Initializes the contract setting the deployer as the initial owner.
+ */
+ function initialize(address sender) public initializer {
+ _owner = sender;
+ emit OwnershipTransferred(address(0), _owner);
+ }
+
+ /**
+ * @dev Returns the address of the current owner.
+ */
+ function owner() public view returns (address) {
+ return _owner;
+ }
+
+ /**
+ * @dev Throws if called by any account other than the owner.
+ */
+ modifier onlyOwner() {
+ require(isOwner(), "Ownable: caller is not the owner");
+ _;
+ }
+
+ /**
+ * @dev Returns true if the caller is the current owner.
+ */
+ function isOwner() public view returns (bool) {
+ return _msgSender() == _owner;
+ }
+
+ /**
+ * @dev Leaves the contract without owner. It will not be possible to call
+ * `onlyOwner` functions anymore. Can only be called by the current owner.
+ *
+ * > Note: Renouncing ownership will leave the contract without an owner,
+ * thereby removing any functionality that is only available to the owner.
+ */
+ function renounceOwnership() public onlyOwner {
+ emit OwnershipTransferred(_owner, address(0));
+ _owner = address(0);
+ }
+
+ /**
+ * @dev Transfers ownership of the contract to a new account (`newOwner`).
+ * Can only be called by the current owner.
+ */
+ function transferOwnership(address newOwner) public onlyOwner {
+ _transferOwnership(newOwner);
+ }
+
+ /**
+ * @dev Transfers ownership of the contract to a new account (`newOwner`).
+ */
+ function _transferOwnership(address newOwner) internal {
+ require(newOwner != address(0), "Ownable: new owner is zero address");
+ emit OwnershipTransferred(_owner, newOwner);
+ _owner = newOwner;
+ }
+
+}
diff --git a/bridge/contracts/zeppelin/upgradable/ownership/UpgradableSecondary.sol b/bridge/contracts/zeppelin/upgradable/ownership/UpgradableSecondary.sol
new file mode 100644
index 000000000..7acdf7e0e
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/ownership/UpgradableSecondary.sol
@@ -0,0 +1,56 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../Initializable.sol";
+
+import "../../GSN/Context.sol";
+
+/**
+ * @dev A Secondary contract can only be used by its primary account (the one that created it).
+ */
+contract UpgradableSecondary is Initializable, Context {
+ address private _primary;
+
+ /**
+ * @dev Emitted when the primary contract changes.
+ */
+ event PrimaryTransferred(
+ address recipient
+ );
+
+ /**
+ * @dev Sets the primary account to the one that is creating the Secondary contract.
+ */
+ function __Secondary_init(address sender) public initializer {
+ _primary = sender;
+ emit PrimaryTransferred(_primary);
+ }
+
+ /**
+ * @dev Reverts if called from any account other than the primary.
+ */
+ modifier onlyPrimary() {
+ require(_msgSender() == _primary, "Secondary: caller is not the primary account");
+ _;
+ }
+
+ /**
+ * @return the address of the primary.
+ */
+ function primary() public view returns (address) {
+ return _primary;
+ }
+
+ /**
+ * @dev Transfers contract to a new primary.
+ * @param recipient The address of new primary.
+ */
+ function transferPrimary(address recipient) public onlyPrimary {
+ require(recipient != address(0), "Secondary: new primary is the zero address");
+ _primary = recipient;
+ emit PrimaryTransferred(recipient);
+ }
+
+}
\ No newline at end of file
diff --git a/bridge/contracts/zeppelin/upgradable/proxy/Proxy.sol b/bridge/contracts/zeppelin/upgradable/proxy/Proxy.sol
new file mode 100644
index 000000000..28a775d84
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/proxy/Proxy.sol
@@ -0,0 +1,84 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+/**
+ * @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM
+ * instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to
+ * be specified by overriding the virtual {_implementation} function.
+ *
+ * Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a
+ * different contract through the {_delegate} function.
+ *
+ * The success and return data of the delegated call will be returned back to the caller of the proxy.
+ */
+abstract contract Proxy {
+ /**
+ * @dev Delegates the current call to `implementation`.
+ *
+ * This function does not return to its internall call site, it will return directly to the external caller.
+ */
+ function _delegate(address implementation) internal virtual {
+ // solhint-disable-next-line no-inline-assembly
+ assembly {
+ // Copy msg.data. We take full control of memory in this inline assembly
+ // block because it will not return to Solidity code. We overwrite the
+ // Solidity scratch pad at memory position 0.
+ calldatacopy(0, 0, calldatasize())
+
+ // Call the implementation.
+ // out and outsize are 0 because we don't know the size yet.
+ let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0)
+
+ // Copy the returned data.
+ returndatacopy(0, 0, returndatasize())
+
+ switch result
+ // delegatecall returns 0 on error.
+ case 0 { revert(0, returndatasize()) }
+ default { return(0, returndatasize()) }
+ }
+ }
+
+ /**
+ * @dev This is a virtual function that should be overriden so it returns the address to which the fallback function
+ * and {_fallback} should delegate.
+ */
+ function _implementation() internal view virtual returns (address);
+
+ /**
+ * @dev Delegates the current call to the address returned by `_implementation()`.
+ *
+ * This function does not return to its internall call site, it will return directly to the external caller.
+ */
+ function _fallback() internal virtual {
+ _beforeFallback();
+ _delegate(_implementation());
+ }
+
+ /**
+ * @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other
+ * function in the contract matches the call data.
+ */
+ fallback () external payable virtual {
+ _fallback();
+ }
+
+ /**
+ * @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data
+ * is empty.
+ */
+ receive () external payable virtual {
+ _fallback();
+ }
+
+ /**
+ * @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback`
+ * call, or as part of the Solidity `fallback` or `receive` functions.
+ *
+ * If overriden should call `super._beforeFallback()`.
+ */
+ function _beforeFallback() internal virtual {
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/proxy/ProxyAdmin.sol b/bridge/contracts/zeppelin/upgradable/proxy/ProxyAdmin.sol
new file mode 100644
index 000000000..237bb9f93
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/proxy/ProxyAdmin.sol
@@ -0,0 +1,77 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../../ownership/Ownable.sol";
+import "./TransparentUpgradeableProxy.sol";
+
+/**
+ * @dev This is an auxiliary contract meant to be assigned as the admin of a {TransparentUpgradeableProxy}. For an
+ * explanation of why you would want to use this see the documentation for {TransparentUpgradeableProxy}.
+ */
+contract ProxyAdmin is Ownable {
+
+ /**
+ * @dev Returns the current implementation of `proxy`.
+ *
+ * Requirements:
+ *
+ * - This contract must be the admin of `proxy`.
+ */
+ function getProxyImplementation(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
+ // We need to manually run the static call since the getter cannot be flagged as view
+ // bytes4(keccak256("implementation()")) == 0x5c60da1b
+ (bool success, bytes memory returndata) = address(proxy).staticcall(hex"5c60da1b");
+ require(success);
+ return abi.decode(returndata, (address));
+ }
+
+ /**
+ * @dev Returns the current admin of `proxy`.
+ *
+ * Requirements:
+ *
+ * - This contract must be the admin of `proxy`.
+ */
+ function getProxyAdmin(TransparentUpgradeableProxy proxy) public view virtual returns (address) {
+ // We need to manually run the static call since the getter cannot be flagged as view
+ // bytes4(keccak256("admin()")) == 0xf851a440
+ (bool success, bytes memory returndata) = address(proxy).staticcall(hex"f851a440");
+ require(success);
+ return abi.decode(returndata, (address));
+ }
+
+ /**
+ * @dev Changes the admin of `proxy` to `newAdmin`.
+ *
+ * Requirements:
+ *
+ * - This contract must be the current admin of `proxy`.
+ */
+ function changeProxyAdmin(TransparentUpgradeableProxy proxy, address newAdmin) public virtual onlyOwner {
+ proxy.changeAdmin(newAdmin);
+ }
+
+ /**
+ * @dev Upgrades `proxy` to `implementation`. See {TransparentUpgradeableProxy-upgradeTo}.
+ *
+ * Requirements:
+ *
+ * - This contract must be the admin of `proxy`.
+ */
+ function upgrade(TransparentUpgradeableProxy proxy, address implementation) public virtual onlyOwner {
+ proxy.upgradeTo(implementation);
+ }
+
+ /**
+ * @dev Upgrades `proxy` to `implementation` and calls a function on the new implementation. See
+ * {TransparentUpgradeableProxy-upgradeToAndCall}.
+ *
+ * Requirements:
+ *
+ * - This contract must be the admin of `proxy`.
+ */
+ function upgradeAndCall(TransparentUpgradeableProxy proxy, address implementation, bytes memory data) public payable virtual onlyOwner {
+ proxy.upgradeToAndCall{value: msg.value}(implementation, data);
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol b/bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol
new file mode 100644
index 000000000..d507e65ca
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/proxy/TransparentUpgradeableProxy.sol
@@ -0,0 +1,152 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "./UpgradeableProxy.sol";
+
+/**
+ * @dev This contract implements a proxy that is upgradeable by an admin.
+ *
+ * To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector
+ * clashing], which can potentially be used in an attack, this contract uses the
+ * https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two
+ * things that go hand in hand:
+ *
+ * 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if
+ * that call matches one of the admin functions exposed by the proxy itself.
+ * 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the
+ * implementation. If the admin tries to call a function on the implementation it will fail with an error that says
+ * "admin cannot fallback to proxy target".
+ *
+ * These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing
+ * the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due
+ * to sudden errors when trying to call a function from the proxy implementation.
+ *
+ * Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way,
+ * you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy.
+ */
+contract TransparentUpgradeableProxy is UpgradeableProxy {
+ /**
+ * @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and
+ * optionally initialized with `_data` as explained in {UpgradeableProxy-constructor}.
+ */
+ constructor(address _logic, address admin_, bytes memory _data) payable UpgradeableProxy(_logic, _data) {
+ assert(_ADMIN_SLOT == bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1));
+ _setAdmin(admin_);
+ }
+
+ /**
+ * @dev Emitted when the admin account has changed.
+ */
+ event AdminChanged(address previousAdmin, address newAdmin);
+
+ /**
+ * @dev Storage slot with the admin of the contract.
+ * This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is
+ * validated in the constructor.
+ */
+ bytes32 private constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103;
+
+ /**
+ * @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin.
+ */
+ modifier ifAdmin() {
+ if (msg.sender == _admin()) {
+ _;
+ } else {
+ _fallback();
+ }
+ }
+
+ /**
+ * @dev Returns the current admin.
+ *
+ * NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}.
+ *
+ * TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
+ * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
+ * `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103`
+ */
+ function admin() external ifAdmin returns (address admin_) {
+ admin_ = _admin();
+ }
+
+ /**
+ * @dev Returns the current implementation.
+ *
+ * NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}.
+ *
+ * TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the
+ * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call.
+ * `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc`
+ */
+ function implementation() external ifAdmin returns (address implementation_) {
+ implementation_ = _implementation();
+ }
+
+ /**
+ * @dev Changes the admin of the proxy.
+ *
+ * Emits an {AdminChanged} event.
+ *
+ * NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}.
+ */
+ function changeAdmin(address newAdmin) external virtual ifAdmin {
+ require(newAdmin != address(0), "TransparentUpgradeableProxy: new admin is the zero address");
+ emit AdminChanged(_admin(), newAdmin);
+ _setAdmin(newAdmin);
+ }
+
+ /**
+ * @dev Upgrade the implementation of the proxy.
+ *
+ * NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}.
+ */
+ function upgradeTo(address newImplementation) external virtual ifAdmin {
+ _upgradeTo(newImplementation);
+ }
+
+ /**
+ * @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified
+ * by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the
+ * proxied contract.
+ *
+ * NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}.
+ */
+ function upgradeToAndCall(address newImplementation, bytes calldata data) external payable virtual ifAdmin {
+ _upgradeTo(newImplementation);
+ Address.functionDelegateCall(newImplementation, data);
+ }
+
+ /**
+ * @dev Returns the current admin.
+ */
+ function _admin() internal view virtual returns (address adm) {
+ bytes32 slot = _ADMIN_SLOT;
+ // solhint-disable-next-line no-inline-assembly
+ assembly {
+ adm := sload(slot)
+ }
+ }
+
+ /**
+ * @dev Stores a new address in the EIP1967 admin slot.
+ */
+ function _setAdmin(address newAdmin) private {
+ bytes32 slot = _ADMIN_SLOT;
+
+ // solhint-disable-next-line no-inline-assembly
+ assembly {
+ sstore(slot, newAdmin)
+ }
+ }
+
+ /**
+ * @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}.
+ */
+ function _beforeFallback() internal virtual override {
+ require(msg.sender != _admin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target");
+ super._beforeFallback();
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol b/bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol
new file mode 100644
index 000000000..ab595cdd9
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/proxy/UpgradeableProxy.sol
@@ -0,0 +1,79 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "./Proxy.sol";
+import "../../utils/Address.sol";
+
+/**
+ * @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an
+ * implementation address that can be changed. This address is stored in storage in the location specified by
+ * https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the
+ * implementation behind the proxy.
+ *
+ * Upgradeability is only provided internally through {_upgradeTo}. For an externally upgradeable proxy see
+ * {TransparentUpgradeableProxy}.
+ */
+contract UpgradeableProxy is Proxy {
+ /**
+ * @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`.
+ *
+ * If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded
+ * function call, and allows initializating the storage of the proxy like a Solidity constructor.
+ */
+ constructor(address _logic, bytes memory _data) payable {
+ assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1));
+ _setImplementation(_logic);
+ if(_data.length > 0) {
+ Address.functionDelegateCall(_logic, _data);
+ }
+ }
+
+ /**
+ * @dev Emitted when the implementation is upgraded.
+ */
+ event Upgraded(address indexed implementation);
+
+ /**
+ * @dev Storage slot with the address of the current implementation.
+ * This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is
+ * validated in the constructor.
+ */
+ bytes32 private constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc;
+
+ /**
+ * @dev Returns the current implementation address.
+ */
+ function _implementation() internal view virtual override returns (address impl) {
+ bytes32 slot = _IMPLEMENTATION_SLOT;
+ // solhint-disable-next-line no-inline-assembly
+ assembly {
+ impl := sload(slot)
+ }
+ }
+
+ /**
+ * @dev Upgrades the proxy to a new implementation.
+ *
+ * Emits an {Upgraded} event.
+ */
+ function _upgradeTo(address newImplementation) internal virtual {
+ _setImplementation(newImplementation);
+ emit Upgraded(newImplementation);
+ }
+
+ /**
+ * @dev Stores a new address in the EIP1967 implementation slot.
+ */
+ function _setImplementation(address newImplementation) private {
+ require(Address.isContract(newImplementation), "UpgradeableProxy: new implementation is not a contract");
+
+ bytes32 slot = _IMPLEMENTATION_SLOT;
+
+ // solhint-disable-next-line no-inline-assembly
+ assembly {
+ sstore(slot, newImplementation)
+ }
+ }
+}
diff --git a/bridge/contracts/zeppelin/upgradable/utils/ReentrancyGuard.sol b/bridge/contracts/zeppelin/upgradable/utils/ReentrancyGuard.sol
new file mode 100644
index 000000000..7ab0eaae2
--- /dev/null
+++ b/bridge/contracts/zeppelin/upgradable/utils/ReentrancyGuard.sol
@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: MIT
+
+pragma solidity ^0.8.0;
+pragma abicoder v2;
+
+import "../Initializable.sol";
+
+/**
+ * @title Helps contracts guard against reentrancy attacks.
+ * @author Remco Bloemen `s get reset. However, we also reset the\n// bottom margin to use `rem` units instead of `em`.\np {\n margin-top: 0;\n margin-bottom: $paragraph-margin-bottom;\n}\n\n// Abbreviations\n//\n// 1. Remove the bottom border in Firefox 39-.\n// 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.\n// 3. Add explicit cursor to indicate changed behavior.\n// 4. Duplicate behavior to the data-* attribute for our tooltip plugin\n\nabbr[title],\nabbr[data-original-title] { // 4\n text-decoration: underline; // 2\n text-decoration: underline dotted; // 2\n cursor: help; // 3\n border-bottom: 0; // 1\n}\n\naddress {\n margin-bottom: 1rem;\n font-style: normal;\n line-height: inherit;\n}\n\nol,\nul,\ndl {\n margin-top: 0;\n margin-bottom: 1rem;\n}\n\nol ol,\nul ul,\nol ul,\nul ol {\n margin-bottom: 0;\n}\n\ndt {\n font-weight: $dt-font-weight;\n}\n\ndd {\n margin-bottom: .5rem;\n margin-left: 0; // Undo browser default\n}\n\nblockquote {\n margin: 0 0 1rem;\n}\n\ndfn {\n font-style: italic; // Add the correct font style in Android 4.3-\n}\n\n// stylelint-disable font-weight-notation\nb,\nstrong {\n font-weight: bolder; // Add the correct font weight in Chrome, Edge, and Safari\n}\n// stylelint-enable font-weight-notation\n\nsmall {\n font-size: 80%; // Add the correct font size in all browsers\n}\n\n//\n// Prevent `sub` and `sup` elements from affecting the line height in\n// all browsers.\n//\n\nsub,\nsup {\n position: relative;\n font-size: 75%;\n line-height: 0;\n vertical-align: baseline;\n}\n\nsub { bottom: -.25em; }\nsup { top: -.5em; }\n\n\n//\n// Links\n//\n\na {\n color: $link-color;\n text-decoration: $link-decoration;\n background-color: transparent; // Remove the gray background on active links in IE 10.\n -webkit-text-decoration-skip: objects; // Remove gaps in links underline in iOS 8+ and Safari 8+.\n\n @include hover {\n color: $link-hover-color;\n text-decoration: $link-hover-decoration;\n }\n}\n\n// And undo these styles for placeholder links/named anchors (without href)\n// which have not been made explicitly keyboard-focusable (without tabindex).\n// It would be more straightforward to just use a[href] in previous block, but that\n// causes specificity issues in many other styles that are too complex to fix.\n// See https://github.com/twbs/bootstrap/issues/19402\n\na:not([href]):not([tabindex]) {\n color: inherit;\n text-decoration: none;\n\n @include hover-focus {\n color: inherit;\n text-decoration: none;\n }\n\n &:focus {\n outline: 0;\n }\n}\n\n\n//\n// Code\n//\n\npre,\ncode,\nkbd,\nsamp {\n font-family: $font-family-monospace;\n font-size: 1em; // Correct the odd `em` font sizing in all browsers.\n}\n\npre {\n // Remove browser default top margin\n margin-top: 0;\n // Reset browser default of `1em` to use `rem`s\n margin-bottom: 1rem;\n // Don't allow content to break outside\n overflow: auto;\n // We have @viewport set which causes scrollbars to overlap content in IE11 and Edge, so\n // we force a non-overlapping, non-auto-hiding scrollbar to counteract.\n -ms-overflow-style: scrollbar;\n}\n\n\n//\n// Figures\n//\n\nfigure {\n // Apply a consistent margin strategy (matches our type styles).\n margin: 0 0 1rem;\n}\n\n\n//\n// Images and content\n//\n\nimg {\n vertical-align: middle;\n border-style: none; // Remove the border on images inside links in IE 10-.\n}\n\nsvg {\n // Workaround for the SVG overflow bug in IE10/11 is still required.\n // See https://github.com/twbs/bootstrap/issues/26878\n overflow: hidden;\n vertical-align: middle;\n}\n\n\n//\n// Tables\n//\n\ntable {\n border-collapse: collapse; // Prevent double borders\n}\n\ncaption {\n padding-top: $table-cell-padding;\n padding-bottom: $table-cell-padding;\n color: $table-caption-color;\n text-align: left;\n caption-side: bottom;\n}\n\nth {\n // Matches default `
`s get reset. However, we also reset the\n// bottom margin to use `rem` units instead of `em`.\np {\n margin-top: 0;\n margin-bottom: $paragraph-margin-bottom;\n}\n\n// Abbreviations\n//\n// 1. Remove the bottom border in Firefox 39-.\n// 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.\n// 3. Add explicit cursor to indicate changed behavior.\n// 4. Duplicate behavior to the data-* attribute for our tooltip plugin\n\nabbr[title],\nabbr[data-original-title] { // 4\n text-decoration: underline; // 2\n text-decoration: underline dotted; // 2\n cursor: help; // 3\n border-bottom: 0; // 1\n}\n\naddress {\n margin-bottom: 1rem;\n font-style: normal;\n line-height: inherit;\n}\n\nol,\nul,\ndl {\n margin-top: 0;\n margin-bottom: 1rem;\n}\n\nol ol,\nul ul,\nol ul,\nul ol {\n margin-bottom: 0;\n}\n\ndt {\n font-weight: $dt-font-weight;\n}\n\ndd {\n margin-bottom: .5rem;\n margin-left: 0; // Undo browser default\n}\n\nblockquote {\n margin: 0 0 1rem;\n}\n\ndfn {\n font-style: italic; // Add the correct font style in Android 4.3-\n}\n\n// stylelint-disable font-weight-notation\nb,\nstrong {\n font-weight: bolder; // Add the correct font weight in Chrome, Edge, and Safari\n}\n// stylelint-enable font-weight-notation\n\nsmall {\n font-size: 80%; // Add the correct font size in all browsers\n}\n\n//\n// Prevent `sub` and `sup` elements from affecting the line height in\n// all browsers.\n//\n\nsub,\nsup {\n position: relative;\n font-size: 75%;\n line-height: 0;\n vertical-align: baseline;\n}\n\nsub { bottom: -.25em; }\nsup { top: -.5em; }\n\n\n//\n// Links\n//\n\na {\n color: $link-color;\n text-decoration: $link-decoration;\n background-color: transparent; // Remove the gray background on active links in IE 10.\n -webkit-text-decoration-skip: objects; // Remove gaps in links underline in iOS 8+ and Safari 8+.\n\n @include hover {\n color: $link-hover-color;\n text-decoration: $link-hover-decoration;\n }\n}\n\n// And undo these styles for placeholder links/named anchors (without href)\n// which have not been made explicitly keyboard-focusable (without tabindex).\n// It would be more straightforward to just use a[href] in previous block, but that\n// causes specificity issues in many other styles that are too complex to fix.\n// See https://github.com/twbs/bootstrap/issues/19402\n\na:not([href]):not([tabindex]) {\n color: inherit;\n text-decoration: none;\n\n @include hover-focus {\n color: inherit;\n text-decoration: none;\n }\n\n &:focus {\n outline: 0;\n }\n}\n\n\n//\n// Code\n//\n\npre,\ncode,\nkbd,\nsamp {\n font-family: $font-family-monospace;\n font-size: 1em; // Correct the odd `em` font sizing in all browsers.\n}\n\npre {\n // Remove browser default top margin\n margin-top: 0;\n // Reset browser default of `1em` to use `rem`s\n margin-bottom: 1rem;\n // Don't allow content to break outside\n overflow: auto;\n // We have @viewport set which causes scrollbars to overlap content in IE11 and Edge, so\n // we force a non-overlapping, non-auto-hiding scrollbar to counteract.\n -ms-overflow-style: scrollbar;\n}\n\n\n//\n// Figures\n//\n\nfigure {\n // Apply a consistent margin strategy (matches our type styles).\n margin: 0 0 1rem;\n}\n\n\n//\n// Images and content\n//\n\nimg {\n vertical-align: middle;\n border-style: none; // Remove the border on images inside links in IE 10-.\n}\n\nsvg {\n // Workaround for the SVG overflow bug in IE10/11 is still required.\n // See https://github.com/twbs/bootstrap/issues/26878\n overflow: hidden;\n vertical-align: middle;\n}\n\n\n//\n// Tables\n//\n\ntable {\n border-collapse: collapse; // Prevent double borders\n}\n\ncaption {\n padding-top: $table-cell-padding;\n padding-bottom: $table-cell-padding;\n color: $table-caption-color;\n text-align: left;\n caption-side: bottom;\n}\n\nth {\n // Matches default `
`s get reset. However, we also reset the\n// bottom margin to use `rem` units instead of `em`.\np {\n margin-top: 0;\n margin-bottom: $paragraph-margin-bottom;\n}\n\n// Abbreviations\n//\n// 1. Remove the bottom border in Firefox 39-.\n// 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.\n// 3. Add explicit cursor to indicate changed behavior.\n// 4. Duplicate behavior to the data-* attribute for our tooltip plugin\n\nabbr[title],\nabbr[data-original-title] { // 4\n text-decoration: underline; // 2\n text-decoration: underline dotted; // 2\n cursor: help; // 3\n border-bottom: 0; // 1\n}\n\naddress {\n margin-bottom: 1rem;\n font-style: normal;\n line-height: inherit;\n}\n\nol,\nul,\ndl {\n margin-top: 0;\n margin-bottom: 1rem;\n}\n\nol ol,\nul ul,\nol ul,\nul ol {\n margin-bottom: 0;\n}\n\ndt {\n font-weight: $dt-font-weight;\n}\n\ndd {\n margin-bottom: .5rem;\n margin-left: 0; // Undo browser default\n}\n\nblockquote {\n margin: 0 0 1rem;\n}\n\ndfn {\n font-style: italic; // Add the correct font style in Android 4.3-\n}\n\n// stylelint-disable font-weight-notation\nb,\nstrong {\n font-weight: bolder; // Add the correct font weight in Chrome, Edge, and Safari\n}\n// stylelint-enable font-weight-notation\n\nsmall {\n font-size: 80%; // Add the correct font size in all browsers\n}\n\n//\n// Prevent `sub` and `sup` elements from affecting the line height in\n// all browsers.\n//\n\nsub,\nsup {\n position: relative;\n font-size: 75%;\n line-height: 0;\n vertical-align: baseline;\n}\n\nsub { bottom: -.25em; }\nsup { top: -.5em; }\n\n\n//\n// Links\n//\n\na {\n color: $link-color;\n text-decoration: $link-decoration;\n background-color: transparent; // Remove the gray background on active links in IE 10.\n -webkit-text-decoration-skip: objects; // Remove gaps in links underline in iOS 8+ and Safari 8+.\n\n @include hover {\n color: $link-hover-color;\n text-decoration: $link-hover-decoration;\n }\n}\n\n// And undo these styles for placeholder links/named anchors (without href)\n// which have not been made explicitly keyboard-focusable (without tabindex).\n// It would be more straightforward to just use a[href] in previous block, but that\n// causes specificity issues in many other styles that are too complex to fix.\n// See https://github.com/twbs/bootstrap/issues/19402\n\na:not([href]):not([tabindex]) {\n color: inherit;\n text-decoration: none;\n\n @include hover-focus {\n color: inherit;\n text-decoration: none;\n }\n\n &:focus {\n outline: 0;\n }\n}\n\n\n//\n// Code\n//\n\npre,\ncode,\nkbd,\nsamp {\n font-family: $font-family-monospace;\n font-size: 1em; // Correct the odd `em` font sizing in all browsers.\n}\n\npre {\n // Remove browser default top margin\n margin-top: 0;\n // Reset browser default of `1em` to use `rem`s\n margin-bottom: 1rem;\n // Don't allow content to break outside\n overflow: auto;\n // We have @viewport set which causes scrollbars to overlap content in IE11 and Edge, so\n // we force a non-overlapping, non-auto-hiding scrollbar to counteract.\n -ms-overflow-style: scrollbar;\n}\n\n\n//\n// Figures\n//\n\nfigure {\n // Apply a consistent margin strategy (matches our type styles).\n margin: 0 0 1rem;\n}\n\n\n//\n// Images and content\n//\n\nimg {\n vertical-align: middle;\n border-style: none; // Remove the border on images inside links in IE 10-.\n}\n\nsvg {\n // Workaround for the SVG overflow bug in IE10/11 is still required.\n // See https://github.com/twbs/bootstrap/issues/26878\n overflow: hidden;\n vertical-align: middle;\n}\n\n\n//\n// Tables\n//\n\ntable {\n border-collapse: collapse; // Prevent double borders\n}\n\ncaption {\n padding-top: $table-cell-padding;\n padding-bottom: $table-cell-padding;\n color: $table-caption-color;\n text-align: left;\n caption-side: bottom;\n}\n\nth {\n // Matches default `