lsd0009

draft-guetschow-taler-protocol.xml (147044B)

---

 <?xml version='1.0' encoding='utf-8'?>
 <!DOCTYPE rfc [
   <!ENTITY nbsp    "&#160;">
   <!ENTITY zwsp   "&#8203;">
   <!ENTITY nbhy   "&#8209;">
   <!ENTITY wj     "&#8288;">
 ]>
 <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
 <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.35 (Ruby 3.1.2) -->
 <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-guetschow-taler-protocol" category="info" submissionType="independent" tocInclude="true" sortRefs="true" symRefs="true" version="3">
   <!-- xml2rfc v2v3 conversion 3.32.0 -->
   <front>
     <title>The GNU Taler Protocol</title>
     <seriesInfo name="Internet-Draft" value="draft-guetschow-taler-protocol"/>
     <author initials="M." surname="Gütschow" fullname="Mikolai Gütschow">
       <organization abbrev="TU Dresden">TUD Dresden University of Technology</organization>
       <address>
         <postal>
           <street>Helmholtzstr. 10</street>
           <city>Dresden</city>
           <code>D-01069</code>
           <country>Germany</country>
         </postal>
         <email>mikolai.guetschow@tu-dresden.de</email>
       </address>
     </author>
     <date year="2026" month="May" day="12"/>
     <workgroup>independent</workgroup>
     <keyword>taler</keyword>
     <keyword>cryptography</keyword>
     <keyword>ecash</keyword>
     <keyword>payments</keyword>
     <abstract>
       <?line 45?>
 
 <t>[ TBW ]</t>
     </abstract>
   </front>
   <middle>
     <?line 49?>
 
 <section anchor="introduction">
       <name>Introduction</name>
       <t>[ TBW ]</t>
       <t>Beware that this document is still work-in-progress and may contain errors.
 Use at your own risk!</t>
     </section>
     <section anchor="notation">
       <name>Notation</name>
       <ul spacing="normal">
         <li>
           <t><tt>"abc"</tt> denotes the literal string <tt>abc</tt> encoded as ASCII <xref target="RFC20"/>, without trailing '\0' character.</t>
         </li>
         <li>
           <t><tt>a | b</tt> denotes the concatenation of a with b</t>
         </li>
         <li>
           <t><tt>len(a)</tt> denotes the length in bytes of the byte string a</t>
         </li>
         <li>
           <t><tt>padZero(y, a)</tt> denotes the byte string a, zero-padded to the length of y bytes</t>
         </li>
         <li>
           <t><tt>bits(x)</tt>/<tt>bytes(x)</tt> denotes the minimal number of bits/bytes necessary to represent the multiple precision integer x</t>
         </li>
         <li>
           <t><tt>uint(y, x)</tt> denotes the <tt>y</tt> least significant bits of the integer <tt>x</tt>, zero-padded and encoded in network byte order (big endian)</t>
         </li>
         <li>
           <t><tt>uintY(x)</tt> where <tt>Y</tt> is a positive integer number is equivalent to <tt>uint(Y, x)</tt></t>
         </li>
         <li>
           <t><tt>random(y)</tt> denotes a randomly generated sequence of y bits</t>
         </li>
         <li>
           <t><tt>a * b (mod N)</tt> / <tt>a ** b (mod N)</tt> denotes the multiplication / exponentiation of multiple precision integers a and b, modulo N</t>
         </li>
         <li>
           <t><tt>for</tt>, <tt>if</tt>, variable assignment <tt>=</tt>, and conditional operators are to be interpreted like their Python/Julia equivalents</t>
         </li>
         <li>
           <t><tt>data.key</tt> denotes the property <tt>key</tt> on the object <tt>data</tt></t>
         </li>
         <li>
           <t><tt>0..n</tt> denotes the exclusive range of integer numbers from <tt>0</tt> to <tt>n</tt>, i.e., <tt>0, 1, 2, ..., n-1</tt></t>
         </li>
         <li>
           <t><tt>⟨dataᵢ⟩</tt> within a context of <tt>i = 0..n</tt> denotes <tt>n</tt> objects <tt>dataᵢ</tt>, represented in memory as a continuous array</t>
         </li>
         <li>
           <t><tt>⟨dataᵢ.key⟩</tt> within a context of <tt>i = 0..n</tt> denotes an array of the <tt>n</tt> properties <tt>key</tt> of all <tt>n</tt> objects <tt>dataᵢ</tt></t>
         </li>
       </ul>
     </section>
     <section anchor="cryptographic-primitives">
       <name>Cryptographic Primitives</name>
       <t>// todo: maybe change this description to something more similar to protocol functions (Julia-inspired syntax)</t>
       <section anchor="cryptographic-hash-functions">
         <name>Cryptographic Hash Functions</name>
         <section anchor="sha256">
           <name>SHA-256</name>
           <artwork><![CDATA[
 SHA-256(msg) -> hash
 
 Input:
     msg     input message of length L < 2^61 octets
 
 Output:
     hash    message digest of fixed length HashLen = 32 octets
 ]]></artwork>
           <t><tt>hash</tt> is the output of SHA-256 as per Sections 4.1, 5.1, 6.1, and 6.2 of <xref target="RFC6234"/>.</t>
         </section>
         <section anchor="sha512">
           <name>SHA-512</name>
           <artwork><![CDATA[
 SHA-512(msg) -> hash
 
 Input:
     msg     input message of length L < 2^125 octets
 
 Output:
     hash    message digest of fixed length HashLen = 64 octets
 ]]></artwork>
           <t><tt>hash</tt> is the output of SHA-512 as per Sections 4.2, 5.2, 6.3, and 6.4 of <xref target="RFC6234"/>.</t>
         </section>
         <section anchor="sha512-trunc">
           <name>SHA-512-256 (truncated SHA-512)</name>
           <artwork><![CDATA[
 SHA-512-256(msg) -> hash
 
 Input:
     msg     input message of length L < 2^125 octets
 
 Output:
     hash    message digest of fixed length HashLen = 32 octets
 ]]></artwork>
           <t>The output <tt>hash</tt> corresponds to the first 32 octets of the output of SHA-512 defined in <xref target="sha512"/>:</t>
           <artwork><![CDATA[
 temp = SHA-512(msg)
 hash = temp[0:31]
 ]]></artwork>
           <t>Note that this operation differs from SHA-512/256 as defined in <xref target="SHS"/> in the initial hash value.</t>
         </section>
       </section>
       <section anchor="message-authentication-codes">
         <name>Message Authentication Codes</name>
         <section anchor="hmac">
           <name>HMAC</name>
           <artwork><![CDATA[
 HMAC-Hash(key, text) -> out
 
 Option:
     Hash    cryptographic hash function with output length HashLen
 
 Input:
     key     secret key of length at least HashLen
     text    input data of arbitary length
 
 Output:
     out     output of length HashLen
 ]]></artwork>
           <t><tt>out</tt> is calculated as defined in <xref target="RFC2104"/>.</t>
         </section>
       </section>
       <section anchor="key-derivation-functions">
         <name>Key Derivation Functions</name>
         <section anchor="hkdf">
           <name>HKDF</name>
           <t>The Hashed Key Derivation Function (HKDF) used in Taler is an instantiation of <xref target="RFC5869"/>
 with two different hash functions for the Extract and Expand step as suggested in <xref target="HKDF"/>:
 <tt>HKDF-Extract</tt> uses <tt>HMAC-SHA512</tt>, while <tt>HKDF-Expand</tt> uses <tt>HMAC-SHA256</tt> (cf. <xref target="hmac"/>).</t>
           <artwork><![CDATA[
 HKDF(salt, IKM, info, L) -> OKM
 
 Inputs:
     salt    optional salt value (a non-secret random value);
               if not provided, it is set to a string of 64 zeros.
     IKM     input keying material
     info    optional context and application specific information
               (can be a zero-length string)
     L       length of output keying material in octets
               (<= 255*32 = 8160)
 
 Output:
     OKM      output keying material (of L octets)
 ]]></artwork>
           <t>The output OKM is calculated as follows:</t>
           <artwork><![CDATA[
 PRK = HKDF-Extract(salt, IKM) with Hash = SHA-512 (HashLen = 64)
 OKM = HKDF-Expand(PRK, info, L) with Hash = SHA-256 (HashLen = 32)
 ]]></artwork>
         </section>
         <section anchor="hkdf-mod">
           <name>HKDF-Mod</name>
           <t>Based on the HKDF defined in <xref target="hkdf"/>, this function returns an OKM that is smaller than a given multiple precision integer N.</t>
           <artwork><![CDATA[
 HKDF-Mod(N, salt, IKM, info) -> OKM
 
 Inputs:
     N        multiple precision integer
     salt     optional salt value (a non-secret random value);
               if not provided, it is set to a string of 64 zeros.
     IKM      input keying material
     info     optional context and application specific information
               (can be a zero-length string)
 
 Output:
     OKM      output keying material (smaller than N)
 ]]></artwork>
           <t>The final output <tt>OKM</tt> is determined deterministically based on a counter initialized at zero.</t>
           <artwork><![CDATA[
 counter = 0
 do until OKM < N:
     x = HKDF(salt, IKM, info | uint16(counter), bytes(N))
     OKM = uint(bits(N), x)
     counter += 1
 ]]></artwork>
         </section>
       </section>
       <section anchor="non-blind-signatures">
         <name>Non-Blind Signatures</name>
         <section anchor="ed25519">
           <name>Ed25519</name>
           <t>Taler uses EdDSA instantiated with curve25519 as Ed25519,
 as defined in Section 5.1 of <xref target="RFC8032"/>.
 In particular, Taler does <em>not</em> make use of Ed25519ph or Ed25519ctx
 as defined in that document.</t>
           <section anchor="key-generation">
             <name>Key generation</name>
             <artwork><![CDATA[
 Ed25519-GetPub(priv) -> pub
 
 Input:
     priv    private Ed25519 key
 
 Output:
     pub     public Ed25519 key
 ]]></artwork>
             <t><tt>pub</tt> is calculated as described in Section 5.1.5 of <xref target="RFC8032"/>.</t>
             <artwork><![CDATA[
 Ed25519-Keygen() -> (priv, pub)
 
 Output:
     priv    private Ed25519 key
     pub     public Ed25519 key
 ]]></artwork>
             <t><tt>priv</tt> and <tt>pub</tt> are calculated as described in Section 5.1.5 of <xref target="RFC8032"/>,
 which is equivalent to the following:</t>
             <artwork><![CDATA[
 priv = random(256)
 pub = Ed25519-GetPub(priv)
 ]]></artwork>
           </section>
           <section anchor="signing">
             <name>Signing</name>
             <artwork><![CDATA[
 Ed25519-Sign(priv, msg) -> sig
 
 Inputs:
     priv    Ed25519 private key
     msg     message to be signed
 
 Output:
     sig     signature on the message by the given private key
 ]]></artwork>
             <t><tt>sig</tt> is calculated as described in Section 5.1.6 of <xref target="RFC8032"/>.</t>
           </section>
           <section anchor="verifying">
             <name>Verifying</name>
             <artwork><![CDATA[
 Ed25519-Verify(pub, msg, sig) -> out
 
 Inputs:
     pub     Ed25519 public key
     msg     signed message
     sig     signature on msg
 
 Output:
     out     true, if sig is a valid signature for msg
 ]]></artwork>
             <t><tt>out</tt> is the outcome of the last check of Section 5.1.7 of <xref target="RFC8032"/>.</t>
           </section>
         </section>
       </section>
       <section anchor="key-agreement">
         <name>Key Agreement</name>
         <section anchor="x25519">
           <name>X25519</name>
           <t>Taler uses Elliptic Curve Diffie-Hellman (ECDH) on curve25519 as defined in Section 6.1 of <xref target="RFC7748"/>,
 but reuses Ed25519 keypairs for one side of the agreement instead of random bytes.
 Depending on whether the private or public part is from Ed25519, two different functions are used.</t>
           <artwork><![CDATA[
 ECDH-Ed25519-Priv(priv, pub) -> shared
 
 Input:
     priv    private Ed25519 key
     pub     public X25519 key
 
 Output:
     shared  shared secret based on the given keys
 ]]></artwork>
           <t><tt>shared</tt> is calculated as follows, using the function X25519 defined in Section 5 of <xref target="RFC7748"/>:</t>
           <artwork><![CDATA[
 priv' = SHA-512-256(priv)
 // todo: missing bit clamping from https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_sign/ed25519/ref10/keypair.c#L71
 shared' = X25519(priv', pub)
 shared = SHA-512(shared')
 ]]></artwork>
           <artwork><![CDATA[
 ECDH-Ed25519-Pub(priv, pub) -> shared
 
 Input:
     priv    private X25519 key
     pub     public Ed25519 key
 
 Output:
     shared  shared secret based on the given keys
 ]]></artwork>
           <t><tt>shared</tt> is calculated as follows, using the function X25519 defined in Section 5 of <xref target="RFC7748"/>,
 and <tt>Convert-Point-Ed25519-Curve25519(p)</tt> which implements the birational map of Section 4.1 of <xref target="RFC7748"/>:</t>
           <artwork><![CDATA[
 pub' = Convert-Point-Ed25519-Curve25519(pub)
 shared' = X25519(priv, pub')
 shared = SHA-512(shared')
 ]]></artwork>
           <artwork><![CDATA[
 ECDH-GetPub(priv) -> pub
 
 Input:
     priv    private X25519 key
 
 Output:
     pub     public X25519 key
 ]]></artwork>
           <t><tt>pub</tt> is calculated according to Section 6.1 of <xref target="RFC7748"/>:</t>
           <artwork><![CDATA[
 pub = X25519(priv, 9)
 ]]></artwork>
         </section>
       </section>
       <section anchor="blind-signatures">
         <name>Blind Signatures</name>
         <section anchor="rsa-fdh">
           <name>RSA-FDH</name>
           <section anchor="supporting-functions">
             <name>Supporting Functions</name>
             <artwork><![CDATA[
 RSA-FDH(msg, pubkey) -> fdh
 
 Inputs:
     msg     message
     pubkey  RSA public key consisting of modulus N and public exponent e
 
 Output:
     fdh     full-domain hash of msg over pubkey.N
 ]]></artwork>
             <t><tt>fdh</tt> is calculated based on HKDF-Mod from <xref target="hkdf-mod"/> as follows:</t>
             <artwork><![CDATA[
 info = "RSA-FDA FTpsW!"
 salt = uint16(bytes(pubkey.N)) | uint16(bytes(pubkey.e))
      | pubkey.N | pubkey.e
 fdh = HKDF-Mod(pubkey.N, salt, msg, info)
 ]]></artwork>
             <t>The resulting <tt>fdh</tt> can be used to test against a malicious RSA pubkey
 by verifying that the greatest common denominator (gcd) of <tt>fdh</tt> and <tt>pubkey.N</tt> is 1.</t>
             <artwork><![CDATA[
 RSA-FDH-Derive(bks, pubkey) -> out
 
 Inputs:
     bks     blinding key secret of length L = 32 octets
     pubkey  RSA public key consisting of modulus N and public exponent e
 
 Output:
     out     full-domain hash of bks over pubkey.N
 ]]></artwork>
             <t><tt>out</tt> is calculated based on HKDF-Mod from <xref target="hkdf-mod"/> as follows:</t>
             <artwork><![CDATA[
 info = "Blinding KDF"
 salt = "Blinding KDF extractor HMAC key"
 fdh = HKDF-Mod(pubkey.N, salt, bks, info)
 ]]></artwork>
           </section>
           <section anchor="blinding">
             <name>Blinding</name>
             <artwork><![CDATA[
 RSA-FDH-Blind(msg, bks, pubkey) -> out
 
 Inputs:
     msg     message
     bks     blinding key secret of length L = 32 octets
     pubkey  RSA public key consisting of modulus N and public exponent e
 
 Output:
     out     message blinded for pubkey
 ]]></artwork>
             <t><tt>out</tt> is calculated based on RSA-FDH from <xref target="rsa-fdh"/> as follows:</t>
             <artwork><![CDATA[
 data = RSA-FDH(msg, pubkey)
 r = RSA-FDH-Derive(bks, pubkey)
 r_e = r ** pubkey.e (mod pubkey.N)
 out = r_e * data (mod pubkey.N)
 ]]></artwork>
           </section>
           <section anchor="signing-1">
             <name>Signing</name>
             <artwork><![CDATA[
 RSA-FDH-Sign(data, privkey) -> sig
 
 Inputs:
     data    data to be signed, an integer smaller than privkey.N
     privkey RSA private key consisting of modulus N and private exponent d
 
 Output:
     sig     signature on data by privkey
 ]]></artwork>
             <t><tt>sig</tt> is calculated as follows:</t>
             <artwork><![CDATA[
 sig = data ** privkey.d (mod privkey.N)
 ]]></artwork>
           </section>
           <section anchor="unblinding">
             <name>Unblinding</name>
             <artwork><![CDATA[
 RSA-FDH-Unblind(sig, bks, pubkey) -> out
 
 Inputs:
     sig     blind signature
     bks     blinding key secret of length L = 32 octets
     pubkey  RSA public key consisting of modulus N and public exponent e
 
 Output:
     out     unblinded signature
 ]]></artwork>
             <t><tt>out</tt> is calculated as follows:</t>
             <artwork><![CDATA[
 r = RSA-FDH-Derive(bks, pubkey)
 r_inv = inverse of r (mod pubkey.N)
 out = sig * r_inv (mod pubkey.N)
 ]]></artwork>
           </section>
           <section anchor="verifying-1">
             <name>Verifying</name>
             <artwork><![CDATA[
 RSA-FDH-Verify(msg, sig, pubkey) -> out
 
 Inputs:
     msg     message
     sig     signature of pubkey over msg
     pubkey  RSA public key consisting of modulus N and public exponent e
 
 Output:
     out     true, if sig is a valid signature
 ]]></artwork>
             <t><tt>out</tt> is calculated based on RSA-FDH from <xref target="rsa-fdh"/> as follows:</t>
             <artwork><![CDATA[
 data = RSA-FDH(msg, pubkey)
 exp = sig ** pubkey.e (mod pubkey.N)
 out = (data == exp)
 ]]></artwork>
           </section>
         </section>
         <section anchor="cbs">
           <name>Clause-Schnorr</name>
         </section>
       </section>
     </section>
     <section anchor="datatypes-and-notation">
       <name>Datatypes and Notation</name>
       <section anchor="amounts">
         <name>Amounts</name>
         <t>Amounts are represented in Taler as positive fixed-point values
 consisting of <tt>value</tt> as the non-negative integer part of the base currency,
 the <tt>fraction</tt> given in units of one hundred millionth (1e-8) of the base currency,
 and <tt>currency</tt> as the 3-11 ASCII characters identifying the currency.</t>
         <t>Whenever used in the protocol, the binary representation of an <tt>amount</tt> is
 <tt>uint64(amount.value) | uint32(amount.fraction) | padZero(12, amount.currency)</tt>.</t>
       </section>
       <section anchor="timestamps">
         <name>Timestamps</name>
         <t>Absolute timestamps are represented as <tt>uint64(x)</tt> where <tt>x</tt> corresponds to
 the microseconds since <tt>1970-01-01 00:00 CEST</tt> (the UNIX epoch).
 The special value <tt>0xFFFFFFFFFFFFFFFF</tt> represents "never".
 <!--
 // todo: check if needed and correct
 Relative timestamps are represented as `uint64(x)` where `x` is given in microseconds.
 The special value `0xFFFFFFFFFFFFFFFF` represents "forever".
 -->
         </t>
       </section>
       <section anchor="signatures">
         <name>Signatures</name>
         <t>All messages to be signed in Taler start with a header containing their total size
 (including the header) and a fixed signing context (purpose) as registered by GANA in the
 <eref target="https://gana.gnunet.org/gnunet-signatures/gnunet_signatures.html">GNUnet Signature Purposes</eref>
 registry. Taler-specific purposes start at 1000.</t>
         <artwork><![CDATA[
 Gen-Msg(purpose, msg) -> out
 
 Inputs:
     purpose signature purpose as registered at GANA
     msg     message content (excl. header) to be signed
 
 Output:
     out     complete message (incl. header) to be signed
 ]]></artwork>
         <t><tt>out</tt> is formed as follows:</t>
         <artwork><![CDATA[
 out = uint32(len(msg) + 8) | uint32(purpose) | msg
 ]]></artwork>
       </section>
       <section anchor="helper-functions">
         <name>Helper Functions</name>
         <t>There are a certain number of single-argument functions which are often needed,
 and therefore omit the parentheses of the typical function syntax:</t>
         <ul spacing="normal">
           <li>
             <t><tt>Knows data</tt> specifies <tt>data</tt> that is known a priori at the start of the protocol operation</t>
           </li>
           <li>
             <t><tt>Check cond</tt> verifies that the boolean condition or variable <tt>cond</tt> is true,
 or aborts the protocol operation otherwise</t>
           </li>
           <li>
             <t><tt>Persist data</tt> persists the given <tt>data</tt> to the local database</t>
           </li>
           <li>
             <t><tt>data = Lookup by key</tt> retrieves previously persisted <tt>data</tt> by the given <tt>key</tt></t>
           </li>
           <li>
             <t><tt>Sum ⟨dataᵢ⟩</tt> is valid for numerical objects <tt>dataᵢ</tt> including amounts (cf. <xref target="amounts"/>),
 and denotes the numerical sum of these objects</t>
           </li>
         </ul>
         <t>Some more functions that are commonly used throughout <xref target="protocol"/>:</t>
         <artwork><![CDATA[
 Hash-Denom(denom) =
   SHA-512(uint32(0) | uint32(1) | denom.pub)
 
 Hash-Planchet(planchet, denom) =
   SHA-512( SHA-512( denom.pub ) | uint32(0x1) | planchet )
 
 Check-Subtract(value, subtrahend) =
   Check value >= subtrahend
   Persist value -= subtrahend
 ]]></artwork>
       </section>
     </section>
     <section anchor="protocol">
       <name>The Taler Crypto Protocol</name>
       <t>The Taler payment protocol is a token-based <em>e-cash</em> system
 which ensures anonymity for payers (much like physical cash),
 while guaranteing income transparency on the payees' side (much like most digital payment systems).
 Contrary to what the name might suggest,
 Taler neither is a separate currency (as cryptocurrencies do)
 nor is it tied to a specific currency.
 Instead, the payment system operator offering the Taler payment protocol
 can freely choose the assets backing the payment system.</t>
       <t>The basic system consists of three types of entities:</t>
       <ol spacing="normal" type="1"><li>
           <t>The Taler <em>exchange</em> is run by the payment system operator.
 It is the central, trusted entity which hands out e-cash and holds the corresponding value.</t>
         </li>
         <li>
           <t>A Taler <em>wallet</em> manages e-cash in self-custody for end users.</t>
         </li>
         <li>
           <t>A Taler <em>merchant</em> can redeem e-cash at the exchange
 after the wallet authorized a deposit permission during a payment.</t>
         </li>
       </ol>
       <t>E-cash in Taler is represented as digital tokens called <em>coins</em>.
 They are public-private keypairs where ownership of the coin
 is equivalent to the knowledge of the private key <tt>coin.priv</tt>.
 Every coin has an initial value corresponding to a denomination (<tt>denom</tt>) offered by the exchange.
 The validity of coins is signaled by the presence of
 a valid denomination signature <tt>coin.sig</tt> on the (hash of the) public key <tt>coin.pub</tt>.
 To ensure payer anonymity, the exchange generates <tt>coin.sig</tt> without learning the actual (hash of) <tt>coin.pub</tt>
 using a <em>blind</em> signature scheme.</t>
       <t>Wallets obtain coins from the exchange during <em>withdrawal</em> (cf. <xref target="withdraw"/>)
 and use them during <em>payment</em> at merchants, who in turn <em>deposit</em> them at the exchange (cf. <xref target="payment"/>).
 Residual value on partly spent coins can be <em>refreshed</em> by the wallet subsequently in order to obtain unlinkable change (cf. <xref target="refresh"/>).
 Taler also supports receiving e-cash in a wallet without acting as a merchant using <em>wallet-to-wallet payments</em> (W2W, cf. <xref target="w2w"/>),
 which are always handled via the exchange.</t>
       <t>Honest operation of the exchange can be optionally supervised by an independant third-party Taler <em>auditor</em>.
 This supervision is not part of the basic Taler protocol and thus not part of this document.</t>
       <artwork><![CDATA[
                  - exchange -
                 /            \
    Withdrawal  /              \  Deposit
      Refresh  /  W2W           \
              /                  \
           wallet ----------- merchant
                    Payment
 ]]></artwork>
       <t>// todo: capitalize wallet, exchange, merchant everywhere?</t>
       <t>In the default configuration, Taler uses RSA-FDH (cf. <xref target="rsa-fdh"/>) for (blind) denomination signatures
 and Ed25519 (cf. <xref target="ed25519"/>) signatures everywhere else.
 Clause-Schnorr Signatures (cf. <xref target="cbs"/>) provide an alternative blind signature scheme operating on Elliptic Curves.
 As their usage is still experimental, they are not described as part of this document.</t>
       <t>Taler has optional support for age-restricted coins, enabling privacy-preserving age restriction.
 As an optional feature, it is not part of the basic Taler protocol and thus left out of the description in this document.</t>
       <section anchor="obtaining-e-cash">
         <name>Obtaining E-Cash</name>
         <section anchor="withdraw">
           <name>Withdrawal</name>
           <t>The wallet generates <tt>n &gt; 0</tt> coins <tt>⟨coinᵢ⟩</tt> and requests <tt>n</tt> signatures <tt>⟨blind_sigᵢ⟩</tt> from the exchange,
 attributing value to the coins according to <tt>n</tt> chosen denominations <tt>⟨denomᵢ⟩</tt>.
 The total value and withdrawal fee (defined by the exchange per denomination)
 must be smaller or equal to the amount stored in the single reserve used for withdrawal.</t>
           <t>// todo: document TALER_MAX_COINS = 64 per operation (due to CS-encoding)</t>
           <t>// todo: extend with extra roundtrip for CBS</t>
           <artwork><![CDATA[
             wallet                                  exchange
 Knows ⟨denomᵢ⟩                          Knows ⟨denomᵢ.priv⟩
                |                                        |
 +-----------------------------+                         |
 | (W1) reserve key generation |                         |
 +-----------------------------+                         |
                |                                        |
                |----------- (bank transfer) ----------->|
                | (subject: reserve.pub, amount: value)  |
                |                                        |
                |                      +------------------------------+
                |                      | Persist (reserve.pub, value) |
                |                      +------------------------------+
                |                                        |
 +-----------------------------------+                   |
 | (W2) coin generation and blinding |                   |
 +-----------------------------------+                   |
                |                                        |
                |-------------- /withdraw -------------->|
                |    (reserve.pub, planchets, sig)       |
                |                                        |
                |                      +--------------------------------+
                |                      | (E1) coin issuance and signing |
                |                      +--------------------------------+
                |                                        |
                |<---------- (⟨blind_sigᵢ⟩) -------------|
                |                                        |
 +----------------------+                                |
 | (W3) coin unblinding |                                |
 +----------------------+                                |
                |                                        |
 ]]></artwork>
           <t>where (for RSA, without age-restriction)</t>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) reserve key generation (wallet)
 
 reserve = Ed25519-Keygen()
 Persist (reserve, value)
 ]]></sourcecode>
           <t>The wallet derives coins and blinding secrets using a HKDF from a single seed per withdrawal operation,
 together with an integer index.
 This is strictly speaking an implementation detail since the seed is never revealed to any other party,
 and might be chosen to be implemented differently.</t>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) coin generation and blinding (wallet)
 
 batch_seed = random(256)
 Persist batch_seed
 for i in 0..n:
   coin_seedᵢ = HKDF(uint32(i), batch_seed, "taler-withdrawal-coin-derivation", 64)
   blind_secretᵢ = coin_seedᵢ[32:]
   coinᵢ.priv = coin_seedᵢ[:32]
   coinᵢ.pub = Ed25519-GetPub(coinᵢ.priv)
   h_denomᵢ = Hash-Denom(denomᵢ)
   planchetᵢ = RSA-FDH-Blind(SHA-512(coinᵢ.pub), blind_secretᵢ, denomᵢ.pub)
   h_planchetᵢ = Hash-Planchet(planchetᵢ, denomᵢ)
 planchets = (⟨h_denomᵢ⟩, ⟨planchetᵢ⟩)
 msg = Gen-Msg(WALLET_RESERVE_WITHDRAW,
     ( Sum ⟨denomᵢ.value⟩ | Sum ⟨denomᵢ.fee_withdraw⟩
     | SHA-512( ⟨h_planchetᵢ⟩ ) | uint256(0x0) | uint32(0x0) | uint32(0x0) ))
 sig = Ed25519-Sign(reserve.priv, msg)
 
 // todo: exchange.git uses different derivation than wallet-core.git (above):
 ⟨coin_seedᵢ⟩ = HKDF(uint32(n), batch_seed, "taler-withdraw-secrets", 32*n)
 for i in 0..n:
   blind_secretᵢ = HKDF("bks", coin_seedᵢ, "", 32)
   coinᵢ.priv = HKDF("coin", coin_seedᵢ, "", 32)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) coin issuance and signing (exchange)
 
 (⟨h_denomᵢ⟩, ⟨planchetᵢ⟩) = planchets
 for i in 0..n:
   denomᵢ = Lookup by h_denomᵢ
   Check denomᵢ known and not withdraw-expired
   h_planchetᵢ = Hash-Planchet(planchetᵢ, denomᵢ)
 msg = Gen-Msg(WALLET_RESERVE_WITHDRAW,
     ( Sum ⟨denomᵢ.value⟩ | Sum ⟨denomᵢ.fee_withdraw⟩
     | SHA-512( ⟨h_planchetᵢ⟩ ) | uint256(0x0) | uint32(0x0) | uint32(0x0) ))
 Check Ed25519-Verify(reserve.pub, msg, sig)
 Check reserve KYC status ok or not needed
 total = Sum ⟨denomᵢ.value⟩ + Sum ⟨denomᵢ.fee_withdraw⟩
 Check-Subtract(reserve.balance, total)
 for i in 0..n:
   blind_sigᵢ = RSA-FDH-Sign(planchetᵢ, denomᵢ.priv)
 Persist withdrawal // todo: what exactly? should be checked first for replay?
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W3) coin unblinding (wallet)
 
 for i in 0..n:
   coinᵢ.sig = RSA-FDH-Unblind(blind_sigᵢ, blind_secretᵢ, denomᵢ.pub)
   Check RSA-FDH-Verify(SHA-512(coinᵢ.pub), coinᵢ.sig, denomᵢ.pub)
   coinᵢ.h_denom = h_denomᵢ
   coinᵢ.blind_secret = blind_secretᵢ  // todo: why save blind_secret, if batch_seed already persisted?
 Persist ⟨coinᵢ⟩
 ]]></sourcecode>
         </section>
         <section anchor="withdraw-recoup">
           <name>Recoup</name>
           <t>// todo</t>
         </section>
       </section>
       <section anchor="payment-with-e-cash">
         <name>Payment with E-Cash</name>
         <section anchor="payment">
           <name>Payment and Deposit</name>
           <t>The wallet obtains <tt>contract</tt> information for an <tt>order</tt> from the merchant
 after claiming it with a <tt>nonce</tt>.
 Payment of the order is prepared by signing (partial) deposit authorizations <tt>⟨depositᵢ⟩</tt> with coins <tt>⟨coinᵢ⟩</tt> of certain denominations <tt>⟨denomᵢ⟩</tt>,
 where the sum of all contributions (<tt>contributionᵢ &lt;= denomᵢ.value</tt>) must match the <tt>contract.price</tt> plus potential deposit fees.
 The payment is complete as soon as the merchant successfully redeems the deposit authorizations at the exchange.</t>
           <t>Deposit could also be used directly by a wallet with its own payto and a minimal contract.</t>
           <t>// todo: should we integrate payment templates here?</t>
           <artwork><![CDATA[
       wallet                        merchant                       exchange
 Knows ⟨coinᵢ⟩                  Knows merchant.priv         Knows exchange.priv
         |                      Knows exchange, payto       Knows ⟨denomᵢ⟩
         |                              |                              |
         |                 +-----------------------+                   |
         |                 | (M1) order generation |                   |
         |                 +-----------------------+                   |
         |                              |                              |
         |<--- (QR-Code / NFC / URI) ---|                              |
         |      (order.{id,token?})     |                              |
         |                              |                              |
 +-----------------------+              |                              |
 | (W1) nonce generation |              |                              |
 +-----------------------+              |                              |
         |                              |                              |
         |-- /orders/{order.id}/claim ->|                              |
         |  (nonce.pub, order.token?)   |                              |
         |                              |                              |
         |                 +--------------------------+                |
         |                 | (M2) contract generation |                |
         |                 +--------------------------+                |
         |                              |                              |
         |<-- (contract, merchant.pub, -|                              |
         |            sig)              |                              |
         |                              |                              |
 +--------------------------+           |                              |
 | (W2) payment preparation |           |                              |
 +--------------------------+           |                              |
         |                              |                              |
         |--- /orders/{order.id}/pay -->|                              |
         |         (⟨depositᵢ⟩)         |                              |
         |                              |                              |
         |                 +--------------------------+                |
         |                 | (M3) deposit preparation |                |
         |                 +--------------------------+                |
         |                              |                              |
         |                              |-------- /batch-deposit ----->|
         |                              | (info, h_contract, ⟨depositᵢ⟩|
         |                              |        merchant.pub, sig)    |
         |                              |                              |
         |                              |                  +--------------------+
         |                              |                  | (E1) deposit check |
         |                              |                  +--------------------+
         |                              |                              |
         |                              |<------ (time_deposit, -------|
         |                              |      exchange.pub, sig)      |
         |                              |                              |
         |                 +---------------------------+               |
         |                 | (M4) deposit verification |               |
         |                 +---------------------------+               |
         |                              |                              |
         |<----------- (sig) -----------|                              |
         |                              |                              |
 +---------------------------+          |                              |
 | (W3) payment verification |          |                              |
 +---------------------------+          |                              |
         |                              |                              |
 ]]></artwork>
           <t>where (without age restriction, policy and wallet data hash)</t>
           <sourcecode type="pseudocode"><![CDATA[
 (M1) order generation (merchant)
 
 wire_salt = random(128)
 determine price, and ASCII strings id, info, token?
 Persist order = (id, price, info, token?, wire_salt)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) nonce generation (wallet)
 
 nonce = Ed25519-Keygen()
 Persist nonce.priv
 ]]></sourcecode>
           <t>Note that the private key of <tt>nonce</tt> is currently not used anywhere in the protocol.
 However, it could be used in the future to prove ownership of an order transaction,
 enabling use-cases such as "unclaiming" or transferring an order to another person,
 or proving the payment without resorting to the individual coins.</t>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) contract generation (merchant)
 
 Check order.token? == token?
 h_wire = HKDF(wire_salt, payto, "merchant-wire-signature", 64)
 timestamp = now()
 determine refund_deadline, wire_deadline from timestamp
 contract = (order.{id,price,info,token?}, exchange, h_wire, timestamp, refund_deadline, wire_deadline)
 contract.nonce = nonce.pub
 Persist contract
 h_contract = SHA-512(canonicalJSON(contract))
 msg = Gen-Msg(MERCHANT_CONTRACT, h_contract)
 sig = Ed25519-Sign(merchant.priv, msg)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) payment preparation (wallet)
 
 h_contract = SHA-512(canonicalJSON(contract))
 msg = Gen-Msg(MERCHANT_CONTRACT, h_contract)
 Check Ed25519-Verify(merchant.pub, msg, sig)
 Check contract.nonce == nonce
 // TODO: double-check extra hash check?
 // todo: maybe get rid of CoinSelection altogether by claiming we already know coinᵢ and contributionᵢ
 ⟨selectionᵢ⟩ = CoinSelection(contract.{exchange,price}) TODO: include MarkDirty here
 for i in 0..n:
   (coinᵢ, denomᵢ, contributionᵢ) = selectionᵢ
   msgᵢ = Gen-Msg(WALLET_COIN_DEPOSIT,
       ( h_contract | uint256(0x0)
       | uint512(0x0) | contract.h_wire | coinᵢ.h_denom
       | timestamp | contract.refund_deadline
       | contributionᵢ + denomᵢ.fee_deposit
       | denomᵢ.fee_deposit | merchant.pub | uint512(0x0) ))
   sigᵢ = Ed25519-Sign(coinᵢ.priv, msgᵢ)
   depositᵢ = (coinᵢ.{pub,sig,h_denom}, contributionᵢ, sigᵢ)
 Persist (contract, ⟨sigᵢ⟩, ⟨depositᵢ⟩)
 ]]></sourcecode>
           <t>// TODO: explain CoinSelection</t>
           <sourcecode type="pseudocode"><![CDATA[
 (M3) deposit preparation (merchant)
 
 Check Sum ⟨depositᵢ.contribution⟩ == contract.price
 info.time = contract.{timestamp, wire_deadline, refund_deadline}
 info.wire = (payto, wire_salt)
 h_contract = SHA-512(canonicalJSON(contract))
 msg = Gen-Msg(MERCHANT_CONTRACT, h_contract)
 sig = Ed25519-Sign(merchant.priv, msg)
 ]]></sourcecode>
           <t>TODO: what about wire_fees, those should be checked for as well, or do we just assume merchant will pay those?
 see src/backend/taler-merchant-httpd_post-orders-ORDER_ID-pay.c:2760</t>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) deposit check (exchange)
 
 h_wire = HKDF(info.wire.wire_salt, info.wire.payto, "merchant-wire-signature", 64)
 for i in 0..n:
   coinᵢ = depositᵢ.coin
   denomᵢ = Lookup by coinᵢ.h_denom
   Check denomᵢ known and not deposit-expired
   totalᵢ = depositᵢ.contribution + denomᵢ.fee_deposit
   msgᵢ = Gen-Msg(WALLET_COIN_DEPOSIT,
       ( h_contract | uint256(0x0)
       | uint512(0x0) | h_wire | coinᵢ.h_denom
       | info.time.timestamp | info.time.refund_deadline
       | totalᵢ
       | denomᵢ.fee_deposit | merchant.pub | uint512(0x0) ))
   Check Ed25519-Verify(coinᵢ.pub, msgᵢ, depositᵢ.sig)
   Check RSA-FDH-Verify(SHA-512(coinᵢ.pub), coinᵢ.sig, denomᵢ.pub)
   Check-Subtract(coinᵢ.value, total)
 Persist deposit-record
 schedule bank transfer to payto
 time_deposit = now()
 msg = Gen-Msg(EXCHANGE_CONFIRM_DEPOSIT,
     ( h_contract | h_wire | uint512(0x0)
     | time_deposit | info.time.wire_deadline
     | info.time.refund_deadline
     | Sum ⟨depositᵢ.contribution⟩
     | SHA-512( ⟨depositᵢ.sig⟩ ) | merchant.pub ))
 sig = Ed25519-Sign(exchange.priv, msg)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) deposit verification (merchant)
 
 h_wire = HKDF(wire_salt, payto, "merchant-wire-signature", 64)
 msg = Gen-Msg(EXCHANGE_CONFIRM_DEPOSIT,
     ( h_contract | h_wire | uint512(0x0)
     | time_deposit | contract.wire_deadline
     | contract.refund_deadline
     | Sum ⟨depositᵢ.contribution⟩
     | SHA-512( ⟨depositᵢ.sig⟩ ) | merchant.pub ))
 Check Ed25519-Verify(exchange.pub, msg, sig)
 msg = Gen-Msg(MERCHANT_PAYMENT_OK, h_contract)
 sig = Ed25519-Sign(merchant.priv, msg)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W3) payment verification (wallet)
 
 msg = Gen-Msg(MERCHANT_PAYMENT_OK, h_contract)
 Check Ed25519-Verify(merchant.pub, msg, sig)
 ]]></sourcecode>
         </section>
         <section anchor="refund">
           <name>Refund</name>
           <t>A wallet can request a refund for an order from the merchant after it has been completed successfully
 (cf. <xref target="payment"/>) and before the merchant has been paid out by the exchange (i.e., before <tt>contract.wire_deadline</tt>).
 The merchant needs to approve the refund via its business logic,
 and is free to decide the total amount of the refund
 as well as which coins' deposit operations are (potentially partly) invalidated.
 After the exchange has accepted the refund request,
 the coins obtain their (partial) value back.
 The wallet should proceed to refresh (cf. <xref target="refresh"/>) the coins before spending them again
 to obtain unlinkability.</t>
           <t>In case the wallet itself has used deposit to its own payto,
 it can act as the merchant in the protocol below.</t>
           <artwork><![CDATA[
       wallet                        merchant                       exchange
 Knows order.id                 Knows merchant.priv         Knows deposit_record
 Knows contract                         |                         for coinᵢ.pub
         |                              |                              |
 +---------------------+                |                              |
 | (W1) refund request |                |                              |
 +---------------------+                |                              |
         |                              |                              |
         |- /orders/{order.id}/refund ->|                              |
         |          (h_contract)        |                              |
         |                              |                              |
         |                 +------------------------+                  |
         |                 | (M1) refund processing |                  |
         |                 +------------------------+                  |
         |                              |                              |
         |                              |- /coins/{coinᵢ.pub}/refund ->|
         |                              |   (valueᵢ, h_contract, id,   |
         |                              |      merchant.pub, sigᵢ)     |
         |                              |                              |
         |                              |                  +-------------------+
         |                              |                  | (E1) refund check |
         |                              |                  +-------------------+
         |                              |                              |
         |                              |<--- (exchange.pub, sigᵢ) ----|
         |                              |                              |
         |                 +--------------------------+                |
         |                 | (M2) refund confirmation |                |
         |                 +--------------------------+                |
         |                              |                              |
         |<-----(value, ⟨refundᵢ⟩,------|                              |
         |        merchant.pub)         |                              | // todo: why merchant.pub if no sig transmitted?
         |                              |                              |
 +-----------------------+              |                              |
 | (W2) refund reception |              |                              |
 +-----------------------+              |                              |
         |                              |                              |
 ]]></artwork>
           <t>where (for RSA, without age-restriction)</t>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) refund request (wallet)
 
 h_contract = SHA-512(canonicalJSON(contract))
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M1) refund processing (merchant)
 
 Check h_contract known and refund possible
 time = now()
 ⟨coinᵢ⟩ = Lookup by h_contract
 id = uint32(random(32))
 for i in 0..n:
   denomᵢ = Lookup by coinᵢ.h_denom
   valueᵢ = refund amount // todo: split wisely
   msgᵢ = Gen-Msg(MERCHANT_REFUND,
        ( h_contract | coinᵢ.pub | id | valueᵢ | denomᵢ.fee_refund ))
   sigᵢ = Ed25519-Sign(merchant.priv, msgᵢ)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) refund check and confirmation (exchange)
 
 deposit_record = Lookup by h_contract // todo: needs to be persisted before with order.id and used coins!
 Check refund possible (prior to wire transfer deadline)
 for i in 0..n:
   Check coinᵢ.pub part of deposit_record
   denomᵢ = Lookup by coinᵢ.pub
   msgᵢ = Gen-Msg(MERCHANT_REFUND,
       ( h_contract | coinᵢ.pub | id | valueᵢ | denomᵢ.fee_refund ))
   Check Ed25519-Verify(merchant.pub, msgᵢ, sigᵢ)
   Check valueᵢ >= denomᵢ.fee_refund
   remove/update scheduled wire transfer
   mark coin part as unspent
   msgᵢ = Gen-Msg(MERCHANT_REFUND_OK, SHA-512(order.id))
   sigᵢ = Ed25519-Sign(exchange.priv, msgᵢ)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) refund confirmation (merchant)
 
 for i in 0..n:
   msgᵢ = Gen-Msg(MERCHANT_REFUND_OK, SHA-512(order.id))
   Check Ed25519-Verify(exchange.pub, msgᵢ, sigᵢ)
   update business logic
   refundᵢ = (valueᵢ, sigᵢ, id, coinᵢ.pub, time)
 value = sum ⟨valueᵢ⟩
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) refund reception (wallet)
 
 for i in 0..n:
   (valueᵢ, sigᵢ, id, coinᵢ.pub, time) = refundᵢ
 update persistent transaction information
 refresh ⟨coinᵢ⟩
 ]]></sourcecode>
         </section>
       </section>
       <section anchor="obtaining-unlinkable-change">
         <name>Obtaining unlinkable change</name>
         <section anchor="refresh">
           <name>Refresh</name>
           <t>The wallet obtains <tt>n</tt> new coins <tt>⟨coinᵢ⟩</tt> of denominations <tt>⟨denomᵢ⟩</tt>
 in exchange for one old <tt>coin</tt> of denomination <tt>denom</tt> from the exchange.
 There are three reasons why a wallet needs to do this:</t>
           <ol spacing="normal" type="1"><li>
               <t>Obtaining unlinkable change after using only a part of the coin's value during a payment (cf. <xref target="payment"/>),
 i.e. where <tt>contribution &lt;= denom.value</tt></t>
             </li>
             <li>
               <t>Obtaining unlinkable change after a successful refund (cf. <xref target="refund"/>)</t>
             </li>
             <li>
               <t>Renewing a coin before it deposit-expires</t>
             </li>
           </ol>
           <t>The sum of the refresh fee of <tt>denom</tt> and the new denominations' values and withdrawal fees (defined by the exchange)
 must be smaller or equal to the residual value of the old <tt>coin</tt>.</t>
           <t>The private key of each new coin candidate <tt>⟨coinₖᵢ.priv⟩</tt> is transitively derived from the old coin's private key <tt>coin.priv</tt>
 via a 512-bit secret <tt>⟨sharedₖᵢ⟩</tt> according to <tt>Refresh-Derive</tt>.
 The secret is regeneratable with the knowledge of <tt>coin.priv</tt> via the link protocol (cf. <xref target="link"/>).
 The derivation ensures that ownership of coins (knowledge of the private key) is correctly transferred,
 and thereby that value transfer among untrusted parties can only happen via payment and deposit, not via refresh.</t>
           <artwork><![CDATA[
 Refresh-Derive(shared, i, denom) =
   planchet_seed = HKDF(uint32(i), shared, "taler-coin-derivation", 64)
   blind_secret = HKDF("bks", planchet_seed, "", 32)
   coin.priv = HKDF("coin", planchet_seed, "", 32)
   coin.pub = Ed25519-GetPub(coin.priv)
   planchet = RSA-FDH-Blind(SHA-512(coin.pub), blind_secret, denom.pub)
   h_planchet = Hash-Planchet(planchet, denom)
   return (coin, blind_secret, planchet, h_planchet)
 ]]></artwork>
           <t>Taler uses a cut-and-choose protocol with the fixed parameter <tt>κ=3</tt> to enforce correct derivation
 of <tt>⟨sharedₖᵢ⟩</tt> from a single seed per batch of planchets <tt>⟨batch_seedₖ⟩</tt>
 (in (κ-1)/κ of the cases, making income concealment for tax evasion purposes unpractical).</t>
           <t>Refreshing consists of two parts:</t>
           <ol spacing="normal" type="1"><li>
               <t>Melting of the old coin and commiting to κ batches of blinded planchet candidates</t>
             </li>
             <li>
               <t>Revelation of κ-1 secrets <tt>⟨revealed_seedₖ⟩</tt> to prove the proper construction of the (revealed) batches of blinded planchet candidates.</t>
             </li>
           </ol>
           <artwork><![CDATA[
             wallet                                  exchange
 Knows ⟨denomᵢ⟩                          Knows ⟨denomᵢ.priv⟩
 Knows coin                                              |
                |                                        |
 +-------------------+                                   |
 | (W1) coin melting |                                   |
 +-------------------+                                   |
                |                                        |
                |---------------- /melt ---------------->|
                |     (coin.{pub,sig,h_denom}, value,    |
                |      refresh_seed, planchets, sig)     |
                |                                        |
                |                      +---------------------------------------+
                |                      | (E1) gamma selection and coin signing |
                |                      +---------------------------------------+
                |                                        |
                |<------ (ɣ, exchange.pub, sig) ---------|
                |                                        |
 +------------------------+                              |
 | (W2) secret revelation |                              |
 +------------------------+                              |
                |                                        |
                |------------ /reveal-melt ------------->|
                |     (commitment, ⟨revealed_seedₖ⟩)     |
                |                                        |
                |                      +----------------------------+
                |                      | (E2) commitment validation |
                |                      +----------------------------+
                |                                        |
                |<---------- (⟨blind_sigᵢ⟩) -------------|
                |                                        |
 +----------------------+                                |
 | (W3) coin unblinding |                                |
 +----------------------+                                |
                |                                        |
 ]]></artwork>
           <t>where (for RSA, without age-restriction)</t>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) coin melting (wallet)
 
 refresh_seed = random(256)
 ⟨batch_seedₖ⟩ = HKDF("refresh-batch-seeds", refresh_seed, coin.priv, k*64)
 for k in 0..κ:
   ⟨transferₖᵢ.priv⟩ = HKDF("refresh-transfer-private-keys", batch_seedₖ, "", n*32)
   for i in 0..n:
     transferₖᵢ.pub = ECDH-GetPub(transferₖᵢ.priv)
     sharedₖᵢ = ECDH-Ed25519-Pub(transferₖᵢ.priv, coin.pub)
     (coinₖᵢ, blind_secretₖᵢ, planchetₖᵢ, h_planchetₖᵢ) = Refresh-Derive(sharedₖᵢ, denomᵢ)
   h_planchetsₖ = SHA-512( ⟨h_planchetₖᵢ⟩ )
 value = coin.denom.fee_refresh + Sum ⟨denomᵢ.value⟩ + Sum ⟨denomᵢ.fee_withdraw⟩
 commitment = SHA-512( refresh_seed | uint256(0x0) | coin.pub | value
                     | SHA-512( ⟨h_planchetsₖ⟩ ) )
 for i in 0..n:
   h_denomᵢ = Hash-Denom(denomᵢ)
 planchets = (⟨h_denomᵢ⟩, ⟨planchetₖᵢ⟩, ⟨transferₖᵢ.pub⟩))
 msg = Gen-Msg(WALLET_COIN_MELT,
     ( commitment | coin.h_denom | uint256(0x0)
     | value | denom.fee_refresh ))
 sig = Ed25519-Sign(coin.priv, msg)
 Persist (coin.denom.pub, ...) // todo: double-check
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) gamma selection and coin signing (exchange)
 
 denom = Lookup by coin.h_denom
 Check denom known and not deposit-expired
 Check RSA-FDH-Verify(SHA-512(coin.pub), coin.sig, denom.pub)
 Check coin.pub known and dirty
 (⟨h_denomᵢ⟩, ⟨planchetₖᵢ⟩, ⟨transferₖᵢ.pub⟩)) = planchets
 for i in 0..n:
   denomᵢ = Lookup by h_denomᵢ
   Check denomᵢ known and not withdraw-expired
 value' = coin.denom.fee_refresh + Sum ⟨denomᵢ.value⟩ + Sum ⟨denomᵢ.fee_withdraw⟩
 Check value' == value
 Check-Subtract(coin.value, value)
 for k in 0..κ:
   for i in 0..n:
     h_planchetₖᵢ = Hash-Planchet(planchetₖᵢ, denomᵢ)
   h_planchetsₖ = SHA-512( ⟨h_planchetₖᵢ⟩ )
 commitment = SHA-512( refresh_seed | uint256(0x0) | coin.pub | value
                     | SHA-512( ⟨h_planchetsₖ⟩ ) )
 msg = Gen-Msg(WALLET_COIN_MELT,
     ( commitment | coin.h_denom | uint256(0x0)
     | value | denom.fee_refresh ))
 Check Ed25519-Verify(coin.pub, msg, sig)
 refresh_record = Lookup by commitment
 (ɣ, _, _, done, _) = refresh_record
 if refresh_record not found:
   ɣ = 0..κ at random
   for i in 0..n:
     blind_sigᵢ = RSA-FDH-Sign(planchetᵧᵢ, denomᵧᵢ.priv)
   link_info = (refresh_seed, ⟨transferₖᵢ.pub⟩, ⟨h_denomᵢ⟩, coin_sig)
   Persist refresh_record = (commitment, ɣ, ⟨blind_sigᵢ⟩, h_planchetsᵧ, false, link_info)
 msg = Gen-Msg(EXCHANGE_CONFIRM_MELT,
     ( commitment | uint32(ɣ) ))
 sig = Ed25519-Sign(exchange.priv, msg)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) secret revelation (wallet)
 
 Check exchange.pub known
 msg = Gen-Msg(EXCHANGE_CONFIRM_MELT,
     ( commitment | uint32(ɣ) ))
 Check Ed25519-Verify(exchange.pub, msg, sig)
 Persist refresh-challenge // what exactly?
 for k in 0..κ and k != ɣ:
   revealed_seedₖ = batch_seedₖ
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E2) commitment validation (exchange)
 
 refresh_record = Lookup by commitment
 (ɣ, ⟨blind_sigᵢ⟩, h_planchetsᵧ, done, _) = refresh_record
 Check not done // todo: sure?
 for k in 0..κ and k != ɣ:
   ⟨transferₖᵢ.priv⟩ = HKDF("refresh-transfer-private-keys", batch_seedₖ, "", n*32)
   for i in 0..n:
     transferₖᵢ.pub = ECDH-GetPub(transferₖᵢ.priv)
     sharedₖᵢ = ECDH-Ed25519-Pub(transferₖᵢ.priv, coin.pub)
     (_, _, _, h_planchetₖᵢ) = Refresh-Derive(sharedₖᵢ, denomᵢ)
   h_planchetsₖ = SHA-512( ⟨h_planchetₖᵢ⟩ )
 value = coin.denom.fee_refresh + Sum ⟨denomᵢ.value⟩ + Sum ⟨denomᵢ.fee_withdraw⟩
 commitment' = SHA-512( refresh_seed | uint256(0x0) | coin.pub | value
                      | SHA-512( ⟨h_planchetsₖ⟩ ) )
 Check commitment == commitment'
 Persist refresh_record = (_, _, _, true, _)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W3) coin unblinding (wallet)
 
 for i in 0..n:
   coinᵧᵢ.sig = RSA-FDH-Unblind(blind_sigᵧᵢ, blind_secretᵧᵢ, denomᵢ.pub)
   Check RSA-FDH-Verify(SHA-512(coinᵧᵢ.pub), coinᵧᵢ.sig, denomᵢ.pub)
   coinᵧᵢ.h_denom = h_denomᵢ
   Persist ⟨coinᵧᵢ⟩
 ]]></sourcecode>
         </section>
         <section anchor="link">
           <name>Link</name>
           <t>Coins ⟨coinᵧᵢ⟩ obtained via the refresh protocol (cf. <xref target="refresh"/>) can be regenerated
 with the knowledge of the old coin's private key <tt>coin.priv</tt> using the link protocol,
 integrated in the coin history endpoint.</t>
           <artwork><![CDATA[
             wallet                                  exchange
 Knows coin                              Knows refresh_record for coin.pub
                |                                        |
 +----------------------+                                |
 | (W1) history request |                                |
 +----------------------+                                |
                |                                        |
                |------ /coins/{coin.pub}/history ------>|
                |                 (sig)                  |
                |                                        |
                |                      +----------------------------+
                |                      | (E1) refresh secret lookup |
                |                      +----------------------------+
                |                                        |
                |<------------- (melt_info) -------------|
                |                                        |
 +-----------------------+                               |
 | (W2) coin acquisition |                               |
 +-----------------------+                               |
                |                                        |
 ]]></artwork>
           <t>where (for RSA, without age-restriction)</t>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) history request (wallet)
 
 msg = Gen-Msg(COIN_HISTORY_REQUEST, uint64(0x0))
 sig = Ed25519-Sign(coin.priv, msg)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) refresh secret lookup (exchange)
 
 refresh_record = Lookup by coin.pub
 (ɣ, ⟨blind_sigᵢ⟩, _, done, link_info) = refresh_record
 if done:
   melt_info = (ɣ, link_info, ⟨blind_sigᵢ⟩)
 else:
   melt_info = (ɣ, link_info)
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) coin acquisition (wallet)
 
 (ɣ, link_info, ⟨blind_sigᵢ⟩?) = melt_info
 (refresh_seed, ⟨transferₖᵢ.pub⟩, ⟨h_denomᵢ⟩, coin_sig) = link_info
 
 for i in 0..n:
   denomᵢ = Lookup by h_denomᵢ
 for k in 0..κ:
   for i in 0..n:
     sharedₖᵢ = ECDH-Ed25519-Priv(coin.priv, transferₖᵢ.pub)
     (coinₖᵢ, blind_secretₖᵢ _, h_planchetₖᵢ) = Refresh-Derive(sharedₖᵢ, denomᵢ)
   h_planchetsₖ = SHA-512( ⟨h_planchetₖᵢ⟩ )
 value = coin.denom.fee_refresh + Sum ⟨denomᵢ.value⟩ + Sum ⟨denomᵢ.fee_withdraw⟩
 commitment = SHA-512( refresh_seed | uint256(0x0) | coin.pub | value
                     | SHA-512( ⟨h_planchetsₖ⟩ ) )
 msg = Gen-Msg(WALLET_COIN_MELT,
     ( commitment | coin.h_denom | uint256(0x0)
     | value | denom.fee_refresh ))
 Check Ed25519-Verify(coin.pub, msg, sig)
 
 if ⟨blind_sigᵢ⟩ returned:
   for i in 0..n:
     coinᵧᵢ.sig = RSA-FDH-Unblind(blind_sigᵧᵢ, blind_secretᵧᵢ, denomᵢ.pub)
     Check RSA-FDH-Verify(SHA-512(coinᵧᵢ.pub), coinᵧᵢ.sig, denomᵢ.pub)
     coinᵧᵢ.h_denom = h_denomᵢ
   Persist ⟨coinᵧᵢ⟩
 ]]></sourcecode>
         </section>
         <section anchor="refresh-recoup">
           <name>Recoup</name>
           <t>// todo</t>
         </section>
       </section>
       <section anchor="w2w">
         <name>Transfer of E-Cash</name>
         <t>// todo: introductory text</t>
         <t>Transactions in E-Cash between wallets.
 Commonly referred to as peer-to-peer transactions.
 In Taler, interaction with exchange, therefore called wallet-to-wallet transactions.</t>
         <section anchor="w2w-account">
           <name>Account Creation</name>
         </section>
         <section anchor="w2w-push">
           <name>Push Payment</name>
           <t>// todo</t>
         </section>
         <section anchor="w2w-pull">
           <name>Pull Payment</name>
           <t>// todo</t>
         </section>
       </section>
     </section>
     <section anchor="security-considerations">
       <name>Security Considerations</name>
       <t>[ TBD ]</t>
     </section>
     <section anchor="iana-considerations">
       <name>IANA Considerations</name>
       <t>None.</t>
     </section>
   </middle>
   <back>
     <references anchor="sec-normative-references">
       <name>Normative References</name>
       <reference anchor="RFC20">
         <front>
           <title>ASCII format for network interchange</title>
           <author fullname="V.G. Cerf" initials="V.G." surname="Cerf"/>
           <date month="October" year="1969"/>
         </front>
         <seriesInfo name="STD" value="80"/>
         <seriesInfo name="RFC" value="20"/>
         <seriesInfo name="DOI" value="10.17487/RFC0020"/>
       </reference>
       <reference anchor="RFC2104">
         <front>
           <title>HMAC: Keyed-Hashing for Message Authentication</title>
           <author fullname="H. Krawczyk" initials="H." surname="Krawczyk"/>
           <author fullname="M. Bellare" initials="M." surname="Bellare"/>
           <author fullname="R. Canetti" initials="R." surname="Canetti"/>
           <date month="February" year="1997"/>
           <abstract>
             <t>This document describes HMAC, a mechanism for message authentication using cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind</t>
           </abstract>
         </front>
         <seriesInfo name="RFC" value="2104"/>
         <seriesInfo name="DOI" value="10.17487/RFC2104"/>
       </reference>
       <reference anchor="RFC5869">
         <front>
           <title>HMAC-based Extract-and-Expand Key Derivation Function (HKDF)</title>
           <author fullname="H. Krawczyk" initials="H." surname="Krawczyk"/>
           <author fullname="P. Eronen" initials="P." surname="Eronen"/>
           <date month="May" year="2010"/>
           <abstract>
             <t>This document specifies a simple Hashed Message Authentication Code (HMAC)-based key derivation function (HKDF), which can be used as a building block in various protocols and applications. The key derivation function (KDF) is intended to support a wide range of applications and requirements, and is conservative in its use of cryptographic hash functions. This document is not an Internet Standards Track specification; it is published for informational purposes.</t>
           </abstract>
         </front>
         <seriesInfo name="RFC" value="5869"/>
         <seriesInfo name="DOI" value="10.17487/RFC5869"/>
       </reference>
       <reference anchor="RFC6234">
         <front>
           <title>US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)</title>
           <author fullname="D. Eastlake 3rd" initials="D." surname="Eastlake 3rd"/>
           <author fullname="T. Hansen" initials="T." surname="Hansen"/>
           <date month="May" year="2011"/>
           <abstract>
             <t>Federal Information Processing Standard, FIPS</t>
           </abstract>
         </front>
         <seriesInfo name="RFC" value="6234"/>
         <seriesInfo name="DOI" value="10.17487/RFC6234"/>
       </reference>
       <reference anchor="RFC7748">
         <front>
           <title>Elliptic Curves for Security</title>
           <author fullname="A. Langley" initials="A." surname="Langley"/>
           <author fullname="M. Hamburg" initials="M." surname="Hamburg"/>
           <author fullname="S. Turner" initials="S." surname="Turner"/>
           <date month="January" year="2016"/>
           <abstract>
             <t>This memo specifies two elliptic curves over prime fields that offer a high level of practical security in cryptographic applications, including Transport Layer Security (TLS). These curves are intended to operate at the ~128-bit and ~224-bit security level, respectively, and are generated deterministically based on a list of required properties.</t>
           </abstract>
         </front>
         <seriesInfo name="RFC" value="7748"/>
         <seriesInfo name="DOI" value="10.17487/RFC7748"/>
       </reference>
       <reference anchor="RFC8032">
         <front>
           <title>Edwards-Curve Digital Signature Algorithm (EdDSA)</title>
           <author fullname="S. Josefsson" initials="S." surname="Josefsson"/>
           <author fullname="I. Liusvaara" initials="I." surname="Liusvaara"/>
           <date month="January" year="2017"/>
           <abstract>
             <t>This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided.</t>
           </abstract>
         </front>
         <seriesInfo name="RFC" value="8032"/>
         <seriesInfo name="DOI" value="10.17487/RFC8032"/>
       </reference>
       <reference anchor="HKDF">
         <front>
           <title>Cryptographic Extraction and Key Derivation: The HKDF Scheme</title>
           <author fullname="Hugo Krawczyk" initials="H." surname="Krawczyk">
             <organization/>
           </author>
           <date year="2010"/>
         </front>
         <seriesInfo name="Lecture Notes in Computer Science" value="pp. 631-648"/>
         <seriesInfo name="DOI" value="10.1007/978-3-642-14623-7_34"/>
         <seriesInfo name="ISBN" value="[&quot;9783642146220&quot;, &quot;9783642146237&quot;]"/>
         <refcontent>Springer Berlin Heidelberg</refcontent>
       </reference>
       <reference anchor="SHS">
         <front>
           <title>Secure hash standard</title>
           <author>
             <organization/>
           </author>
           <date year="2015"/>
         </front>
         <seriesInfo name="DOI" value="10.6028/nist.fips.180-4"/>
         <refcontent>National Institute of Standards and Technology (U.S.)</refcontent>
       </reference>
     </references>
     <?line 1444?>
 
 <section anchor="test-vectors">
       <name>Test Vectors</name>
       <t>This appendix provides two sets of test vectors for testing Taler Protocol implementations.
 They are generated by going through the protocol operations in the following order:</t>
       <ol spacing="normal" type="1"><li>
           <t>Withdraw two coins <tt>coin₀</tt> and <tt>coin₁</tt> from a single <tt>reserve</tt> (cf. <xref target="withdraw"/>).</t>
         </li>
         <li>
           <t>Pay for one <tt>order</tt> with the full value of <tt>coin₀</tt> and a partial value of <tt>coin₁</tt> (cf. <xref target="payment"/>).</t>
         </li>
         <li>
           <t>Obtain a partial refund on <tt>coin₀</tt> used to pay for the <tt>order</tt> (cf. <xref target="refund"/>).</t>
         </li>
         <li>
           <t>Refresh the now-dirty <tt>coin₁</tt> to two new coins <tt>coin₂</tt> and <tt>coin₃</tt> (cf. <xref target="refresh"/>).</t>
         </li>
         <li>
           <t>Regenerate <tt>coin₂</tt> and <tt>coin₃</tt> with the knowledge of <tt>coin₁</tt> (cf. <xref target="link"/>).</t>
         </li>
         <li>
           <t>Create an <tt>account</tt> for w2w transfers (cf. <xref target="w2w-account"/>).</t>
         </li>
         <li>
           <t>Send a payment to <tt>account</tt> with the full value of <tt>coin₂</tt>, obtaining <tt>coin₄</tt> (cf. <xref target="w2w-push"/>).</t>
         </li>
         <li>
           <t>Request a payment to <tt>account</tt>, which is paid with the full value of <tt>coin₄</tt>, obtaining <tt>coin₅</tt> (cf. <xref target="w2w-pull"/>).</t>
         </li>
         <li>
           <t>Recoup the value of <tt>coin₅</tt> obtained via withdrawal from <tt>account</tt> (cf. <xref target="withdraw-recoup"/>).</t>
         </li>
         <li>
           <t>Recoup the value of <tt>coin₃</tt> obtained via refresh from <tt>coin₁</tt> (cf. <xref target="refresh-recoup"/>).</t>
         </li>
       </ol>
       <t>// todo: p2p sending full coins only works without fees, should we set fees to zero?</t>
       <t>// todo: refund would be slightly more interesting with 2 coins being (partially) refunded,
 should we change to full refund coin0 + partial refund coin1 (coin1 value after fee_deposit + fee_refund should then match denom2 + denom3)</t>
       <t>The test vectors in this document have been generated by the GNU Taler reference implementation written in C.
 All binary data is provided in hexadecimal notation.
 Big numbers for RSA are represented in big-endian byte order (most significant byte first).</t>
       <section anchor="test-case-1">
         <name>Test Case 1</name>
         <sourcecode type="pseudocode"><![CDATA[
 exchange.master_pub  = 3cb5e9823db2b335fdb3f284ae960e56be8b081c6819b8
                        b0217f38b095b4313b
 exchange.priv        = 1bf4149fa644b3c7f2bf02da4703ff2de3fa160dce0c75
                        0eabfa0f7ac70a2442
 exchange.pub         = 4c130aae3246831808a162e2d4330de394e5f0d7dff75a
                        80f3fa045b1a43eabb
 exchange.url         = https://exchange.taler.example.org/
 denom₀.pub.n         = ba42b9e75e48847bab175ed4797384d68a430fd849a914
                        aa68438349743b2728d9ca97709c15d5c81c7d9d11c84e
                        c9c60cec03aed4b36ad153768eb30cf9845474e97ee9d7
                        475ebc926d87135d56926b7df1cea3ec38897a74bc3e24
                        5e59ffa76e5aff2c2f2eb84e7133a879f4229221f91c7b
                        ddf96088e4020e16444d94acc30708069f4a1bde3dcbea
                        d32e3916a9f6722adb3d63bb9075dde49258fbd28a9a09
                        251fa08b64faee53a506b9f637136c72af7382b9243fa8
                        996ad4d72cc1b05cfb45271cb3187b4eeec0b5f9e847cd
                        cc0c3ddef9787164a1aee7e4e1ee6de1b95282c1ff646a
                        a70aabd1df0003f75d3585e9e740916cee4f7bca0cd82f
                        72104d
 denom₀.pub.e         = 010001
 denom₀.priv.d        = 07bc432fbc6eeb0f9ec2a4f5d2886d65228f57ee5ddac7
                        88af355493bd9fc247d449b161e41d95080f44d93bd693
                        8d162c4db5f6720f7479768ba73000f330df780e856e8d
                        3a01d1778c546e85b3157820de24bc9290238782271a36
                        94f38c6645f3420331ff70f8930377f4fea25beaccc775
                        ce796f9ca7c97d0fc82ce7a6880dd437e6b30695ca51a5
                        8f0239aef7481932550ce61b5b085313cb888c893cc1bb
                        ef6b47c607e1189f8cccb04eeb9f87b9e53f414850f8b9
                        23ce83e2859c0434a3d14d861e864fd5ce701af1161139
                        8a73515b7056b2828e564cdec6052bdbb43ff435178577
                        198de0676e5d378ade9b31844e81e2218ba3b3aec5bff9
                        a26621
 denom₀.hash          = 8653090e3f3f5efac9770a5dd0c97813940c191c9fa171
                        3367f8bb1279b1e3d27f32d16ea7699501e5fc4d176725
                        d76ab0307f9bdf9d0d263c2256a7f1c63143
 denom₀.value         = KUDOS:5.12
 denom₀.fee_withdraw  = KUDOS:0.01
 denom₀.fee_deposit   = KUDOS:0.01
 denom₀.fee_refresh   = KUDOS:0.01
 denom₀.fee_refund    = KUDOS:0.01
 denom₁.pub.n         = d5455fb79449df7bf548e384d5201d75f4f7697ef9b805
                        1eb8536f66783e70ca2d524fefa6840c1f87d9d8814868
                        15d5ace866a32269b05bdba7ff6024811c19456026b0a5
                        9da4db96f58729d286c90be8cd9cbf575d346202b43282
                        d601b5751ff77a88a0742a692349a0e3fa8ed5518fc537
                        8fcf434929b541c942573abef310b87776e976e81cf650
                        a04399fabddbde677163918250c4d45f5e90ee7539de50
                        0a8e915be1d5f17d79cb9585ccdf5dba42ef53c24eae7d
                        7c93c4e0a432788245b7c76a587f0ac6889d3038953136
                        2d51c2ad65cb1e28b4ad4cc97fcd2a4aedd6612ae8888e
                        b2dbc4de0cf30f46a43b76cc8c3245eefe013195a237f0
                        2d13b5
 denom₁.pub.e         = 010001
 denom₁.priv.d        = 5a520e0e663bbeecf55d5015d258ce8145247ec62aa5d7
                        6d422cfbb1cedccad1a4ce06527d17d1368d47221ce678
                        463eff02516d6746914ce5c2c9318364366d31675e1b53
                        9866d8249f89059a4640e0cd503ec0fe13d7fa6620c07f
                        8e789ccba4a51f7cbb4f5722bdb211f45b09a0a7f11659
                        c88ac37939b3accfba4bccf24ea260e21aaec0dfbf8571
                        78438986e963e9e356277c3badc34fc91b705d9956b4be
                        dc0947d65924d7dd31e564de798eb06837380caed6813d
                        3761d119901c5540eb74c3cb674fdfd64b67d78ebd40de
                        0cafd53c038a0a8e87890b953b8b94a9771a6efb3142ca
                        02db873053f8d1de2082db4366fc072aafc723c036a2fb
                        999605
 denom₁.hash          = 1de6052bce12feaa2d26e3bba1789b0c2295028279f3ea
                        ff8e1345448ba05390cff49656ed72a1f7ef6ee2c4a80f
                        80eefa0d0f906e74305b0215c4194ab1c7b8
 denom₁.value         = KUDOS:2.56
 denom₁.fee_withdraw  = KUDOS:0.01
 denom₁.fee_deposit   = KUDOS:0.01
 denom₁.fee_refresh   = KUDOS:0.01
 denom₁.fee_refund    = KUDOS:0.01
 denom₂.pub.n         = d1320993658042f995f09ed66ad2283e457a1f44cad96f
                        1cf5a6299ac93d61724a7448d70e56a38666ec66352a58
                        10ca3e544d957dedb5789e135589fcb8b139c65a2f70d7
                        c421dfd4e27cf38d463074d286730be23d446fc0781151
                        9b068346b28b86b94acff35524eb62436852714c92f03b
                        0bac21bb6bf727734be7871b702f928c3ced4bad9ba2d4
                        9cec6a86d1019181c65c16abf7b391f103c90c3eaaaa9d
                        5298a4a60c71bdaf0f08246327a62399bf4c424c1ed771
                        8cb5df178daa9710ec9d098e99ed0456de2fbaf7865ba4
                        7931c52d1cac78cacc1bc451782587487a6189addfe5dc
                        df6f190f28816707e3d1e104b5a1f7a570b75c1951588f
                        3289ef
 denom₂.pub.e         = 010001
 denom₂.priv.d        = 311849a8066faa083218b4e6444e8af44650e94ab7427d
                        31b232eb5bb0b3cf8d478cefd54cbfa783f0deb503f02a
                        97d226fb98f3a708a508a82c886c285bddf7dda5a7b197
                        69a7bb84961cd5f9c749b2f8ff65bb99be6033cbdb41d1
                        418d2f3ce5c519fa9d649d4a53ae4c32dea64e81b6905b
                        831b44155cbab5cef8b6defde09295662cdf2189f2763e
                        de05bea0acb707b9b6b087dcebb9ca81f1c2785d6560f9
                        3bf1a1860676cccceb079c22b48b9fdef68e1d286164f1
                        32ffddeab29fa7a704e1bc3f9f5e28c39675f17136aed8
                        542aa4470a14a7380a4016b21d43ef5b9e2b241ced017c
                        54247c12fd6beccb7bd356820b0246553c751b3e071468
                        c2efdd
 denom₂.hash          = 4f8c487d21ffb5bb7571f5d66bcf6f93f4f5c043df5483
                        669383128700064e8637afecd6029cb36dfc5a60d20ff3
                        112ff1b5ad1b53c78cf39ad13cd2531ba24e
 denom₂.value         = KUDOS:0.16
 denom₂.fee_withdraw  = KUDOS:0.01
 denom₂.fee_deposit   = KUDOS:0.01
 denom₂.fee_refresh   = KUDOS:0.01
 denom₂.fee_refund    = KUDOS:0.01
 denom₃.pub.n         = bddb1806b7b7663d94bedbeccbb515987fcae457b5920d
                        85b8485edac6ab0e73e6991780e9f1fa6f88e500e0ccd9
                        eeb80d8e3b66289a7cf1b25bd56d05081d583864ad225a
                        36f8d38391782a85bfe320d439443e8ea19f555edb36fc
                        b58af81ca5168ca7c42dda68f191bd1587b4da27703384
                        f2aad300a043549c67fc6defd98bd1074b3bab1bc0d89b
                        87d81f8a1f555a3b4ce2b4ca7b0b1d8f446fa93258db51
                        1cc3bc2ff62871cb4c746f6806d0b839db8cc560da06eb
                        5619d9d42309a77161373708db18e453ff0a1d6f63281c
                        54ffacada7c8bf5ca7281ffe7e2e5be03fc006c064d820
                        f719e672429628837399a565dd9d70f6e9ed91e1eb0567
                        978015
 denom₃.pub.e         = 010001
 denom₃.priv.d        = 1e3370867d0a0d1705b18e0d848d73f7d422f920e4aec2
                        3cea7184b9463a26c1e9704d4cacaa5952b8683eb403e7
                        8a5c628cfa1b9da0e44d9462f1b7f66c1c883b419f484e
                        d3de257e113c1828e4e5e3592f1a3bddf78d7f88927ee9
                        9892c3362ca2c226dbd90971d68a54404d069d5f5704b3
                        04e131fb3058959338781a203993804f64def2980210dc
                        3f4e77c1207400e922032952cb154bb1b776d164cce69e
                        418844f2f4b20850c0a23d30059362edadfe00fbfa04b6
                        833fc4606deda441eb345c49b52d91063da7c55ecea7b3
                        2e99a49a823264955803ce3ee220a2cc64cd4321e18ae2
                        8bb1071c7746e8a3d69adef5113e21a01cab6809668793
                        c2a94f
 denom₃.hash          = 96524d30b4398d0d5bbe2eff902c4df1cc8286629d149b
                        ee0530edcfb361c468ea5fdb1b41d538223c8b3fe1a974
                        951bb3290bbfffc6f10cbf0326585041ca4d
 denom₃.value         = KUDOS:0.08
 denom₃.fee_withdraw  = KUDOS:0.01
 denom₃.fee_deposit   = KUDOS:0.01
 denom₃.fee_refresh   = KUDOS:0.01
 denom₃.fee_refund    = KUDOS:0.01
 merchant.priv        = 7607240acc4563ebe2e38e76eaf61d74160d71c9a6670a
                        e2e5147ce848767037
 merchant.pub         = f54d646619723f7fa2ce79267953fdd8654cfcd0f2cfc0
                        c5e880e3e0d0ab19f0
 merchant.url         = https://merchant.taler.example.org/
 merchant.payto       = payto://x-taler-bank/bank.taler.example.org/merchant
 ]]></sourcecode>
         <section anchor="tc1-withdraw">
           <name>Withdrawal</name>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) reserve key generation (wallet)
 
 reserve.priv         = d9641dab5c7f2474573871c25cae2f6c8924ace4157a56
                        d128b1432e55a6c6ba
 reserve.pub          = ec8ad5e4c6abcf4d0d597f0066a0e3ea0370d221973e06
                        e73f4287148cb93c38
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) coin generation and blinding (wallet)
 
 batch_seed           = 466431296486ed9cd71fc207254820a2c4a85aeb0b2041
                        494f8bf1f8cd30f113
 coin_seed₀           = 88899daa409b8c4c4a91c8e39030d247d00b292eff952e
                        36067fbe33f2d7ce48
 coin_seed₁           = f5be0b8790719072c7043c257f2c114cd8cb45ea5d98c4
                        aa25d9025f45f1caeb
 blind_secret₀        = a3cbe2b0babf5bdfb98f45804acf63225c16e09be1677f
                        705393df3f5de98ebf
 blind_secret₁        = 8ea6335ed3ff8a41f9fae95e9fd87382be402d6c26ef97
                        2381dee6b3c1e9d775
 coin₀.priv           = a5a38bb23a9f36564f9d4e566cdd7e3521b04f8ea4175d
                        a726ac4e3ac540b485
 coin₁.priv           = ae98c5207fe31e20a7b7a8677b780c6735ce69df32d308
                        5d504010f23c59064a
 coin₀.pub            = afbdf99f1a794add25bad59c9a3f442714e166adc99c57
                        db991947669a36b185
 coin₁.pub            = aa7118596b1adf89543e9afcf2925e516a782eed9d75c8
                        abc4a470e7efdd7fe4
 planchet₀            = 64ede0cf40a952b95af4b09b22c6fd27a1ff6d0ae3920e
                        a03fe14a8b547f1e14a2eea98443e7aa092075f6585103
                        fb06c1d68fb4616bf33ae30a207e51840f1ae655a73418
                        4a73d804df42650ce296954c9b61e249486468f7fda8a7
                        4f85ec6ccdb34a66819fbeaf846b10087ffaf8e734428a
                        907b96c6a112f8f943b3a8d55455c01b0daf55456acf07
                        15874ff90fba45b265e2021a70997100fb18bfbef822c8
                        475820b4855f141730751bcfad2e7eb46dd6c6a400a8a6
                        a98486c4a2bce4d3407a0d0ba612faebb49428ba3a1986
                        eddadb04b6790fbb7bd27cc0bd98341c60ec5b98027520
                        2aedd4b0cf3b7ee1732c67c84db4b30b60b551cbf84922
                        2c60e1
 planchet₁            = 41f8a6622c99b6a9c30d52d19fc2c20a39a481219de4b0
                        f3e7f604efed5d962554ea13255785d10a037e14abd75d
                        80a0aa9861df9d80a051c418ff197e68bd0eee61e6fd5d
                        3214633734659e8bbd7dd2fe566bd41c537a5759bad9bb
                        ca6b2eb7e3217e7d3cbefff192d83bd0527dbe0eff56df
                        0b2e2062670d2873ca7766a7c1255e6fcf2c37e95de19f
                        cad244f3986bab45c0a3aca726fc682455ea1166a23891
                        52d7a67d181f035de6bdb97633888f0594c2f63dd39651
                        34372507faf84f753759abd662d4c7e8df7e01149ff44d
                        a3499ed49406d9398e86c4abf12a1f57f38002115ef728
                        3e4d5422b41c752a0cce8c2c1a9b84e109b4554fc1150e
                        f578b9
 h_planchet₀          = 888da42dbf4897a5d6d9420b827e340c74c0b0e973e140
                        ad1c7b9abfc400a9ec5a86b3185e4c656dbe8e01125604
                        616de83fa28910fae513d016f56c3ca94eb4
 h_planchet₁          = f20015bbe0147313e59f9e64ee9e836c192b5d504dbd33
                        28fcfce41fbe9310d6aa96d91fdd77599c122cc5390ad7
                        cb86d2c6d4261bd5950e7ec0f86959613841
 sig                  = 2ae0027dd4a196c4741d60e3e7ff933d7374fa5534d15f
                        1cc2e96e9ab3392894c65ab6a0af31ccdb395db5c52677
                        0077642502e27d4619d385a91dd13854e706
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) coin issuance and signing (exchange)
 
 total                = KUDOS:7.7
 blind_sig₀           = 139af4e7e7f6e9e0391e22f78cb0b2c334e6d6667633a1
                        92f56fde38ac9feec7841be59b2aa993084c50f70dfd96
                        73dc723eec9d84c28ebd5f8104d1b0b29cf118cd64cbe3
                        3925524a3363a1a6f24f59d47a404cf74680eee97cdeb8
                        cc44a0b84f3db4496d9bed1224c0fbda64d40f84ef5447
                        d764fb714ca8e72a23a882e749e47a519310f6d87b3e8d
                        dc3e4ac4e541cdbfe7550c92f41c511b544d9fbdc2a729
                        6b958e9df0b1394210aef4f1a780a129883d4bcb45425e
                        ef96204a7eaa9daa7d21827ecbf4571cefe6dbe65314e6
                        1c688175c1e81e01d4f0377c9c2312b6cc3487f2dd2cf8
                        d85efde346f4d1a12de70bec4038b0bea0c505087c0e67
                        ce4694
 blind_sig₁           = 89649cf83e2ba2cd75c7a1d01809c33d5d02fec8164925
                        6215f13a8965ad37d8d47c264668ec187e46d75210ce60
                        1362fbb15f61a24ec1d337dd2589b5a4ee0e77a8d9734a
                        ca6a149b9f9b3a78c158b1f8cb243b8cbe9c2212290e8b
                        c731d02382463f3e1cf0fc86c5472b8c96c5eaeac9c906
                        4fdf7411f97935f27fd0bf88200440c7cc3e6960c5c515
                        6aedb5a820077be08f1ac4b00780258d7b843b21d7baf2
                        d969d1b3c77a08b4fe14b216fe78c7e4c0ae964fc06bf3
                        dfe7ff20ec85fa4d5e5aec24d89848645ffadb0de3da80
                        c6e41b96571ef28e3d132b7c3fd16a289e32389cffb653
                        b4744fabf882342f0db9aef110351d8ffd7a3b86701f0f
                        5034c8
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W3) coin unblinding (wallet)
 
 coin₀.sig            = 9303650b8896b6619ca061f4bf44c1b02fb60784a2659d
                        e7512b599e7e6524ad5a283c81d289d3ec75fc81e7f336
                        bd41dd67a41b72a98d9171f0461c188535b555019079a1
                        8b4491903797f62a034e5f277ce8f7f3f56fbe47e44113
                        561fd414c841c2da97da1ae92df0e2cfbe3c26ad37f8ba
                        b9bd71365ac536204cda7c21dc39891b5cbb4e213f75d4
                        e09c248a7a59f6322fd011619b29ec25ad621dfa2d6fae
                        9f8b91935caf54d0d30f4a03bf6beed6637a4054efbad7
                        a41f9da434f07cfd2f7619e8a3c82b30e079ff9fe13fc0
                        23fba7d627f4fb21e14467ce1db27767831eb1c3ad5c39
                        f61437a0a70c300fd84cd9280474bb507768a868ea92fa
                        905428
 coin₁.sig            = 355aa5b6bf10591375f22a014640cd242f470834759fab
                        4421b4d237a149bc3e5fbc8f073e1348da770983cd36df
                        9cf72a30bfe55776744b2d787acb06ba25ccdef36e5269
                        771fe4a38a1109e8b96437a3cc625003f7fdf4d0cc8793
                        35584c5b13f2b29be1ea4d8a2da7826d608179d98b5edb
                        11261e2048fbbba217a52ae862d1e78e30c0787ee40908
                        f1bca708c434d5412a262eca6bcd0ac5890bfbbe7df6d6
                        9a5544d0054716dfda47791546c177223606c0645858a1
                        5b36887619a9d70a515f42897758bbe181765d7184cc92
                        b5e2d743df1db9b30394b697117ad24811812febe0a3c5
                        7cbb5cf7f6857378f57cd1149f745ed95fd1d342e9860f
                        516469
 ]]></sourcecode>
         </section>
         <section anchor="tc1-payment">
           <name>Payment and Deposit</name>
           <sourcecode type="pseudocode"><![CDATA[
 (M1) order generation (merchant)
 
 wire_salt            = 4c5249caea865380e0e519fc38177686
 order.id             = ORDER-40
 order.price          = KUDOS:7.42
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) nonce generation (wallet)
 
 nonce.pub            = 6729d69abd7d8218e02c953317b46bba2522efc2c19a7d
                        a63194e9ef40fcbd0d
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) contract generation (merchant)
 
 h_wire               = ec4e7258747a4de49628a27907b74f0aad097cfafaa595
                        320f81786375430b67ae1ada754299bbc0472f5a1e8bae
                        6fe8e5dc52683dd09490ff06fb2fa4f20ec2
 timestamp            = Sat Feb 14 13:37:42 2026
 pay_deadline         = Sat Feb 14 14:07:42 2026
 refund_deadline      = Sun Feb 15 13:37:42 2026
 wire_deadline        = Mon Feb 16 13:37:42 2026
 contract             = {
   "version": 0,
   "summary": "Free Software Support",
   "order_id": "ORDER-40",
   "products": [],
   "timestamp": {
     "t_s": 1771076262
   },
   "refund_deadline": {
     "t_s": 1771162662
   },
   "pay_deadline": {
     "t_s": 1771078062
   },
   "wire_transfer_deadline": {
     "t_s": 1771249062
   },
   "merchant_pub": "YN6P8SGSE8ZQZ8PEF4K7JMZXV1JMSZ6GYB7W1HF8G3HY1M5B37R0",
   "merchant_base_url": "https://merchant.taler.example.org/",
   "merchant": {
     "name": "Taler Merchant"
   },
   "h_wire": "XH774P3MF96Y95H8M9WGFDTF1APGJZ7TZAJSACGFG5W66XA31DKTW6PTEN19KEY08WQNM7MBNSQYHSEWA9M3VM4MJ3ZGDYSFMKS0XGG",
   "wire_method": "XXXX",
   "exchanges": [
     {
       "url": "https://exchange.taler.example.org/",
       "priority": 1024,
       "master_pub": "7JTYK0HXPASKBZDKYA2AX5GEATZ8P20WD0CVHC11FWWB15DM64XG"
     }
   ],
   "nonce": "CWMXD6NXFP11HR1CJMSHFD3BQ8JJ5VY2R6D7V9HHJKMYYG7WQM6G",
   "amount": "KUDOS:7.42",
   "max_fee": "KUDOS:0.01"
 }
 h_contract           = cc934a29efa612754edba0453d1b0ba175d6830d3ec2b2
                        839a9a539d845a5da4622498e3819cb49206810688a93d
                        e1989c6542d2cf1d71f64dc998193e76d535
 sig                  = c249ee766b4dd256560d48b367d05a41cf7169306247ec
                        56c51c39412b34c11015e365c2b2836761ba020b7175e6
                        0870572a6c7f780eeabb6f0777783064d602
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) payment preparation (wallet)
 
 contribution₀        = KUDOS:5.12
 contribution₁        = KUDOS:2.3
 sig₀                 = 8876dce4ca504df355f17c783e8327ea29b2cbcd7dde60
                        8b473644af3580621d3eb429022f6d1c4937328db478c6
                        ed9784f6788e2e18dc16927efd4bc9c10908
 sig₁                 = 031283a02cb413308cea4b69bd3d1b7beef87be7788fcf
                        c1d7b83f8d97cd4ede218d0f753ba8fc92e22415a66065
                        f5c1dff402368de8e85eca0c0ac7358e3602
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M3) deposit preparation (merchant)
 
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) deposit check (exchange)
 
 time_exchange        = Sat Feb 14 13:37:44 2026
 sig                  = 09338dd4b1e692431290355b7df62d627a894718db68cf
                        4a8e083bfed7b6c98a0dde3c5724f3cb3db0e6737f57c9
                        eb35136997eaf403f27f82c0a9f1cf27d308
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) deposit verification (merchant)
 
 sig                  = e66d503c843d72da4b6eb95f872396449de25cbf80b9c2
                        43d8c9ed2bde533d2460542c685bfdbf2eabc755510a60
                        b97ed289711fd3f353cd80aa791e2e2f1e0d
 ]]></sourcecode>
         </section>
         <section anchor="tc1-refund">
           <name>Refund</name>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) refund request (wallet)
 
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M1) refund processing (merchant)
 
 id                   = 14365434601518496594
 value₀               = KUDOS:2.1
 sig₀                 = a626cc04101e3abe295c217de5636be135be8935dfaf0b
                        3589a8c7de22c3e6c7a581a031c0691476e82ee0e9798c
                        3c8c8be6bc1066bd955acf4d1ce59eb7e10d
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) refund check and confirmation (exchange)
 
 sig₀                 = be9dd11dec0e2fb2a2dfbc778b2d9bb21c665ecfa4d1b6
                        c9d42747902f071631f84a946881bc787f8627a6871226
                        4b06410b445f37e569edb7dbf77193b5990b
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (M2) refund confirmation (merchant)
 
 value                = KUDOS:2.1
 ]]></sourcecode>
         </section>
         <section anchor="tc1-refresh">
           <name>Refresh</name>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) coin melting (wallet)
 
 refresh_seed         = 466431296486ed9cd71fc207254820a2c4a85aeb0b2041
                        494f8bf1f8cd30f11394223cf8a82995804957876e9fa7
                        1163506b4e5b8c8fa4db1b95d3e8c5c5fb5a
 for k = 0:
  batch_seedₖ         = 415e62ec89f6397c834087efe396b127c6d5bdfe360145
                        a6abbfc7a88c6504eee6e3f59db026cc5742c4065fd917
                        bbf2b7f52e82e88409263130300279e52617
  transferₖ₀.priv     = 5a08ea181dddd480b2e1e2294e1d886efe45070858adb3
                        26e2d562dc330c8ca4
  transferₖ₁.priv     = dccf4e1880b343687c7f39df603386a27510bd356ae1bc
                        86f45ef9b7a8927613
  transferₖ₀.pub      = ab4a35f7fc78a3d07e5828f0fae0295ebbe93e9ecc63c1
                        09703f15816af8d000
  transferₖ₁.pub      = 09893d5ef58fe696207e93cbd0cceb311265aa89745705
                        9c40f366d59b028a29
  sharedₖ₀            = a7a9524dfc565b8006470ab90cba091a809f1de14eeda0
                        dc98408f880d5cf587c2aa338ea1e3153ed8c624044f15
                        19f3d8e8d6c731d7af6d0383b136a48a8e7f
  sharedₖ₁            = dd7051d4c4b03d78f0c5365ea0a2947f48604beee2e792
                        0349d7a4371dbff00d9986202459277250461ab936d5f7
                        45bb6c6c28e8badd7936002f25d9b97a65b2
  coinₖ₀.priv         = c4fe7e3e64453e477e736ebabe2e5a7c4919eb2fa4bf02
                        9e536d56a7eec59c9a
  coinₖ₁.priv         = 409db2ea007fff35506607da6c67e52204097be8a114b7
                        a654f53da392886e48
  coinₖ₀.pub          = 65a93d56a84e8110fc2ae9c6ace89ddd9c625bd632501b
                        663fefd047ee31feed
  coinₖ₁.pub          = 7c61cf322d34ead1de43869690c70e22d9bae8f2354e0d
                        d07e71c5736b506f41
  blind_secretₖ₀      = 0f53bafa492d5d90dd3ad13ba7b37b3c4a8b167dffc63f
                        7940dcb340275be90b
  blind_secretₖ₁      = 799169aeddfec48aaab23a88df8d74318870c7b6cb3922
                        5a3c43d4576db61f88
  planchetₖ₀          = 90997841cb9d3b4bef237213b1ee1da9286e775c1cc10d
                        c78e32f836d7897500a587babeefed3f310a5b509c29d1
                        91804b89d2aee75073f4d49d7ff5f60be991e0ae1a148e
                        134b92c5c9537a59bc30516e0244e714ec2b6067337ffd
                        970fd3987799d2ac7b3e3430068c923974751864ed8f4d
                        087b0cd62e0edb807d9ac4bf70e68c9d774a0f26947413
                        0f4fa5a8f4e0a5ac67ef6c73a1cb486792605f447384ea
                        9deb040f851953db240a5f23401e0d75f93f810132ed9e
                        782ba05b4f78ce7cafc501925ce0bde12e58ef48861969
                        038a95802a1d943b2ce31a3278a1cb4f14cc12ff2ffee1
                        3aba0ee151145a3b7abdd1a00e0684a57a1b2a0fd97348
                        81243b
  planchetₖ₁          = 0562f874175e223f087e7950f2082e869bca1ded7087be
                        27a98f1f9be30a38f33e9a98ca5efb6f15536df774ce32
                        1efd36909d67869e704db3ff352c76298c0d33014a32ff
                        636c22866b5e5d6dbc5e6c50f630d95112e8916fd23ec4
                        88eb457f55ad3a29d50c3c7387b4ee1045cbe4d37241e9
                        b958d1642b34f4a15a259b344163dbf73bc55e5b99e0d4
                        6ba59b7dca0a1fbe859f6f7d5756d6afff58571fdac617
                        48a81e5e94e784c2d5de60a192d86c0529e35f2efa29d4
                        2e0ce8526db5fd3258a470a43d55c184287fe0c639ff8a
                        eea1ee64a61d6466d15e20c8203a73ce1b2fc7b2949947
                        f9804b0710e41351af67cc30b86108dca7ea0208062ae6
                        0be2e5
  h_planchetₖ₀        = ba016fdedb6c5033f1f870edd9ab10d0dd116c0e3a8483
                        0ddd44c9aed5a2844aea96146cf7c72153a910ca3d3de1
                        faab7fca5e1c4079e2e0c680410cf68ee27b
  h_planchetₖ₁        = c4f4451f85f02c950fba164ccc52fd2123576ddad6ab87
                        c25b175a33aed8afff5c5866b2fbcec6ef67a1367f91e5
                        da56041371bc9e8cefd2a93ad386504568a3
  h_planchetsₖ        = 7e420d01a6413fb6cc300257031f37ab2d456583d3189c
                        3e5f7049c1c61f49c7918289b7cd169cebd0bb81ca0a83
                        2f2c4c6c7529e861a88d65c6d3ef5fd540ff
 for k = 1:
  batch_seedₖ         = 0311a9766673b9df343498afcd6f6926b9bd6352201351
                        5c072a0b5a3af98aeb8158869f3ece08532473980a652d
                        d6479f296a28504b850791f9775e3b0f8436
  transferₖ₀.priv     = 4a3d33228a7c1d6330fb2ec827256aad75f7ea56712072
                        f8ff69238b47e98895
  transferₖ₁.priv     = ad0b2c176a9564ea7aee7c55ddd92af22d777ea4a8605b
                        d486d8ccc31bb1402f
  transferₖ₀.pub      = 1839010739d0450e9a0702167d5106dbcb0a81641e0080
                        716785850e60bc541d
  transferₖ₁.pub      = 16a20ed27a63c204d94ef3d0c2b554343567d319afc70d
                        856cc6a61c3bdaa142
  sharedₖ₀            = 32751bb2cf2a3106593aac0fb38172943c54a96992b22a
                        7927ce37fcf0b9b4aa4671033c93ece3c70f2033e4c52a
                        953bf46254db7f6d7feb926d78b28bb60901
  sharedₖ₁            = 2c4118e0d52fe1851410fb70b60cc5b3fa6bbb53df8acc
                        5a379c65d9f89c2ba37ea732e76d081e03d845dd2f3ef8
                        a53b682941d4e598a17823ea06cd28058e8d
  coinₖ₀.priv         = 16977a220b0bfcb2a0ef82faa3afea901d0cf3e6829905
                        85b63d9c855be5d5aa
  coinₖ₁.priv         = 1b5bab529c09f313f2a18e3d2712c1a7e0548f15651b40
                        af12b22c17ca861273
  coinₖ₀.pub          = 4b53ebc94ca1a96ca4795a0ce1254f70ba2fdd72528d57
                        4f4bb47d26fe845239
  coinₖ₁.pub          = 6de1ac4370a5336349ed50cfd4d6298b193504c1325614
                        9cb0fa85c1f9a178c7
  blind_secretₖ₀      = 30e3a32819cdc5a2e9b28d7953bba0038eaf701ceaf691
                        a6bf44833ae6f305a9
  blind_secretₖ₁      = 62ac62d9df0b5f71f0b43329baa15c5e79f46b09fe432f
                        cdeb3a9100b31a0fa2
  planchetₖ₀          = 73cbbfab1a58b12c55b4eecf705c9db8fb953f52bfb4fa
                        9922f39641efb85802659d266f979c819294af91cb395c
                        f93f67a0a6b561e445b0a138f04e6428222ccb5ef92a21
                        1da2218953e8aa108f339bbce666a71640f555570d6fec
                        a446b67be82edfa3f90697d5558d7b7707bb87bf790d35
                        35e429d705367f0ceb3fea30f7666ed428679bed440540
                        3f2a9cf5cf75a43f16fc5b63276e9a18bea0c0864587c0
                        a884d1a474f3a248e36183a067e59496d8968427c55e63
                        ac3f0052fc20fea5b9f01b19ee776e7c1bdfa576be42d2
                        1e7214606bea3277878cb7beb7015a242bd9bfaee620dc
                        ccdfda8f34b7174ed28766000d22dd552cd487fdaf9cd0
                        cc1f5f
  planchetₖ₁          = 922bf6290e8f5e8746f68cda30cee9d368f3988b93d26d
                        c753e082fe56db8191430ce8ef78f1175d651b491e6cc6
                        7e0cf34253abcf3c3bbae44b4620ca0879171710caac83
                        89704d99d5d49da5de04b44f03d03b30df9d872611d779
                        6c6903fdee77a68a29aabac5c332588aaecf2a5e8cbfe4
                        446d33f423040e7eda99268f2ca558615b541cd912ef30
                        2a9f079705b9d1785839a593d07d8b79756f0077cb5169
                        a3a88f08ee7371419c940f35250d2aa52bcfc6beab73b9
                        72f31d3b5de16e55c590788cb4443dc0de7d2cb6993555
                        0b04b8bcc2c33669f97ed1d36f29c594c6f0f84a72bd73
                        f76c7617e748356f7989a98deca97f360fcf2d087f9bcc
                        d61732
  h_planchetₖ₀        = 6523f04c8eacea9af24c08905eb009c8e15a6c62adfae2
                        fcee6813bba22ba014c3c831cae6fb63a2a889af0e99ea
                        d40a39b57d42043dd67fe4e446c7691558c3
  h_planchetₖ₁        = f86bf5d2bf56d182ff70b0ecf635401bce1dab4bd52f40
                        023adef27ca2a4165d19b0de911a6a6e41e5811ea1d9cd
                        9bb17dbf9ee518b1f3bfec644e8a36f7fb2e
  h_planchetsₖ        = f63471c1555835b7032ffa41db189f013d1f26dd5bf1fd
                        c79bf18ea8c3f24ec7f31f0b4c1688d7a6a729c7b2c2ee
                        f42a5ce3524ca23a566d74e708eac487b1dc
 for k = 2:
  batch_seedₖ         = 35e8f7b41e25d3ca2c8e70d02be85843b53703f199809f
                        98527e316bda6a457a2fab9d327f96242c4e0afbd6214f
                        aee6a5172aca2b49ad37a12590dc3bbc3f58
  transferₖ₀.priv     = 1ca613b8fbe4a341b2fc617687553e778de9b8d40c462a
                        88bc1ac169d2984da7
  transferₖ₁.priv     = bb8196a4a5b9a646c5424664b8505eb8781ded006c74e7
                        cc719e7a2cc730ae88
  transferₖ₀.pub      = e21056df9fdf4cd94a4175f94a48fce623db6f2bc4097d
                        818f839ec421fe974f
  transferₖ₁.pub      = 0409b44ddfed03111d7dab5af1b71d8b2597ee50772a9f
                        272e799133718fd571
  sharedₖ₀            = 01a355feafd4daafcd6341597b73eee6ca7ad5dfb78758
                        88a373434043d17087ab882cca24e580985068eb1b39b8
                        c0e7f81f03ccca337961cd1d6a528abd3cd1
  sharedₖ₁            = 39cdc5377c7295d1e997a43fdc2aac0f5005e64211f7f0
                        9da36db035ddad5bc32c2dcc4bd5fe1e0d3e471ae8fcfa
                        9cac0fefa8078570b894164194829e54dabf
  coinₖ₀.priv         = 343d0b591fc0c495d2e7cb68f2cb0c24d9b274e3ae8504
                        1dd94454d2856059f6
  coinₖ₁.priv         = 57c9447a9a34e4b7ed5f4bc71122d76dee9583cb578eb8
                        eff2e837bc9a0591e6
  coinₖ₀.pub          = 3b9fb220f7679b3488f8e2710f41d5e6cfee1b6c23bef3
                        04d9dbfc404341fccd
  coinₖ₁.pub          = 6ee277e7bcd2584c5ee8f46cc24b531515a33388e6035d
                        00b33df8ce6a7edaee
  blind_secretₖ₀      = f5d25d0124dce3b3529325b6512fd34293448b710217fa
                        885ba5d80705d16a64
  blind_secretₖ₁      = 974dc1b68e4a7613346375372ead838842bab6335d1696
                        af3b6a2ad249fee4ee
  planchetₖ₀          = 55e3f72dfd4c53ba21f6f9e108c34f8f6bf0b69dd8daab
                        bf4386a7e3a31c7e33ecda1dc54a31a1d5f97b810806f9
                        d845af20716f4aad733026ff0f6ad0219a1f92d937ade7
                        6b268f8d436fdf6ca63d9051008efa3af022c9846fdecc
                        79ce27c8e59042795f2f8a4bc0a792b44bc64c8e6e7c27
                        3a107d96081142b1d06718e28b32bc733ff36e7b95538f
                        b2ec30d1242965f9ab40debe4ed845227b7a4a4d795286
                        6b798253cf1eb664a1d832c2397d044122d24982fb88bd
                        68f81efa45f80bdbe918680004bdea5dc2e4e76dfed297
                        af200350793f820aa094e1b26c79e2c2faff866410e741
                        1bb662c94be10a841ec9db1432d198a4a01c2911326cec
                        da502a
  planchetₖ₁          = 978fca7d513afac1d6ec6561fd967218bf0d84e388a23f
                        b085f1c37493d765090b90c0c23ba20647114c0f34d8db
                        1041809a66dfeab96c36477be8342ff4f2660cfd8f0011
                        14f2aab3d12d983d82b92fcfb38e97fa83142980a9f919
                        7e794859f439b18491600ea92bcdc1af7ebe4784eb0229
                        bd287b9c71cdde177d4576d7907f9d643a363e09685293
                        b7474c990d5d8cdc119d7448d768412e40e8461ea88109
                        461e37f3a76178df074c942e99062ce717eba48903c7a0
                        cd27889429ac5a657ca50efd441363c18f9968b33962e4
                        960bf2005fc0fb2b8050024bf34e8f608f4dade5554aab
                        1d28478f5bc1c5939c939ff5b9b11f225e7eb275887d3a
                        475a34
  h_planchetₖ₀        = 5c9603dc7240248f0a93107bce217562d60943c9976770
                        d11c1fd4c9f73fe7f2f3696696b37fb0fa73331c301e8d
                        d7adceafb23456bfcb6d44063d61f5db239e
  h_planchetₖ₁        = d905de829b86b21eb19c036320d3e11571e6ca8390e81f
                        86e4569e3cc12189ea10cd752c738972a809fa292818a1
                        f13367c389a3f505f084c5001615de3b647e
  h_planchetsₖ        = 802838537720786bbe61a0752397056c3a7f7bc332a54d
                        c5a649452a9a74fef79c2c59deaf1e03cf73f85f241f28
                        61a50f2f859d95c3c660ab5e57b448526036
 value                = KUDOS:0.25
 commitment           = ba2a18eb9cc878b20dde4679910aede08b37b58e47df25
                        2a245598e0671ed6fc012c9cc245d13f9759d777d80d51
                        d4a29bcdba486109d83075b8bf47fc518928
 sig                  = 62ce04a6a6dd6b3f50792e34b51ccc10d2552425800566
                        90248790f6280db11f6f29753f601f19e8504ea378574a
                        dec5b1fc6f5509f3ec79af3110bb4cd4670a
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) gamma selection and coin signing (exchange)
 
 ɣ                    = 1
 blind_sig₀           = 1885a01f26936f28dfd201a7dd615dacd68a287e17aa8d
                        d1e4f3a1925047049a491c1b76ca687431faf6fd290deb
                        4dc80601ba79d7754c84a8d8550a0b166104b6ec7e611f
                        bc577aff339033d421035578029068a84bd4fe5e212670
                        fd2ce7091ef9950ee48778aae2855a99555308ae90b72a
                        b1fb53fea714841c94e256705aae8efeebc877efd376a8
                        78c6e2cb4e811a267484e4da8e13206c1dde7ef3646528
                        c1d8bf48096eabcc454ed5ee180e3fe7229785a51a3b8b
                        d3fba176c05baf0eb82e99d225cfa5f9359d07d2510013
                        301a7bdf815a7db36d400bc00ca861dbe1402ec6dacbba
                        901e8c8e4e8f1912e63e2a440e667cea243d46e08026d3
                        738fab
 blind_sig₁           = 9c10e5b88fe3563bdaba5934447baad4d05e66a9075102
                        7a5cbdd2cf0cd9bcaaec68935d3c85509894247ab569d9
                        7fd4825a7972d48dbab1c9cbf791776c96a8dcf48caf2e
                        542f5e50f86d794066b7bc82e975c55995b40cf10d00e6
                        4904530dad5c396543fadf88b79f81b00c8ebbaf2f6731
                        f434c5c3d72b451586d0412b0272a6c6ac5ba5ef59af57
                        969d4f985ea513187c8020a318d4a9c9711ccfdb5aa8b9
                        ebd93b20e129c3447771a1dfb1b1bbdccaef56323005c5
                        6116b1df97ace4ae6f6865e5467a96d2fad9cb4c9cf0c0
                        3cf774ad1dd8f5b0a0fe218ac78b37c4435e4f5616c2fd
                        96dba36f3c7c1973835fe53c95839ed11c792ad011c9fb
                        1ce55c
 sig                  = 6eb68d755e7e554ade9f9f21e3a04b83a74753ec136f98
                        981ec2369d0fd56f88c274fe44482f425f1142a447627b
                        71e2117d9991d89dfbf97441b881963a360a
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) secret revelation (wallet)
 
 revealed_seed₀       = 415e62ec89f6397c834087efe396b127c6d5bdfe360145
                        a6abbfc7a88c6504eee6e3f59db026cc5742c4065fd917
                        bbf2b7f52e82e88409263130300279e52617
 revealed_seed₂       = 35e8f7b41e25d3ca2c8e70d02be85843b53703f199809f
                        98527e316bda6a457a2fab9d327f96242c4e0afbd6214f
                        aee6a5172aca2b49ad37a12590dc3bbc3f58
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E2) commitment validation (exchange)
 
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W3) coin unblinding (wallet)
 
 coinᵧ₀.sig           = 68773443fe6cf88ddea6f6614213f12ec7ded4fbb39fa0
                        a4ffc1a68bbfc363be0b33bd03a41d31c8ffe331614ee4
                        b986679ac8e51aaa0903eee492d0ff81327589c842ac80
                        a6b47e0833840935e9cd543fbbb91c5b80a591e01eb34d
                        7bb5aa3fe837b22f8dcfcaf0ee9d71d93c866f00a8f787
                        def0b79eaa4e6e96c420990b05c2b82c378757ce220e96
                        734e547a6962148848d2ebb66e9c67a40115a958d21c05
                        c7e0a0db72e505076e35ddca7b09b603b55dad394c1d12
                        ff4b6b219feafc3ca24c43c36ad2da9fa632ec1bcfc057
                        2db80d0afcc9875182def7983385f872005033d7ea7080
                        bce0df982a134f5ae2dccb2cdc304278c809979252ac28
                        2a76e1
 coinᵧ₁.sig           = 1551b2dcf6daa264d4c96452f46c88e7b4ca3955642da4
                        5e375cb319602897ceb75eda64060afd17002b63fdd39c
                        c0f86c473a530813c23958573431e2fcd2277cc853f5ab
                        6a20a9e7499154420f0cd8d13990d45423e61a6651a614
                        7e8a146a10fd5d63e085c2c4c133d4db0827df1d4fed10
                        d1e6eadc566e167a17fd36ee884900db9a8cc4b82a02b7
                        ca0cfacb7d391f535da3011ca469146f239d621fcdfc10
                        563bfe6ac4c962109e2fc39aa236151f15a9c85b8e0e4e
                        2ee4f6b6b5f54337c184936e2fe4029e2d39ffe6953f7d
                        cf208ba062334e8595dbb9784857df770377a59dee2a8b
                        ee4e9c10e662f15dedd0379849ebc4a7a02a31f1ebd8a8
                        e55432
 coin₂                = coinᵧ₀
 coin₃                = coinᵧ₁
 ]]></sourcecode>
         </section>
         <section anchor="tc1-link">
           <name>Link</name>
           <sourcecode type="pseudocode"><![CDATA[
 (W1) history request (wallet)
 
 sig                  = ceb8dc24e263252b479376b15ae141e4da28dd712c37c4
                        81a163d549b44afdd018d04fe709462a56739b3cc0671c
                        2cc0333b7e5da25210b8bda54d83d25f5407
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (E1) refresh secret lookup (exchange)
 
 ]]></sourcecode>
           <sourcecode type="pseudocode"><![CDATA[
 (W2) coin acquisition (wallet)
 
 ]]></sourcecode>
         </section>
         <section anchor="tc1-w2w-account">
           <name>Account Creation</name>
         </section>
         <section anchor="tc1-w2w-push">
           <name>Push Payment</name>
         </section>
         <section anchor="tc1-w2w-pull">
           <name>Pull Payment</name>
         </section>
         <section anchor="tc1-withdraw-recoup">
           <name>Recoup Withdrawal</name>
         </section>
         <section anchor="tc1-refresh-recoup">
           <name>Recoup Refresh</name>
         </section>
       </section>
       <section anchor="test-case-2">
         <name>Test Case 2</name>
       </section>
     </section>
     <section anchor="change-log">
       <name>Change log</name>
     </section>
     <section numbered="false" anchor="acknowledgments">
       <name>Acknowledgments</name>
       <t>[ TBD ]</t>
       <t>This work was supported in part by the German Federal Ministry of
 Education and Research (BMBF) within the project Concrete Contracts.</t>
     </section>
   </back>
   <!-- ##markdown-source:
 H4sIAAAAAAAAA+y92XYcR5I2eJ9PEU1dCKhCgrF4bJxi1VBctZBSkVRRqioN
 4CuQzUQmOheSaIl9WlX/vMLc/udMX9TMA/w3feZurvqm36H7SeYzX2LJzABA
 iVJX9/w4VSKQGeHhbm7LZ+ZmFuPxePTqVpSNRqvJaqpvRTeen+ro4ZMvo+d8
 qhfRF4v5ai7n0xsjNZczfoYr1IKb1fhkrVdLeTp/PV7RheNzf+FI8pU+mS8u
 bkWTmZmPRpPzxa1otVgvV2kc13E6ej1fvDxZzNfndIXS5xr/ma1Gy9VC87P+
 Zy/1Ba5Wt0ZRNI7sc+xvcnFxvpqfLPj56YX9QEu+PLW/nfOLM9y5HI0+eKVn
 a31r9EEULfT5/FZ0ulqdL2/dvHkyWR2ezNYzvTqcL05uTpcqxsQO8fFNuniK
 +S9X7eX4fsflN0cjvl6dzheY2xhPjiJHnMeTl/Mpn0QP/9//x5HHfocbb0XP
 v7wX3VvoJVYWfTmbvNKL5WR1Ec1N9FzL09l8Oj+5sFdzIRb6Fd0QrrcfE4E0
 JvZIT89O59PV3+ODwyiJ7ZcSQ93qXS7nCvO5N46TuKj9J+vZijbmoV6c8Zl7
 mD7jk+mt6MzN+7DZ1v91tR4rN9yh0qPRbI57Vpg1bcbTB3fTOPySxMz/mldF
 7X8t0ix8Wpas8r9WcZbSr48+vfcAc/v848Mkxv/i8mZdVuNsXLB0nDDcOy6P
 MoYLnz161lxXxGl188nHz54fPvj4i2eHSRWPGdgLTNbMbDQaj8egHyjD5Wo0
 +uMfoucfvYj++I374myi1BRr+SD6GISYq7VcTeaz3mUf6dd8oaPVKV/hP5Nl
 BLZfE0dF+H25mkynEfHveDIjjj8BgZYRn6nojF+AvrMVn8wivVjMF8vD0ZdL
 HWGYi/l6Ec1fz6LFZPnyb+jpT+Yr7p48jo5vcCFvHEeg8xyMh4fqaDpZ6QWf
 0o5PZifRMa44jvSMdlRFfBndeXb344+jP9hd+OYgej0BI64x3wW2km748I/x
 h5E85UQEvTikp/Dou0j0n4LpkqzO7FSIDbkdKRJ0/VTP9vj+xrT07ATfY4Xi
 gj7DLfQx/RGmyunec65+rxfzvYuDaHOI3rUH0d/jsjEup3Wt5t2HYOwL9xga
 UUxWy703+8c3j+1H9Gtv2LPJbHIGgs3WZwJKCzfTHTfdNGdaYpf44oIeAVWA
 PaP9tPetp6vJ+VRH+FBOlkSHyQzqC2O8oeeu8RctY/N5xxfHmChfrqLl5GQ2
 MRPJMSI9MxAlDHP85ri/TGKWsJWgJNQK8ZMjDFQdbtkTkxNcoiZ8th8m8bVd
 8utTDd48/vqYmJFH53MoEPB98zC/fHyp/249eQV9Seuc+3V8bddBIy4wifnZ
 3kVnVTxyH04vohM9A/etML8lhsFctd8NLM+x0i8iEe2dzVX0BCPctJ/0Pupt
 jSMxKGTZ7Gak35zPZ5jYpOG74V2geRHBxEGEsdfTefSEZgCJB1WPJwb/fcUX
 Ey5wM1/SXlhRPb6NL+g+sLia0GPAG/NzWtWcxiQBn0fCEW6Bp9Jip5OXJPd6
 AqN3AYGa3fxkPZ3wDint6hVf8UPYpf4qoQswPLT5sf0KK6BP5+JvtVy5eyzh
 48PDWf9G/UZO10vaRND/xFK6v5vLyCzmZ7j12O7kDCubHOpDLD8+iJKDKD2I
 Dg/x52yc2Ef8+3//v+hx//Y//s9//+//97GVaLAZt8pJv1nRA44n0e2oPxWM
 62e7dNPF/XhSIy2OWc/0GQw7aSA33mS2nq+Jngt+0X82Uehdns9nbpQgPjQf
 T9MJTc9RFSoK+nfnXEmt3m1hwUQCuUzOrHgAC9y8CeIpYACoaWw7VCPR2ul3
 vZSLybnlRRB4OT/TNOMTMBzYZIkxpnxB3wSAE5n1zNqNZbRnOQS2YHk+WZC8
 XMAAvNnHXDYn8wj4JHoQbqQLPoBtuzNO8yL69oPlKccvb0ejf/iHfxj5j/fO
 lif70fjX0SlBm9HHs/P16pa12PiC/sGG4CPsCXSbYxyvOj+LfhWl/1uRRHNo
 f0JCn69Xzc00mh3E36YmJ0A7dLeZvCEpcGPQfD8DTrkdZWkYhyY3OqYBrP6x
 DG5HprvDYsAb2LTomfYkYofg0Zz+U9B/SCiLw5Tu+INHCd8ctuTIk9SRA790
 yIG/fiw5kjR/P/Qo2LXpQavZpkdK9EiJHlmgB7uEHpaqe8DP1lir8PF+Q6ex
 /a5PrffBQO+NYhsc9LylkyeenC+gZWAV1DKgADNZYMzmzqAWtumrtJnMnHb6
 9lvPOG9vOWKs9Nk5nt/loJGd/e2IvvpDfCtLvnGTAiLrgj5nK0glqIkxjRL2
 I930jN559h8AVL+hX5zth96BxbHPgulYa2wp6YTHnmR34DmQBfQ28S7AgNcJ
 jx7fuYudPT3jYUfpkzERcw868CAiHWp3FaTAvli95fblkd8X2VM8dg5BYzl8
 54nY36ceg+BJlkGWWsI22j9b7uArD33CnXSlVe0NS5FSttp6AcxAwMvd2ucj
 Qqz+X7+nGzNy8oWvrXhJPpXrqRWBDdJ7H+QbT+RPMdt7egGbbZe8oXTJ8yAC
 v1TmreNFehxGGrgt2qM79qP10j3NecUTa7Gg91e8C2T+4H2gb0aW0EB2nn8I
 lPR2Agw1X1hmuf/G+ipWE9x/c07/LFf6nBa5XJ+QaPll0jy+uTU6pn/H/q5j
 mhesoGUScCeYE1b79ekEeChcSENuXgcGPo72pDmE0Fhee7t/6NkNN+0t+XR1
 EH386eMD68MfRJ9Zlvv808eeTZZuC+k6u4XnHmPZDyzHR3s8ms1nY89CDly6
 r/b/F3tz+zMxuHRFBvbVBLAYD3XelrbglQd/AQSG8iUsDd+K7sMEO3oMXGrN
 NlgEiHA6ct+YeW+CAYUQmfl5C0uX50CegPFR407OZxuz3APGJ8zIHZz3zOrm
 tm+v/cxf2bownrc3pkbb6TXixiN+dTtK8/wX0Hu3oyop4v2+yHzuFzw07h4e
 +Zkfen9L29LdW4Jk5tPp/PXSa8wvnn6KJ3c5rOWFfac9HjkFGvTvXtcy7o/o
 Gc0AxHl7GLLDRZtDWOPWNRV+2kFUx4/nCk45J+nzoNpKcE/tW2F+e+BUd6Pr
 wHbrxcwKKs3KKnfiKviJJML4m2DpCQDi7DI/8ElHMGg2e08Oog352C0cT8Ku
 Dg/eE6L/aCm6hhj9DHL0bvze28wnHZYHd5DL52EGxrE2RMHRW5xZxgm/TpZk
 hqdwe0VgMu4CZaTmnSGf/D3JysrO13NDuAJ+zEjNI/wxmdrp/ip64ub+xsvB
 pjKNvovIG0+KPT/G/oGLc+w92d9vVn3bXrRn4x5P9slxbyN4eOwvb0dJEJTo
 CRjko+kEO/EMDjAH1wc0cV9BmyQ17J12v5HJswbMmoP76t6zOx0rhlVa+ZTr
 xSvt7uTLMMjBqG92PaIlbB9MH0X3YIU/nkXnHH4baZnFgbeYao4HHoFBj7B9
 cLQxAbrND34ObbkIf8jVm41nWdkNgTgHj52d96EKG0ojcvgRxg/16ou12DuH
 ObfCeb4WPYBDX4R/se6GUGCwPgfixsj/Cx7vXefgCb7YCU/IqRRblDrMN2jV
 mzVWhAXt2RnbuR/Qczdk4rKpX2/GuPHYCq6bPEVDftDsD0YAGvJ0O9xkAby1
 K5BWb1nstG97DbYHtb8/opnejnZtWWMDPrAsjVH6hKIPPYGCk7OcnPTVb6BT
 IECgV6BTcIKCG+MCQhRC0qpPcXwW+X+ddAVLFG4VF/ZPZ0q6z3EEx33vwiLF
 JotYOvwOGs9cbFHCfbwHUlpSHNAkW/egRw/PFw09HH9sksMRICxteP24fjec
 hzeqD8gY0W02TAnGmKjO3YR86fY+vvfunZyf6eDtTcnLkKdavrQeX4dG5TaN
 rD64c7LQmpSE039f2aX2dd50SsEeGd0lJRfdAzyf6PEjPZ2ewYTs3b9779E+
 ra+vA3fovaLVe3TAAWkQoMBCe83aSN05nywc2p/PiL9UszweJmtVsOaKvvAm
 3lqEw9E9exJmzfaMor+4beHjjY7LMKzfSFK5REfrqAadveGCtN4HCT25NCDd
 t7dugeg0j7ejpdbtuddELOdqsj6jkzExn788nMxvQgnf5OoVn0mtbi7B0Xxx
 1I/wvuMY3jCNW3pjQje970u7MQ6s/gWW3NGKVuhPsQ51bc2+Qz1+NaD33cjN
 vx5/iS4OdeKOO0MkyF27Q9Q9xj4AxWkrrXoMKNVPYJdh7bFXR41+2MJvG+dx
 KrMNcU6W9jHADpGc8rNz+sNyRecA9HQtDrHrN/9Wq8lSrpJ2p26K6VzcPIPo
 6cXN5UJ2vnGRhSOS5LBvNxfaJPFNz+eH8oPPymTkCEHTdKuzM/zQGzNP0TYs
 46/2Sn+TGx8++fLJ/edHd59+/cXzz4+0Ukt+pKU6HeQSb0PeiUm+urYJ/etm
 EmA0Mut357NXerEafzEHhmwoc7eRsL1ze5ZkbfcZHBN7YO6O5yYOTQE7n/Hz
 rtZlG+ou8ONa0D5f/cR26zf4wm7Uhz8ZX7wrEhxSCMN6YxgHSjlfWOUNbDFk
 Nlo6bpKlvt7KsWZ9hHkcnejVkZudpwEM4G634OmzO+MH9x7BLVgs+dio07cB
 bK3Pz+dA7phyJ2xGs/C37FmMgafggZacuLkPMzZgVaCdjShikA7sIB9ySe6X
 c0rt+d56CbeZeNhfFs4KI93fDTzWPsWsp9Mx7CWdutv4Gg2EGczBjf6xh0/8
 DuGezR1qRDU4905PuojCGDN6+3Y7RmKduNvRDUeSO9GD5+fLF39zY2S99tvB
 uXMuXZjC/n7r9vW+0d7nw9fh2vZXPaJ13m5m1wwXIhB2N2wEovV8sctkjylt
 wK7Ye9s2fknYnGL1/IQT5AA2g/88kRM6xPObQxwNPPsqwM0QFIcqW2ibGRMR
 N1JkXM/mcKDpSDXaO5Fq3x7t2WcG58JO1hI9Oezx0dhGWvWeeLnssdMWasUF
 ljyCGJmmQ4zjFW33wKJ7yvDTsFzAt7tYjma5i+V2xK5/FMt9FKiAexuG632K
 6duwHfbEHiVgNjeu4iK7CR0usqogDNrfNvupUwJXbt0uTfDXt52ND0czws6Y
 edjFa+xhUKR+C4M23bGD9kTkdrRLjY4W7Re75GK0ONLkOVOORVAMLtWi0S4j
 Wg0uwYW/cIcvG98P+NPhqdafpvsOrB0MW7rlU9uhw79dh/nAHYe4iGkvKOfH
 g0gEK0sbZ/exdZQv30h/XbOT13HP7Qyhx/wDL/XE+ztFw9129xPB/fSVp2hY
 TZekX87ETmHxn+9hxGuIS1iGvaddzF+p2KxnQWDamV52Xten8dUcP5lRtGhC
 qNIFChe7WZ6o9ovIXT/I8xuxk/BkHzsJYZN312Y7OM8EmltzQFGOn3Yfroy2
 /GxaDDMN+3GVntpz49ym1XXOe+5OOVDK+Bnlwi4WQKdSLAmZRvdw+eriXLtM
 yzZ5EvfcOaOI+BIXc/cbbgifUYxjI4HJBYIoJyOkztmchfE5+S3uXGU56m/L
 sf30mG4iFESnMTN9wnt5dzb2ErIhQVaKHi30TF4cjGwykyGTjCkfe38QM1nP
 fLIgRYVO1zNFzs/ZZDrFZZDlvUSPq/2BMS28Cn82M8vGSeIzQ5vUz2U0oTzq
 Bsq1owCPvTjVM/3KBcZUyF0IWU4H3h+c0fF9Q8U2VXQWHTuKE1uNbIJhwfbc
 R4fugMpD3iwNHwcy0DchRzRJYTvc12Fq+8cuoPd8AmFb8bNz+CB3xHI+XVOO
 RvPh1v6CDmEenWTJN5v5JSOXMCoXc2hQ+xkcbokrk7qMx3GC/0VxfCuOo7v3
 nz0/jvbo+i+ffPxVpM/n8nT/0MJse9AFN9kd0x3Hbx5s/By3c1tGNyyhbxyO
 fvU343EbqnGxTTq40zrkhtrJytXoqZ46JvshK4akN5zWXeoPmjsgkZ/9ePxr
 uzNdh/LOdBqU4rKHCVp5w+whH/ZoiUenmlOSq8+V9mw5oQy7FR19Tv5ej/aw
 H9O1Cizr7th3Z40+yWjpYExzDglQu4BMg+lAk4U+mVD4ipTcRfTwzpM7nrtH
 f4DzPIPRbBYQfeHuW36z10TH+Ix3E/7dr+NGoy79J0ftJ4enq7MpzJZ97uLi
 0K173ByG+sktPSXgUCVxHHuX6KGejR8vT8IK2iONHSF8e0XH3oRP+ovG+LTo
 nccclmDQdXuUeHrY0Hb49CNYGnh951O9ak897C4NjNA3OnQSvAsGOGvgdQQl
 nNuV/zKqOqqj2dfv2jMDyg3QU0qr60QpnlvmJwnhkdQLm4jfpoNTTG2qx3xx
 4pL520i4i4Nxa7xBGS+KTslSuF0T+0fwdJ0XDFWP+0/1ss1/h2miI+Q2XOfS
 QG/Z7P5PZ1ivhZPH4XBc+7TV4yYn4eWMygM4wcv5YhJ5h9sxi39Ik33apKbR
 6HetAiHRPnYu+8SmFfsBxHw+1dDUTRY0HRc0+dLH7jY6eiEQMaIqlYiL+WK1
 HHhiNCeCvJ4sNT37C6pfWa782s7dX8tO1DMs0uf1z4lG9BFZs5BJjf3/bD5/
 uT4nSbVJvsC0iwn0zZLSJV5RaGJ6EUYHE/lBe0duNjuYRny2Pos28p+xPIeI
 yLEDP4BINI+t/OGo1TkeSYT8qAAs3u4TjYgtuvnb7ZBLPNxt1jJkfoMtn9F5
 lk0lblnObpA9drWRFKzPRWdOF/P1ia3k+PbbQP0mmZGSZACWZ/OzPRt52Y9u
 2/oYFyz10hJ3JCeh3+2lh+4U2Y7wxZTPYHZWe+f+l4Nox3DtL80AUWfo+I0d
 PAwRYXDLieNna+GyhqxpAay2fwNnKDe+41dnd359u/M1vgv85L4d9751Yh+R
 8XImxWVXN9VpwH8NwVwYzF3mq8FaXrYQeTV/CZ3r8O+RHlPt2BGEFvx15o+0
 9WxJeh27PZ9dnFGVlo0L8AuCVHtna1xiywXOTy+WdvNpjH17IA7JOlkDfkHN
 EjOBrYgDsJDZ0uoOeRHOBmg4vfzQnQl2Bj2bk1RNTiZkEMMK3PSWQB93ocEX
 vprldRB1Kj6DpT85XYWswQN/6jnTE3tqaFe+1JgDOdMBa0V70MruXMd/RBpE
 zfep3ovuIbU3caFD3mb3tCjyY3d0eRBW1JlsU3EBsTB6Ecz57p0ZUZzSLLSG
 NMjTORk1e0a6XFL6r+DyZbi//5BDt93YTEzLP9cDeK+gMWbkvAf8SWCYKgog
 VMlhh5+OYA5tUcARLXqxngUNM7AkLHwVTq2lpg0hxExFjlq5h1x4y4JRATFJ
 qB2nWQ1yOp+qUIQVsCmtzycLp4fRnTCx1xRMsVkzMwux/Ciwbks9NWOJR86V
 409ICmkSKj3LOiNAQdHaMAbRGABBYyFhMqtQhWJXP+Jm5U+Y3XMjV+ToMqCg
 DKzfROrYnjJSoGXtarkCobAf95sZNsmyG6A1MLcVROuUTkkUJbyw5ZHFqBdW
 PzoneNyJFLnTdAd0YTOx1tPJebCRdP9oZzYKGVg84kS35rQNPh3TfYc2LeZw
 dB9m9MKORNFdF9Zy2dxOL/X3y0pFEwi36cLH9s/jfcf0DoJ2SewguLVJvvrT
 Ltum6hGum7a3OJrZ8qtRcOx7D2uBoFuDjW957bIXgtP4Y78bdfDLXQus9vnc
 qzqn21p9d9Cbc1MStuw+KJQdAmMsApCPoPzXlJnnn77fedzInWzy6MjGjo46
 01/CjJxRlvwLy3WQF2EBnCONDUz05uO57oimoBYcvHoUzHX4CPbaYri10yRn
 zT2eUY+I94NoLClpem69hPViFh15Rj9yd24ISXiSH8jmTj/V0OLrhkvmLgUO
 ugwqc7by6/BHMUfAlNjZUw0S+J32wgaL50ru6E5KErb1gGAyT471DIR7adFb
 fyp+RDsVH+OYLucYz57nkfxJPXlFy2/VBw9PDftIzjntDxmKQBh/Gu210Hg1
 H/ubQp016P4ifXEQeeKnry1OakE1n77mF0urBYmzX034hjSMHs1ntn6kRZmm
 T25PtpB7SkRd4+JXk6UTFSujrmac27rOyUKNifwXQQNyADsobataSM787TYT
 d+myZvsRHIiKN1MBODh3YL15dadA2Ltz0ebPuF3JeOvbm90//khfv2hYeuNb
 fB9F9xxjunGeul2312ETNkcaeMr2FX5Lx+1Ps//bywFQc1vvQFkby+DnpNNh
 Kfx4B826D1p2okDChVXfvyHf1tJbacPXUxKSmZmcrB0XhLxRm04VIpSB20OE
 ct+avT2rTvYHVOPSaoGQw+FHCOmwGKG9sDO5SE+X4M2NiGQb9gjjUIQSY/ic
 a1vFOIUBnbnIzUYo32u5wOkuqaufjwbLfWfpAyJr62U3Vef6DW6bEOG5C845
 E0ns2KYSUmRzgDcdOcmmtXnmTj1YIuJZYywMvpckI20VFnZwxoWtKLf2Ul6M
 rUlaWE1Cswt3YDw7cxCgGd1ou+qQh/5uUjbVZmVBk7+6W6VpYzn9xX3wQfS5
 CPGk++O7tuKNYsodafr2g8Y0OMzo2b5j22bRr6P42Gtrqmal34InSXNbkHYm
 ZEk1qB3OoWudUcOH4YYts3Uw4iuQS6xXDdYLAMU9spcxQo8AEgYC6HG2e5j9
 xD/IIQoXP3OD0lRb04idgKEIyUMbcMRWJ3bH3x+dAVLaWI4/xyNk+XdrC9ec
 ibcOMdhyvmjjxi7AEjn28OkGxFftNA47yqJpqvD8zmf3nx49vvPV0d3PP37y
 zNVX0pRac7CnHJnuPhvbunlXJtAMpd+stF+uO/yO4EXPFOh8bidw96Nn24rZ
 b/2VPw0udmGcPuGHb9u62qJL3LKpTr+7egr+wtEvx5f9/PKSO7+DiYa/Hrbm
 ZS9v/pIp/Jhn/vB1bn7QtUp7gs9eOl/aUMyx892vdzxzD3iKwjC3wtoPbZ60
 499bvozm/c5293WX03H8y2sO810TI9nrLSgct/y8s9kxvysYZphtHJOm+87x
 6nCnbf4QTr13TeTHPPOHr3Pzg/7ToptB60X9L3YxKX76uxmiakufzP/+Z7v7
 uivpeH023buf+K2cLJdrSvS2GxkObX72Ge2Y49adv+rs3962Od/vb+WP2Y6B
 ZQ2r0+ZOEpLMU3Y9u1Qu3tszNz+46o72TusfODi9R5YYKL7tVdTFmxZ10OXR
 +VKvgQ3mSo8us1l7zn7jpnBBW0cUiqhGm7oy6Mk2VdKjAGUzUJYBg3U1jsux
 WUYhcmFrTy2u4wHxLDWQDiGWDuBqwMvBaDU/cVUb7vizzZIil/WNd0gtyCdK
 uIABt7FOujZkZ/teBBoQd+qPqy3oomcTtrbH+HRKa8NHFJWaXbjTGou5fc6A
 iw/b/icWVvoeOOEhVBUZSkWmF4c7duQqBd3ui+AreXpk59cv+gq70l4wIt6Y
 EI6kljB06EjPsF9B9EIVpT95mFC1ZHPrQXTDNZ9raT+mm8eqKeS/cWDrkn3u
 1JHbUDdu9zF/yNJb3/hHB7y2ecmtLO1dsqt8rXs/PfX0KEBAWsjGEQ4+pWuC
 wncX9VMtwzlM56FEgf5a/BFO+N4+tj/o7qOf3q37o8bwUIoONGA7d+i/A4Kz
 nRtJJY7ocPl2FA6wX9z57LP7z4+e3n92/+nv7h+9+Pj5o3tP77w4sCpkLwqH
 c2GqVhoJRn+39RUclia0F1Dzd+2ZlJ1bfy7N6RQVxMRv4t5h1dZf+/s+za9X
 UNhY4aawsOdm+IDVyWTlghJtWVXLbS7n0QfL4Mu5y/e4mL/S+7dG3qMMHEXz
 7rP37HL29nXgSzB1lv4CSnNLdLa53A5/Q7ykm7oPx+B2mP1trne30IeD91gd
 uqkfLrf6e4GEIOu12AszaVhye6UduWpPkNsxm8PG5jp/yI4ZUSiiIal+Y3s3
 /VCh+U8sAo4+G5WkPSjaVJT6a4O1/fTru5SdsFovo/lLig8QRV3ixMjFIW4P
 r/WXV6514yw5TElwWi/suH3EMPNbyNbRpK5aeNf2eTUdbFLHgjdyb09Y9RtO
 tvk30RLYZaqcCcUcKcZhGxXRVBYaz7j4zW7R2AXbWmu50wLS/JyW2kwo7q7z
 GsbA7d1G1utuw9J57vY44UsvZJhYT9zC19354JpNjdQlLdAOD3FSf4lNZu2g
 Bz5daK46GSC/abarF59r00ifajmHNmjDfcCZ9MnbRpvbeKGPYjtc1g0Zhi9I
 U/hwO6UX+MOeHnJ0xzL2UGzm+/F0+l64uOosOrbHOJ14YBNcd6etcsonZzZX
 oEmSO57NwenHh6MwmdD/yh4ITWxuzDn3p4uNgrVdFyAZzTltOLztBQ7tV932
 gAPxTjqZ9HlUl8cfDzzIt4jUJcFQmz5LExvstK3yjrt/EyP86nbUVw7H+5EN
 PZ7R7rsugIGuJKigB+zBmnJ3V7Z95LRZJxSIT20Mx/WU6hwS1qiT0pyg6rJH
 fcxVUmNQKui58MfiSx9s3km+jWNAAOTAHtJqBXvkFkqt1ISyOKmtyEX/pC2y
 eb+v6YDwwgJ1OlgP/Uub9XaQh9c5r326sU3fCMukNma2X3Hkj1TaQOflIc6G
 CLt/tuOeLWdsX+0uCkMehpLKzncNzei7xqUc8CX7txx4QnW/6zPgVeNd9+tL
 xhmKRFweV9oeBw78Y4AkJ8ZXBGF/jvlsTO7yr9txfmWDJL99OqbOddHN6MmD
 u/jvl08/tlGSd6XzniXH4bcTdWATQn7zdv8d53PFhVeNc01qXjmOD7Rb3X3J
 7v5s87nuhdceh0KbdrOWN791mzZRb29a+xWNf/0u89mzRHIo043ktn7/neZz
 xYU/fJxLIo9bInaVvNugiVPrl4r8zzGfjcld/nVP3qO9sIiDjqan7XtneXc/
 ndj2O8/niguvGuea1LyWvGN321RGl125ubs/23yue+G1xxnvFngsOBq/m7z7
 n71NBNqywH8xqc9aFD7EFz/bfDYmd/nX1x4nTCW6ad21cViu/fDX7zCfPdcd
 8vSo1TCbbPLuq+vrqKBsfn4qbX+0c1d/+SMG9Odtgf6uqOyvaoa9r689jj+R
 i/aoAi6kZB6Ec7h3XWDrgnQZ4j9csWxJ8lWKhbU77Sp+5G7N8nPMZ2Nyl3/d
 dx8a7bHnOta1P38NMKBLhWvBgKyFAUO78rPN57oXXjVO9/y2c2zbTfqDcz6f
 TuSFyzjzx6lU1kXp3zvOdHc6v3tBV+OG15OFPvKNTfyxYZJW+6Omc2tkI0Gu
 cb4rdnadY6nSOfQZdq5EEyd0D7wNO6MOwu3dC+lQ2j914GBjp1fXhm/dV5cc
 QXtnh2IfW93m+7UIVHDuYn82hGXLbCiKRAF2G1fiM5+hulGvfTh6NH9Nx8A2
 31KGMHW3tNusbRaqe5XFq436Cd5km1N2lavTPhg1+Z+UBiu5LWGlOiW+jG6s
 ZyFweYOOAEJW1sKfXTe563zmD6LxMBpzvnD5shvlPIHDwF2+BZVPN6Ro+SuX
 XG8DlTsOpod8rC5nuSh419ekDgSeVU6PiAXC0VfDDj72dBDdCAON6bu2Ftif
 Ljcl2hhhNn+91+XXhTbrmYL54gqU1J7Zwp8+KBzuHzWruN0NizimtTzrIyTd
 5Go3+YN2lIMrHrrfPOYwsG7jjjc8Gy4Ztbis05xNUqUIVb598uzzJ41ruL95
 Hvb4/tO7j+48eX509/Mnz5/eufu8C/N2HsL2ooj+FHa3TA54Xq1Y/oQT33l0
 1oecm2dnmyT3NKc47/PP731OObFrMYWU2atdJqstorEf/GbzFTYn1A58YluG
 3oVUPNNT32AObBtSTsRFe7bwWjdHKXQQGk5rwluSupF5OqZehvGaY+reUxrC
 HX7b8KFl0rf7fjWunFZHj/ni5b0J1WKQ1to+6QoHUO1x08HmfOgguDufka1q
 d2d8GwevlER8dO/+F58/+/j5gTeEe52d2zghHQVLSB8Sd/iD0mZ1Xi98t3n2
 1dzYSn7nrg3pay7ePAH5ZdQ7AlXd2o7ou51f4uMum21O3XaTaw5Ae4LVPeM/
 8ATct+fowc8inROu+pZ4mE4B/YLfbu3KgX9OJ9Gq5781mXPb3tx+UzrieEW/
 OZ/SMVOPxXZo+QGfelvLNwfM4aGH3clbfr4d9c+WbI+1Q9rOqPPVtx2d2lOh
 Wyr2rRvAm5E9bzc6wOKvRI06ittTbS7I3top0gEaFZXY7hLbZ9xz2zPntZ5O
 KVoLTUXq5G/prI4vl+uzzpnaaypVofiQHes3tmElNZGlAl49UzddPktjTann
 hjrCLq3GLsw0/vzpvftPjz6+N8Ygh/JWWhbx7kSTvrvbTS7pG/NmWw47Zr39
 8HoGfuiAnjqFdZlsMhvKTNlWIJemp/hRO9kpNulhxyNbvh7WJz+xurxSSzay
 ddjVl+2nQwozrPlHq8Sd9rqT+hAU4kGXttZ4v7/0iY2slnCt75Tgc1qaphp+
 /yl1YaFGVDmm1lOqmuoUQFgoT/w76kZIGgza1yH3vyIV8vA+6ZAHHz993N/3
 jV1vdrRLylFr8jq0b3expyBHmzu/a4+/u1pT70h86m9RyHzq8cDuBL/eKfRl
 2JL8iZ1Blq6p+ZE+w8+zO40l27U5lwKWn3JvdopjP0DXwucBU/jFna8f38e/
 n3/6Q43hQJrWzjhO61W843TeyVPo5DDRhlCDZvsLNbUL4RXXw8GWIdJLW92F
 PtPI+dxbeUaRyzOa2HeQwbDrWZMco3pZMKOtynaX3+16IPWGbEY65+SFAEhs
 FhbuudeU+puPd3PisW+n1oxLWYS2jxg/d1GK1WnwoW3xOGXPCErHpxcvT+cn
 E+ly2+2bD7SNbigtqRh31RRF+oJFn0PlBht5QGOBja1Wt8GFDxu5b3L4Xdu1
 vSbriNoR2dr+fepPSU0ZqJ3i4ehO0zqjIYHtIAHynq9se59mIX7/XHdAl33l
 K/xd6W+byeXqOQk9HXYTzzxGA4Wkdgn/vgPAdkOATnmp34pleKeEa25AvaBH
 2z0GJtPJiooAPp5RcxvdbVOAPdBTY1fncp08yTBIL7npYDRx/Grfb7eRfbUR
 v8LkpvPXhz9VBlM4vNy67urcpdALwpti92GjjYd+hqOrJKsd2PATh7O3Dwqv
 GqcpF+2y6o6Dy59rPte98Nrj7DzT9sv9Qafa0V5H47/7fK648IePM3igsCNN
 7BpZa55EVum4V4zsOoz8GeazMbnLv77+eXZ006rJm992pLPLGO8yI9cAzXoU
 3XNtOoF497VtnWXboNi7re6Kr9/zafF7OM72dP9pTrP/Yw6zo72tQ2i7kzSj
 /2z5LWm7Q9S2JaS8/2fKb3HH0KFVIZwXtyAftXTzeHdqd4X1+tlN/aqInr9k
 3+tpG2tbv/9ssrJVENce+YoFvM/k17QDGwj1/ldIfn3HKubu23roIOXf/sdf
 /v1P/4dPVG/eTbSj0LmHtn7oIdbWC4OuOYXd5n07sN6ZTRuvDDfOcZeY6pEP
 orsgVL90oF+r1xwxTlTbB9if+mfp/o6w6zVDq8H4UhKBm5x3AduiivOprbaB
 I3OxK0Da+PVP7z/48sm9EBzdjMR0a4G/g3XHf5pnb0Qr/UQuOaHZDlPY45Uf
 uqdbRpRvKutu0Lzv5QxsVEu/xk0XutOc1zuY7i3zwePyTfh8T6m/aUoJe0xj
 33c6txFNG9tqQpztmfUWM4Rz1XYLQn+pDZftCr5xTth1WeD9cMD1wkK9Y7Ze
 91wa/te3d42P6xb6bP5K31yfU2QiCrFj1acsLZkvHP0c4cidn9l+hdcghw10
 BX0U9voS5t6Ovf4o5h7CH12VtcUwP3xN1wtYbmyXp38/WmW3x8MMOihs/YRQ
 z0k+Qu9ogvTp/shFgm7bCjvQKNzXlD7+EMOzy15fUpV67ck2epfObjwZgpag
 qrU2xaj3nvAQw9pZ2Nlp8LbVBrMJmtrbbdTURr92F2vOjqG+Xg9XPV5e7TgC
 QZoAX3it63yqXKPTrQEi3w92uxvcYadlvetSvNB86VrSd2oGG02r5rbtnetc
 fAkxfLTXtSyx3cV5r/EeTfPDpY8sbrbv3e5tejCiOG54t0TvvDFUcPryTWpb
 fPW8eCfiHLivDVpSsPvtPrUvfqqxSW5uVkV52zLZPBt1rf873debUCi1vaN8
 Or8BvqG/3fveFn/oX/yyo23ecrBv3tVt8hYbLWF9BW/DKb5z9Ub2n+bytGFP
 Cp4qG19u+NTJdOgn59v3Q5zs22yw166ZjWrZjR7ot3yg6fGI4uo8otfJ0jtj
 feU2PdC9grNRI8cbDQq9wPlXOPk+hP522/TZp+JZJrCgYKsXc2caTW9Y4ps2
 Lux5gz507W1tgW7TcCN0arfZlL2MRiffe5e1ft53dcILX6rbpDD23v9gN56H
 vvQNMAGitFwemn7bkL12TX6t1J3yc9hSu6rzTkl5k8dOx/z0pWfX8ILEHk39
 S1ChZ3tt+kMzg9BgZ7NDTrjLtw+5TkucjU4hvSdstgrZ2SfkijuGmuU0nXKa
 lwlc1gJnR/+bg+47DrpNPAY7eARSWlNs+z3bsTeHbS9vxwxJNG1rWmin9WqM
 jR37rvUN4zYM795YQ+lKZ5QVGh3/6z/fzux7MTQZP6kDC3b4ekSysUsCB5pP
 2RIc+/qxpomP7UnaNFLAENZ67UGr7P3rP4+T/Zv/+s+NSaDMXkAY13jKv7JA
 Unoin7rXpRA0528i/YrbrsnNC23Ws3P7Uif4opDNwL3+zTxtE/7Xcysf3ng9
 1tPwdq2uhvIOytnZJKT/YoZ2Ba53f3jjXLPBjXZckul5ql/ZVya5DtK0xKZ9
 17EN7rjuWF1qtLnQ/ijq3L2ZCA79WnZ7Ue+Fu/evOaEdzaD/w3qOhhMrUPid
 ft53j7srm81FneMnO90zzyjXefCPeebmB9e4aeDOzedHN2kN0ebHA40gnSLa
 lXzpg5SXzNabEa9+dzWR/CtoIRl25Zrj+aOAE352xtsUYK8nJrP331DyHee3
 Y8ZbdzZVbP/yTwe7itCah/4ELSWv5P8mbOtBwKLVoT+8XOnKZ25+cOUCB+/s
 Pja66ZT0eFviLhE3sjZk4vwBwJaN+KsQnXeRF1sKE1YV+fwUu6E/50x2zG1I
 Muze/c+Oq+2dmx9cdUd75484q7h5k8Ck78feZCOeAM+TOB1RUd9oB6CMevcF
 GwTPnM+cFB2t5kcv4Qnxo/bWJY0UHKm+Q3vpeO0INGoYwM2txehuwP5Atomh
 fnVEBTWdS5e4tn+hf9uSR3bNhUeu9erSDdCRr53TJaq117zLMVAP9XS73La2
 faOf6q49CZ6Zv23s6vMt5W8cbACFxgc7iF7+IqS6v/RRv3/9Zwr7DW/W5oPC
 ZeGNTWP42PTI3gydbzj7hfMOt4KMUbT5MOc63oVD6P3GHbNx6a9dbyncE3zO
 gRsPGv/UDbHXBln6DmH4rM9mXefQfULBz51OfLih2/p1gxVvDzR4bFgnauPA
 dtrO9fXBfxv02u6u+A6NFzuM3ZlKj/u2Wkw27r0/+NhUX16H7V7Y0nPsfrTj
 fOfq3rnX71jbUPBgFzuvBdmbgWaetkji8f3PmlzsDpX88kNHxB3lEp4q4Syo
 t1e7s9Q7EmkzlTvlVc2OW/h4eHi4H3VeqdGWD+44EbBa6v6jI/cipoXV6u9y
 knglBu8fJrr+kP2ztuaAtlP5ckXZy5W1F53Ci07VhRPn9nzQ8mf7JEX1iFf0
 oL0Ww/y8HWotI334E4l+52zxQ6qOc7K8o2YlFKz4Zurb5mKHRt8yzkOhufek
 I/9D9djPr0QGq5s26wsCBXYc8nfwivVUj+z/1JxKHY/8gV7n3tHEbHxiedbQ
 q3doz//ln3CLZQlqm+kAy27euF7T3r902eIvXatPBwNHdIpINqCPbYYE9yDa
 Fn3X5tpVfAWNu0Wunr9IVNr2WrqAYImpHkSGT+mt3s08ryz9GWQTH+H/l38a
 6mA+WODUMwUes1JZ5nQibjZvPuXnE1eKSbbhUN7yL+1zDoCZzCb0ysKr7+54
 4TTIuV7QCe9R86LXdzic3o5KtJj4rq+TbwMqTn++J+q+U4nSBsPACNMs6cwT
 1Op1kN7Ql1bZv4z+5ja46ZY9j+gHIKh/chc7D+9m17a7Ud7NxA+GDbp2/R30
 x3UkY1i7OOpbREDH623a1pq63F5Ow/9/uStHQVX/1/RDPnzPBvxaFjwAxxZE
 3O789eGmuHfsQ7Mbq8XasvYPUb8bCrQjzUfzl9dWnz+k4fxf/u06Pef/suUb
 b9jnd+k8/5fN6ukwh6H+83/ppHputqDf6gz/l34O0QfRZ5Rb8O0HNpsANsSm
 CGxe7TOFOm+rDUy9mZTQqbLzL6ltch5gKXdnPFwvJ8On72ylQxyMmibgTV8n
 u82nE3of4wW9A/wcf+96G+0PPIC8+uDQXbchDaHMrVfj1gjhNX9+bOgWjmsg
 zGAh2/t85uYHV90xfKePi3dLklw9UliPu2DoZKP7s7fdavd9z3b3de/tTMNl
 MlsR9JBw6oDHX/OZBm3fntXaFvX/5KcZV/Jn/yWLXP7dekJpY1ef9f2oZ25+
 cMUNnTvf8TTjh5ZebCqIoVJ/68I/+vjZ88+ffn309P5vv7z/7PmBBSEFsxjk
 WtG8H5nNv0MGrg3QvS4ehOeNv9+6qjv9frrIplMH3ibkQ4M29+0af39E79S+
 /L4fTp6dbN3u5NXT+w2ttZnZ6H1EEjBg88gdkOuq8OC1ImuXuhDgui7/ba/g
 Wkce/3Wdi/8ZHOwGMUi0t+XCp0hqNcCAP43j8L5dh/fjPDRvlgoBhJ0vlnoe
 MoQB9t17pehdVOnrt513+mAPF3O1ltbwrPSb1Wj0vC2KWBKJ/a1Cr15TmxWn
 ypaH8FnOzmx+MSZhU5VtsxQ4Elovxqv5mP7tVljglo9nkc1YPbBvEFr4ygv/
 xvTQRdTmOtsUe0mPCu18aUjvOPQHtRS5I6Wtq7u70C5aZFc65u7jt/6FWmus
 I7zIyl1wvrbVGR2y0WXT6dZl02nvsuiZluvFZHUR3aX0UhVatIxGf/xD9Pyj
 e9Efv6GrPr7z5M7WFU9gtjBtgmXUT4Wue072/neatsGWEUyWkU3aVpM3rket
 oszy13NYXJ/ISje8cje4pFh8QI6aywj+IviH/Re3undTXdhKj8Y9JG1/MndO
 3mK+Pjntt0PptJ8J7Xvn0+ncVkTY0iSXSvsivGiaZukrWpw6/0dX8eD/+n4z
 c/jYv1XvOPiyQUXaJPv0kHaiKW8JbzBrU5ppr5q6hv4TXbXJhG9f8P3xdnnJ
 IdV6uKqRzp2+LoTKZ5qxbQ2h63jmSH/aTmyzgORwxA6beiBb9DF/PbbHfp25
 UJ0GqNapBXJf/alHuT8fb3v7h6Ochg97OXjjJTUPXWo0tQ3FoZMkbV8b56Xo
 2K4W4tAY8GWzZx1Zo/vLQwiI3wL/grB5Z5zLt+9Pxwc+8kE85j/8b8fdZ1mx
 pQdVtPzQg2rXsw58UyV6VR01iLr80f9t16P/941HQxXQo+vDoIdpuM2RcFMv
 etMt5yH+b4mxwfZBl9MjkvjSZ/x54xlNvZF9wObmbtgKGr+1A+fpOXSLi85Z
 yvhmUKTfX88XL5eNv+M6dLbvgoNGcgVKoPrf68X8N51RvfS8Dn08l1N68TOG
 PLMVVGQDvNqy25I27aG6bxGk/lZuIKqGaR/si7nwWDvhpghzMosBvjYEmD5O
 HMBMPB1dFVi3f+Mvo051rH8Q6D7zLwK0JjoNzS2zfVc21dPEVkOC1eANrC0r
 ntrXSpLd7Olb2s2HT7702toaUE3NmDfes/16QT0WqDYxuns4uoNVismMw1Lb
 1vb27YvWNtgI3Kl+w6njGL2+bzZ3IxyOPgIWmq3PhPZ2AkDGqv+FPifFO/Ph
 OzE5GdP2U/DwYhXe77h3NsfibGIFNaCbrdyX9lWj+4cOZNDy71JfrmTLGWpO
 qc74ErQ+ItwKsJNJkeu6SjMlUpFluVEiM2nFuK6LWOeF0JWIq0QWVVKLanf0
 PIpEnCalyXBpnQuWJZkY9U4dw3W3o0QYlrDa8IIxkcnSpMLEqeKsjDNjUqUz
 w5MiVlLHssyHnhdrLgyPTcllGfOUsXTUO/Nrn8dkksWc6yxlRZUlVVxh+FSn
 imVZjKfVTOcmVqUypsz50POq2GBeMctFwlmGh3fWt15MO8+j3rXLWzebAP6h
 LbY6BDsQNx3OFyc3XSIMrBdN9XDWuVlwlopal7lmVcVKwUWC3xUr6zKrmCoq
 PDw2qmI1rxM2NFnOi4plVcbqkmUiLdNK1ZLXZRnXMslVLrGdpapVksiKDRyI
 ABrXsoillnHGMQORFVwleVYWlRZZLE1dsZyVTNel1rUqh0ZhmL+QdVqoqkwy
 PLzA7wLUTqTmmZZZVdUlL5mQmU4HV5TrvDaGl4XOOZhEpibVAnPHkBmvytqw
 NK3TNDE1VrYVVw4/ShnwdFVpFqexTsCATNUMqj+Ly7iKCwzDEwGeUFLoQVZQ
 WQquSQpem6JMUw55UUUmRB2XuVKa1WleGaHSitc8rodGSfME/FSJghmudZ7x
 PC4ERsywpEKWKTfYcfBCysB3g2JX19gVpspUykTEuTSC5WmZSAFGLwXTGtsn
 clNrMJNUgzstY5lh6qYusUkFiIAplZrpROtC6UTUeVqlMjGmYMUgXTgEkQuV
 KBPHEGUQI8srqBZdshjkklozUwrJY6mq1AyNUqZJzFRfQnTz7e0oTjB60vke
 yuVQdb7HI1iWGiELrUWMpcuUM5NjP6pCFXmaViYHy2KroDoGxb3iJstzVmdC
 1UamrFSM1SIpEs0SVefgFkPMg6+LOhscRUHTSKawA+AUKCuS46ISvMywCEP6
 x5RVrKu80NXg7mQ8TlRSlpXMGa7Lsbd5WaXQXSkjyarjNKvwAfadZ8UgpzBo
 Z1kULDcZS+Msw26WsanqLM7K0jCjeZqD66WU5bDalbqsCwNlUsq6VLGRYAtd
 Qt1UsYJCLXUB3VDUueR5wgdHqaDws5prEARGJUvzHHqmSEQOQ5PDdkhRVZXE
 1IirB6VZm0KAq4u41ElS1abC1EUMnocYgflrCBVZmirHKsWwHGZSV1A9VV7L
 mGWMZyphqsJGVxBN6Epdxgk3CbY+yQZHqbCleZKLMobBhKxUMJxMwv4XcZ4K
 JWASjWG4pKzycpDrkrpSOi5Iy6msrIAfahJkxnSVaGg3cE4moI1lLowZnAtP
 iyLtSIh9W0TzczuqijyL6xh2NjO5NlySYeCQhxi/VVgki2UCPQoTnZTJIFdm
 RQm6iiQtIRdQmSnMfwqG19DSNSQkgVkF7yclWH+QE1RZcBFD/ZpaQDmrWKVF
 JtM0L3gJC1FkCcvalTik2K7k0y/vff7sVn6YpO013bBee0182NUZXZR52TUB
 wV9xDeHTgWu+37LwKmd5bkRZQ59A+oXJWaXJtucpxLzMIYmgXwldLKp4kG4J
 rF+eFaYoSjBvGUueYgAIsSHTj/2DBMDAVxX4vxi0HoQFONi/KHiWpkUNCwJe
 BeVNEacQzQR8wHL8Xoh4WJprYDcloBbyqkxr6NlC1jFQowTowPLIDrAijVPI
 ACRjkBOKGAqgzEktlRz6Ny5ZygEWgGI4MSuvtMrzpDISIGRYs0iIGUxwLXIG
 FmZpXmZcaJMlsajKEqIFDQxxkqbI40EJgiKowf5CKaCBooRNhMGvUqgppqBA
 YdRiGMg8q5UeHiXGjGvoBJ2o3CSlKkGOGhZRSgVzREhPmxzMzjTX5aD2h6LN
 JNMxgF9aVlUKBFpKSA2IbWIOVF7VCiq8qklxDmp/cEcCOwj7JyGsaSUYYIOE
 vBupYB4B8FRRJCnXULzVICIUqYJxhYqSBigUUADosiykrCTAda7hN8VJltQ5
 TzNMbngu8A7yvoQMW/jvtyx8ziEqOtYFgS4AHJODjWPwMnAXmDkBAmIlNG/K
 odQGOaVQgIzASwI4VEkJbMsZXA4AhBI6C1MsKsBuKF1YpnJQgliRaQNrlifA
 FiUrAMqlzmWKTUuqrGBZUagsKYCBwdyDOKGGBAITwSmq6jivOSsYFiixKgDk
 2OgkUyUEG0IkoSkHeV+XVQ0TiO2EFJUSRgfSl5L5SZPEgHFiSBLp1aTIB62H
 hOjJrKwzmB6AAYPhBP4hLk3hD6YJXCkJ3CIMLNmgdSjJ/8Cy4ENmQIBZXqRl
 KTPBlcyYkXVCllLBTMCEi0F+UzKugbww2xQYV4GSZFYVMAh8kBjeHCAyVJ+G
 XwQSDVqqsgB+Suo6TiQgXaxFySQwBvbLKKMKht9UiREVA6YalGbJgQYyeENQ
 TZBsIC5oOUidALhg5FwlvNAG9pqlchAjw9GFGspiQBOAQyC4uMInxCYGWwuO
 NYD+9JCCA8IOo364MR0J2rTwGNjiDqmTFLgOtiEtNIQF9ryCkod9hX2GLobf
 lA37OcZU4Dw4eQy4AzOuIfaG1QXAKhwODhYDAtMaAJcDDQ87ztALPAZWrOMC
 rgDWTrGCXDLYFri3cNeqdiW7LXx6mBftNVdb+O+vYeG/v4aF//4aFv5P2xY+
 ydK4rrMir2KWGjC5iWvwKDw1OB+ZZnkJ4jEGnQOjOWibodd4kdY18Bn8y6RM
 GbxkVqmSgjI8g8oooOSKLE9hCwZHAdtmOidXJS+VhicCDsCu5jkAM2C2ANyT
 BRQ2fIFhXSlZCq9OMZ2W0PzQiwUQGyNLD1YWOs3gHFkGBmTIB3VCbUWWET4W
 VUFCA37CTKBaRAE3t6jIdWXwaEycDfJ+LLhM4RUUwpTQKRnUBzmt0CcgdQpL
 JClYAdIKsP1gPKGWoB2HQ5jEgLoU3colPHqMKWDpTRJnwDASwoGfelCz5Gld
 QdsWscQEFDexgTiDOCk8Ijg4tTAMpGMygcAM68pKilwBIFQKzyqTWEvgYGi4
 GkwTA35BS0ALw1EscijjQY0LiyNz2FYJt7bCf+A6SUYOB8wi/CxMCU4SV8rA
 uZCDGtcUJqljA2cZVgueFbwhDYdc5CTvPC9jUYJSNXydqhrkXeC8Wpu+hAxb
 +D9tWfgM/hxQXxVDLXIeVxm5PkxTvEbDMQez5bEm7QGIOIycskSkWarhVYpY
 ZNKQPQdAgBZnwKUcwNlA3wsYWRjwQS0INxfQ2Ii6Mhkv44rD9+fweivAXDiN
 gIgGlonnvBRJPYw2anwvsKgigVmHA12yWqSmAtLG9MApUNgZbBJsAWzVINpI
 KpWajBBGngCf1jBetYK5h08Ik5YqzQvyFUUBGDEoQRUIw1iSAwpyAf8WXhx4
 zADWATbnQBnApyk51GkJ4z3IKTqmcAEgKEQP3jYEMobPITWWI3kFGZLAqzmM
 dxEP+6qZMAlPqoKcXrjvuDsGTAZmgc2pMSVTwAaRokngjA/7oqkxCosXKYhS
 YpcY4JbMTA2kTiqhBgCDgAHTASsM6soc/gZnDL5wAlULZMFZnEBbJYoB5OWi
 1qlIGcHFOCkHJQijsFLC7qpCaKCxUiignyqNYfXAt0AQ8HFEpmOoumHPTMI3
 UKqVkE0Lz0wlIdMqhbtEDF4Ci8GpKAoBx8bUGbzInMIZitzLQdxZFHUGbkir
 EvJInFNkJTdawhdL4axkhYKzBfWm0hiaetDGYLEG8BYQWtDyKtgIKJokg2sB
 pwR6mOl2JbstfHyYFO01V1v4P13Dwv/pGhb+T9ew8H/ejtLDL0ygnbC5JSyw
 qmGElN1tAcVYwzMDKIWZFwCu8aB+gvKoWJVrBS+Oi1iXmS7qOqGAYG0S4H0D
 VyyPyROAKz0YBdOiilUFeAfJhYKHhYbeg16C4Yihq+B8VgALjMDH8PFGhocp
 8AI9PuWYmdEAMWD8moH5K82hbvIccwVTmEHeFzm0M4wp/I+iohghS6Eaiwom
 BfYRJqMUTHFYbei6atCSGYghXNqYvPCcAZ6AnFZB1RUGAfAQGZ2LCHghQLOD
 1C0VlFAFs4V580zAL4NWwaRgDBJVkRGBAs1gHAGKBjVLIuG0SPA3aEthdQbF
 XUApxSCuALmA5qWEhlMc4HZwLnmR1AqKOs3ggVE0IYHnAltCXAQ+yeBB8kRh
 XBjO5BLNYgwHaARdKwHx5iWuNkaXOtVQxTBjElIsIcjwJQe9b1MmNTzalKU1
 1kQuFCBmXuQKEyxjAHqgjho2H5o4LwbtWQ0uTfK+hAxb+D9vWfhEZ0QAOF7Y
 ZvjbsCUgBTaUAG4GiwrnHHAu1gze5mDMCJaQl4AKwJJFBvcUQKuG8lfYZgnn
 v4YLVAFyasHgSA/HjHguQQppeCJqbKS2p0JFCjkqTYFBYevBP5AAdslpmcqA
 03IKRWcyoQAw0zn8XoDZBNxHKAErg0TXKZ2XDUcC6lRmGWwwT2EGCyVUHQMU
 0skfUDzWFhc1AASAGMRgECPD/mUJfNEYMD+vMzoeSHgaY6th1pghH9oAu8IP
 i4exIIyILsmUQeSgheoUAwAgpFIkORMQwLIEfi4YrHZRD9IFmKVizKSGCTi7
 eSxjDn8B4o15FSmUHwBpHBs6zIUjPoxZwN0MMAE+DGw0uBOOqQSGAuKtkxg6
 GFIB/UQMMUyXFJiaE7AELgRyghMEnK8z+LApZiUlhewZwKZOKq4HuY6C3rDe
 sizpOIbDOYO1A0DAzlN4JIb+E9AQdVFU5fDZkEx5zUwrIZsWHn52ykAnAR1c
 qVjByEPODbxoOlECupJgMqj8WiVsWAtqoLQs1kqCGQA9gTg0pxP+hHBmnlVp
 mkGZZEYncD2GvSUgFoG9j4UwBsoY/hEQNLgBLm4eAxLx9sTuz4MWPq7aa662
 8H++hoX/8zUs/J8vs/A73+91OyqLGAoS0BYOFCAwET6rdFlobopElYzSE8AA
 NS/gIw3aVFLLCbCghlIrcWFWjnov8GifB5AGJF/ASpQplJ/hdKhWp0VZwzYo
 BcePSSMV3DL8M6jZZa4rYAdASyhVOCMmbp+3O0Wh+XpHikI7VXplW3Or/Qu3
 vhm7HrL04tGb9J8dY4Qh2kzZF23a1bcfrGQybrILB95+YXMRbRGcT9jp5+/7
 C/qvZ7sdqboAe5NzUxqgcSCxjKx3CpsJX7qQULKMSw0fCC7toM5RAMYigT7Q
 ABCFLARvn9fZPjxPy4qrHC4YcJw0jKS1Lg2McUEnF3CSYOsAv7C92JzB5wEA
 GkYwg1VS1JnMKku4wZKGDkXs2xi3yznbguWoO11wGgPqB5GqAsZegpeNhJZP
 4StYRciAADkAADQ2G3ZGob6AQ4CxJNSUgfYbuRIHWx/9j70nVrB7MK1wqGoA
 JoYH1LCqOqvjDIRhQAF4Vm3VW54OmpKM3EQjAB1MqiBXrOo+8fveEw0hIgEF
 DE2N/6cSBjMDB4AhZJJAz4PGLIcyBKqUlyTSpLggTnPD4ECCe8SoXwjxj+0T
 Odx3QMwY2BQPVzZiwCgEyCUBu5QCTHCxhU6KcjiIX1KgFW5bBm9OU5jbbDzx
 +/aJ0OVFlgGUA0BWnCXwd7muc3gPqrLJI5TnogqZFpTZMXwADh9B08E9wSdF
 h/8+t7YvVnaNQNIwf2nGa5PBs2cGqFbnAElKlUA7aSIALzAvlpT5oOMD4Fpw
 yXTGZc5g4KrwxO93PBFEkDmYEw5JosGdcLk4cCP+qWK4BllO6EPR0XMWD7v2
 CmYKmNTA3OU1EDJv19gVZftEQyfR8MB4WcNrgg8rINw1tD3Ek1GEEjtYcCXr
 WuaDVFUCrlzN4B7ivgLgtrPGrScCxOKCGpcBDQGxweWquZGAaGkOG1JwOGXg
 cWxOLgfXCNXDKIkO/gBsBujFRm0JzT/2nwhf357iwcYRSK5zDngG3kxTGHeV
 UnzawMPhkFBg8OFjUgIOUBYiZ6VJ6FdMk9cV+Ywl5zFuLnNDICGJB4GQEXBa
 COAawYqkECbL8FyoobjE2isG1cJ1ARVcZsCSg9oIXysIm4IKLSidBOoNhJS1
 KMA20FVwgfGI0ihe8eFkNQN/XBbwt4EvYd0rWFEBq18x7E0cw7E3+AOKGoxQ
 DYcMKR4Gg8EpMlKZmlHSRqVyOvmXMUREcUN/QAhMPJwMQmFbwnt0BJcLrArs
 D3xZxjVFifFxAvUrtAGIG+YKVuYUe4KMQYFBKrOYwk/wdVQKRgHFlaKZAuCD
 LoOmifa0KsBfdKYEVMriko50BC+wQmhFAQKnlJ3Ck7oaNnAKaF8QzC9pVRQa
 S0spY/g4FfZWFjFltpBbUubDDmxKh9XgVmkyAVcKSwLTwiVmSsAlikURizyH
 q45Ng8syOAo9LelISNd8kI2k2AHgdQoxFwWvJQwVRdcpGQy2kmdwJKoEJl1p
 zGWQtyEHpoA7ZrSCISlSbLvmCWU8UWw0iQkakNwIdYm+rHAZxxYAe0Lf0l9Y
 H2TBGCAKXVRCxRoKPNGQ3eFR4NfAS4a/z4q81tDidKKaGtLeQoH6eUbx/by2
 ZyeDDoXkhUg1CI/hSl0qMnqGJpIqOMkqpuNzWF58lhdq0MrB2oOZCyBcmH/Y
 KsnhS0LNwdmEE1eQ6pMgTA0bCIoPzwXYgRn4R8BmsOZwLWFSyLrAR6FMCdj3
 hHQ1TFw9iGOwqyUvSpVUCVwaPBHkEHUJUgG1GLipTAIzZkplcMmGQ9AsA36C
 mSJlYUoQM6+xq+AgxWSpK/j/Ok4o75nyBgflLGN06gNpgqdbY2HaSh1QFp23
 5pRgHUMHJLk2ZToo8xlENGcURIeTmqc8hodegW3h41HObAJFD9owAyCUD2t3
 PI7S5rqFmP/YfmsxHVzxVAnDKIM3V5gxg6qpUjAHi2XJINmxJsybsOFUG0Un
 wCAV3HvooBoaAOadst4sngYTCV0R5dIccjQYyE4KpasMjhM2OoZGypNMxUkB
 JpRgrppB0/VW0pF2YMU0jhPyr2O4axm8+Lw2tYaN1JCTDMapToVFEEqobDi4
 QLlH5FRAJ9dZEqsCMguaJGSNwQ01mDuVks7R+SVHraIqFJSTghlLBHBHTgZd
 xqaCOauLJKuAyKmicuvnNmlGcAekmkENg2/gqKqCHBCYrTrLVJnBoPA8z5hK
 8ksOnmWq6wIIRGQw/1VN28ChA2NussSaRsglfKsc4ju4jjiGRDNIBAS9VIwC
 oBmcijpRCmuAFizhCO1yb+6HdreT5XLNqQqDnJtd3STdS9y3qODc+/KwHDUl
 ppvuSALtTcEtUs7Y4zirKb3SlPAJoJlkljFdQHQLUgJ8+Dw7BXsZpbOKy9po
 LUvsjQDziBQ7XwOOMpnHdLBuoPoHAX+mKOVD06kvbkgpDyU3FSVBJzSbWsK1
 gotVMGjaQebDRtFBOs+yAjPmBdxekwObl7DsTJoS2IdsRF1KpYeLOKRkjEOC
 oVNhTBlxr9Bwg1OIMlAxL5gCHIMKMTljw9AXG28EneRzQKUU2pdXwK8lqzXm
 kyckHIbKAUR2SdazklBj5CVQHh+UjC4pSxg0J1OVJMLmNGBSMoXCH4ynFpRx
 B6/GxJTpwFJYXG0YYXuYUbjAVZUBS5ArCF4dVIVwnwq4wrzUlA0AuK7ShNQc
 QAbLy0TCvJOeKvIMzsHgTlMJTZXQ8Tml88aJYoZSr2UtU3jjAqgzY0CYKayy
 NIN7pKAYielYYcAhWIOCKAkN7UnFN3QiC6bLAVVlrIfj99BTRc26EtJ3n6u6
 YOA8SowWPJXkeMApgEqtYkChDDAjBnSQVVJQucMg9VPomQTbD8vJVVYqOoKH
 O8qArLVMqhKzwNDYFThxgyYiyYqU8vTgSSR0lghnATCGHLOqFjmHmoaKhFOo
 YGrYICgHcOEUKYVqBxqHqANfCwpeiBT4HP9oOncGr9cxwNHgKLAPivLtKc0D
 6C4BgjcSRhoeUIpRoHYBOjQUgqyHIz2UdwblDIe9rLPcpPBKYuBVAPWYkeUE
 J8CpLbCTYPVh6nLK5+F0F9xhHVdgawkwGoO36VirhCBndHxdCm6G827hJ0HT
 ZBIkjCvByKPDTQUErgJwgeRTIRjAQkyu2XDeCBkZ+Iqyyg0H/NA5HdwwVVnP
 geVwnAD9qbSGV8MRzALmE64TZEobaMKMUqlEKTOj4ARTUklGUE4aI4rhbEoB
 wwc7ZwmasdTEgHOQ+gQ+aE4nfwZ4DzsO7AnAN2gG8zhjciACd2kPtRBY2DDS
 tyOqtIBrKiqIg6Bgr+RxkcDxplww6HoweYG9g5MFgD6oF6EHoSwAJ2C+6IiA
 qxyUySCKQNIwsjBDOTgywX5kw/nAhPjh+cE8JAIquobwJCXIAUMNuazyLIcT
 lccUOquHLWBFRgLXZGUNSwqgmVEtHWV6anK1M7KPAkpfM0bhwSFKgwiYDqgN
 1Z4qXpeKCpDgUZhYU4quzqAzSH8YuJiDK6rh0EBV5BwQi7S1pCMhcL8EjK5h
 LygfVqeJLUwaBJIa6i1lFYedqm3UDpJJpR+w6VRIBC1WUCocT1UBlDmIDKjg
 BHYul5xC+zHFR2FYM2EKoSkTMCO7DBAE134YCtqIHiB2BjtRSgNfrcRE6MRJ
 Vik8XY29AbCj9OBLTgXSDA8pMW2q8RF0tsUY3GWdKIGNovKBRItEZuAjOVzf
 AtULB4eyh2N4wrYCUSqAwxiyJkROYK8Cbq80h4W+JDACM1s1gbAtCcnynPOc
 UvsS+F0JfCiTgqsSyoeW8PVg/Mu4yhjQNOR7ULvCzAumUsyXFD50aW6EhCtH
 nghMLPiijGuIjMoucVGhZSAYGfSyhrMOQjGoRVVWJQdIhL+ZUh6/NlmhgYMH
 6VZCqABjABGhfsjrhirFvDIpC2BjqpKDKQCHSHnZWSGlawJLAsKYFIwodKKh
 YytwIUUGAVVj4Iqa8iMoQ+OSPB2KhcWsgjXFAhIwOWX8w0WFtoC2pexy2GTN
 4no4lGoSISkPToIv4WXCMU2LVFNYQKoYskdZ0RhflwoYb7gaDW4IAFwMhijh
 uxkq/y3rJGfwtsoyTSnUT5kMeZVXw/onFxkgFUkFp+QFYMucTlBquFsVpgCP
 vixyRRkCEshxOGtFY2MpVwoyAXAAd4CJoi4TEEjZMpiK0qhhYbFvg9aY8u1z
 8IwpqhyOFhUZSmUd/pJhV+ocNkzBHOm6Ki6xOgBU4KbmwOyLzhsi7/mzUHdy
 Flpl7Hxnu6sX7x6Zdd5/TK97Plryaa/lI9VJw5rAJmlOBWIVVVhQkqHMQEVI
 dzFq3tzdv+/zp/fuPx3Dw3ffny8mUne/D/4YS3cbU0x3Rq8U3H3CZ7/aDpkX
 VGlUUIQFoDKl1JFU1nmWJaVgBTF3nqaaQnVgjeEMUV5kSc3gARq4NVJAUe+c
 4mN74uZf7T1A1NMj+xbt/g+dDMLNtAm40PhUG1ykEFs6lRLwxWPOVQyfzHBj
 01WGQ3fwupKS0vNyRiHOkuuEEoGgTutaCAk1DGeUw7EQw1YJkK6i3F/oK3g9
 eDCrY2NimGiobGbBWzqi9zQvV/zsvL+OZ3wVPdAiShjg+K2svMXSKI3TYgQ2
 PArvYh+4nt2K2+vdQfzGLbh+PXPX5xvjW2bdfMDt6PHcX19sXN/sU3/+34Io
 N15RJ6f57MatKKaOWjeW67MzvrjA3zce0HuWn83N6jV1Y3i2Pj+fL1Y37FWW
 rY8mii4LvO6+OXe9mpb45g/f2E8a6uGjb+0+3Fgd0fcQoSQuC6hKfPrWXrtB
 iV13JAWVcjZ3dGm9+wFV3Lnckq59G9IlN0LuuzcGtqYOEbTqr58UX1TPHj67
 X/3+t7+vvrj/gH1afvL491/9Lvnk8bPfFw+//qh8kTx6UD3MHn2dPM4/ysqn
 nkLNSIIv9dF6MaXhrpF90L+7nfKMn9ECbrhGHY/D983MnRTSFV89Kkv2Rfb4
 QV18XeePqsf1i4cP7j1/kNz54uEnvy+f//7OJ8/u3H344GH+oii+upMl9z59
 /qL44vn9J0n96f2v4+rFb588Lh9/9OTZb79+9Oz+izv14+x3j9njT7LfP7z3
 9bMHjz99Fn/18OGNltJnenU6t1zyFX7cFyFaZVnELuFbL503NohxSbeIGwfh
 HujWOXW5om2LU9Z83jb0oCHLT55//Wn86Ksv7jz79KPf3/v06zvpna/yh/fv
 PMfmpfGLe/Hd3z26myQPXrz4KMnvPS7YVw9v2KHe4r+Oka3apcHuvnj81b3i
 yVcPvkiSR0+Tu9jxRw/uZR/9tvrkk/x3X6dPi3vl7+pHjz759PHXXz8sX/z2
 ceGJws+ooQ6N0VoAv6/8zZHRuv2KcnFujN5Cie4Q39sRjDccewBwQ+dNUHoA
 OdSKI7MRMk5HzdBoMfk+gEfDKWRACZxqNiuW8xyIo0jB+FR8C1dMsDqNiyrB
 /yteDxeT6QTehCygeClKk1DqRMHoLJgK2XVZKLhOQ/FZeBa1xjUF0KlKc8qM
 V6wChilVnAPtAz0kBbzEwtYvDrtLMgderwG9BFxU4Mok1/B7aO0VxioSECeN
 RUmdQwYBWFyVcQ6AW8jStiCgjiYFIDJ+QEosqYgH7DWMYejsdL7Q9PriDZPd
 fRd8L0OiU67dv+b7zWvSw2y0FbcNlxDiU1IzySkkTxVEJikl1UFXWVpqMIpI
 JdBoqdQlUSX4rmVWMEZ9HkhtApxpwaiZQgrgmkhWZ2WWVkpQ0cglR5o1PHYD
 N6rSKQCnktjBlE7gqTWDTCyS3oqvhZXElHufYbfAfkmWAVQD1wN6CkWsXcJX
 pEYGGltCZwuDUROK8FRUUEjhXTrZByBSMR1CCY4b61SD0ZOcFwDVgxjD5BjH
 AAilVPkKpEAn4ZzSNWUJCoHDBhjicbYf3s/UZ4gOOhoK9If77Nup+sF9WNKj
 8HdLsW0cwpzdHxC5mJJf6bg40QW1UkmwwWAY6j8DtwdOMa9qeCDY5qIapjDj
 AJgV3HcNSheyrngM3oIzUKbMZFJkSlCwNSsJ9A9n6ossT7KirsGjoHNGcb8q
 BYFrA9FPS5vAMoQ/A6VeUcfLidwm8QABdFFQGbGs4N+U1GVJFFrAGanKNIMv
 ymrKWqbD8ljUw4nWuLmStVapUBooG15RQa68LKhSQAmTQn3IMs/zJObDIiew
 cgpSAdgYlUHu4IJXwMAlHb/o1CTaA3DfVdOmbDpvx3fwG8gStBdu92neScv2
 BsA3qZe2n36XkBsOTiBkwqBj4fMWULdUnVbkNXP9aLe1VKvGkmE1xgHuJJA7
 9LemFgVpDRWelCBwkRWCajSFruosV/AO4kGnHqJZ80ritjSlqLGEU18lHJoF
 7nOdMGp2kFKEvC7rajjVW1ayEho+PAxgIeCt5pwSGROp85pO+5MB1+h+S04n
 w+79bzMzWZxtvydmkBZC1wrOstIypmLHlKfKgKHKSqSUjJAmsiigjiiynAwn
 iUsqsaAeO3EKS5bAuTMV4zWjYxeMVkHcSOKLCog3HQ7OC5i/JBaMOuWU2A3w
 PfSFMADKdUaRV+zGkJg2/e26FOgwVz83ull/yy5d9rdZzQ3/2x6TP/jtoO2z
 fqrsz5pRMrmh4si6przHOgfJC00lecMhqSKjvldM5wIcSPsrqNsUbHFFhx9G
 5Nw3vIYuvzXqv4KnuyhgIApDVRS1hRmsMgaEo43OKKsuLSW0oFCGrFjCBm0g
 L4CCjKT2I4B41EpIFzqjg1QRk7DmJXQegxE1FC4fVHPQhwKmICXJqyoW1ylY
 MYszOpyvKVxI93a6bvdSLam/RUwFV1Wi8MMqypWh4+ma6URV2DOjWU79yvKK
 Wo8Nxn0LnaocRk4CWEC8qXK498zvu89UEuIO/IKnZVSJDTxlgJQNVaVWBQfo
 hkRQISOnyspBTFUYllPnGjKrKZBotr3OEMmBAhSMZ7kpQXCqoqB0vyqtDKVv
 xFCGWlAeha61lEUmBxkxrqlvYAKlV3BAoDiOt9fZPjMGes8U5phXho7YKMmw
 prpbypERGYVIc47JU874cPedGkxgqLVHXoMxKk7nz02f861kS15SkiWjWsoC
 bE6VlmXMRR1LAPU64VUMAKB0AnZTfNB4wscAK1WGOm3lknrtyJRz7A5YRWdJ
 nmmYaHgOMWNm+MwwqQ1Mua5UYU8yS05pnhmgDdXGsooO7E1vLRtpcUqBLIli
 dM4IQIHdotOWnOqAwaClgU6JGXAr7Hk5HHGNM+COkrOsTKBXTRwr+E/UIojl
 YBvKo2JFAgploLAZTtbM4bJIqsKmsBdmhushYoZStgE1OIiNGfgm9lvpzHDH
 GNXOZVRWDuqxstRwCLQgU6xzKl6sE9g+io1Rg8pBXgAgwjQLXmotbZpw55nf
 bz4TykBBnnkcl8Y2P4C5jUtF5QVg/xQaF/wMu8+ThInhkyEgEQP3l1N+DjQC
 q/rr7FcngKOJ5wteUW14EkPbcw0fljo/wezCBBRUL1pkoHsyCDSKIjNwa2K4
 pmA3uO+qv87+M6FwgWmzNFUZ05w6nTDokboA05cw8WTVua5MmsGZH66QJZ1Q
 JlC7AESglCFztPEigkbaINuGHB5sV51SsiUgekZVyIIqwvA/smsiKajPJxTK
 cAJ+zWIFSM8oCxUaiKDX1jO/b9ZZ13D4KCPVaAn54VzYdBcFVVTCzMJXxYrB
 piK7JBk155hdpqBzCjgisKnYz87rDzYS72pKAKazUlGrjNrngIxlioUmGhaC
 gyUKuIxw56RMhmkr6cQnNRWYt4S+y+OYWkoR91OyakYNs3gOqsMrqIc7EtQJ
 DL0AG6XUMRJmKQNqJOE2JofxAP2A7WOKVidsuK9UkjFRpzD4tU1CpTM7aJkC
 ZoBRi09GcR2q/cjgYZnBFcEQwK2oqxKbgvlIyi+CMYO+he8CbwfIEMidUt8r
 M5yCCdggYgnXEJhZQVuXqqasCgO2pXFUWTIem7SoKb1uuALTUKYdvG/q3AUs
 XVCvHKhcTjXEVUHFXXFuGKOursMdeOCciZgyrvIElIHiYBgMu81icpXKnAr9
 K/gPWQogN0jdskqpf49glOCmS8lhiOKkhtunYdN1Am1XaWjuqkjq4ZNM6ntE
 sC7liaKM9lRCDXDqSWbXZBImqeuBwf/AhoOOBsdU8H0O/UZV2SX1WIO7Emvs
 EuPUGQfoH/tIuTyDZ5BVQjk7GzLSS+mMgXzg41IZCrRNZggMlnWOjYsJlBVg
 MawD7jxt9yDl4CzUFTBuLaggIatMRoUZ8KM4EIQoYGdJ98MxYCDGoHQnUJtw
 +6H5ixJP1lShLDLS/qksixTDxQoYLQEaAvEG9W8GS0cVnyLXlGsrJBAv5RcW
 Gcwn6IllQRcZlWZ6uKCpqrSAmjE55WPBZKs8lpmk8jhqFpvELJeCEvzLlCXD
 VcqUVEeVvxSApJa5OU8htBljgPPkKGWCanFzUddg0+GkXUGiXioJ8EBJsxWl
 XJhS5WVeKIA5qBBqMWaoP8Iw2ibQkuhcAx6XlD+pKIMbA1JCeiHjPKXuYybV
 hlY7OBdIO6xhTgXXAPfUFYBKaYBQVA5FWlFZnsEl8C2o1GowwkNYDHiCF4mt
 51QJ1WxIuFUZLzMJ6JwC7Aogpboezp80NenUmDoBQcPkCTAaZYTFAgIaVyBX
 qSnAS0FLfkmA18KYUf8VPb1wLCSR+AVajvgoy8iZg5YDIOAChiMmjxwU1LBn
 l/QQiclJYZJsICUiMcY1r4uEFdLAiUgBTHltu1BRgfygXjAwnNQ1I9cJsDW8
 JNqQoqLoiKQeMDqlrs4ba+mEjYHlgOKwgNzYk2AqmrGl6TJPIRIJgAZsq+Lg
 K1ENZ0UCB0FjcKpAUpXlQJmTyFE7YS3hehVQUNT4FFZtuKcpp1T1BOBWyFrb
 jkMpEBgEriKnMi/g7Yw2337UrKTULAXxE15gCGOzQgFq4Y0AdME4ihQwocgr
 kDOp6uGAjgZwhgsOEEApZrUsqX9lBXGTENwavo6KhaBWHTEf3ltgacmAsEuS
 InAfAZsihy9N/XCoj1IMfRXc8+QS9xyTpwJzSqnOBFXrUY9OEFhS0wvqB14T
 /iT8Sww/CJNsi7xYYIM4hIRrLCCH2aIudrBlVZ6lMKiQHuDjdBhUwv2qTVpT
 QmFO4AWopaZUTJiKTFB6M6XNDbvn1CE4A7KtqFwFs87AaxR5SEvqWsvJLENA
 86KkxgmDRsG2fgIqoWMIXVcVHf4Pu+dcUV56UhYwwQAw8CiBtqBjCb2n3ABP
 l3BfOBBucUnjJwXkoahLcpYIkQDgmsvc86TK6jgBoqupC1kMwxeXcUoAOk9i
 sj8CrAMZAxSJh1M6S9xQUZcAKGVYBZaoy9xzyvKEBqIgXSbhDAFpaDisMfBf
 TsHXDGQF41NxZHlZYx1ITQElLDOhOJBnepl7nlFwQ4C8JuUAvUUOUeWU706J
 L1DVGWYNjVbXqUiH24QB0ZUAAdBhJgY3M84ZOIB6etXEnLCxhD2AHyjNZhjw
 wYMxDO4YEEIJ1xxGR1DrfAqEVvB2Y+zIZe45xDWxfVSg9XQC2Aj9aURJRXHQ
 hAAdvBBCAErCiMnhE0aelXTGqagfKUiPP8FyAJlQoTGlrmd0hErFY9ADw/Wo
 WEtRgYAJlQhDXKm1EBXDF1KlVZxXNvl/2D2HmipLnlLjLGEkoUIqdYShgPDD
 xMSJohJATY+oh0M1VS6oQZOscjhz1O74UvecWpBzAW0nYygVSrfjSWV7WydU
 PlXqOGcAhFDAibikpskkxCuQVwmBTNIyu8w9Z9gPekMCAyIFn0kAjzrnMfXu
 hJePveMpVRCleVqp4Xpj2D8BVaJSyvJheUqpnP9fdWeSa+d1XeE+R3HhVtKw
 ceoigBqWUnTiTqBenMYpJYaPRd4TLRiBG3GGkkZGkEFkGJlJvvU/SrQonhsg
 PUsCRImX9/3/KfZeaxdrn+m5RP1hNV41c2oZCXUJCe4ZpgBpV+2q0eAMTNp5
 zETFBOxWAEi7anclp3+m515IQgJHdcwBVFiVMz0lcdFBIkaBLN5WUyEwjEcf
 wAHG0xd56LRhia3eo+cgpJHcvPo/MMt2S07Fu9qxCrj2pcERqbPXSyMDjrAA
 GnahGNOhPLyyu0fPAXq9byBUU4MBrDYKWoOGDPwWRrklGruj6xvWdLYE1XG9
 pGMB0yjiXSoKdympZ2CwiFyspmkX6sY63mQRxKSyXViDRhdIAxgAU7aRmqIr
 Th1pXSFb19xZBGs2ic/z2KuwcEY8SFVnK6lnExdgpLEFRMGbn+sWWmCpk4Jb
 sNXdvPRgK84kXq0KWSKCQDPYQ4UOnUvhIvhIxZ5RMMwoaIs1wAcLXKwZpEmq
 pqWg+urjDdXFrmOrXjMC8jc4eMhQOOUruPJXG41R34L6aI5vVIpacEIOGy4l
 Gfdklc5XKK+qe6pUSK27hInSEWS1AT2FpygJw6vAmrax3EA8PE8DxuisFugV
 XubmHZKZ1d9r+JhIeS5qZmOxMf6iZ1C1WbsmjSR3R/JJ0uSzsb9B5SNB2VrW
 1Ripl0y2yo2pFqXJyRvz3MaBQVB/4Zmec7j7TlerzY6rPGuqjck+Dg2T8amo
 q7f0iulNd0JYnEj4vHqYuVi22qAvKGtnjPRVFiQ7DVYXHjh67kvOPDiISucX
 Q+aIm9KlWQ88LlmdEVkUpo0zVC6X8FiFUCv81SChQMugDq9pfNegjzpLdsla
 oNq5XW2kajycTA1NSYkFeFEbcXhR0iLpbU4uKza69B0O38JFA6Fuyc0FdY/O
 hjVhSR38Cjpj46WNP6uFFfs7ffYcxFwlzVan5laogApwNE2epfMbMW11HmE/
 7Dls1BQN3QYGlyFEAeNflTuJLnKmWpNI9R46tF3M4LhH2EI7fVc/eFpQ8lhN
 LpJwCVD0YebC840OSPPYkzMlFtzvY1wSa9AG1SPwtQk2MNTnzQspY5y5LPms
 V5EhREnN77gh1iDXopjQXJqwtH0y6l6f0oqo/YyxpOiskNGZnsNhMAxh4Bfx
 iUBedWFKH351Y3ABy16qRK5hHs5iZZsLJXV01UQrDGglfV68tGwS7BK7xf7w
 5UZyw+eRR0GKBz1Kl0+qojNJX4RboqWollM1/D16vgtuO04uPTcVIqrRM90s
 CeNgpa2EymfroQu3nq22cV5CaxhUnjpYAKqt6imrkEvg/sJXxmLtUoTyPOwI
 z2WVzsfARqsWQNX1jHRJC3MUstjcmZ7zxCHbYeW2vOa9KGbHw0jKUYbbT7sx
 WTMqN37HcmGMQZaNdZO0vrKtFzgZNsGxuftqalWoaLh17tAP2IIh2R2wI2sT
 E0xBndU6MtjpbrH0P9Bzd4ee41TLzp31c3F6SQ8WvmUap6Ccmgijv5KstSpX
 eVxY6Xcvb5M6hZtUzkHrylG4rP5Zpc6XkbpOwlMdv0UuqkWYV+M5MN7q+2pA
 YVCBTDPrJbXzMz3nZCeOe1HjWfPhCrlx11LJEW+BY9RQncKBHhj487g3zAQI
 GcM2wcNhtk8z9j+h54qk1KS5C722FNQN6lRmodgC11Xqi3NNiXNqe85uU9Kc
 WUKE2RuN4rhHz5ezRhIbVQ1EQ2PMFOze+nfh0ifN88Ow9aGM4pkq27Kx60sK
 73vVHD4NCfw0ey79rhCU7JoK6eDLpLLWpJRpcQrskiZr4RTkPM5RdSWHq/U4
 hLLnNUXiTM+NbarwhBVATtoVMmJX+UE4DNVnjJYbTheWyw6fMwbc7ayok6yX
 VdS/9VJYaTUUg645u0aD7Sxw+k5/PN50XzIhgz/J819y3nZyYF1pnasz79Jz
 f1Ef9Xxzu7Fe2Fxlwbea2BVyiOBA4XJr9535KcALD96RVsnk1bkSWIk5hswn
 rH+pEBobpfzquEMwhn7igr8ZzaQyvcDUk4YyQKhXZK37vkfPWcwJqap2D64S
 b8Om4oGFMjRhAizUXZbG11KU7UwtOLkhapZATEYJgHv0XNWVIWScocf5dLx3
 hPZybawiYJDaVbHKQ0MO7qgcrL3dKj7DuZvaDFe6R89BJXgEDW8TsfABNFOW
 Aw9uKWhy/pTu6mk4rylDR9fFesxL44QzyJKNu9lzTdVQOUKXgrY6/xZ7iVlh
 WTHFNlqFqH0pEo0/C/6IrirSgzFoAoFyJGd6Lvccp7HsHC6l41QkjtxB0G6r
 b616zQHhvTXn847djB3wy5kyUT3bKdyj59ibCb/h4gG6sNo+qMPJYx/aLLwf
 rKV1SdwpZn0Wp8KDJxDB1ACdBSxZ9+g5XMzv7DTOYqheALsHp16wWk2mKRug
 YgCSc2ocwzGU2rfqGVhW38BS/Msv6Av+NuJ0bNPEJyxUscrSnNXvr06E7VSr
 uINCx97D8zcoNDW8r4WKwsxnxQPOs99IXeAelwZ6mRuDqICXidIr43p7sJ1U
 rEpQrucMSHMdGu9RoK4GzlrjdhIV7MO0XHHE/CoJjIqSuuOz+GaVMVdDqmX3
 7IQMg3Nc6R5XxPttdczmXnHG5/kRiqdDmewlUs1KAg01qWEpdR+ic9IAxM8p
 eOTOcmMJklKgdWPb1ZOmWnKoMJVekwtDkM1Q/4fbeIJ+vEVaWss6hqga6dlB
 myUVKDHmVvKRALSgwCgu0Z1FFrXL3FX4lN+qsmxG5Xxs3FCuawCUNhhZdafQ
 inMgpkvkfUhu3ppWwGuKKEmiFCSsSSTGDgca9nzvORADO73mXdyh5/Bn/OqM
 ltPTlOVYkmKy0rHJmsWxpdS9uKHAzvMumiLRTJ8DpDGnaDQvyeAtnK6dquAk
 xAkZDNy1c9eyCRIdaUlL3KSr5/mTCiNJ22EH0HZS5BKSaex55YJU5Tu+30ls
 bl6TVbdUkQuoByeosU3KHEEK7ZmGgluC0tQBlKAicJuMUcs7hhq4uLPOaGZl
 OlfunD1XVKWD7sEO8Nmcnwt/1BS6NdEDk5L8MlXzcM494T2HHEYFFmNu9eNt
 nc/zgRIHg0NpFlceMlSwQsdn0Sd81mSTpAE0EP6goXkAE5MkQgzN7QDKCuLJ
 59pE3BRsnD9Xm+ZF4KY5YuqBCdardrPsyttITiq5c9gCq9F1TeJW9sVp/KEx
 eDwOCO4Pk7IBJRP2j409W2bJYAS1XwPgIfVArqqkPci8A6uci5I9dEDFkqc/
 +rGgLHC4R8/j4Hkv7aagWYmbo+Oths8CzLPqbpNR7giEl3I+V3VqxqJcUd3Z
 S0PFYR9r4p/Otii8js3Ew3hj72kl4R8UN+/Oh5iULUkKgCbNjdKoQUzeukfP
 5S7mAvdpLpOTHkTVCDJNgPDLWsmx4FaUD1yg33P17wqqltfUVoWL4eFGykFO
 9SUVSiDy2Fx1kI5zT/+2miw6+BMNqsdheJbRMjZZnhFPH/Idel6MAzgIYuNV
 eZm+km0mKx+i0ayDg64ZxN7DnM81YDrEoeJpQJpZQzU1k4bDhMFXkwoehc3C
 uDmg3FmGj5+sgiM+WGeNww8MVVP1Dkw7qNaEJb7fEGB+5SQb+/r1y++ufrs/
 /QQmVLkp7MgoSg+qIykk8Sqo41ymqOgxgqzy3GeFJtckk1iLps7aNTXEy+Jg
 hDQBXR4QE1Xylqeqjo97NtWdiQ2UqUhYG/wsa97xEyHvETkLrpwalGRmTFD8
 Zk4O/ZaPdMsDdO24ChgvYTNgMIYhnfUkdAelKpocT6qbrqAeWBK7YbdUU1TO
 DweE6pw1oqb0R60E7mM0V1VBrhK9s6Z3jQa41N5PbTDftNev2+1pPazxoyb3
 1ZnxOe26//6Pz/38L272jmgd2BoHr9JDRSwx1tNBjjPLxs1oQyMicCw4lNbu
 mAq7lK1Q+Z8JqhBpeDEweBZuLCpZBYqoiqwKcR3N4xwAW2M72FDihtLu4YcW
 lq2ZblPSyDBAQ+b6nQ1GHzFngI+XDrifUmfzEkY1/HDJyYCwuHwRgyqh0KPB
 mHJUBh6nUXsGAlByVqgcShkb/wuoaUpTJW8+B3zYdqjV1jyRUK7JsctFfmrk
 i4DRa3Wumfo6fU7ncexqFV3q5lShdeOpNTEEr6VBiu6SOZ6SZwbBpHg2HEOx
 lB00QkJ9dSOo4xkOaKXuj5MAW3CONWFbwyePOy3hH5tVA9cV3+1Fbl1TgMZu
 Kh3lZoPVnYjCuZDV64h1WCScM2v6zwzwymHMldoGDquOBHTIAexncaYq9zU0
 E+WaBeQWAMc1XNRK0iLCCLH9CaMF/ZnHZ8GNSPbnKFqnfls1EpWtgaOq/VCF
 Ibw15A67ClPRldSqJJDPBf25xdEvDT68l+pEG693NeJ5VRGog0QjvrDksMQz
 VMSpQz64H3BNUJkmFg3NQ1Y6iU2pnKI52OQBNThGeCMQF4ch9c+pwvSkkVND
 G5njwG7XCDOC35gJDj13tFU1y5v5LPGkLsYtnXElcdjXzl7iR6QRt1P2Z8cc
 fFAmambYoOb/JViUdUDdq408Af266mIjJvNcpyC1ubBrkfS+9bbAOI3klC38
 tYHV4AQDNN/VhXPOB60OKcbnLesqtB0+kEW6d7f83TXOl+cAv2jMzFmyB9uU
 ujSVs4ZBKCGSSmK5sfNSboWUaYI12ExH4ZxLHioAVo/DFOrEAG41YGsKIy54
 hKCUNU9jEzTvnJVIHBHsOjh7aE5E8RHTB35U2m0JJuIWm8TIgIpn8DuUHDu6
 Wmgw/CAKAgtEzwXb2U7tp0qMgY2CMqoD0M4OncP80E4HSp1mz6ghZcMJJHHN
 4NJ46i3qr0F66Sra/PxfoA1nbZ4VwDJL1TzhCn2x3F5bkyjQwdVKf+A5lnR7
 XL9bDz8fCfK71R7W/GQOxZ9hi+Anb/LHH9/kzy5d81nIdIkq/QhtwcEv5887
 hv9/8ov/81//+XMFRs5/0bxYrJ+itqVoYiRXPnFaQbo4JXVRY5x6hzCeyW4L
 e0P24bOcA0iS5ox4SZ97pQHhamVziFhXNfQdyW7XzG/QpQJutikeZJTOUO+S
 2VhlVSWWCqxiYc/VlS2pfNQUjdMzuKhVx5R5772D6tRs2BTgNte8rPOI+S5z
 y7IoKO4gLDimIcigcSAWSzt41q0JATufi6fn2iAsWF8LS3O/R9AUZNONlEmK
 9NxLjjh7h9m+J4csxd/c1JsJEtM8OLcU9lLHmlQToaPqQ5nOjnPVH8BTc+UA
 fEtiuJkrGue8hv/VDu/qEcQ8fQ1ALXvOnW9ALHy4KvskHXEXBpTea5DzbJwR
 PMzSmF1Y09njaeK3JjLtMWpRB5KbIpTas0uGARcl9KsSyzt1tB2WhKcqkD6P
 NwHd4uW6G9wyhWsBV+oKA9VzXs7I0jWWwn68I59qMMIyYrSd794gOgCsZunV
 FJSWT6NgZjRC0YOpU5CYxBG3LA9A6R5TbiT4MFbPGnSZsIyshDJwWKuk4Vb+
 XMR+qZ6PkH0TgrdeoVu1hPigUTB7gGVzhv6qnO4cEFJJcauSn5a+IIdSuK5A
 bhU7k+6zV4wgJa7hnVrHrJ7MkJqV05uKzxXO9VCNJNAV419cloAgjnDaO+Ee
 rkabAyarMUDAc7UGLbmAai6d2qI8HrvM8pwTxQ3Mp7m7U7OqI0e7eQGDFqT4
 ADf0VUabBcJQHZ9FCBlL2IZ22EmdkiX1lV33EEpIM/dsaEbpMus89tBhs3bi
 msSN4QHvKCzKK7mt4UN851T0bSXVPJ7T0EN9Wb2Z5KS9XqIE5ruaHNlt9VdJ
 J7sp/gJrODMe5X4uDpA0vDFizKekaXmgpdk4mUUFaCobMMuZwwkaefdBpPSP
 n/7uF7ePDubDZ/79zmf+7aOgw9+/fPPqg5oDXuvV56Ucvn359N3bx99/Rszk
 pCkFr5vDwVbVv4sHzhWG2tk8mJkV93Q4OpUvC4ueywCaWrdiUHqf+ymhb9D9
 Fq9WmQRM2Nfux1CY6HhfHb/vvaaycCKdZL2hp1OBtuLhmRwQk++piFx6Fx+w
 3cPbt6/ev/u/scAPw9Da+Jf3L59efgIGf1z8X48hNbLbV4/rGWR8GD/nvv9l
 e/6tP3wQ3HzPM/yguvnxQ+/eS3zjwyceHj77iYeHP/wg3cE3vjsPu/vl4/WB
 n376s3off/rJ29c6EF+1p3Vz/Pftq2dppIe33+i/fj1evXn7PWjxGz3X04t/
 /as371/39bjmF7/Y7eFp/YIv+e0/3r7+8q9vv/2nFy++5qTdvn/7+Or2fXu6
 PT0LHq55Yynftcfvbv33t+++Xbe/W4+vm6QW53rkPX7z8g0HlPP5dr/4m/l+
 fJw+9w/rabXH8e3tL778zZd/+5c3vSvfpe949/j2n9fg0d++0dYu/eISeXv6
 1Yv/BZ6eRypnXAEA
 
 -->
 
 </rfc>