From ec38013daaa0887f12664523730bfb4036d55291 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Fri, 23 Aug 2019 23:07:57 +0300 Subject: [PATCH 1/9] Proposal to allow multiple targets for one redaction event Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 66 +++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 proposals/2244-mass-redactions.md diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md new file mode 100644 index 000000000..296ffeeef --- /dev/null +++ b/proposals/2244-mass-redactions.md @@ -0,0 +1,66 @@ +# Mass redactions +Matrix, like any platform with public chat rooms, has spammers. Currently, +redacting spam essentially requires spamming redaction events in a 1:1 ratio, +which is not optimal[1]. Most clients do not even have any mass +redaction tools, likely in part due to the lack of a mass redaction API. A mass +redaction API on the other hand has not been implemented as it would require +sending lots of events at once. However, this problem could be solved by +allowing a single redaction event to redact many events instead of sending many +redaction events. + +## Proposal +This proposal builds upon [MSC2174] and suggests making the `redacts` field +in the content of `m.room.redaction` events an array of event ID strings +instead of a single event ID string. + +It would be easiest to do this before MSC2174 is written into the spec, as then +only one migration would be needed: from an event-level redacts string to a +content-level redacts array. + +### Number of redactions +Room v4+ event IDs are 44 bytes long, which means the federation event size +limit would cap a single redaction event at a bit less than 1500 targets. +Redactions are not intrinsically heavy, so a separate limit should not be +necessary. + +### Auth rules +The redaction auth rules should change to iterate the array and check if the +sender has the privileges to redact each event. + +There are at least two potential ways to handle targets that are not found or +rejected: soft failing until all targets are found and handling each target +separately. + +#### Soft fail +Soft fail the event until all targets are found, then accept only if the sender +has the privileges to redact every listed event. This is how redactions +currently work. + +This has the downside of requiring servers to fetch all the target events (and +possibly forward them to clients) before being able to process and forward the +redaction event. + +#### Handle each target separately +Handle each target separately: if some targets are not found, remember the +redaction and check auth rules when the target is received. This option brings +some complexities, but might be more optimal in situations such as a spam +attack. + +When receiving a redaction event: +* Ignore illegal targets +* "Remember" targets that can't be found +* Send legal target event IDs to clients in the redaction event. + +When receiving an event that is "remembered" to be possibly redacted by an +earlier redaction, check if the redaction was legal, and if it was, do not +send the event to clients. + +## Tradeoffs + +## Potential issues + +## Security considerations + + +[1]: https://img.mau.lu/hEqqt.png +[MSC2174]: https://github.com/matrix-org/matrix-doc/pull/2174 From 984e0af7b221b480f3bc1bd0c9795a1a6411d515 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sat, 24 Aug 2019 11:58:33 +0300 Subject: [PATCH 2/9] Re-word auth rule section on handling each target separately Co-authored-by: Jason Volk Signed-off-by: Tulir Asokan Signed-off-by: Jason Volk --- proposals/2244-mass-redactions.md | 43 ++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 296ffeeef..688022214 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -23,17 +23,21 @@ limit would cap a single redaction event at a bit less than 1500 targets. Redactions are not intrinsically heavy, so a separate limit should not be necessary. -### Auth rules +### Client behavior +Clients shall apply existing `m.room.redaction` target behavior over an array +of event ID strings. + +### Server behavior The redaction auth rules should change to iterate the array and check if the sender has the privileges to redact each event. There are at least two potential ways to handle targets that are not found or -rejected: soft failing until all targets are found and handling each target +rejected: soft failing until all targets are found or handling each target separately. #### Soft fail -Soft fail the event until all targets are found, then accept only if the sender -has the privileges to redact every listed event. This is how redactions +[Soft fail] the event until all targets are found, then accept only if the +sender has the privileges to redact every listed event. This is how redactions currently work. This has the downside of requiring servers to fetch all the target events (and @@ -41,19 +45,27 @@ possibly forward them to clients) before being able to process and forward the redaction event. #### Handle each target separately -Handle each target separately: if some targets are not found, remember the -redaction and check auth rules when the target is received. This option brings -some complexities, but might be more optimal in situations such as a spam -attack. +The target events of an `m.room.redaction` shall no longer be considered when +deciding the authenticity of an `m.room.redaction` event. Any other existing +rules remain unchanged. + +When a server accepts an `m.room.redaction` using the modified auth rules, it +evaluates targets individually for authenticity under the existing auth rules. +Servers MUST NOT include failing and unknown entries to clients. + +> Servers do not know whether redaction targets are authorized at the time they + receive the `m.room.redaction` unless they are in possession of the target + event. Implementations retain entries in the original list which were not + shared with clients to later evaluate the target's redaction status. -When receiving a redaction event: -* Ignore illegal targets -* "Remember" targets that can't be found -* Send legal target event IDs to clients in the redaction event. +When the implementation receives a belated target from an earlier +`m.room.redaction`, it evaluates at that point whether the redaction is +authorized. -When receiving an event that is "remembered" to be possibly redacted by an -earlier redaction, check if the redaction was legal, and if it was, do not -send the event to clients. +> Servers should not send belated target events to clients if their redaction + was found to be authentic, as clients were not made aware of the redaction. + That fact is also used to simply ignore unauthorized targets and send the + events to clients normally. ## Tradeoffs @@ -64,3 +76,4 @@ send the event to clients. [1]: https://img.mau.lu/hEqqt.png [MSC2174]: https://github.com/matrix-org/matrix-doc/pull/2174 +[Soft fail]: https://matrix.org/docs/spec/server_server/r0.1.3#soft-failure From cd75d0f220e8fa2d64d19e04a21a6e4b4bb35854 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sun, 25 Aug 2019 11:29:12 +0300 Subject: [PATCH 3/9] Fix authenticity/authorization terminology Co-authored-by: Kitsune Ral Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 688022214..1b012cf88 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -46,12 +46,12 @@ redaction event. #### Handle each target separately The target events of an `m.room.redaction` shall no longer be considered when -deciding the authenticity of an `m.room.redaction` event. Any other existing -rules remain unchanged. +authorizing of an `m.room.redaction` event. Any other existing rules remain +unchanged. When a server accepts an `m.room.redaction` using the modified auth rules, it -evaluates targets individually for authenticity under the existing auth rules. -Servers MUST NOT include failing and unknown entries to clients. +evaluates individually whether each target can be redacted under the existing +auth rules. Servers MUST NOT include failing and unknown entries to clients. > Servers do not know whether redaction targets are authorized at the time they receive the `m.room.redaction` unless they are in possession of the target @@ -63,7 +63,7 @@ When the implementation receives a belated target from an earlier authorized. > Servers should not send belated target events to clients if their redaction - was found to be authentic, as clients were not made aware of the redaction. + was found to be in effect, as clients were not made aware of the redaction. That fact is also used to simply ignore unauthorized targets and send the events to clients normally. From 238b78bbaf4c6c6b3019be9fc0f93e3021a8c3f2 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sun, 25 Aug 2019 20:41:39 +0300 Subject: [PATCH 4/9] Add potential issue with redacted_because field Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 1b012cf88..ea0874c3c 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -70,6 +70,10 @@ authorized. ## Tradeoffs ## Potential issues +A redaction with a thousand targets could mean a thousand events get `unsiged` +-> `redacted_because` containing that redaction event. One potential solution +to this is omitting the list of redacted event IDs from the data in the +`redacted_because` field. ## Security considerations From 79a5663ec3b69c0d26c4cbb56562152778075b37 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sun, 25 Aug 2019 20:50:20 +0300 Subject: [PATCH 5/9] Fix typos, inline links and move image into tree Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 31 ++++++++++------------- proposals/images/2244-redaction-spam.png | Bin 0 -> 164158 bytes 2 files changed, 13 insertions(+), 18 deletions(-) create mode 100644 proposals/images/2244-redaction-spam.png diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index ea0874c3c..2a24a41e9 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -1,17 +1,17 @@ # Mass redactions Matrix, like any platform with public chat rooms, has spammers. Currently, redacting spam essentially requires spamming redaction events in a 1:1 ratio, -which is not optimal[1]. Most clients do not even have any mass -redaction tools, likely in part due to the lack of a mass redaction API. A mass -redaction API on the other hand has not been implemented as it would require -sending lots of events at once. However, this problem could be solved by -allowing a single redaction event to redact many events instead of sending many -redaction events. +which is not optimal[1](images/2244-redaction-spam.png). Most +clients do not even have any mass redaction tools, likely in part due to the +lack of a mass redaction API. A mass redaction API on the other hand has not +been implemented as it would require sending lots of events at once. However, +this problem could be solved by allowing a single redaction event to redact +many events instead of sending many redaction events. ## Proposal -This proposal builds upon [MSC2174] and suggests making the `redacts` field -in the content of `m.room.redaction` events an array of event ID strings -instead of a single event ID string. +This proposal builds upon [MSC2174](https://github.com/matrix-org/matrix-doc/pull/2174) +and suggests making the `redacts` field in the content of `m.room.redaction` +events an array of event ID strings instead of a single event ID string. It would be easiest to do this before MSC2174 is written into the spec, as then only one migration would be needed: from an event-level redacts string to a @@ -36,9 +36,9 @@ rejected: soft failing until all targets are found or handling each target separately. #### Soft fail -[Soft fail] the event until all targets are found, then accept only if the -sender has the privileges to redact every listed event. This is how redactions -currently work. +[Soft fail](https://matrix.org/docs/spec/server_server/r0.1.3#soft-failure) the +event until all targets are found, then accept only if the sender has the +privileges to redact every listed event. This is how redactions currently work. This has the downside of requiring servers to fetch all the target events (and possibly forward them to clients) before being able to process and forward the @@ -46,7 +46,7 @@ redaction event. #### Handle each target separately The target events of an `m.room.redaction` shall no longer be considered when -authorizing of an `m.room.redaction` event. Any other existing rules remain +authorizing an `m.room.redaction` event. Any other existing rules remain unchanged. When a server accepts an `m.room.redaction` using the modified auth rules, it @@ -76,8 +76,3 @@ to this is omitting the list of redacted event IDs from the data in the `redacted_because` field. ## Security considerations - - -[1]: https://img.mau.lu/hEqqt.png -[MSC2174]: https://github.com/matrix-org/matrix-doc/pull/2174 -[Soft fail]: https://matrix.org/docs/spec/server_server/r0.1.3#soft-failure diff --git a/proposals/images/2244-redaction-spam.png b/proposals/images/2244-redaction-spam.png new file mode 100644 index 0000000000000000000000000000000000000000..386d95767bd02f2a1e852977b4e479f930887bf9 GIT binary patch literal 164158 zcmcG$WmFt((=Hkz2^KWCI|&3E2rj|hU4sqo?gA_WLT7?FbdEjO$s;P27%snN@1f`5-BWrYDE z|K1WRWe)t$&8$c;)c-t2n+f^%2-HK(4){kDC^`uQ4Ek3TR_rMBzl37_KSCX)ArK=C ziY-~9C|?D^pp_LL2A-N$#Cm;?k8u0rLwES8#Hq!iSO0*nsX)ZP&!4^Ch+_dP%;Zp> zuJFg;U%wK7TXFKau0%AH>Jd4&T{>QP{P8?If75Vz_GRAnrESxJ#*XuLgrq@&<#3QU zv&AU9`ddn2~l@mt@G3oyy^ZmQwGLRe(nGP>43sx%DX;bv|BJ z(eM`j99EU$suZ)Nlvrkaol?w?o{RCk>v6@vmJI}xxP83BK!(o*31X$gB97WIuByMP zMBfg%IusetM1n0~w|e3~l1lxA5xE1+IRLTEmIUc7_sV=u+l}rAdDW+hD{w+PSKDB` zBOdf}e#bZZyY4ik&5s%l`&ARCGq&}{_U)wZ?Z?^p57KTuk5jEaCo_UZJt-qu?oMso zUXEeoin*cnHzp?Ws@d`g;v%1m!p38EB)=NUtvkF!QHlN)+N<5ZLZp~}^u0QV=0lk4 zNewP^U6*5)8{ zhlZYvg}QLiODlY*%I>0aeI#BFkn=3WK21hCy`w~T$=#KdlodBB8d}K9DM9n=lh~u` z{_$Zm!MY6RE8{}%#|S-Mwp_82&-JL4T2G)Jf!mbLC+acN6}ZT(-fig}5mK0&Pe5u! zu5bOOmJTdfg1B+yXO(5G*j~Deb}zJKMAQF>GxY~Njj59;jY+gzXGC~JXSkPlsr+mG zmDy^2;v+G--X+RK%lZud>9s^9s{{QNP+oj4Y(#PE0kwHtJkxns(uOFIWPasmE|sE= z9g_w%-QLi#P zM;s+T>pLS9%kc4NWyJ}w7m_I8c*;QQb0y2W&E1e|!uR3EEwefI9DwmQ>=+fb>_<6U zzVbRrfT0CF8}AlRX*!8Ef3fU;tC2Bd8He0?-;l{EPI}A+!=WP}($@hAgqo?VrOfPQ zQlQ|LI82E-nIITwunz2le zkbqmb1ETlw!4Dgl1-z4v?*l}?H&Nz<7M$mQMZ=|}5g^I^B>Q_6?Q6JOM@%%BCe(FB zWhz8oL=KZp84H7q3|+#A@NAHOa15Jm^V5K^w7;vq_bcTpX?w+|>xmCR2wlb4!HAwOqu_YaT>ovy&GNkc{o)iMBiJ-;O3hV`Axlsz|g%wDO9;P0Dnu}34& z$qfqbUOfSVOsU~{ZDRWIBZKY`}lUWIk>chu0iC zwx43%&EHsme)=r@>#n|_n~Z+ksm<}wHOFc}e8$$vQFT_gMFXkALxxja%{jdA#%Ps? zM&5;@>62UYZN)E)PU{b2TXLYhNG6`ry7xL=WU%Nvop_x^(a9lN7ee0E>r{U`G=Oy{6s4a%k$R6h|aG7mq0=4EuLf3bTwnPSJVvPDS!-#juN;4@Vv<%d71^$7r^p#2`0L+O(vwI!sWHUN zE2@O~`-@ZT2rRGRAG>T+Cnz#d4*x)H)GGCUqZLSB?vQx>O^J}WkV&C!%M0+$E#0@Z z#Ic^Gc%nRCPZvqDR6v^VQc3MQ`)}E&tSK_jC zgR09}yhJu#R_s{GkV{u@=WyaZ>s;(R@J;+O^JQ&-iaTF;%0e&jijf2G^Pq4&sEC+a z`X>8R^-{ao%e|E%G(Yl?KRl{BS~iFkhs@=4Uy$a;pC?prNlgh90n z{nm=FWT9d;J+6Zq2KPyLdf*@`?@Omg3jbwmV2Nm(o;G>TViPwurdE6k^?;vF0CeAxs_Y5)3=B(<8fi9I8^df6kOQV%Ce$?Wg^D)Q(nfDk#S_7z2FWgH{=@XF0$E#v0 z$7sT;Aap|^|`?=g(Iq(872&Qm%E5rB<)I04=Y^SejF&IKS_pcL0u|X-bvr=UmH4r z@lu>)Au-Xc8EX9(a-6W}LO`K?LHy93;+iZAzf+182Sv*rdZFIU!0+cBz_v;LS*xpA zIXYcqk8}!UG~wW^=Arb>4UC-wpnhrSV?&m_p%i)H9?&>uDKKOVWZc)hukUAr;RCnI z(b~5U7+0dor$2bKm)|$ZLWlqccxpHJshi383o4hTt04(uc+->*2zuYex<{dsP^H*9 z7iT5n$bLIHz&h^mzA$o3tg&eg<+uy+UMnad#HG-SVT_cXUsISBAWV%K0j}u}F{hu+O$zo~_Iew1Z5!n%A!vfW3koi?3Xm#)B%Ls5!&X@Gew%)9BD3gsJ7V7p zd5Rz!enJxPJkp0jQH9|x6q?N0tjRG0F_;86+O)L5=!G3`I8&8bTR;iHQ`g?^Q&;9* z-V;Vp_i_$==K(5et>l|U+N)w9ygjqk&3VQuiB{UPp!e+h3`ny$Q23gKJ3MB1N5CY_ z!48al@ahGya_!h_-TwvLO9cBB80s!gfGR9@nR<7KWZQF=MC<>Xe9a0u`oKO*6i<-! z>ykOp8;|$I$SoaqnSAx4*(>-lOx;g&8X}Ptto1h~Yy&kfhu#U^f`S6MSxQ2H9)HbB z22hD;G0AS2ikTYx8Ivn~z`iFP!<1E@g;AJJlSfq9m;hnf7tC>8r6XI|HvN@Zhs*>k zq1k=|f1KO2xYen?hb2usECyE!l$0Hc#PXHEz|SE)bFy85#CN2yNFWC+Rlum?e`?H#44nDcz78ZT6MS~3R)UPvlIDlBu( zBnf+o9ISXuqnp#J8S3hTCgp@Q4aLWEik1fvNLj^LBW_!xo#`Ou%5Q3(9~X0r!k`}* z(<0&Rysum5pFUWL3kDZ~G?chD#TfmrDZH-^B6fUX%=S;YPXSCCj|kVgH!J4%LldKq z2?kV#{RYvj=PUiGw@g)QD;npp`By)0SLA5J<6^Wur9O7ks_T2_UQqO{lX9SSE|tbUTokV2ph&^xSD@m z&eNN%`Fyi}h!K#*Y`{PzY()D&KtRI3A&dJ45w9^%>rZ$?EDK3vSx)1&ieyrXY?A9S zO7Jv0;EougIHu7ZMxD7V)6nlUDS{Ib;t-EX&ybCc`~wQ+MPO8^eeI`1-_Fmlaku4F zL!}52p|J$^aUbfT!q;hbym$R5c3acAe)7MaGPvsAtGDgtO`HF9U)$c%n)racYu-R^&nO%Ust|g68CVY>!|uMSbyr&VZKkZt6SBj_DkzG&t}puFzaHO& zvz{3+XPQOX?ksLP@LkSJB>hy|63Amp=rax`^VAha98Un!SyK$r2b0?@0|OAc()wMC;iBgn)CFZRu?-F+Xh6S zk#QOCBVJu^{p63#Y|dN1dOj#9#l(a-i_FyCHe*$4$-8NWv=HXbyS>RI_8}mT!Wh#4 zC>QgZy3^JbJ6{*cEl)wc&!of>BqRw=y}$_yO}k>TYRUKx*BCRIMWclTU*2J1sYEL! z1=pB#o7hjZvKu+2A6`<+To*|lsl}YJcV>ib(8j)GJlQzZ{~^5xZF!}3v&ptnJTj<& zG$1)N)*b7e5l&;N+O;C1V5OL3?TeIKQ~OHQU96zp82I*f9Ljhs11LUM{&RsAn}p$z zV%-o$2*Dt=_J}ZL#qxc8x5UJ_w{qq&rT(h}0!Gj}WY9mG-qYf4ebFx1%tr%Tv4f?3 zJ56EDRYNF1PqFf{P{x}F$XV+ycJi~$G+fkewu^m&<^6>oUc;yBbkWb7F7($=(@-G`E_A$h9c&RdN8SG;p~DArFkdQ=Aewkz-o2CiHqeUxE4bN0ke|HT?}=0St%=`#IZfM)HqaI(7Mj za)KndB-u4#8{su)3H~{974UJv`*yT&q|Yn)WysK3|Mg=y>n|BQFyjgTf#R|~9}O^D z!>=bo;k)r3e#@gQC+s_4%;{bSUR5BRMzot`iev7B?R+mPQOEe0anpGC`9yn(w1+y*4tz9bh{M-jDkg zKZ1p8EIJ&6LEv|8pRB9Jl>p+mpbWh+XLUy^Wb^HFg27@px zpWF0GViF47SKtS6+dYxSJ~@&!>7Ju(47+3hPJ3PHp(z3OJp1I_w&%R)3b$~7NI*G_ zq9gs9uQR`Dpdj#_VuU|L5S~YJ)PBn5+yl)9sWt}u=TXfqBQC6&1N_CmnXb=eISe}2E2;djN+?G6O(Kq*ePJHAMJP(cVM zQZrjsZBEfZ+c63|U@V)vk6aboNUY$NJs%1WNrv2-m3vj5WD7_>UW+tT!=g@Zf3^P+ zy;6*m^LT{~UnJEle|+QXc01zG-6+`AnwT0)QGU@EGDG@%v@PwlUc#uV$4;AP?1>Lcv0x~-MGe?q{$=IqKwamH)O@k9!Lx)@Y zI_RX;0en8a_77Gx&?i(|f+sT$ZLGxYfsS%+BnQ9InThvq2B3FR%0P&0eMHWJXGv32in<^2sqg^y3xkQT(Wh$%c)Od0z%MlFPGV z08w@L1LCQmXpduS^0}@U_VX{T)4xysDHx(5JgBjPgo3_7?ur9bB zsW4A4&dxtv!*-7E@c~xxQ8&}q!Brb2I7cki9DC`T)z&I)&^}EZAg*tLF8QJ%kd3qN zX__5cvdemhThxf?<}5aBFlVG-)4j$i#mMfU&;KOvdm7RXaBbI;{|A z0fD$M!a&xigC98E8C}19%6@zK`C{N0_ylbjGOt$N+jgzH8ARs$ISHgU?Heun?(Q~} z!I(#j*X>3R-RjquuM)GD-k7Z|X221*pAP&^EbCKNZ!|QZqoOx8Pxt(J@1sird1yPJ z!Y6M88QK<`Ht$hlX|kNIie%XiPU|!S$g#fo955$`Ymf@iHd9Rm(IQ>!hwiV$#z4qW z-^<~CA_qmQq}g%&U}WxLZ%0ts>hDL40QVw;}%1q%?6W#sdRzUGDJ|J=Q zcw~v_`|j2k9fa}uwm%n9UX&MvP~~L*MU&Lq+EYyWFvh<#DSI7IsqqI+hF+pRZxG#2Cg}bc|ed;>vadKI^T> z)wb`9z(F$O0XLN@<9EfjZ#d3rhSBJE--fN9;r7QI+kZAAZBDyhAD%$@6U~FR5*rQ{ zCmd9o!|m&VKqlT})Q3Chgv0W#pxArFOqb#_Zt6c=APwh zbA`fAs^#{qQ^gOlIV_Q?OvCJgqGCq$Ac8sM| z+Vj=pysjN5PZnQ;!?LPNiDkAlGJaK$WC-`%#dOZZjFLD~Gzaf?Xja6A`^+Ra$6bqt zffVVZ{6_p9gGitgGby3BoT^^TmGx`&oIhHvR`cxFUz})(LqAF~(?5sfX;jPbXdtQ` zTRgy$y%`1yS8xBAH#KIm*>NGPn)ZpogdjtTrM>f8BvOK6ImxHhEepm(Juf8ACzZH} zvL#Ie{D*rq6NJp%o&wo6Jc^I4Jxv1`6h$bEONcep(=vb|HmJ^&H^psnVj;J`0w(}I z8dwu)Yw}>22n=M>6!9!WYoSy%|SCVm^+XP-RVUyWRiE3SotAJ8sWWS#02@g`ZG z%T=e6GTi2A=I*Tv?iW#%#Ud#{OJv(l`_Xw+JwVxx`jNk5IH69My)E!|Z|F034s#Dj56CH=vUk z8+BEeSG8+kLX~OZ3QHcIPfNL|qG9vp7%k*tF__`R#W}OwZakJLo9!;^Mbnr?*(fqD z()v#}$sGvTyx%1kT*aJd0)TrYon$eqnd$^$g-L;+PHK&0$Z5jX5HrJy>{wkR42@if> zGhq+I(MVz@;?bd9``GQJv3DMny^S*Qt@cx;=kd_~(RG{i#r-lKw>i!71Xyf^JCCez z$~SZTF%sWnCfqBhrinhE4CvSCjT&p^KI}Dk zo(|c1EPrhq0~x*P>QBm=>za(}m_(X@#^vd>A}tBIkYZt@9@m~?fz7M3cZXz``UciW zeOOWm(BC`yw$SdpT2vt?l;)_;Td8h$6b}W~L+mTftg!|}Yu6V<(GOFeCPWjDht zy)5`eB|neM?>*{k*32BEu$t;iEzf-F(5a;K(uqB(R>WBUMjXK!rqi0Jt6)`TfgCU8 zR84+P50>=k!c2Q^79xCnhV*npwnW>@A)PTkKWVS&#c2uOvMqX5iewn$Fs(8r3jwfA z0V-}cI^NamR&jXVfh3LLN~z5sih(UrII-}+5|C07e~ln~Y@O463tl|-SjOP+C}y_4 z<%+jj8GO|Dx?Vr{N<$aKYu6y{)7EH1v}nJob+e?ly}ozu8_6*I=+|%pehR)ta)Ks4 zz8rV1*;LK^8tVEOu`_?2jAfEb-9f?pLe{lw(wAwqoL%)9w`-<+_BPU`S15qjA8pyz-cz{2%bAhR7HjH$4SsgnWU9aaQv0yUkCU)D zS!r(e(`Z6n_1>w6suR#-t|#ti)0eg(22PCXO#BkRL%@Nuxcs=DUpl4Mox7P*^qfy! zi7HTC52p-#ZarwH+9=dqU5?++p%lx$EVEh2`{T2li##PeBvRPYqRLN?y;U{8vD;_R zXziOQ@C4MVU)B7&H59_FmAotb++whd2e5MREXZ6J;#t|wH@yqjuvO1ygQF@`gqVLg zW$YRoqz?J@ArntJL{(0yH zG}M^sq}&d^OI_;YyGU$6cGNFG;eDP)$q6{Gj`N*wpA-<{=1q?Gk)TRH`L zt#lvs+VjY@0@>z_ZGdsBa+p+<2G(WeiM+*&pHKEK9Et4YPYmP(O?j)W80I-9!WByu z1kg15@@)Eon<#DCu_K-)XS(7E%QxS3S67-JC%Dfi8xDhODsSRm?FdlqxDpkhzFa6S zY+Iz$iV~ikZmneMW{f?owV99G=H?Awbb{@%8?Vcb?tNJrK|v3IO=?I zX6-lXIzW#JIegDVhY{49pfgl1=dq#!5v62_KSfAo7W5@w9u>466&9%*imIajK=KU} z^QC2&gkt?@OGNX?vk4;^-O4?%f2`f==KD+!7P*-Zy?Td~%xb~&Wi`KE_cs$1T7(Kb z#r_@?fJ6VWU)a+!Yi~e)sQ4s_ZUE40wvorjPg+=}T{=82cZsBGvYR#bbh*#I$~D1q zx0Ue+3O>BNbR_zu&0Nn6A1bUcH@mW-={3U)?l8TW0D=+N0n>*|gn~AuWp8N+LM8j@ z-J(3-EZB;C7Ky#u(=o7pKyq_inw|OA!m!%I`8Yna@_{SGwAk-Azo6hJKA%$!rl)q9 zjEB$j_9axzQ_es;6^67;TT4`CE2N95s#ma8^UtDx_SaO&z9PGUB=Kf}6vg3M)sRZ8 zo;%_!^DLrdds$s_N<&}{KSzDZDn0=TYw*!n^q;x}?c5RMLiD8?@w<9l7XZ~HNl|Cp zczLDQ5Fu>TB-_51xWwR&Te^K%c(BHB$LTnJ$9JfF%5`8)uvbg)o|TFJSa#8I%Cw!~UA9@?+w=V-Eof_`=Ec51Zu7Ic00zrt{zcCWKxgb_sGBfuF%z{d*}6CZf+R zn@hQ~kQ(w!i5yVHBK9qO^b=6Lp!g9jzL!YxXFFE!?XG4$JL!IcPw2%h;8b~A=cMP* z=A`2i?+>0J9Fw%ImSjr-+^unL_U)$qDfFe^ZeXx&Ga6p%DYoua@p%QMP2peS(i$&Y zY?-j&fmpe#t__avFaq`VF8>nT)5M973NY0G#q+}l1dyV;Z-o@!BD_}W_#fp-4gM8<5^I^y- zSSY7a(WPQ|!T1nhChjF5_J(HJgD@fq25w__@=q{O%Klc<+@{wkcf*kXZE4uwoMBnk zpE0}L35Ts+j10%3qw^;!wYklrIXr zI@Y-aPi8hzqsuqiK@bH1q@jfb^ph*;1)Grc=p!d)wPf;fuMnSo#`oNPxj#i^&A68` zy^mfMO+j1EU#dnmwDYjGvOCSo_Q-^QGZKN?`hr4@KIY2u=<0{EX;=lN>_!^m&0n%r zbkeic@0E)kO&e<1c8eiz%#VNU%~ZVjUJ?|4FnKh>ZcR|J^!Aeo;^EZ0bwJ?>Khw7* z&V1P;l$&)Ryp#CEh?^GHYM*v%P6G2E68^IkP4S~+`#KjX}m|Fp_ z>U(0|g2$y`AJblX7aO75D>*LjU#}$41KZ2^xZju`c>y0T)YCsr#&gB|LH(eA=|eYr z4UPU4BJ71eYn!bY6wNI*n4_<~Z)X8~X1pq`$FTvPf8uL{GPWUrb17X#w1<6@99acx z5qr9hYcoZR_zey@%QB2L@I1~H@JvNGGMsDDlztO`HxQ32k+ ze?MDc_`0g9s={*W(+3DtOVg&ipF=DbJNZdG*6hpfyLyXm_W?U&r9^iZzJ#31_IQp? z$g*afraPliu;y268{JWgDk=d{HBOu5F@Y#}6oP&MBW;pK8n{>jbPDOBx{Da+M-?Hi zDTqBeQYsaGPcP4H|1y`OX+@Wy#5~T3@6gzh<4uPWR&P$%3rb7XXvHPK!!cA6Eh}Oz z+-dU1ZX~Qi3w1WzkJ-wNC_F8keaJ2#)d zT%3X%T|6yx?+E_FCf#)=QRh*CX|Wp~G@NpkOv%xE^BCn61w6|y_QcuS-)FTr`{4a> zY7Zvl(DoUI!Bi|(e6G{xnO#Z%R_c6V;o(!;q1bfBOLyL~>1;UJzrnpT26&!PvEH#; zbjA-ip-F5mgsv&joc1bEIO0)H&TY|wfiJfLpgx@SsQPra)++IKl$KFmFAH_5e#JMO z+XvBEHeot0PplCq!sP0AO; zJ}_jj(afxzHI*PqAt*|5lj<+=8%cB$2FAo3kx67y^OKR0@e#M!s7CA_9F(?RY)~Sp zHW|Q@tJ$Og0I+FjX!f|cfw8oy2&`fZ>Lo&2S`f|*bH{@uo$qoPtVoAU0_a2A!$K>; zM`F_(4)|Ywk&!lTv!QzDGr&)QX3o35*tD`Yv%iIs3I$zdLq`;05GE6tzk0=9ARa|A ziUVdNrG2iz8_ayl4$}|T*GEgz-ZFEb-f)$e^fqaqvVz%S(MsZcV+~x7IwMzS3Nplx z^~S@xms*1w`udTV$$wleNBHnXH^Ms-t|%@mx&e2b8h{Vn+*VU&b963cf_TL>lJUJ| z0{IFVnX=*Jw9Dqe9$n&z^w4|G_`FB;1kZ`-(jkp)>81)NvqDa}3QKGr_;~4_SoBpE z5iKjXNO0hnCVG$1PTGI9R-6ohrEq$^2R}ShnyOW>B|Vdwwj7xm9@hk$0^k(YtCgIe>%zj6ko(|-oIk(H~&-yBH z5qL09!aDW`b%sVy698OOuNx88QtaB4vfnJ!H%okfMX@lInCJ07em;~y*<}FYnOOrqW440U3%@i zVGGA_?D-W>LDIuzYzee`G8fF(8d_R`s~M3O$g>F@jIu7GEHdV?72gcQ*phjG0Dxf^ zwW(0fwjO9N?&E}NK};KgNTl}91QraVpAjLUA@?0KA0!*p9UMY!w5k94l+gnLB-pk63<2l$KxNwH6>;|q>=L`EJ+1SmHAuLbm~@*1sX>ZYT81;U2+xI7 zF<$4QzAy&>t4`wYxCIuf5+{JN<>$|zlY_>0gC^tqjQ!>j(BK%k<67M6tmkDfn{n%d zC^6a;Lp$9zbZ;h@FxR=*y^n{x)ZpqXw zVm^iI`3&~>K{T2B4VIuGq0g4OO*CV?-S0>6)*9`6Mv;0c7*L>iMG;M4yNZsC31FL%v3{d}dYf*q^@78R$<0n@GA(OcqYGQ2jON zKT9%CiW3pvH;Ig8J&?tHkI(Ok3iKf@$3;rYidV}Brphy)bIfOZZtiVc-4aQFOXho$ zIk@H2c_$KO>;7Ho;CONx*58$el9&Uv@pn^gxpt3Ujtoe3hx}-b;r4k!i|&hU9Mlq+ zwy-ob`GuWW?e|;ZghCw5;%iR{tldVuG0XJgZ@Bp&QDjybqau?z%YTx$&?r>&J9auo z$;@3lxY@29BZ}Yq{d_I=J5GZYT#k3H=Hht*=1!EEZdl{hy_;-wwe;ge%tNna3Lpf@ z1X%A)*u}e6sY~LX-;078-yBE@V$^2wxnty8E+(4S_hc$-JyUMESc|3qh{TlhX}-S& zaqi;!H~xQ3GUZeLpARzqk07!CE1{Tc&p>N-&5?qE^Bs+8uI0+WdaWj;4TDaBn3F{A zpMfVtB%EXjqM~*aO10TY=ff>ZbUhQ9scCae^%v}b^<|+IjdbC5-*R$(pWIva_Kgy~ z@XB?8?k!jfObR5LdT0FmWH%({FN#Q=TvJt7H@Zlw)T}c3D4)(}A^%Sfvv>uQMREF- z_m*i!{h)j~s@}j4<$RmA@X?7F>E?FVEVCPS{U?ZsckKa%=MT|gk`OAFD`yP7rnr zjKh?}X zXX67w3NpzM^ZHPs5XfBn({~Tfzaw&z*jctfG!h=r>vx2KgH@(Os_4EpHl=K=JVwru z#N2C-Olz=RXV3QikeBmyHYwN58x9vcO5K=a>o=#^Tv>X}WpH}Z{b`&?DQwo0IkQvv z#7O2s8v38IE4=Kd6;ko1muV-G`TG^)5X<2#B;(%^zYR-mg}-+B=b(v45|{3&6_l6% z&KXcSIsM(uYB_0s$<4{Bkn3~3UB(w)YICS3!57Y^nM;* zh~##fGW%%Y;lVv^<-btKfBp?4hWVAweDGv9+Q`m|E=+M_qeLykG-I+6u3IursfOEp zmnz^B#P-=g$vqo_>Es~mMSHZOnw;#GRc))+#-lMFn8v$=qP(M7i$vnL`;6fwy~f_h zCZ%R}3lr(Zwe)<${u^@%R~ikY6ip25oGZj#%qc^SquPqHpsIbvUcx%*4yb&*Lu|=M5!)k@=Q$vnM9_P)xQQnu7f1V>^g$4;b@z z5A}qp0|1nN&d$$US4zc!CDEjZr8+6d?2ss`?02PKyQN^G#HHOqEiSW7rr6Uaj2&kn zH`deENcYFycVqCgaQhj%rnRf)C(u>>a+E~#bx%w;Ttcs>Lrq=X@Ft(C^;I1W3yKN} zCKPL)no%=pt=cnr4l0|(B1M3)>w%ZaV>-x=W0_+YqkUUMg9=JAp)#Ue6FA{`gH=Wo zyLLEEsq}3559@T97SE8CYD8v`_EwtfoA-mYT{0-0AR~jI_)Dg-eEol+vGKMqHh1%M z(0`I*4_T=ZFh|4hP}?meEYf2b>^a(>-oz}pE=OUs$Q4t0P9b*2op+%mnQN;3`9O~M$q&7Cl1rN$IemyrdneZy@E!lAb z=3Hw<;$^F7?xcg5`oy-zB%cXHyOyNlR!V*)Xcj{WE_lA|XtjcXQat)=)b9^#JRl*WY z-8-jpJ^XY|@cC!U#VtXV0=gi|Th>fA!W?FHjF4}rATU~g!4C(@=E(RT(QdDHf6Fw1 zTzAg}|Krkq8|WK0!XqX_>*$c@G&~tC=4gQ%A`bdBoKyIjQlzui{dMyCs=agjo)4dOj#O#Crr&#i_FE5$ zQA^RRrp+I)G`ssb@EpC^XP}Z=+SMxle|@y_^)v9GN}G63x5WR4o7)1PwSto^AH8Fv z)6NJQU0>nU>;;(*3d-J_73ycJr8K(KKbEBAzoyiNIpILp;-V!ffKsyYj5_~d2`t2C zlw{w9?SHBLl<07Mh__Z5T>iEB%l4nG{e`Tp4m4Q*I->c&$=)>^T;E}G4@cvN$TMu({Q9pDR)uwvnOT_?wCr#?54z@z|NnFPk(fmk}& zz(32A`vtKuM4O!K*qjf0oVq`~+P5==FH+a~MN+*K6ntcKZnz~~v^SPW_51qHJDUVM z#IRdH$)8O#l1wo22{lY*%_;iI?RZ%_<6>tIf0wVGKO;S&lH8Ror%g9x;_n^G~w z-e!qVnaG+cmR7E_&F3E4{Lk8wpX<7b(b4bkiN26CFrXBxmkKK>#ct?^j$H zPU9s~IIA!pqjX8Po|~KF^1i7+-q!xFcBow3A!`P%ntaDnc8e0j#8jegkd%mE@1$Y& zX`jsTTH6AdXq4^JX#Vv?!)Z`+bc)J1p5~7t!M@hZIMEbjz92%Fs!vWDgI@%rZUf@& zEs^(?7*=yt^ofNO0Q>L@CL$}~{+f*C_+M-;{5)HoDH3e|M<`oStIis-*IE8Q-v^b{ zjGpZ5kI7bRMZUbeOk(#y7J$2RiANBY3T$s}71kWL-OC?x23 z1;}FaWz`IY4E*$V_~p;!k~6^1q-bNsmnscPkl6*0PAetcyx zcrtf`Bq^nJU<^DvoBoK+V$?$qO}*qsBjwwX!&WaHRJ4&wH#qYTEK=z#lS4d%Zq5zu z{F*z^oC+u3{$M>1A^-r3w$syE`|N?=1PBC#qmH8GxB9pa*V%zAr~|BJo146Cb6 z(?kOSf(G~CPJ&zT;6XR;?(Xiv-3boCU4py21}A86clWc%_f>UIPfvGGRd@9{XNG_K zx;Bfo)+^8b-trJhM?-Uoof|zy3{Mu}x!xPTmq;f5)i{d=F)1mDl8Q>EZ-60%d6hJX zO7*)gJa$FD9}2CZHQ;sdahH8$izi(4JaitF6? zT2J9;kX9~_lKg=}mU6`8_xGV(Y7Cr>QHXwV3k*hOcON$2)6w<0N?LQ)7~#Vcp9yJ; z-$%L5tzti>6k~^^rq=9L9mI0XW`zDpB~Rv$N#_Y6p;|FB>C#4+jCDVzh{>Hx+5eUN z%y;91#RFi-I^7b0*G=debx>lN?3InPLt_%K%wLLh)F+@7N3`f+)EThGA^$qoqMHKrY#n6Q;`L-hrB=9X4O6C3Zjc@4EMxuLb}{0=l9Fe_yJl z5}nWYmZ05u7r9Kr&4d%dr4PR=hw`|op)iEHr)TSR({z6r`b2h%gPGhH@^c&gi*GE( z9}BUQvmNH5>fWl=nRh0KK`N)8(2}>#BA2(_5YB6PA|KsJDlK|mXZ(1Yxj!|&PXA~- z_goN)RX;dL4gYMPqtsptVW?9?;-kW!;s*&Q=dK81N=br2C8v5#%zaEOpD&S=#~*${ zBl}*f#_tPKthu0s;NqLsyic7q`m)V0i0r?V@YHm0sF|nW?m?-|3!D^8iKPG;LzSSB zFu#t8it-b9bEWeOPUA!~gOlF;6G+|jD9PAud>V*QiE>Td%5eSMHj!79PpUfQ6U=Hu zDz!$|phuw+Xu=tqJK1a zwUh{fL529A#Pv811LR#n`1o-D@rExEf$3p4cOwZ2t}qh`kzeH)>>t=mqXl~F3I&+N z72Llkv^H?^L|%=Li_1~OpHw1`)imN0Hq++`Gj}boNksP;4ZGkOI@Ps@g0M&8;!gWlXadIZb5o6Gh+9Nbf9+j^5zlBbSZZn`-t$X09Jc?jO>*VJt@3QI}lp zg%ljf-VzilghI^`*@>x6q?Rh5#t!&ZGz*okbIV(0V)t{<*dpPqoNr;LeoT zm~?eFsw|&2vBjS_7{RnK>?@L)^nMe)z#JDcE=!7TPHs|$cq#avSb*l{o`KB3MrVV6 z##+`l$ntYe<-ljX3k+*+mmJ=+f$b^*UH7O&CNY6ogR}81h17gtq^RdA5R44;gC5Yg zPSSsLdBEgp*=IZ><33{4SquuAbU8uGxiZly|T=YB!Y;SwoI51~g$ z`XGH4M^8qgi$p3RJ}kG~c*$b|{5AaPaHPbWe_SvjQjQANfi=fwJxD+GFf0h_5I|2T#DZ^WAa ztd*2t5I|39hYtCdEWV42i!bt^h@90mxZ_XdvRSle{sVQA$^(q=CzD;;;dJgd=i79j zmK)vU;tz#K=Oy4H++KTVxxhZ&wfI~BBG}|ZOqC-IAc?@IuvxKEAfwpqMdEeklL%+& z9&6gkhRUg^1dr?W>JG%@esnp@VNZG){Tvu(CYs?d$vE}uYTw&jd6zvOX@)aWa<0Z~ zNPlhTXZXKmTk*xUJP10c+wr!l)&plSpQ8|yh8j9u?>o)lvk`NDJMnb1q_!KYsjlwB z?M4ltw~$W;M5`paytI}6l2rl@75Y67OdBL)*WR4)SHKVuMaaBwPgx}fw83;?NC zfs&f~Ebnmc`)h1$Y}17XJEL_`d<+`ZoY7bsPEOoFL;}TC_5Im$rF+G4&C=jX?ybqJ zL6~~CxW7q=&rT}(SA}>Q6T_?}a&RI;!{?{hTT6dnb6_82x8Ff}`_34Rdgv>S9QRF4 zP0e8UPS7~J?MBdbQxIGJ}~x(33w^EE^6 z#;6$iv@!vE3s!ACsSPm612`e2YD8L%C8Ai2_0$nq-ibhaqKl+#VmsCL?(ZOi5wVRxd71z`dIaQlKqVMh&Pi=>U zw1}Y%*>E@-L>s*~6u~?L02SxfutG+z`{w4Rayg7;{?)KApI|Grxe0+RA}3e2mmP~h zbZnKP$5#*8?K`{gVxjUX2YYsR7ubW<(7J2khQh-=42MbeUUDX;%fX|K4!3*iqL_|H z_H>^!Uv$@pTr~i%9}2Na=-LLng|o1iIYaUNbyn9~sFD$;Ym)Ho=^>2G^Vcf&^(P6=P1~=7 z_9tOL_RVlki}sM3&fhWb5Ny~(XqI0Ub~}j@Pl=%{fG2+^&jVW zt+!jaEUFbAO>PjBNV1kKVZ>)W8|WC8!bOI*zI*@|$jCSB9fq>Es_Nk2u)MC%%(rzt zmn)R@!AHSkkTSRW&64)Kf0D(5q90wWwR0ONg;ir@y|VLv(ApWTsL}o#h4!&MlYdQU z7c$)}{ues?SBa3i7escjCl{9Cm$wV>U0ifjDI4!sy-!c8T1-$}4c$ErOXmF|*q6#Q zA?(~>riVY@14!E}gI?~XC?a`Pha^R7KGv8m5m9q&u``{iU@{RO2z|hj4Dm}J(0^`8 z{sFk16z_BLl{;rHtdouH&Ng61yyJEK3_qcu#8~gN^T4}j!Y%LHy$L|r2_72bMzx@8 z#7S%73J&Dp4WYQ_3LgxiwqxZ9`h0LH2Htpc2AfQZgK6yI0ex>SMg7v&ZH8 zBoK0G)HiJeziD?kcQ%n4vFW)qX@@Kmt5wBHr2} z8x>gYy;N=>$K?#wuy+6W>NV$*UkBZF?^7lJa2gBjc}$*}$n0vj==}-909|Ts(qR-5 zQ4&0DYzc4Vb7#JjhHz_6p9XmtF0u`Wm1Y*oWTk671DDt+NJ{gUB%DD+B)%}kF#}8h zK-&5dh^3?C=?lX9_?ZN|464;FQ%DN8>XQm|rsPSbZJqPH`*YhjV3rsp%64Gv8^CfT z4}}WD=Z31{iBt-OkQg5<8tX!qt2S?tOM-AYIcxmB`;3f6(YGw-6`K5-lbJ-0pqf4U2Pe$#&o$emSXH#$@C1V|WK+ZNBk;jcj5s8#)+mZ% zFAEF>o|y@mAA=^5#{&cZcpAZijvI3pXyvKtdMX+h2Z1SzZlSN~XMT6D7xpLEjFLnC zr)HpkKP-HKWxzA({<99F|Ctv}g0@-fhB3Ekh>B0~jj5EaIo>!`Es@X)ilvB1iTKU3 z5&8MSjz~aI(k%J^tlHLodVuU#ONgwjTK^TB=F9p@^RejED9qO-=q?6XBhgG4ej z`fQ5$kg_^tID&3IYpicmr5vU*R{@)J|^V35Bv zpKL^;dO?t|d-!0*tGzkp4{Q!FaDi{}I={RQ=QsFSX;Ad0t+rM%2@8*bLnPwesVC;? zmOV$yibMA+i-p>edyTV?t``NXK|3}NH!$zU%QTd{&>|i7Vf%7|v2G5koS%2Me;kg! zu~xbd9e=h$%zpNka?Y7_P~MebF&g*#zTUfDp~#j=sKY1whD0Pn@sfIKc2;jymqkOK|Q~{+Zs%()x(U$`MugnVK{60wC zGRZNogbG5SgLeW-KJBFtDaDgyQMJYo3578o*;UzpDLdjjU_1~5Quj6q2Q3=t2DJc#ZEzY^VOnJ8DzY_l(7OeyF z)OwpkI#{CQ`Cddfn~d1Lw)tve66I=4^ei%xqQ9F>cyPW(+F+Y~WmtTo_8*N0QB zaD|P0(e){9Wqz%>f``bV{lbE5a=)#lZoRC|4h!RsiH$ARoSmL7&cZsLJh<~Y#?S$f z?((;l0X5kvvy0=2Tya@bv_+L(rz1GDTgnO>uU{PM4~`dfJ_*sTGP3*{W#M3^Z01sC*K>OS%iD@SiiSK}64me3iT`rAA zQ)MQHe|Q4h8@tz2^UEtTMYDo_rLAJo_O-i{(N{={T`^Uy|5|DvB@powWE z`e&wBEONFNiCq^DTSh0<`}b;qTZnGure4OooC`fKD#1zlk*#CZ`m?HPV--RV6|9-X zY8JFY^Xt5h%%~Z~vXCp6mafbF*=ggB+jDM`Prw^$jHEn6K9fr0pm7U}+J}RH_GA2n z)lQk2UN${5v*k`8j9Ss!S2jZ60am;pEF-pv$e}$i$;9b)m1;g8ckpn3cL`&Pmw;aE z#?Mr@pn+-KqJ`x8-Li=8hnECsN+&ufD5!t%n?E+1wSj@bXq#I2uyP0LVMxd_B+ksb z_JuaRy*=)iyc)>}^n}knNw!oUs|DVgKg!Q|uuAcy-d4hUZNXrl?~5|-_3-weXgz3Z zdg)bGGrQqC@OhgV*Heop&^TdKyzWp>G^I>rsDW`jSlq02OJ*M~(ZJ0HhfZ(KmJSb9 zE6>B(CGa|QXF&o3C;ExbFL>jAE$zLls*GkeyA}Deav*pmBqxV;pjI&N0?u_ge)Wc@ zq*)}oZrwd5sVt!;H!K}Bdf$5Pnk9BTDrkC6SR_*c%OaY>7sc>IzOA6ZC?v#ClgW3s zF_BLvQg@ssM|%$&Xv>4^zYO^Lrx>`XdaGHu)5w1`HZ_I4QlyC%e)Y4FMe>MMGq%Es zV$f((SX^*N-(_n&&|n93Y|t-QZX+J1d??OjGB@+6=$6@1n$$HpYg&s^f&p(3)f{YT zYAPqhZZ`jDYYh#wdU>Rz3_>oT;%kM1F22N|y!dWW`yN8*pgN$?AsOGG!t7i`t9{Q^ zw;C$*Q{;So0QLiCQk!qQH09(CW`iVh6iPEiN^`80oW1?B*esk z7SY}X4_jVc&0KSyxSRwJN(0MgQAYG7c$~t~5h_pWm^5l8;M<-mOc&aLrd1a4J>T5e zC~&~?&3*JtIatV`a=E=lNvRiIQxqCnXnRK_fbaUb_pO@*BWquOlnDOUC^m|LXl+;^Bk!QZnFZ`K}&k_&vqrxX(>=G~ z{G`L6cEh2XPsu)M+rP?&DuesUQvB-63QW#Qq@%>)#6EAy{KGV6(|)l3v$8Vcja(qM zA6E0sD!~fFXt@p;537BJDwCcQ$eVrGd)nd48w940v%Z!Xe8BpB#s$YWd`iho6kqyE z-P0$&sm<3aufRd-qEp}(PC#|OoI%ZI1`-vUfEAS#r(a$o*I2rm?6YotG9NL2Bj;Cv z^)9r8&3tj=${vqI%XuvVa=lDCH80Onu7}yN+%^s0f6Qv7wd?0h0t=5T4xVRZFr7OL zQle*&oo;f>dk6@LNq%Q)S}F&#u6|5mM*0>i9?zDAh>tM(#JW2h&cogOIItO{o+{A7;HeU-Ky6tWJjMk(_VKzY@) zs*t1!QGT3S$T-=+7bc82Lk=0|O=CJ9_>1EDL7z}|xsa{t(FIRR6Io7Sr3 z4i%eq1KDMDTOhaaGz(dO-s3GrqH7=(x6!+|c9Y(nlg{RFVTFc<@JwjXSm7P^A0^(C zz05htuCNU4Ngu%Pa=Xq+#CTCCvYF58DYl%#E<~$-Vj-sRO-BR5^Wr$triWet_}hZd z!B~dCJ`)r~Ny#vb^ir^7q;(UCfNK$Fee3??JA!<{Isw1G1oYv9fB6nFBv}CV%Xf%j z#o(D-1v%eW3I4`Iu_^c>Y{&g}Rl#&wk zQ1ZoB490WR={>EL(oK0$UUhY0CL&&k*12`c$c*Q^o$&Q^cMsH<%?<|!125SX z#yN3!XD3RpFJb`5T$D%EQi z$$K=Nd;fuRbbNk(?<}Hy_uwD~W4&!@W|`W`Um|8B(E){3FTkDWaSY|G_&cNFO)TR! zUHM?@kJGdHn~Z^u67DUzi%M$OaAw@uJUV(B=vnRCGfD@I%$61nUEOtkfb6c+6^e89 zxG?^1+T?Lx%W=d}LqTPd4OoARX7^`$#6(S!x_f(yO+Epq6WdnAZAtMJTC;Cv!16J9kv^z!na0;{jcVtKTZ8gdSqqB z?N$iUC@As^?0Whr>Lm*+|J+_+-7j=5lWQu?lmgTesc30shzJ>N{oUiM`HmJF*3Eqv z7X|h-JFn|J`lK$UJC4#{xo_VbF>n~a`+>A-QiN9MuKZjH2*BIiv;+S^}2(MI=17R6xZeOo-q_i+?t4mC};T@#r5ZPMGm zK2-fRToQxBd9qrw*Yq`SdW^KXUP4NcG|JrmA}=8&v<6CR8*VTF99f6?XtcVkps%>j z%Lw=44-5<_l<)8DDaeFfn>c!OIE7YZ!?{@fINqS4+GDwM+MOVyVu3ySu+Di68RCvM zSI=vWN9)OXm!Jy~(%DITiPL92a(S)$2Noam^Aki@eMPj)GEAtx$krO0?j?6W)reY} zlOy4QaVV`YT}9+?=m0WKpDzWlx99j57$PGZ!4+Xl8(IkSmtDyU3aHF7O>gOMP`?Nl zGs2QC<%Ko?rY#P*S|1HNR9|ujQ9l#1g^=;r-sB=4@7lNxyr2 zCB7lHPwb}p^z5phfzfp%a$_m!xc}fs+d$BGTXcg?Mha*(E_7odKql;m-J_|_ew(d&C9ERliRfV*TZc(GNIKE zt0fV%TWFVjskE=$!u^+!;1K-Sgz(yN(x6#WGc&tZ#B3Pl6}=az#I-WMXCvnJ7i_HLf&O|2*OJ`XMh!Kk}R z0Pne9*zF}L_T?IZ{tcZcU3nXWifS@jq^+Zj_yURKf2P}*J zSUwmg=OQinDJCHyCIC{IX$*g>5c$4?BTIh?ANsf-&VSq+j=P7Ij;1%CoGyiGytJet z{HpltXA*DorDSp^+;Y*mCe+O;lb7RECD-{*7vn{+kwIrS)!CrmtifRQ?u4|{v^x$P zB?`CX_#PcvUgFzLm|Aa3Q&ZWVhJ86FJDZUF6W8naCHc@(afDj0{ia>v(C+3~7tno( z9aX!gI3yz(=W1@V>9ifV8B~3xzlm6=cfmiU4Qo~Ws0XVnTZd?|Cc#J_Z){FPKyljmI|jwJ%}N4>{!N&-6~Jx#+avSx>W?E=a4 zZ+3g~W5o6lm?haAx3;#nQygI(6P|67SBGP9%@6Lul8dA^#aWw&S`kr1h}@)lf!yTS zDSG<-B#7euDX|-S;ZP=)4f(7H6}~KFudzoftJ-X&tQgCC*rVceg$>m6DZxVIT6nVZ z@@6cmp|>aYnXDy1yyuYolz=iX{CfEYg^-@ZTjuqw|3R{Xcl$BK#IXoxp5yK%fuhCJ zUg*+gcc<5fk~a^9UGV(yn)@e_$5`7ys+s_oL%B5R59r*!*VyhGfStO}#}-NmAdhDR zFhr*35$WMvOY!)%^<3KuLaicdyqIQs`Oeyxr^!k^|`A;CUuQT<8gLjWs$Oa3t7?%V-2`%ZGp}Uvpbb=QxX+ zt+Vq+c)y}|z+oPn6(J}@l}Z$swMY_tEv$9V;Ul!rJ)(YLl=m_B(nlZ|5k1W#z0Q27T|-Wk&7iFUmf&J?I+fa*-hIp&N{0+!SE^6E-;xWoX2`94ZlzeIaaD9 zEkuA^ZaLdr9)?hf=iVX6*)}q3x>>P9Jr(5^t`mhHy|(lPu$%?x^ddI4rukf6vmXzI zX5%N+X+8$SV9_see?^g7e;8_tpP_ z6tkWM|0_V?OX2%_V5#TC^fVcOmjP{6ns!RDSZ^uqdP93uYWHZ5xh3WI)$c-pw^mea zrhmRg6O-O55F$R9Q+rj3hOs%&d=jZY^TsRYXBBT$YO3#6q>H?=JZW*3($MZ?{)nWY z=d9;*>xWQvT8GQatvs;VA3q3X-Ybb3ZfWiw9kH^Z0x$Bi6Bu5cl;rN!f~XWW%fUrN z-sp=sW(RliGsWA{XAh8Y^GOWX^}|P(gEu4_ji>ll#Kf)gkh$d?oSd6lT7JcA=Wy#| zcXv>ASA&Cawwq#U3k+VTGnjk4X!onDaKnN3Jqz5c1qC~k+&ABJb=NlLYs~%$nAzLg z_kY*x+vtxbiAhO$zdf2}SG&Xpn->#f<1jrCP=8_wS`P`JP`VSOUF2cPs&4fp(@g`Zo7 zSY1~qE@7Sukkj&tB|);~k@z%<7Qham*r$*8l|huR^*jnM2`}@()6ege=?6xDS5Nz!b3*BH=R<7_krv)IJ+`v!L)|>ivzOf%D1FV^m6wu~O zcTH)}ZEWoL@%ZQH|BMqguWwH&JAqR32hRvt{g#An0Nycs8W`)pjZp;oeQEvSU()am zvN->QQvcFHAUYIWDNq6}pR)aXVaMiBg2HKOKAwU8L3C=W`ekETnI?LVbB5t8rh6SU zVA;HedX!p@$tdN* z2~|jGyVG^zMnyqUFa`?~ZVbTog9|gidPteipGh+&BQw~mG7c;%N=Kk#21vB?DN6^9 zSJ$C$C7{_uN$yx1gY1a3UlyVZQ-Kat=)8t6bYd6$x5Tb{B=u_QZ0}BnVqlg{Q!XRD zDw~=f)G`{0LXPxO+LFS5zdG4Fw6NaWzZ1T4ls8~Ck z!lu=FYLop+%Y|Bki0-)J&dR52HLAMW-Ut^US!d=ug^-J!-$?ih5S5myqaU8T1_Gv* z;&GqzZ8u@>X1+ED0+|hxjWiAi)hm6&nY6yHj&Tv`d2)*ix7@tJehOU~+P9MU`qgkO zn-tO5P7VQ*DUY=yBCToB5yTXjRAZ(m|EeR_39ZP+W`A0q&tO20zqfxuMXHaG-&J8v%olsQ=Ze?}W7<X5`}(a1cd!III75F!YY ztG@uB&alAJ7Wb96Vgq@KD))x7)&yH5qqLe@X~N~dNS+@Gg*#L@p-P}&TA zjnpI%G`D!#fm7B1h0PG6?a1KH()-?fJo)(ddQ31i`bHxFpQ-#l8ukEZJ-fv3O|;sr zT6X~8vxo%hPd_GrawwZ8CMGrj`N>p->ETx)Q!2NcBF!&A^{U(0-Y)JeZEe*oO#%zs z+SuGIB$&;gSL}OT`WJ#wctsDDO?0uy*yTQfM897EabQj-QnYsq3;V3U3*~H!w81r- zFInxVQ1bPGwq&s8K0VTZ5Zv{=aIeNu%f{`vTHp}EZ|F^bHAZPv!6MzHeY$%z?wg`* zdFuLeGgH2a^uP4xbx7n3>M+AwJH=anz`^*XC-A12g~{<60$6gurse#D-q((M#}FAf zk6g47{nFWL!wzYfvM7{wZ+c#h3RX%%DF$d)~y8U{V4>6 z1!NLnm3HA!%$gX@F%wdo=8{^>6|lktG2Io-t`edh@S7 z(&)w40pJXe&piB%Ztk7W%jn_;B!LA4PU0ZsL~o5 zB!E#e`r-mlR$Z37rY0e`f)cdl??qb0a}zt9{`h5M;~lftaCT=Fu?l*Ns#FG#g(dM> z)7Aa8fy#z$VR1Pd8$vyh)(%!}5MyMz7ISi{Ye)j_rT`Nd-kG^6(zhc1i_JE2Tb?(; zIr%w->uND|gFst!H^w#pgpG#nz5zX6ETY-)YiCsC(_CswkLjO3sh;nM)zLGwu)Jnw z+3IVQ6g8vXEA1^t+=kWxL|f(@BBGWy&m!IO5sZkCP{vWm8+24u3LrDWMDUxNB>Sb4 zmz^yTfyYS>2*lBgi|Xu7N2yhZtupk0iMxORM620M2`I|4yb1~mnvsYBzq!EXYWeiX z)k%~p=cH~C!2ywD59&7D%gSbK6ynJ|sf6teToMsDP$JLL!dj2`aA31)g>^JDcBX0c zsmjBy>GtT7tfJ%aVIuF(OaD77!Y+w#$1qk%hL+3b%zwSBEg&vDF?Vy!Z}9x|xCg@{ zFE9Vuz#tb54ejGXjobB6VMP`ZbWL@&GCl!(TAIeh#5}ddVdcy#6A&q?ow=k<7m=!&yuKUbYT&tWEFOqpKjy>NgY-~K%g z@D6Cx)u>EGMH4$$@63X*voRnydcE3gvb$g~lI(zj*``UW)v#v%8sxD{hqkydF`=;1 z_Qav!cs%-V2+861hb5+FmX=>PHqac(Zf+oemGkFuSMWj4BqYR-j`a-4ZWHS( zIX7u{V)zUHe@69{YAp$|;y$D#(Tm*J*eIHHaJVd@?7e4h zYW>wDG&kYdhni!qVlwmShHJ9<(goPs?qMJF-@sjZF*svMy*cjOk?9QoD0m|B7 z8E6n69*GNiGbpD6>*5kP?S=a8ZD3ArF6V-DYF5Pz25pFR52rTHJ6IEo%_8HBSx)sf zPmOSlRNfUP@C}5!()%D{0-|G}bx9=!)8vKJ7!o1U;47V1K-{}gQB5u7+yhIp{SLp0 z)$0PX1dye0ZFqOQP1r^b4u0BIn#fh2AMejn6ga3W{+0Z?^yJ&=X)J90^vu956Dah; za=!P)FqCeOkB?76bc1KoW&zi8aQ}yE!aB2mzb0(^BQF$S9%N3i;^=+z?}UW7<>ZIC z0O9*;tA@e(&}1ZxhX?CL|0PuT@78}8kIykbFdxOHkK=`z1A4FoQ8&Z;-zX<+$pP&A zaRLB*CT=g~rxn^ck#9Br>sRs@OFL)s>Kjnn>cP({Q?O@Xn82 zfdAvMo@ct21K;@YdO?5XNn(KM4*!2g{k>2P{1TP+7;fhp>q0a7rQ`z(^*VcNa(6wC|C0cW5O(u$b;y}&;i0mgoj<;M zop{rk@ahZXO%A;co>1A}6>4)Lzxl)gIj$FVsmFq#oU3p@f`~}^k_sWX2H-bf@*Akig zJH`sfmrx5+SwYjFmPZ)SkxX@R{%%sJ9I+RlGJip5?ew3Qy5XCxldE{*+4gX;nOZ-a zDdvsV5x|ee^yHCG#-YRE%UjyE_Mx&*oUrR%rDsE+T_iNMK8 zu@~{MSts!n)m$|yDvH$0okB2x=d$48q7O9S#+2Xh57#PL2+Ld&+8+7z$WZo&TD!xG z{Ety|ft&jm2=3p|n8Pyc9UKO*0|g@9(Zs>kOz$Z>ZF93HR>?IsaY!D&U?AeGR^7x? z-@QGYpUp0zIr+y?YcY(4r7a))gc^XI8Sg_xuUC18&k8F?9#7GQWQdh^I_K2mRNg{LrH zcY#Q`$t3YsVwx3N&%IV+k?ERA$GCZ=@b5dI8!VgqfJ#KCz_(jGIx2NLi@92K^U!%y z)!N!o+ERJuquwC9?KrH}3?L`O9#7{R@bgvAQ%BH8YU(?CM4p1g#E%V*hsn3}097GF z2b>A<@bGL8<``Z=CmUN^g8(O#YH=OzQ<#$@_~>kVx+VmqRHE(*i;B)%fel}D40Uro zH}~uSG2?4u&k!jOu^5l*vE1!aLBi%p6jBnaLnGJoA{M)xD^ue|@Y3 zI?2q+;s;!xS#dg@uU>h-5*6f=&;9nT{b$)ylM~1v9f7YPH@D~PMtcX)dcV#nnwVL| z*YT5!+75HTq%a8ZWIP$c+)gWFGd+kVohK+6NbNYgSUikvXwTrEQ@H|ATsS%Wxv#ao z`kP`l!BB!o;r{Ex!$TBQTnZpiACLY%Yid7RBvfJHaG`G6X10)9R1|mG3GCmKdT$5O zjc}d+N5^2Ln^S;bxh4q<3(HpBRm^t^ImjZlI?I8taizljs^*JUMha?nc2%VRm2$7! zvs>-?=EUb|-j~U31z2d*Go6>4W<5N)Lg;~#;&Ra!NszF&XIdxou33217%24BE5}sr zC@6aRbFnK4uc?9=_v2Rvqvu|@4w~|oi)z0|yO@Xdbr{Ce@aRg%LzIOYu*7-aHB_B% zbU+4%*0^JjiVIf7V@Y}=t9_aX^+nS)H?_V!Gf;5fHxa?cb|a;rP--bFE>;p^SkC`> z3AsYk89}?z!q*mCms2pivyv;GkTXSDUsYKpd3*sc!~=UUKdI!O7=dU)?f+xY(l@@-O5o|9|9t1r?}(66z`rY39V z=jT(8yNtnSuK%h5&IjG|y^&}#F*F)WkCjY`N%PWb@CNpeekktIDWbr z$xFz)$lYL$4=;+03U)QUFL+r=$*}vJULsgAGS&-mnY{qbTxwxkQZGn78YkY7iD#?5 zpI>=YWplPVoM3Rn1nN)J0>#MCJ@ExRuU((r;l}3X{yZ-L+V2Z=DX27>H&l7!L2q@+ z3v`4PN>=D?)7C8kHa^3{c`Wo#CmVSFrs|8XEYqK#Z_Kufzd$2FHI0-{_bo8@^?_Y5l>Lia7}ebmBcQ@0wzoJsukdY@Wl1e-$*3%FoVXeOWbL zgj=7!Z+_TZ({$8(Nm;sERDfv9RvzAA1~N0e0Ql*pB?E{;(_m)s{+Ut}+q%D+1ac z3pAwbR4<@2duIG^8~xaUmKpQo@Vw4@@WAjYz})~_Ce7{bZIN|xdAX9A;j3(R7Z;bk zzRSYe>C;bUZ7byWS4Lv#@HC(AZ}`1Q;FX^kTlV3kPtWRroctinKEo<^H$%WPzHOJO3ZsrzC5y^u+RaQrnBMV4*uQb zS^_7OTZyKDWW`i=NW3m%bzR$^sZn$>FIF)0^u1V z>7J+tI=lCMYzu(AnFCry0{kpO7 z6*jR8lMWw_`cR!dU^)4(F|#4+VYyAdwc1H4xBfUxd|v&*%rM z@vmvLT#{pdt45pozt(6|(-p-4eDdNM{J%!O|9=|&tk5K0noak`hGNnU0$p&XKne=+ zv%rQg?wU?XKt~gAZaZ?RIbfcqeKe=(^VV z6y=<#9OHvJsibg$s=hmhSL1wxU0qx}o*m~F$k8M73Adjfb;qp}*DooB4R_?P_QM9Z z>oR86rzYv2ZC-7zK8Wb(=&~v*R4?{>$HV0oH|i2&Xnqn=fdEQ?8>`6cZaF zWu?`We9hr<7I*IP(Mt8sQKiZ-t-Gf@VMwX$<3hWf)*T$=b#1l%^mTcgRQysC6RGPZ zPGMmoLt9Nk7)LlRocH22st`mm+@-|z#h)#^?az8S5j&UU;D)ZEAmp@ zA3Z@}U!$-{y3!w7-+dO1Qz?H?jOc#xx|_Qk=H`}lPINRy!GUKhZ5+D*VI6qgZ*!E)3RsCZEW!xvX=!0uk6nWMZ;A$_mKVB{lw`#PX+a6QKh6Rn;1( z=eIB4&X#K_WkYU{U5CAL@%7y2$?6yB=XBVsJ{TBg2E^)rJK`}e{C7n>wz}{Ett`A< z86Yn4mW02VSj6h}kjdKQsl&cKjC!rc8}E=29*bzy`k^bsg}?W~H73mU6p`@(vn^qE zCGi8zNV4&)8f=Z5cK{u=irZo%(KFcrrn5v(X;SkSp%F-9f)$1%yx+#*Z!@m&53X8ZPpEq zaP!g|JiQEou{5--`-`Ay?G>Mp@veF|3#d(KTu@}gzY0BNWX90YnLvPlt;NLxUeisL zDI3rtj*e(aJ}ZdlAb+a0l#Fc(pCvt53O@T;{o+McNq4!>!M^LRV$@kfb1~@LXEd0% zHz{Z`xMh?PMEUFx=)3gN= z*26sI5S9;_vsA}4El&jd;6-w-XiUc{<)i$O%?g}9uJ0cp;ll58jO^c#-~ylJplyaj zexn?{zZea*=kWoM12i(lHSNV)jT{} zRGD65jSLJ8$?=wfYDy#CsNO%a{;cDbI}2;=Be#sHR~SFLq7&(l3dE23-i03Gdwtg0hV0F zANyHs)0HN=A3AA?&doiKe6)wo;-Z&S&`_P|IBo;_Y2OnQ?N@B2lFSluUNF^$& zN>pe9)7!L=Q@r4Lhc!BzQJQq99fE}6s~3G45T3G_UZ!Wmn_jQiQU4w-zp!vYo*{gx zSp78#Pn*a6TO&2CnVTIG`x|cZ))OF$!pA)tY$8^MghVe1w^~@AGgXQ}qJ=fkevx-` zb7|Rz*!QR8jD;Y;ORpNpB2_jyT4C}@eo9PqzCy+V1Eso9jaOA`wihPjLr`Lrt7Um$EWpoYGNN6hDJbW8Wf#5juWuPBU3K%)MB z&hs@Mjwib4oLg>(gF_XFC3mpaQ0iXFS$TEFx}lYBnYeDP#r10;eMKs&uweP~Ql399 z57A26#$2>C-(A)>U+#hQ=b}V5{4)^a^Lj&tqfD;ZQ?+67@-9+sJ`PL1h6SyEr=ibF zPGT6ACe&tznq0l8mi>MH$1;3?NWlO)<_{38z(i+)xT$#`Pvy>*hpB8=eXQh)0PimG zNw$|)*!w?X78(>}XlU5>u0{dE;wHaE4adxq3+V0ELEKT9)MV2O zUl~+T4m|3&#ztXQt7YQdUCx~P90^l1I&mGD^kKN?&xRf+6iM9ouLlO$jh_-l{Dp*o z5I_ykJ9vIkaKq{F`go|ae^XXT%gPc5@TMT3)Y!)B8y>|U9a-8j0b?RV2Mlk?_d?Nk z5wHy|>v_YEC#a$zQMtZ4Qmgpmhm~vnZaBIDyRpdFK2Li7GTh@+a^f{{1?jt@sw%ms zOQCvdo;LcYl5#6+v+|N=LZz}PAPj+N1t2GZ?*#a*?e6tj%}b~eAt5|VzKGQ14^S%$r%;nKOY zw*t^11HqYTN2kz)zF(10uhD6KF`zGstNdgDvL^bon0sws;F-R(QZ(}=Hn>!cyC=T9 z?*#9_B%sfUnBICDT>Rtxbuq<_w2TZ9AR@_1OaC&T1*D05{;&YTsfmd!%?04DI5?Yf za%&Xk=hZe#qeNrgRY`Rk4o8jUKdbP2vMBb#d&zD+Y$_z7a%gJeJ~Oc=*7UiDXaZTA zXv6jA79groFul`vwkfmM$mizP)ZN`X5JM(z&=W#=dABpJJMDOXW$~B5uY;t{e}zuF z^$*Z#SDrLH8<=G;f4h28yaTb7DATWx95M(ZiHBL@wDBK-K1#Wbjq?_0Z^|{`M9#ON z1nwWx!9Nf&2nTTAday^uP*!Q)mc9!P{~Gk;=h?hCNPLc$Vt|(?oe*^ei^^=4_PYkI zcOf?=4>HspKW62Y4@OCPXLi)|EUFMKtU4Z}OlsDvzC5S|IxWSXx^&05=B8TW$IMLfhc{7IwHUQ{gHhx0w>0w7OHZ)CTZ0WCIXSJ&#Y z-Kd1WQGWO!TW$kCtL{bjr>rgU`Llc`B)!-!jv*2)J^#;hE7J^Br!2s6P&k%_S5)N6 zn)BmDt(0q;b^u$XxOabq~fs=BKORK)JCQ7Ztp18@)~a1or>#l72iUI`9ME4%p1Q-$;X%s>t69zkc+zX5BKc96B-n`hmk;4vg#dU`~v%CVrdbqz+6b?1JKN3vn0y`WuZEsgAq*)a%V2naClv@+ZLn1Q$Wgn_FoU(`I9cB*%;{ zn7kPsu`%qxu0`f=C(QT@;Ce+#*j@0D;KF+Jcv7H0Lb^ay{?Ex*h~ZUnu4wPX zq*Dy`iHmRkB;cW82u%=m7mRbiSk6EDf7muk~Y?tbd_lG4*@H0`q@&!{S=Szo%iLv^A>u+?quNx9I=%Y_|F>V7C0ZVX@DB z)v)0FcQ!1R{?mqq_#X`m%;A5gVbR%F2S6aA9pCNl(94I2y^P>kUAFxn!DpeRgB(&{ zhlxkHe~UUjB}EUAJ(;K6dv0cK=KX?vpdcSQBZZsyb%3%uQ4}K~>t(gQos)dCX5+7u zOvO!97v;>T75F`zzK3SA1mHWDPy0^o7OWyzgFMb{roJ%=R#&=EU;oSY-EGs+=rZa7 zQEGMFhik)S?fQqnhm)&dpiK0Goxq8_1|Y7cR-(G;?i$~s29-?4v6S5QtwZ&L9`V(m1e^6U%T2O#gb z&HvWC>jbUMx6K>ijr`v&?~pY9Fz^0W-q~H5cPDAZ6X3e|Ke=GB@&CPG(U-V&ygp{} zeC#B@iBBZ4ev@X~mFhYS{ECsVpoFojqoa=e9g#-DBm;f4jWKDmlmoW}DYBhLEtVeEL~JBA!7YSa|&3#VKcQCIzpU%@%&Y{L}QbGxq7 zotf0;`79ZSr}b`ZPpQsqQ|TF$>74{Cy1(C)Sfx%{^sZMkz!0^>@YDZDGtl9!<_2>; zktQ4|CFQC<3qsBM0ZTqoI7nN4x6G(YiK*^IEv;)owEzDLHAN zR8PkI-g4ig(%f*5du{zDlBJr^D#Ld1vYH5A*^)oj#y*FV?^~%J=#O&ly z)k$q1yKZaS**PoNXwJiy87FnEhu2uH!tdjFo^NfzF4UjTtjB(kl-yg!wiTtJF*05s zW%!GXVqsyK8_rWVo@;r~+SwUmve?Buwt)#N0oK<}w&!LVy^NQ>;q6OENhSG?#2Ehn zPT~EQyhB6$3Qj8;4{SdUj*JjeWM%dK6O@(9O}mdeud;YKLaF@3hY&}{#t5G=3Wt)* zk&;Psrw#G>J%(&d2Rnb4)^~Vu z_npuHR`Aq*aDjzS2QawT)EH9(Y z1>%~-s&HXoAnm?fA(xa?w;M_%0Ek%WmVl${Q=Z$;T%sEv*kLL)l-^JzIA8N6}gm#^=isZu|8JPdCfreXB*krS*%tDJ_dV`PNTC$Fm) zpix;`)to+A6x7aMoJ7a${-zTbr$IALXJTT!__V5<-K(fk;4eqQRnM-DgtL_-z>#p* zzR#bIgxgwa{&FOo8Vjg@Jw4z5O#S<17-nR$kwq~kJ->_veV0Kaxx8NrZ0Hm=9(6VO z7R-6`9yiuw$jhBMUINMcRaTB)<^2rt>7*CozhojXBhuaaas`Q0jGtuh@l^Uz|W1DPZE;@d4+- z`hlekJv$3je66{+vHiF4u>;n?dGK2NZNj;I662&aG5N8L)IU1ACS2PDd~9{Es)b)OT&KNfhr^)JS$4%~+6BBaA3Un6@&_^rHn=YdFca5D^U;sDij z93UIZHp~j{fZLptsry^hyHf~_iYJ4nB+SasZo|WWDR09g@!}$UKl4s*Ys0im+2W0O zkPN>yZ^HHl((-aq+zYo|L@hln*6^n;jnlFkRcf=(N>Wy3$Nh*lWT`jc8g;Bsq@@Ja z4@rlX#g5L3^~YlLZ~P~<4giAvt=92y+#bjG=kYcThMT==A(CFSVoHo!pJQt3Kwza> z;wS-b*HVVEyR&Gag-SNu-J?l5pWO;yG|(mk;L>w*);@)2fI?ad^3~Oxwn3q)cA85FHZB zcj`UrXe0@!!6nC&R2$R%`KQi4FOHGOI>a4jvvDklS$*J{FnLrKwz>W$mC zZ1VhTKa1cpD6)n}xuL{1sVk@oGSI1q$G@z7hmc&qtdn&0t3=&#beEChwV+@qNA;tp z^>LQ6_9wGMb1@@*b7xjl$&vsF$}`P(d4UEhuaN(+7x(GEnb`M_h|DGtYisK{?|M8w z-^Z=Tb9g&gpkXna^mO)rxFX-S_5b!h}=i{E;hyeIV zjg9fcx!R9cL>5U!a=nBa|6f?Y-3=wV2W8?bm>3;GT-kYfVhPeY07fy8x1Swy1a|Zz03yqq$SX;i7;Ez?*2>(8ZO2*6xbsR<#$^CWIWaM@ zlhX~6lo8w7TwI9?Hc|stWwvFLKO`k0HbheLEYv&ykdz2Z*p)I6Nx8ow^+QtH181(h zy!;PI+1?%mhOJq~HZWi%z}PR4ly$D~KP07+QWlVuoAyfq)xa@qZ<|}jc|k%WAoCjH z7;ben?^MuGwXFijQ2j*E>L9|%xNr%xFXdFB+%y6p{Jb7h1v~}_Kbk9q-*5oo{QOVH z@ZFZ%ACBS4zSdtJ7f9Jrbap}pJ(Ls5(2JoLX9jL5JaHN5mZIS2b&IZGA*I~ z^!OSS3>zhH1_nn*!4Z7gisJURhk-=;uR{kI9J`~p>ntN>bYm19!NI}l_wS>Zy{Q(Q z#08SnxcHUwB%T@7_tUXrJ9q0lsum*Gs!ePU(Xi; zw5Do4vg=NGNXyG-zwk0o&E6RE=Y+USBI_VF{-I{6*2TYo{;g`F*K<@D#;d%{;T5CL zN^V}v8#)xJ{LJ~N2dr;Y7m&dj>V(f5}uG%xzMkzc4MR5GhYdt;sB zTiF~a&@$~A((0}mYS<5_EJ!?`U)TtPg@4>O^uhpTnoPu%WNr~h`cmk_^Cy7;0n6{X zj6Cb)6)FihA8k77d?5Z(G@zGYr@Z+A-1RZYf7no*y5rBZRI-8ZY3oucks{ol9sLCI zN;tkGzTtA+du4f99@MhB4%O(duiE?(D06K%|9m5Pg1(@wtpN0PJ$E+&0Q)~+I_u*8 z&UCherz4(jYj5v#XLm#2Vx(0!tA4q%!T=*=+YeU19JfS(V%wPHzI$YD-oX{nrQ~{;j zpduxrzN6fXhSYJol@)HFwDjh$Hb*>Yb9{xgIZ(_0nKnoJ%X);39I$GYehtz~*I2B+ zDsxb7MEz0bfS~x+hQY0pwT+FpqZB@%HuDR#`;T?X5U#Da?zDR6fw-Skto6|=^o!v> zTAdwwE1lj9TKy(Loy?lIzv6y~kAKDeN(u{8|An~UCDLO`(BvYrOJqeG`G80l&iP4Q z`bX{!G;S77H9@np?*Q@}X8T|ZKxN3lMgU-`W}4&H--~780t^HB;kb|xLJ)yY{{XxS zQAn4A3N$-b_&5fNSyeuRudhG5jS0cjlFj>Ga31`S!tla47{O-xIy%S9gVxC>`1RP< zqMXWcPh}!8l8V-SN5TH`VDM5A5|`TLMNZ6Bm*Zf5A^o>5M^=`}?_G`_0IvS0O1mHa zPHDFa0^C#nGjPvPC@gSR(>OQxWqQVw!2IWubnK_Vkq?&YV%m}#0aDR@6={lQNQ1*%_I~if1x(N`1+p#_b6Kb3b5)#+}v{`BAAs3w~B^X57KLYJKg(v#ckb2<=gZXl11YM8}SvArO|QYs|^InB9o)c@B@BA1duEM zS^W#iQd!By3^Kw6>)8Ow5*nHgkSvO&xK~IP;3TbtPaJQ!V=vnz*j8o=#$J36LM||M zg+N(uZ`zXAVD2VVVk1ALOYRQVjzcHn^Qxw?E3W~+(FoxAkP*Y^$qx9 z$%!l5|AeyKG9>;5Wyw}CWc=fCEgYq7n=e^aN-Qj6^FID0fyf2Qby}T)BH9;_u%B|1kFDau`MhQXDvOwM#1RPl zRkYiB+7EK)ghiVr>&g=3H#-1wrdWgUxodU2h4XDgs#GV#yhUuo z6vJ9DQ76dHp9X1jWX!eCAsT~q5YXnB$GU2B=#N>Xx?lU7Hixarj0*vwU0U^_lhegz z?7D3=+h3>sEH=%5r2RU6rv1SFh<-n8PN!>P$}X(<;zTtJISmOfFWZIPNLVC+iSo(M zv|rgy8@$MyVUCm*ju+7cK`NLO;PDi!lO-Q~KH^40yYt(Khl&V1lQ%jO4^%pY(?ss_4!XJk_n6c{TxxQ-$@CMs2Vl+pW~E!}OUmgF zh&??$2mXZIdl)1Mkb8d|2%lpPCj#VNQqnvGxwo=X{kO{Q@dO%{!=h2Q}}Y<{i|$`#HG=HSeJ29n`#ons-q14r<;( z%{yrF4w}4!ChwrhJBa1>FL-YMw$WXvc?UJ`pynOayn`n1pvgOE@(!B3gC_6(ilPin z-a(Uh(BvI7c?V72L6djT+AOp-3$4vUYqS4zX3?PL9n`#ons-q14r<;(%{!=h2Q}}Y z<{i|$gVtuDwOMFw7FwHy)@Gs1J1Fz+zlnKwaJe>N^ z-WeNK-GUj`Dvg)rw-zIr?J)3+LtoV*}n*Rw$L*tU;zZZu~aQks~rPePD{^b-LYv1>d9;|6E99 zD#24{O?jS$9WHLF+$^dfi$l+LkDlcW`=QDaGH&i??8OFpLYX^v!joOMB*o2X=CT?ukT#G-CCVA>6=ez@;>u+}Ms zcYVqx*~otA0e*%}LT+wqw}G~Gy9S_S9b#&ILw%3*3P6LvfNckEef@G*>?F}N4^IUl z>HG9KBDXh+N6qMX{9E#5nEyF>kheC1Qt_D4(YxVD5aX-13U= z9XACi7OcNQv55X7D3(4}Jlef9zIkm9t2dKT%shVw#o~je^^dUc{%ujdf9MaLeW|EW z_$w4k`9|B<8)Hc+741J!EGtw$Q7nK8&#$$>_#2Al`vaWT%zGE)1=TT)JNB@IbP%EekEzn zFCyYs76D$H)O&6buLk?a$&vV6$4l+G7VM8aG?Fz_XQRZK+AXS2?a;UD1a`)EXXo;8 zeEs#BY$`px&%_@ESFZp7wS&Whc+YMsZw^chjET{V^se^#_I-oqvqlA#chjP4eB2#O zIN0|M4_y)y5>yVS&pmy7!ZKuXBJV*)TlN9Wsc&S2q}dlM2%pdQwX$+-G`r2qybW8^H5q~@`0F=hk(LE7~&)4q8-oJ@MN=o`AJ^c+FJbcXh=tPBu z)Tf^Nit-8y`rWASl$0iVM+cv+W9jcmw-E6AD3PhrX|*i&T|ULD!6s98;~+7)I7#og zi$#^=b6NJJV?yTz4-T2Sw1C(4~b&S-AW5a!!j6z=B(+Bi4ntk7wP)mr5r*ncaN8@8stE%y8yRng5 zR#xu)RW6%`tHtXp{{hE&D*8DdKfg-aX4U7E_3DwH1L=lB2xwDW9Qt?7~HqEf~9 zVsqjh6M+2Ub2vLP0yDrym}Xz~OujEchAE74O0EeAdWNWpT)aF;CTz`=u_xl2c}qZR zT3mV1+lPFR!@tw*N7T~5#M>6h;H7`+`E!Gf>u)#M;C^keQ7VaFZLq~uNgzFGk;qwH z#gr8DKGZR{`)c8pn+R`Z_-(UaNN0uN#A17fhlCDpW8Cgk5Uf-1yntIPFK02sqO@f# z57WBonUL^yAEWt0=lPT2|hXnc9O z1s7Z=7^`3_0$kJD^Mo4@IlB^CE_^6w6z>c}z@U?C-~I;VJo*R7na-2xrepiQ*-nWZ z9Rx%eR2J0yrlD|q=b)5^)_Trwej;MCW$jx{`=_3okTSKnD3R~MQ57O}^^2|cI81O` zAt`kzJG=KXY92m8a@Ww%U>OsQPRJd6Ozth&$f}C*1Wrf4u?;P5h*hz|T*&8fH0uy6 z%pBrL*6F9GICz`=X?^*0M9pB0?mq7QwrgtF60NPvrNL_8t{s|C?Fn`Tqr)C-W;PKo zo)O2AqYhJNX8um*`(gi;vrV&AXx9I_IJC;XGCq-2FXM%_Nl0ZlP%(X=~W8RCH1lQGIuDk*pHoSnDeX)!+@wLSbu!K=KpA@{c5OHMg7*;~1o}xMj-^yYL zL2%9sOeUfzqobo6A8n}>-9WeB>PIIfBO9o@$jl@sAtn}eRp8=shHUKGK^Av8e$I5v zDp#yc2H_v`PR#}~zCLS1vpSW**J$Co*E+1`$A8cyi@wuRkG!)$P-a{uCNIC4{s&VT z4M4FrqbD_#y$YC^WPI96g~eb{QmpN`_4Q-M-aY6_8q%H)kF{U$S{=&C_@_2@$N%Gv z-48Wtw-(E%er)Vsx`Q>&OHJa1-jXi@t=qKBva+}XQb_zt_es@e`Q99Xja}Xe5`FA<3O$~QCf;ZFo+8+d^%vD85{2iw9)c;JTa(P9?{O?TVl+|p&R93PsuMpgX468p)xcJ3X zE;R}QOy!`zFqM(9w*xv(rn_lv4sIJy*IvzZkWz+*&}7X0oatCCwGavAr3gB4yJgb% zS?~S(;H5`oghbk5dwYA~S2GOErmEf$d_&RM-Qm zN`h{74q@!m?{~_yDx0HPTBxL6EoWqBQyw3pK1e@0t2-))kMGH%`{~Ej;F2zebNwD2*!nPD8>V44p8GU6 zKi@i1pdF)s=k!veVDsVptfuD9nqO?_FpmHs z9rIK{^VG2UPXGH6jArF*m*Z&6@_RnZeRdS`g~MQl?HK;?n*y-Hh5=b&D>m#7 z+}TkF8niW=ivEK$x)zL`h@~^N$t-WsUmlmm#&|$-@+AtX&B2VqoC4*EH--}H7Dqi!o7ISzyLc%1{o7_AUVL5?A?dxMDG5Y>t z7Oy7+jxLG~#Q^R*w@_RFiQUp;EHjMExIwJo{B zTJC>%>s)vuI9WN-0hLNQm^N{`Yoet4*Til{hQ!eKIxw-T115G!Nu~cZu`4Jj{+Ef} z{E<^b)e^|WZfIx*WMVhNhUsr7c0Jdoew*06fk-FYZxH)f3yIG0Ez%~}=bm&Qn6@)H z5wIV@m}tp$tyEEk$RUb>3xEjOBUr66xdkz)4E-?i6ZtM=Cu5F%JCM#RywT1TA}|li zj!}fm%1#N`Y-86BjS{b^Sdj|iaa`t}uzvmi;WaOBaseWEP4x7?*1eXhypjAh-hWU! z(|g;hs=i2XsQ=y9GLtI&my@5T%KeCU9_$Fmuu!m?7(;aK?<;I2C9HpMg^iS~yUh(T zt?N>`gi`s>9Un`VGy2z~5sVIt$bVT0)s{xRyJLmqZ!Op#oKZ6f(Yd4Bsw`o4c`ZAVkYL8>hg&b4 zoJW8mg2=LojdI6h`(?xMujghn4g8O$A$GzVn?JR4%1L8mm4svmn=3lX!2$!FWtJBf zn350|5h;0)t4q*!2RDjIyCo($1NmTs`}qCnI}d~y@@}@1Tm-urxd>__&q~_wW)Zad z<@AFpG;vLcp4=i5g}2~bNs_s&oG3m=MMX&&ZJhK^C`QkaR8F45t&+en5Vj0mQ!AQ; zaeYzTY3};@Q_LWBk#Jukg1P?161=REi1#2a%90o+_{KTh-d&)g-UyoP!Sa4z>V__e z*FZxCz?tFo-amHbrl_5DY#;)l`i^DztM4HJ0eJ5BaHLuNzuy*#iO;IFH2Q}}Y<{i|$gPM0x^A2j>LCw1#Lm|08TrH@1 z2Q}{?cW9rSkpJb1NRtTEyn~u|Q1cFI-a!t*I-%wr)Vzb5cTn>Vn!>C1j#KS(f?!#o zDZKyZ6du&PgPM0x^A2j>LCrg;c?UJ`pynMkdH1=2nhO#{;C|(y_7C+Zt_(h6Vw#To zAY1Z4O!RFy9wc^@@cSQvns?CT9W;3dP2M>QLCrg8@(!B38w_45LV}uiQ1cFI-bGXW z(-qqPh2|Z?A{iCcp=I^$cm?Y?VjL>6AZ>@e!Ujrt(z^jYJ3TgWZJT^m}*1fs(j0^c8MygzttjYh2Py{ z|BhJK;e#o(P!Eytb~o8N#>-6jA|o#(QrAWb_}IU?dwRm9rKbnh)p2T9m>+H^J$g%j zGi-2h@Wo<#XQx>#)wlBU@}#0Hp;6Y+xh#MFK#U6MI;{@>?vzU&PJ4FgCIkoZg|mIB zh=(l7%9xiX%;6P%ww^Dfn=(Tm&t6t>P*bFKE;Z+C_N zs}+%xPOd6>LbdhYWGLMg=4IV}d=C~dw5a_qj<#pTB_w7USDc0x>K@>;o*r&GsP3+_ zZtOo+_2AE=U2DZ@nJgrT*l*jMd#&ir?ba1Kq--r;cfr7aalCyq;;8AhT!B`ez6wpz z?M9-ymkvvugNomr1|%#|@=vT2T6jKYaN&7MpiB?d4@MxhdWz;z>+7iBJ{qC8csDu_o`=mQ;6)9w~_Ph~jAJFbW z8W^a;6n_W0qzh>ipoX%6iWPp}_%Y9cq3MG~&f2S>^1??qbaGuL5qOa6e@Wwhi1+Q? z0PpqrlaYjkr>$*m#x^3Ki_jY}VQS}3SdPas(P?M4H(SSB)d}B@T3XqRqoK3!H1BM5 zSZJ6pO=&hPO|^~Zc6X+HXzQFH`u=@aqs9*t_NYxl4et2ZePHS?k~DPYmb9FeG~@f%W*3L$W*)j& zVUIFwIO$5plu$oZsob~DGf3z7<{&82uNDCAja%AoKu~a2lA!3V;>%w98r%@O|^%(*l1cC9PHD@ zD9CPde$kP+akq2az(T3kwq}p1WBP){Xyyyt2grrR9Q$?nSBdkPnMo2-t=KvQIGf!_ z^h(}5=Vjt-k$iYKIP77Rkl0uQeAR*1!4F{3>dN*`5T5k)b=w-9pO`UVd||@aY6`pdvFExs zMk%GnP$tYxdm?{(j!~K-ft<@+-CY@#wQQot7wT&4(;`?}_up>G`)N$GHXSpN*EYK$ zN$Y9-wZ~^InwSCJPZUK^61xbC4;PpUq$F%^pHo%)C@I5CVD>82#RrGv`=&?;rdbLB zg;m)XZ32ublq zRLGPG`_(O$7)&g@U+u=gVfR6*X>LHRzIlf{wV9blsPz#HOtKChTS#zdS&`ZtJU)8( zWUzm3*ZSdi*`nhNDs%9?Q(L;tyPDh7YBq|_i1^7@8LxF!qW{_TZC;gqmM1O=>^3G+ zuWJuub)u)t8d_FjiOI=V3dSNPX-8JdYtP-#_h6&AAm)@+JvCj+)`#+fl*7B0Vm$^P za8abk9`VSi7kQcCmmZRFt1+BIBO}R^tBA#EJP$JBtWO`tjwilj$dRH(P2s+9%5@QS z)z9z%AC^kB@NMS}!xYtX^{&&MnbhX_EExyVdN;PGRA+Bf>6w(Modn&xzu%NtrA}J( zu2(a_khH|`)Bi{_(BZA-26H`;CLAdxB?MB(0*`8zXt)rUhDPpUPxupp-HO=ph)8VU zp_XvK?xJ0k_@j5Ss2_38Pt_HFcx*im_-^PBi|r}g@AU`BXZX|q#fSU18G8T0AL3Zv z*a)RVa(}`sPq4VE+n*PkU17XcYred^L0c7d_2^E#KxqZc!E4So2?a)!3B7sKo|L^2 zi1KJrz_NjlcGa1qeQgA%<>QUpojALxsim?&Rs{B?h(twwI?JA&WS7Gz5?sN==n!(w z&dU=^kjV^=j#ldJ>r*#?{L-vAt7-W&Ffe)5i{UY4Px+VO*guWXL0>sa?(f`**|b;T zt=tM^J3M=CwdRgL7rBjX_!PfJ5;iFZD4w|~74FoTUHI8m5N^~Y`P?d-9eua-h5iQ1am+vY}a*eUY7Lf>#| z6x!}hrtF-GQME_m;nC`^m|9(w(HIvlVfLk*$``)NJNB2^MI{f`!k46=f8oWUq(2p_ zshIO`YSbdb_noS@e84;j|*mY zu#;MF@eLblx>Q73*r1O~0RNtm)Oh5uc~1~tm+mC*ym!cTCU1EtAQvp zNFa=gb*xrG+hW_E4fyb>kdoI#?1Hc*KWjKvt2yepkaB3#40@myA@$59PR(*OHTixvgo(Nse%}) zFz&Pqi1BUpaEp2tu5mY8X=8U*%%#i?y(5vs{;agWzrWO{e7dOYLqki~#rY}DujP4nlzr_H3`7Rnv$MX3D)ElM!5h zwe3Ou4X50n0ku$d9|hYrvpSa8SZsPl^wSIq>~ltjQq$!?((3)f#I>~;d43wwKw_vH$? z%*;03P$B_-!%DZLoYL`>=k_y~Xr6#`Or?gh`?*(_ORLXnx4cF>`|3K>Zi#k$x4T0x zUnKUj%)U4^^)=A*GN*8UHed0EquYK=jLsBW_2dXC>DUlNO!1h@Dg&hi`DV>Vz>?`$ zHy?sk+(dOz&Wu{Qw};dB&`g#9T$=KCYJo_4o@qw2i=tH<7J!Z-7jAD}(-(0oy`cFH zz5cp!<`+rQu4w-{t}%_x1rg14?b*5d2&(oi?O1=Bnh1hK<+DVD%Xyr+eWqsudR~iS zs5eWSn#l4smh)f5Flti@GN5#XkKP`ZJ--_B zY7FmdAMdZh;XQpDYeQUXNfqPNQj5e!Z^$;qIt>%0kXS8qjwMNO!gSb!+etysfB z_erJt|;5k@J}yIo9E*=3(rUR;Cl|u)^zqt2oS3bI`tV~z3$;=b^^YejKd|kcOabB+v zlvOWoH1F-vsVLUiEBV}7_PJHLP54sP^jhMrZ1@p|jB6jK?tYo_GZ$R%UFGN4#9B~tK)!iGT!D^S7; z;7#*5``N(Xm+We%cVfYE-0<}9$@zBvzMLp-Qw^gI+8Qr%(`jzb3c9l$E zZFXh*SWINa#%WlwPHkwgu)f};n>zJD|JnQvy=NYC*y93bBKI&nN-C#WIFoOAo$SUS6j80jc{6?kplBqZ$pU!kVIdXfNwU2-pdQ z^ru2Am8y3qHrrECl>--J<8b}XKLn3cPtFQ)H-x2s-jkA%2|GLW`XFU%uXdK5WB36* zC$o}RCTFnh{Vu9uGv^KWw;XJ?0am+?mKD#|=I77LZ{bJ^3PywLz(nO0FVGKsXS=$D zNyx~8Dl6GqTU)_BLpN*F1}3b8kx|}>(IW7MAkde62`Q|s6YhOUzN986TTk(Z+ z;69?Vh$%-MnJ`CI4OM!*805|g0`8-Y!)M?=KKBhFOYFCD_Vq>b@bC%JY!7Wuml9jq z_jt&oy9Q8Jx)mmRBI3PT`%1NLhh-;`aLqYkDNVg9!>GAlOS-J7SIBW+>r z_ygPE+xkO!A~fz++hw0`6W2x8Bb+RW#IlhL3=B{fP+IC!KA|ZvIokS;w_37UI;G%9 zNYK>si3s2-C6G0{$ZCQrhu?YJi6P6W+ADN9*YiBvo#m%J_UXyDKc{V1=h3_8DdO_+ z;+tz`*=JZ0i|=ABE4v;~QDL)@T!F{tI2(UUCRw&v!0$$jod%ow(_g zK12N%#P7p+>zH`I-jk{M_OPS|;?jb9ShQ7r>?p^?xq5nf16HMb>ubuM4~X9vbM9k| zedyXhoYCn}X?|<=;vq7!)Vu2);w<2I3|{fF>N5EN0`W64N;@HMice2J{D=~nqQ_~% zw6R=yE&IxT4CUQ3G=FgV(|*)?U61g%C~E9C!H*f83kx>+$nsiU*(OM{X^oLST;@Kkae>D`s`RDQS)lqV*WLF$MTJgT*} zW93()RrM?TaiK$QBq~JHI>qLv{V2yikv%XuxnYT;^)R=(S+@hH878)iNDI%19kBcc zw4}w1l#Ac112DIxic*E$N+((>4qK@Ve<%zM|oF^M2a+9O*r}AueJ5Rv+u)C1u zOH&xj?BJjkn|-&F&A?2#*0u^_Kc29dtrY&SAEn(0I;OMj)zl2VJR>UpqC7uiH69C_ z+uL9G7p3l9asA|<`drJmvxywnFQ)`tztCl5SSnVu$#6&njPC>G!M`>wcti(^CAzUx%M!r8Gg zj-fj}jV*K=WD)A7mGwEEm96bNZeZ{g{hVXA2m!yqqf#(t2ThJ(b-aJ>j$U~GZ4{C8 z5Cr@(V0C?WzZZaCihom{fV3Jk+w7M?1i&vAF%S|~XXfW0%G1uS3PAnBJ6k(Dr8rKq z84rN+JXbvxyJ~2(Tp8c$}=;_-42u|VLe27`dJFnmNd2GUMbI%mZB&` zpgcv`>1*MBoI!v87GLjs08yUKBO|)fO=UcHMWa{tA22W!Q5NtFhbhN>)Gt5pKm|9~ zk_E3$Ufq}k1Y~MfN4Xn|u4|Dg*FM%jl&4Xl`SLzaY}1(;x%A>g_{+Rp>@9^K%99Q# z&pZd9Jhxxo7SYqn%)U$Qj=p88JpHO3;ebK1;4k)L9IziJ0!Vp?1m@nos+N=*CA2b1 zbrE_(0Y4c>=~JXlK&TV)C7BTI%6?oupjk7-_0uYLdW=VYtNH1wP*h3jIK+M&huDwW z#KIC17QlWK$uTwn_9H-y&7(o=#|d8d8ub}?6_}fk`_<##Nf^61IxLQw-;Ff-ojR~TocCmqrd zjB|OO!y-Dq$Po9dk6GP)U3>UJ>@ld8fFY{>wH^=Re*x1FU89tFVx-UJ_PEvq%FTMWfVw|BG5UK&88W5@hp&AgX0ihZYssW)I@HtciLVZA}4+!-Ep*|qg2ZZ{7 zP#+MSKtp{%s1FGB0ikEX(6eCZSupf07Nc&xToCPMPEK3pw8ze9L!5xQwA=oDyG##7B8nz}C{&df zjq33WA;bTPDD?CV_<<;VuyVdV%agu-g($Sr72&M=fhg>OAPReE@^mr2rAeeUj2(YnZ!-ftIN4mn= z>!mIsAr7`}n{XPg?MjQB-7`xRH2@m6+9MK)4UUY&ND)J=EP3pUHo|PW^v%EX2cfXB zk+1cNP#8FKMJQD72|#|#CZlY#taJBx2<3ROIY?s%Gg0&WM6=kgu^$^H?#_+#cz8Lz zSMVDfb&381iw}7y;S{mp#G(_fHFF_Ss#Irs8nUkwv$KP7hc2DeG8ecX>LyF z5>cu{8|=a&A_Z;{`>TnP*S^MBprq5#U=B#)pYIF=<=n!5iF-2&kK2XP6bUvw+m&bA zT)%qBYvP!DtG=JU6GLmuF5d7tW%3P!$;yEqw>0gA&F;1dhIqNL^)7hXoUjWwbVU_S z%@j#TdaKSD5Vcx78{BL zR0s_b%uTfJjCkjP&$`srKFS5yN731#x6-pXIB(GZ&b28-y_RR*%~@NV0>AsVEB;}$FGx-OSB&Gm6>s-B8u2f1*Y0dVg#@ui{xPhSu7zCnh)sc}_cSQ}qaNIl;jw z%+`CU)-dSGrK<=bAtAaNuzij9--wnn(9@?f&^h)*kB=+v_gWMgvE9Ufa(m2uXA|tB z7>3!M(h&|V*_fU^_K0`^gY5p2Ld3dal${}kjf+Dg`GGWw~EAwAefVc-9Dja616 zVTc96&H45{=42+hp_wNwZQ_Zv3%~87U{KWMfqj(sU>~K@XtoIv?4#h&PkS(3he^DF z#z0M_F*FW)=S&E<>gPVnho9Fu^0VeT>)IdtD9Ts+DBF;Ilp9#%SrI>;d+mhP$J>Z> z&j&?)vcX7)m@2q}9jmy#rL^M9M~NX1SUY1&%O(wLX#9#yYg9;X=}30jD^43tbmUzF$ zn^NOGo82j6m&Y21hRDT1E$_}Cyr83P`R*lmgD(GYp&UB_ZqrhRvb(crAz(wo-94I= z@R^O`^9C2A<6~I6So36@h_#K%T4%^W$~|{n$Xo0J7Bs#um}-k`Vr@A&*&$=oDjCl@ z5n6w3&bRI%61S_ifK$@ejv5_$$d>$=C$oBWU7*y&FJYiu`m202@-bW;GUp>~g{zUz zyY=4pOdVKZS8;YH!%&;qC=IJlB+zNr9$0-xtxqajPI#cfQi((qF7HmluHD|ACFBfe zF}p3RD#%a(7K9yY-ytN|FY6>hvVgGwc6bL{{yu6L?*C!$t)sGfzkXd&2?;R>k(Tc6 z5)_c`ZV9EkQ&Q=Y4gu-zZs`(fB&EAS`rHqwUw?0$caOc_bM_wR@TX%q9Ij_Q&%NgQ z%sH>i)q&)dH_t)F**b|thhuR%5Nk|{W$v=%_%(=JooN;I0@-Kp6R2v z-GsIHX;yZiO^u3z))~`YYO&ajVfZ+t&w8SshN4M9*!hJ=ss2|cW@h0pt4u(%qTt}* zkaJCBrtL;7N?X(;qsb4BWijbIL*@w?{ESlStn$O=xYxFxCPm#&D8bRio%66+%3^Y~ zEv%q`MviwSH!qL+_y|2I>*rb1&#|vxmj~75taT}9kU zL4IP5#GR3m@ubpbBgUEma$UGC$PDrE@fJV6++(v@kD8yKZ?Cjm!ZJPzaL=r$P^?w0 zwA)F>VzYQzo0XkC#Eg|+QZl%(k-KVp;!#auwg}=4bOMN8BH$gY1>2 z5aB~H2Hte;^#z2@K~F1kPmX*`?aGPeR4%dmz=)Y-@L@;kjPZLdM-Qt8NnF`+sG7#x z85oA{pQka~ceNH5dx+Qcz?VLm`wT~KbE=j?Oze_O_Hb)De{<#qKfjl(oScx0OI?au zwe3~{Jl#`w5r8UAoYU3SWeZ#~Ra2Y%Ha<+efo;4i{}n~Ze;g0LSg&J=;qn=8Jr2#B z05{p*#Yt8-LIP>N*jc5{8(l@@{u;~m>W^U4pi42%6)Wla;#roLmxD8wpD2|X zRpuz8CQae;sDB;@Dw5o?*z`j}LL>QUXrs{wR4qiQkFXzSr$GTx#dslZU~FiW%y8~^ zJi0>6h24)7fy`z@k?;5#YYB+t4$jx|!-%M;)Sivxg^iCZujM&^exsB13sYV43sWs! z3c*yrejUm#Z)6lV5KeAuT(=5&-n|Rr&QU8@KU^2Gg=gUBZy~?y>60It|A@IGp2HT) zI5^DmrJBgk3!BaHT$9_QYLDHvu%@{LU~{$FCheh|7GsO(KLlM0J8#+BJG&-sI8}10 z9t45MeEZ{i9}EVRKF1?=h$K(%K0}nC>+ZZzW@e`OQ|m@Y!`b&C@h^PtBaHz+$|>-p zs5*uF+wH)&M^W8aA0$qve$!CD>Ig1o%;ei0kQ;hx0Y`{`RAkqLs{SQggy9 zIdeG-_rWnf9w@)&PDKr`DF1Y=|F) z@fW4KUgmVL>TzyGg{(8$hNRl$>2vrVP%Km$*xIV!8u7a?3dbhWe8N)oUK?K%^24{M z{|xb?R3LJa?bwj+1`sPNX6w4K68ROm{x}MX4Sf>G+#coy0)g`7e}ekKdGP zClfBu7xKfrSCs1AU0$du3pog-TIyih6HwTNgoLb1l34k*a;elGrTN-6FtVb28((D# zQO~!na5=AfO2z70XM4B(@xIE@Lw;_)sg;2@gaix&Md^nBMv_;ED*&NX=k=gFL)k7t zBzZW$C3)h2Qf+nSIM>Qr8rX$xJL0KlT+TtGS*QN*Bzf`pza)8`a#2vGza)7ce@XH_ zB)`sNRUtkWwCQ-ak=W_oN8IjHtPv5?$B94Z!oc5J^HUJxxQnNK%~bT`Fxp58HJn*M zfP(I^??(@I<6dP5rJAnvp3TP8-2OhJVU$umw=ndB35X=`aj_JTBghH!PW+7S-H)2+TlOl{*B20m}mU=+1JG}KId$^gEH)Pqs zcldb{ZHpDD!ZzIU;-a2hT+g{K%nHM;dUgC(fo!g9+^T=2P)CsnkhD0%i z>>lO|bQJjDgzgaFgze`_(XWU25H0tRSsVzYl$1=#AR`rcFcCTAHfyrlZ3k;RgjrMd zzRRIxBG*nxzDp{8aPoe9oISn&8J0+XUjsAOc{jkTPe`UfDAfsekMU^P-K6g9@!9mK zxiw7R{dSsyEmOUJg8b{8`_kk}nFD(^s0D)$vvu$arcN76qxrTI=hwzb;75U6I}CWK zy}~ym4PEB0R4s)vx{QR;^j#_)n2_GK1Z=xQ1Bk?7y^6GKC~+d|lFia}v_A*^9vW zHi}nc+YAo!wUv0H2ZLcEZhN>t1w}(TN-~QNDAm-8$-gMoLrae7U#)G*GM%}8Q>yE( zDAl=!s5yXAo&Oi58dA7DKPs0gxS-o|wm0vd+a1p4`S`FICj{MvPBkW$`YCT(^O~7^ zrghXe%d(n@amEZY7MvjHR#^rLZ;V}7|5i=*xP)s=HK-?pK>TQKeh*-(-TxI+T`@Bm zPVU-V1y=(w)pXiX_~0^VobWl12ZCEFGz7sN8N1~uc3ad@(l96_QgigZkh(o@hv|Mt*^Fe;2 z!m}vNtCa+@C5kt_afQqek5${wPm7*8r4F(%D#pU7X=|sv%uy$Zj&=khrnYfW@IM@c zZSKZ1G%$(S-G#5TpG)h$+gsB!tLwuo-#!}uL?omD@eMgS^!d(@4(Y~qKQd_;%}5Vlyg*lCL4KcZm|T;b ztT8g<0W23Gz_z8t0(r=<~~j^ZtQHrB+^F zy!qP&x17oAarcU9Fi;2?()z-e5-~~I5b6q@s`67sB9&O|OWy80(r4xydNf!3Q@_m7 zHYPkG!EAg{#Kt-49cDM}+?HX}W6$VVme`zFNH6MS+cB!r@hFdx={#L>tlqW0$^#h{ z6;)bJj_COKI1t1KwT|Rp-oo+a=H>>v&Ygol%1J&Y|KAt}9waurpG*6^8E(DC{7Q6P zpwelaU2)YuF({eN zphi|Wzv?A@+0tr7Y+<T8^qMn}up_kEg)Nr(*CM~(;u6+cNacIJ`i zpG((t+b`H!P_j!mxi57Z(r{7XU&cJUJhKZGbUJ>dHB-=?ku`V1OV!&_Ux$l)Rokb^tw1)f7lQ&&6B+ zxSS~SXn7iZi9SPgb@y>f)>oeTI-!hOTU)Pks-D?c(R9F}Ktp@2a+S@-t!=gZ`oQLX z`~bQ-f9aTJ#3pC~W=Gfb!_42hy78o{Du}MG8tCeVHaGw1>bwt3tsb`h($(o)>+0^n zD>fs3ifVR&qkxE#SNc{zS)QL9;3F|yYm!qTn&dYT{tiHs?7C`qFP=_nDuGtKHShvx zl25UtG0$u{1tf`~A<_CE6}=1R zN&oyw18Gvim8)*_w{7&U^09+Khl@wqspZiyHe7=fiY7sCSs z#&>g`-ebAlez-wqQN9x6S;L{k9ZM(Qz{d=c|#-q_8oeCoCrH%_dv_ow$H zxmpJCX@VGky7$T+lAi>PLHt+$TUytT?QawX(Ivl*+~HVS2hLC zOWxU!p`p(NgK&Uwnr6b(@`i-M8Ek1hlq`riNfR6+h+V zbXSd;vTv4m)tyI&8t!wkyZC*{`4C?2$|UT~wIA${yA$=bj#U(6WZB!V}I;D6V6;7uWT zQwZJ^f;WZWO(J-c2;S_7-0X<_e{)CVCK0?z1aDfyH?85D*6>Yh_@*^{vn+hGEd2k| zW#OAb@TL&FDFkl{!J9(xrVzX-1aAt#n?mrW5WHCy`H#slH?3hvYxsiaaFdhScP;Ra z-G!-Ks_q56{q{^X^BJic7i8CBYmV9Qof$59o0boX3*BINT_ifbgbTIeIk#(3+W1^N;rlJhAIdD+=A zOS3;%QXGX2pG!$fW=v^g_Euh~=Rimiwo44u)aqVn4Wy}b-FT{+I>lSIt8U7+$*Aa& zS$)aaS=pyJuacCmfQ8w6w=2}GH2K<ASH##AIZdfy^lBq&cOjT}`q( z_oHBZ_>@(uslTlq-2Yiet88}RGz}L_vRuAN;OpdBv%7n>qB8!kD=Pi{v)3ys0Gb9s zHQ9R~u2)p5V)f*e?8VEBMF6N~ZxI5j@f~7HivB(cR#eolR#ccC{IjB>qdN-rH!8k; zlit&d)Pl(Yq?(tDi;G#t&DeTX4jb>%YF~(>p^CJO(Rc7v3Etm0Q)G6g7n({uP4;(L zrHkH<)u-P)=ILD4xZqWHHm)iut-`V9bu%=mdPbp;YlBkoqEYo1s^)NgatWYnEThIM z=>9>~DE&s&klwz_SMU&^YF__B)oeko%iNaR+*sQn2GEs$)_rBcLLYzv8w&4Ubc zM{o43#ojJLFqGXRUC)~l^YV*|2E+$mK^EUsF(PO^s!zPUoMmLY0f!OgaFL0@F6cFE z5-A6V3YX+99tL`PEJLod-171^oB{*F37qFPo1!5cJqkqg8=1QuIXi$_sFvXHlNaN7 zbbwxW713V5Gn-y}*ht@?;x+egY9SiDjHu5QwNPJQs-+VAPAdPR7KY;iV$F~P0?LV< zQQ1THX9*?Vnbt8lx`5jU){2IXzr01_dxuj>=Z$fOL#bXg=n}sl0KpbMxxyCaQ~+!t zmL8zCfZd`yNDNVBf?)P)9tm)#P}IrD$Sl@J=}@0thJ$jOmKI34)*jgW>$0@WlS zAi$sp5wAiM1%_r%&A7n>y0f#hJN7(nPu&NLHHxhA5JId8i?R;cUCaked{~^|4=Fey z`x{d9KayaHmJjqT797G#$|mKIk<4HXh4+_Y+-A%z%P8=zzI}wLXO?s7 ztaumf4xGD!^_**Jp#q>5l3!B`i-dlB)4UhWDUVjmA!9Q5QAE1wsgU@G;;l)1uG&oq zwa^1l3pt{mdA7_b>eTA4F{f9rDNY1&Y%0>4c>Z8yvyUWC+u0}A4*s%ayEQfU7PI{+ zE?2;P*S0U1Q+MGgGur6r#5&-hpax1FB>4J@#EsMLdW9g0n)(JzuJ0e2{W^vor)Vw1 z3ak~hcCci}g2k!~Vxb9JNoj=H4T^QISi!X~N(FKJFBhpCTWW%V72 zC9SO*D4aUDw+$x0AF{1=zGu5BRT48o9_1(VOoLaEFQZ928}c*Y)QZ}9mtdNvd9K}9 zy?a(6xDXKON}eLXN!WM(`f~}RMhR@Rcz*M}v|%mbKBd^63C7RAfi(a<_@4u7%H4J5 zA0v15x$Jt@FxYyl{wuKN8aDWUEU;!^fZ&ZWGn-5DbLzpN4CC5KTcXo;^_7hk<_!qx z@#V`qEwpoYn3zh7oKNoyiA@slx1>rdD9}KARTh!%--$k&O4PkLJDP6~G1_ZWB`2i} zw+>lb=#FMsBz~5-R%0t6@0B0n-6~)?5Nv2*5cL8hd9_}`B;C5}b)sp7JLU-gu7cY#xA#VTRo-dZTX?nbix+sQ2 zrBo%Vyq;tbeGYb&OKeRcyUJEzS9$Y<&x0jgt95$BlLU@|#e^~T8mBXNL~9AQaP>_t z$|TwBwm<#bU1fl?x!P4WHa3RrDqozRf?Z|m$w{tn!&B7Q@f*7WUl{?okPzQ;u|2&Q z0xnD-eJsF3jc{>NL{w*%+ta3$IB3dYU{O#ag(_5u;2nYXY>MnnG%%9aA7OaoER9Zll}5{58K3q zCaEx)jY6YFd!${Di>`K+3&5_jFl1MGx9fUW`2Z8Lt6XEqbG@rvV=rSvxKZMhvv9bU z3&4eCWx{`f3$q~%zF*+N=>n<44UxaVg&{PL%Gx)+mt#Y~g|b)R!mY7v6LRpZxHZjI z=jeYwra5p30xn#;0vGZ@z=h|oiIc}px)rOq;1mrZ0bc_F(u9Z4{rMSvX|Xoi1#qW6HBwrK2#!}|H(9HCNqvORiB z4M)70x=X(MvD|g*LbBd1x3|>kPMHq#8Xyr~&gs}){CtnzWj$zNqtdkFY^J^|YN!6A z7k*+4@@()&Yeh6FWl9bE<4?CtE6GLiS&pJkOx=6*!v5h_f7AVkTdjr;xYe*u8c!g^ zLeqbUh3fXl7#;21j2kOYL9K*=ho~7YDKWCTyll4a(|!CKMIHc%&O3mw84ss($^Mp zjS$>3WN(?l=g;13VNj|IgmC$o1ZG9T~aa)!y>n zf3mmy{kt}@BGV%iWIPVrwD$PL>_@wYvd22ZcJ~kxs3o}0KKVPX>qpaDd)F{7$VJl` zmN7D^(&4t=^L?oxQv!qFMV9uW(p~U*c}Ypej|sbxN!7R?)HNy9%L5_q6hqSevO7zr`IJgNza4EpEM)7AfwSJ8PtoP2-wmVX(2L1 z@x3>e2Yg2Go&s)SRDR^U{{UeFXteNncC&d5vhwm-Ug!Gy`k|4L>G0*PtpcTbFb`B| z;XNXc^O$EEZv*n{Vvoy!eg2F4Sl!{Oj?*b~*3aNQt1H^1rV+*iaFyRt*2(XY6wa*Ai`mNcBstAwcX0H&*dy zkk^4*B6~O9mzi3ejs{!*IYULaAXs+A+-Lw@cVp{z8?t|Q3L#mab5pv566b;kARNzV zUeHC>P$>C|e|%-*k|3)vMrf{I;3VGBFK)kHcOF_Zd*FK?r&AgqYT7aD{AcS!f^5TQJoTTZ2YUAj!g6~NCQSc@V(9$@ zPz(k=w;hJLTOllbEL^!l`n)cP&x-|RWQVe?xQM>;mieVoMpcod;sM)(r zr0lkK@qCmbzzJP)p_5jQp&9oOO&^)PE3-zMx|GwSXYy3K0yC)XwsuxDMl<5^9RY1x zY;g$+B5-N|z;>(P_E-0cio3@HD!lZ&AAAl z80E1#XP?h$n<2?Rq%*U#BOxSfl#_Sej$3{7t{09L^RLQ|uSwQb?FSH&wIzgPJylJT z-J~G$LOZ2WznzJRN$AVCH6U4QI5;}?T#>BLLCs&d7=czeMn2zqfLXMC9z@7Q#&0|w zQXx~fH@VdnwWJ>WCLx|M=*-MtwRmezNO5#2>(joxt!??)X|bf7lZ)Qv*y!l|70H@f z!vsKKAS7!KpVvH$Rv+y5J^_-o5i07PDwr(=Sy_M8T8E*UXz=sNzy)jn0Ef+Hzxx@B z$3@k`!eSoCF#^jR5C0}vb2-RD_Lh6D05%H?3*g`wB5<}1m-raoKEUH3og9%LI$8jC zJQE+Za5SeLKH}l7Gu%D4yUy@<{$=Axn#57L(=q%WaZm)M8Zp(OWNG&WU|Ek>vxo_c zNU$645!pH?HDY%D2H0S-#PnPj%Yai4z}kU~EUqdUSe$l}lZ`&UzVMk@S)pfVPJ-1o zN1JM>uNm(qm6b8K)$h0f(jhr1Qsm|)j=rI3WMHq2J;B=;LILB@U^dJ7fic&RPZ|>8 z_fl{pp6}G9Lv+7)rb&Ecyri#p;AW5sJ7*3TY?)!_PW&jTZ8Aqti_={nS z(*ya;ab*=1B04%DYzk)PUVY(@asXiSW78?QK@fM?bd>b;FqOkAIyw0@>g}fHk#_WZ zD)Ydz63E=%!IqUrqf6XzV*Sq3xw%u!&s0=x*gJ)FH6x~-nnJNYNRb;|YEt zv_rp@I^D6e{0cl4Y4U5fKYN}T#+>anlhGfP78aS$!IvA}p)G}NA!%xOzRWkQ`qh0% z%?_pL#3{L*|6TSAVqY1Q8M_Q#XXje-x`UFG{e46>3qrwK)3E`mZY5-_K7W37S?|ACUnL{mIz+X*~O< z;rO>LEvc);Z+%u*>tLnd%8z(1W=(?6Cl4Jv>VZXs50cSe02=_VK`X_)0}sF7zc$daY4V$0pjc>GI-fmd%WEqlzwPb5&1Pvl5XXysA<8mj-ux*je5mG{{U=Oiv9p>hV%UX z0@$$p1F*@jIrG=i(Th2>LV~)Tg!ll4RyZTw(Avt1^|1Nv?ct+8MaBHX5s&*(n`zN< z@(E$a-ydOLPSvo9=gt+q{vD$Ek09{T42vP%JqcR*z)lG)5f7Cx%7Drw53uWN#&kg( z6M}&fQdwDP@ZAiY8S0Lo^tXb;_*Baav zUIfvfM7jnmXv9(*=jI8jJ(!7!$!qVF%f^OYm!w5cdkU{7YV6MCc*MrV)q|zSY~n8s zb=P)EDx>v_k-SX6ewTto-BaIN?;aR=K6qF)%7&s@g@)Er4Jno;;w4nSN5!N?HzU^3 z>?5_cST*FTlyi*J9(4aakA`Hvm6HJQvUfoLmDXb|J7>LQfKeK9m@9Y_bM^@n-BC;`F;DZNkmv65Cufr>dw4aW3?!*G5`0oo zR+cq4saZ3j7B@#%=Q)R8BRgXvYX5#qtMnJZ#`7P5%|z*OGL5D+H{CVB#vcN(@r$G^ z)gW$v}fXFZayp^(Bmi^dC5n@e2aJ-CQWiV~UnNXefrOvu3_k(F%}TEVEuM;!E#f2%hf(|Q5m ztOWqhdfn0Xl|=sOiZ<(%CQi@#{WLf&I#x6#)3K_al}&cEqq#s1G=Iz_Rx$CZR9}70 z+Ri70JI9mNN37#8MXiDoDb3S#JKn&{g0N~XDk?+I_q>6T$}>Ir$D?#+ek{V>^9XiX~IL zRNT(vf1EuN80|^ za+2lxhyU9JCjY)7^bgwK-)~on6$?xxy;ho-9;tP37b!S6R*79JP5PhzR+>!Ly^xkU zdUd5V84}^u%At!^FlB*COo-p>(vC= z^zr7AZnq^(J42s%sGtk0K;GEV4k6{brJSTgc6GJN#ko=jIX6%7rIC@5g+YE+6<#C_ z3#;)Ssst#mUKHX!t@=`9FUhI)xXjlVO3mYlf}C6+PrcS)>WZTsG~Fz!pb#0yX)hg! z%R|k^#%8fO!6x{f%dt^bRW(OFPqoHQDiDV&OMPf)Xi*P%E<%8J0UR8wA$1&`>B7SE zE4W-_Qe6r{Mv9(J+r4eOr{*-BYrMSlhKok_htc;el4lGD(oa?DoV@JA1VtjK!_XWv zl=UttU7l`C#uBHdlEee4Np;=V86@4Pog=2%drjQ|m_3Wv1u}Tc19hojOl&=s?0p>0 zjDIUN0hB|C)I?H6C3bGwuHN<11vT7T#MU;bq_kW_@J)5iLq@SjDa=CcacsLQ>-Dd` z=96@K_6K#j*Vj=ZxRZ2Igt=0WDPb(W*e|BG@F*F-oQAzU;6A=_u2{g#dT+Vn87k-Hf~ zkA3R^RnvS&ihgwmw>{~zUG&knt$91E&z{hIkqYW|(tH<8Vi(7=DA6b5ienY#Uf)Zh zqQ*UbJl4|0v%)u|e%rYEm(m3P@wL+AQ(c`p>a@eSl!Jpe7F%e_6bmC`R`Qcm{mm2i zEi^4b^xcF{(;qlO2OamfzNLytzor2sLtJJMi2X$})B_|#oWGSOzbfZHN)vAkPXvFX z!*g+L$u;qkA3vlIluBM$TTkC1W6Xw-3{Al2bFDP#YKCF{OKFk=QJMrmL3dv(O*~O^ z$JMV%h8yFhpohG12(j8(yZ~0aDJ+b==YY8S!pht{Q_&Q02&k_Ru--our45vy4|Mo2^iylg*Eyh_Wgl%mL|pay0n zUl|&X@H^B_K~19zAoM0~VM6WRJs);{84?t%pzZ>3+KK(+v?CfEC}n47$GUdf{V6JT z-$R^swgcVd6n!0K#vcM*O{cKZhs~7=e+Or+*G@Z_+y6N2au8Lbc%c-Ol?|rW=|Ke3 zj_BJCtZ1di72wRs=lWV=+ure8XmZq^6p!1LCPCbBYN-+4FTq9p*o8r?mFrRv;~WT0 zvh&3v%jBS4xwbE2Rk@itd{?*|6|4Zv+IqwR3&y z4-OAU?*OmK_dD&q@njb1$61~=TyoseOzL1tu}cP-hm-)%Rh}D6;n%3oee#~ z*lD;!Z$3y6TE`_Uz`6hFZY{T1o~mi+a9Q6ZTmuAF3>w08A zV0}xzLj0HE+X4Xbq5zBPQ9BZedJN*F_BddA2#} zh-G|7X)Yzbe|9U%t~vJBJLm&e;xsZ0d_2tZ?^eVL3uEIiZ~}iF zL$4VT&l}!i53^#V$Im7~J$z_Lq}3&V5bXBEQR9Fe%QM--r%3iy!%>0(Po4Rf_SKm7 zKAPpD5{C13o$GG+S9DG+NbcGG*gG2EJ9a>=*4efJ0sj6gyLQoz0ECETe%#J+B3z+^ z<2o`cHMI=`4TVL*_IiqwG$HSv3V(}RUgIf1LK7(Dt23EGqR!Q}Ev>ZdY!UGU zPO`Qj+{m~%EH>NCxRi~AT1|3lYIzz3YV{gY2p=_nb=APK7?@pN+1ppz7i%26n#Nv` z0b-N=poH*@h3qS_iQSU+@p%RM!T}JQFj$Pl~TL?uB_&oml2EHaL)?RHXf zGGA6!79kJMbbsDtt)qh16C~b@+}xfW)0$}jy@nTVPOYvM93TIlno_Jb1s6m7K`NF| zrx)wk>QIAldE~Kf({h_`qlQKVbYs}U#}1yz^&G@K{1YYgN?zrS%dI=_^m#W9U2@d1 zlX@|&Y;1&Ot^9Ko3#Es1K1gm!#F0uHgP|np?*TH7j~!?GNBMuGVe#7JKx#T4|L=!=~h2b{!%b{H7XNX4aO5OEjgv{>r0D7Y~4Zjj`Pz z;UbWM&H^yr&cM&{hry*2F12!5Wy8brLZYJ5ZN32kmNC-0zd9zQ+xVWhqD&7J*rY_ok;exg3YYpuw}^7t-2tw2+;~tL3|FT4MpEwe}U#dKQr({^$h$YF*{v zC-S@`Kw3Ml*jjL2A+5V8XgJ9L(wg}4%*b5UWFK3-jqyIf&ob*16HvuOJ1%UgGQ47i^(bt`pmpZ$xB;=o3ml z$gv;<MwC-T4eJOlUaCO3A4AXk>Z?wAIUZlN4x>$hQCZCcUj|3ZWnB)py46Fh>lJJvS+vFq<1`_{2#5ZC}U$|2cFZ$xE*l)DJty09DKTy z_DgR3y$m8ZHVp)F;~d4`!P(q_`&U0}nLF<;v>lS~`$0xy0D073A9Eb#hBpG4MY$MUT=hWCt7ig?g$+)% zh>YDcC*%|y8;k+rkca6UhweacGY}9o z7Y;X1gO1HQRJK6V29(ZHFG}TrlN{ev0(oNhQyQ(tfrU&T-0+YfE-IO{-r&fz8gd4` zo`^JWipAf8JIz0WyNC!hxi}zekNrzWs^FW(nn1_>d=aOVpwZ{1q0e-h7si?nVF#FqIF zk=CQ58NZR%^wYnQ)-?cWy=C40&I2H=w}9oC`GXQVndyarzrWoKR5a`AL!oILA_5!- zNq6-`Vud^wA;a%#z;bL`koGd)`U$)bvg<H%gUe?JKn>Lo<^S{vdXb?#)NR+tueO40L^r;z@%)~zL%1v~ zz}c1oM#?8OBLo;f1I?X~5Vm)o!)7xvTxX#L>@;QoRo+%L?Zf}z;luvFkk&*Z{h8N- zJMvgUYNUwZ4sG53YK8>?wMs&woRIl&*3&8MZv$&rg1aa|hH4KoK1IYp{$Z6e6U(aV zz?Sohxj^VS0aEd>Fx$-6PbKo{VT7DqjyAah%iiVe^bag=+ltoAin%qoJ77H?2={;R zfL07)HZ!B*OC}P5#*>bQ{j|~19&uOXwqM5(-BWKD&64|uasC6n+h5(@zb_3f(9L#u z_1wQU-vRqRUw`8ZC33|)?)KZ==+Z2(Jneg*B$U>1f2Vj+;je3bN7Sh zo|U|*I*u7=Xjno{owWH@Xp#M7WZjL>pwA~x(`fr- zb{B`uhu{W=7#?2v?NlLtyUooAS64LPx9eNy!NiP>8_&+7ZeQp^0>xE}3@EN7*L}RH z=}d7@Bt|@QlV3j{nK_5}?Xnf}WBv@}4Gawtkw_$j&$R`K{PElMsnepOqi07_pwp;_ zL%f*^VDg|+$-uzib4|@e%~-y}=dHlq%+N>nCxQ~fgS&E%FwyXFYxWAyTqgW>9VCOh zW7t#@ob}w}NPmv+uUtgXXlPB%_lKr-eQv?YiWuYZOB8TCN)ysw5dtp0`8*m%yB8RG zXU<}F?zEP30>%GKGum!Wge)$aB76i=^(>B`l2TIma&mH^iHTcpM>eNwv-$kJ@jywn z_>*O7Yr0+oI&~K43JHuiHoo_ie=^(F&D~w+4dz%|9QHEE9MjPiSWV6BCTfP4<9Be4^1@|@j%eydBT7oFKB(678WWO9175pad*sg3+KSeI5 zVrZC6NKBlm-O}31CYD+Bt7C%lbGi8h2~&5v&gvh>-P7Y|T7DCC&foiC*w_SzN*###ICeOLwIBtK>M2YmY%tE~r8X;*(F5K&d1(vu=NB z?t2>xnJFVbU!kQu!6rN*0bek1KH~^@8nZ}SU1F;1W~%u|`@L#NmTi9o5+2~3S6i)w zhL0j_<}~|2La=AJ&^Bsn@$AUx^%#>PMX2tXgejtk^7CU2FH^R>g!QiEAv2U@PYdmlCUUvS)7$rKxxf z-dx*-;#9(EL^tw9wLiwCiqeza%;N|5m6UvR`;%LCKmO%5$-E>UHDdltajb^+M{zuE z4N)979C`J-?=77QxN-iL+kK2o4Ds(49Z1N-e~uRp)pSeX-howaVBq~WmnUKkCpdqK z3eF!6U!evj8H+nREsKm*lINylS=utKRptK#XFCqO%Pm!z@19@MaY^~`LwZLP&1ia( z4Id*SVpysX88n&bJ)Y6CuqYT~Zqg1686q=oU|SSrD3bR^2wn7ZS-f3pD_RK?+P#=S z*WH&1>hPQv4Kwe%loGhyMc!RC97xR_I>*)`=!n7r$3HeUw)*b&&*+elS;e(k)7o0DLpM2s*~42! zmT!C~^y|p+O(i}`=mkU;%&hDVHY0bowO75C|t6%)T< zfn?Nc_HYWjyH+A1e&oFYwv#UdtpC)FSQNpTzUu zs*ZuI6hy1&o9r)ibyJl`6C)ys?d|Qe%nXf;WDWIhHA1J*+C^^}+`*xgl$Y0=T4#wr zVxMnl6zwQI0&bJoFFAhUEUruf0-W1!qF4v-Kbr=HK1Ajs<;|A}qZo<(T)L45+$J1~ zGRY(Ch+fS;^%kP0^!Y7p;U7~4bp2(*Z?$Bq<4UQhEHNs3YOfq%jHab0+RvRFtQj!2 zf8SmKHPrGg0VIEfF{bQW@9OV;J`&_evspR7{XJ9Xb*ZR`{4=u|kq>cdEdE`ZBdKAl!>d@3>*$+BPOG4Hk#U4e%h_ufa z7A;RkTcqTvhCUj8Wg#5rymfzN#hS+%u?@33C3^C=>6l8Tob4aeF#*JMTzzFa#(=m@ z9FK4Wzds-TxvX#XlY@9_`_JC8032LYn%B0htm=XN*=0_Z&ZzYbPV70hz}J<;; z(edsA%rDWg9Yk~-8O4I^n{L=7FGcssaNC8SzomUBTj8G}ycJ+e4kMB1+?i`5A|Vm% zjptZ;Tm6RSFVS&-ir^3s9gj~?f&oWqb#;@ebp@_(wt~m9LLWHKQ%Hymj>$hD`2{0S z9V@!N?S^m>r^UNnOsclv^&PVZfY`Avf5PcKiOYbr}t*WzX?2xjcT#K*@!Ld7Pa zkk1KcGJH08`k2I5_B$9v8nl@kOz`x~U9EN#i%m|g_$-^O{d$P;(?EJXl0U17@T$pJ zfmYa;FD4NuU6I(vGg&kqUha+x!da`Qks8Dz%F0zQ^QQ4iOG_8kPKEl~W#6qX_QVzu z=%;h(P?c+#e$2`(EtPxpIBc-+wf0FIk`MO9;Z`) zQ%C{7$#mVuTaUQ7lvU-XqjJYSb!(YM@T~aRyECb6^%ct|rx#&{K_l{`kkc9Zs$*Z* z+U4nb?-E6`+$ALN<^;2tbbLGhw_Z~wOL>A(;Klw#c5C5)swaZx+f$0HKNv>eur`Y> z)z;mnq~;bD;JUcO7LG!*r+yNT6%-g=Fmt@yi69}|UZ2*%!xQ&RMgx-qlO@lrn)#ND zqomU_L_|+&ogQc^#Yrzg{OmpwUsaR}cAaEaeyBj7r-LIS**{byID{qof(ZmI22Z`c z1>{h)d3w||wkMyhFY`@3-sdnE40Q;)P^+>M5?+V49iDB5gkT{-x2yB=#N&PZru{dG z#_sU*@+LV18M7{(I2K-4&V3aXcBsm?Qo_OG)9hVHPu+Cp9fQda@~Wy?+$^-?jHUd`_TpgbaTqPMv&jV1XvBxl&Yrt1jf^E`LeD16eP=iM<6{{ z!nVp&t7gv8N}E)#!M~+yk`Y$l6HB0tbDlsM$1TP8Ml6DbL@anm+m+I^&sk&<_EN3Y z|1y^n@p#Y)&L=0Qx#(^G>*LNYSZKR0IW73g%C**+12+-Kran!Q$N6a(0NPiR*I)X zmAs&!k2a4#v8Hp-pP~ZCoNL)_#Uw^acY$rJjH-WUt0#7Dke!<1PjF^ei?{!Ja`5@5 z%cz8m=4X)J(MK%=2GSXzHt&g5^TsH6`p0o+8?~}p3LA5HpG`@Y67@|N;pH+8TgjgG z*nS70z3ZkQ{Yhq*^FFnLhvN#OObp(N_z$6?L7R;v8ZGkjZun zUBxEE%~f=?Loq2jOH@6{(b$ph87^OJ&*b%Wql4#AXWi}XW;qAjYfE&6XEMyElI3^$D;1|^&iWqHic1n!#UwK+ zl8Vw{ccOCMu1ZbiM_p>I-dy~FVmo^yIVj8>68u;1*E%sV5p&_b7+(ry5lTf z-*@kQ&vWj*=h^w{m18Fz?oUUwbpNazn}Wj+?_FDfI(69`2Ou%Pq|6A+P!vc z_l)d{ig%pbDvFBnO-`?L0C@23!&gfEkMy`Q(<{G4&qln`k9Gvp4^u>>^~ z%@t0WT&C*ldzZrpd;0prvRY|0z|%NWaCVd*UEtV^jt(_BUSGHhQmopZ9RW3z%e@?Q zSnzhL`iC|I>d(s@>i3OD7x@2Z>N@;6iXL8#fzavEk;e+?Ehbck&<8%^!|hfB5r1K! z=)i^sm?+xIcTYitKy`m~+l~aS`;&*&uj=={b19ImI6VB;(8nCA81%&SKuh~*SE>H3 zCf6%WYbMbrgDvhMM@J1=l8_bL^%3~4Q5XS9kV))uV)1PHZi$Jb)NY+gdmUle=<2F| zK{9N#Fyh6dEJU++bdD{Zwa<~jvny&Mdk-SIvM)5oX1ajp5rGM^&>$p8)n!jL5exHd z;r&jxa17|hR6W8=badjzth3Fp|BQ-=kcQbJ|=$3(|X7D zN6o)vv>R6$e@G&PgMm;5{hcjLn)l%h8i?bQCv){LN30AAjkuIUeb7Ld*;vuVcVyt5 z!Q-J`ggli1T(yAbwPW5x zoP_NC0H7V}q2-|n`t9JQ^Ox8HP%cUahLCi2J?Y6>z>14i5$BM)>?JxFoFjKy3Uq&8 zaD}_Yu=mqn3idZ6d_(!iG(!0H`Ts^0;hBPpN;Cj|uAYTHs8`j@sX2B-eBNgC{$86m zTO|xEKOrIRW1xHnc+tL-9Wf?B*XYN@Nw4+wn;$=3@B2E8Z@S>^pLl+Vh-Z9RF+l75 z<4c+9gj`7yzxiNt+9#iq!vzU#;uakW3d(^uG9^ELykeLriHF0lf6mTY+x0S$WL5=2Ze(x2(atEX0%QJonF8Av}vnD}X+_~AB_=W2+_YN{`-N=JvJCffJf zhQ`Jrzto^o>w+n*HD{BF$gDFB8Y-;BgRs`mMOH|+Q!(ubp!_VjBL&10rY@L-~ORtg;p zR*R5tL+e_7B*z`A_WqC+}*~!py-pE3;hlWMP60>Xcr3w;mUWXFN73@qD>smEB zTB%5PXdLUe<-Qqtr}vI+gty#^V)*wc0$rX;_=#(+%~aVdV`E{(>$UzUA&2p#cIozJ z_9yDc*Zth_PdGXC87A#xW@dB_ORm3}n-)BGJzRe?9a}X@Q;|4ZTKjr@VrGUdH1yS` zR(ZLj^812+7!x$fi!wi`{B$k%{8RX2V&Xyq0-6^27KJH>T6=_B)eGgpx2~K^m$S|0 zr42t8foFx!#@R0KGYdR1Ky$p8Qrh3gBzc2<+`O@NeCzABark+uz#rH}WitUSCRw(J z{5@Wh5!McXeLDQ5lJV@jynaNEh=)A~)js()e>wUCI>C-=2- z)XSHzwf1~G*MeD|tQwB4X3;9g{wR(797(BJr%(CehXku6Av(G=X~lXVNzracPR#fQ zksKG69yQj5K>WB03fW!bs7)U)Ko)HF{eVx;fvrJ6gy`ZzTIYWo;dDQ;tw z6D~sXKnS?)V_5(@NLl_onJN(5aj%Q&L`G|*UuZWQjiI1kb1)_X5E^F5$6W z#QH!iZ?vBZiElS-DhV?MBO!!=PI(6WFZ=3B<=r@}rE#1W3EeqTFX~ zE$BhhS^-b++?>f~E2dD|n|JTtQQHC$J6hI?Nx?sssd;emf~#uW^uJARQSbSJsur)# zTL|e?hVAEHK0e3rTw60|V&oqM+|)p=WcGpQ!&_+y{lc6aXgRGsQCUm(KSc#&bRCUL zn~U&3QN=;J&1~YYv(xnfM=Rg#_0BGwgV}aR?Z8yv|eUX!5Vajw}Be zcC30g?3fW4cHH&Pu;aVq0=!epGq5oMz+$rJn{6+`m5TzXcjreSKg?msA^1Pe=s%`f zJwr3Iyo}t~J7s%49|s8C{TLhjGB-cD9*duKd%zmJN7IET{npK`#_P*HKd`B($b{FK zuDyM-WnFo{rR6izlJ%l=({^RhBfY8{MOV`St@<{VgVha@R)@4 zXn)Fv5mipy68HU;6GJd2FNa&KM=2lVfcHE~3?`auWbr4Q?D%)z8lcEab+DZ-a;Hk$E79eCb5?f6DVA((l$7}f?1BV!5i#p#G%N-+GM%`xqi z!GArxHM-h&%xr1fSV%*$h&Pe&s~S&cX>X|%n05>YrX8EzO*>xszngaKcir%RnRdJ) z?KZ&ne9`{F@9UAMANpR`A^&LVmZV4~Q2aJ|f(U|6y_irCyiui~`;s)jjHE$PLHiIYUCL95t|Jjz3d@gpWck@1c*5G+;aAbJ}dh!)`-S79#j^H1H77En)sk%Cy;KCTn zN&B9TQ>nPIZ;z{eUoI=354yK(dvEb+bz>dJvOm%X~M3Dho7tu1TFtgEmK#+`9;xW`1UQY)A6SI zzl!i08X8ttd*hw1&K!Gtdt-s<7SWmAY3$tPW#eO~u7d03u5hQLUvG~K0PTU*VeS78 z6=0-ZHPE2l$ph~Ljtf8@=ns(O|85j;<=>)!DF3f0pdR$UD*o1@t{whI>EO)&1Uh)* z;&i(2zeWL@{96yNJRXB!Wr3bYdCD0THl;s)I8w~Fd)s5ZHvIJ;6CUF!^B*4`^S0^# zDLh8tPk4;ezdt;NkSBzghqN2!=0g)85AeYn>n0b9|9M1ko!d?-#lJT>#^Qf4ImWrQ z%ouEUYfq8#Z=kZ{OMJX-?GiNBz zD(qFOgaq7JRlG7CYQf?_?uIl9(qiopv?s*HPh#IIr8d zlZRwZw@R@XPJZmt-bFUW9C|&qPhL6(qJ(zYD7n~xG9)(Vbq5Y|(|%!_;_LD%4*P1U zIZV_XGE`VV2w3h+QGYz;yT!)Lj?Ok>! zh?*}YBd<(aMetVwB4zDms@TGC-{XZGKop;6N&3#%q|YK7#3=Kcu!gAuh(#@s4SP8H`43p;pu{hC<&D+gu@LYqRK7aU9x)FCXX zFPBcz?4)hKdP>kjdS(4i6+rUG@acVF-~xbvGOY$2GH?L^8aqPwu?C;Z0Y69G$*bKJ2ozq#j}{>G}`g5$E~ zBBEA7%2B=MJ{q#~3uKG#FD~{WDq3qYYX5E~f&f$u<@^m^QKjCf`vK4@vdo`9YrPW6 zH^L>zsTKsx`qTh7=e{~gLBp9?);6w*#FTEgsPYNOTu;F0=ofGD{(zEm><84Gk_mAt z$k#P?ja2#o#N~sPvlALd!^zIvH$T2>h*c&kowyq0SAZa{OUnenDP}Nxn~ce~klv!R z-GGvrdci1L3<}K->(>YeN}~ih5Ho6634XhmZ(F~`{4$=no1y+#(=~~#a6V)-uOfoZS#;5% zgWiSeXC*fyRQs`76XlRufan@@5 zE-Yv|WWcs-lFMi(RgRUbVSP&XuMh511lA0XRx)t9a>KYiFjzqm0omTB`evsLTco#N z`L3BMeS1@CG>}?7nB@7n!IK{rb&2JDy6Z|3`f+ZJU30Iihue{Zdr14S%lY{^nFN?4 zk@NCCfZPol1IHTs?lCxUd+hgUPft&0FA>ZBf-cgyy@|>Ba!&McU+VVqp{!i3Tn&}ee)#VC3c;(P!1<};x6Mca45RU=KIqR-beOk!%&e3KY zpPX;3zFxYoff;Zq_PgS0OniHVDFUPrI#&WqsqhroTL1@27Z74n4uYZ=>DJ;&T_43a zZikH+y;e~Xrd>E=8|v%p08}Ca-PtlB;(Z;(7$stTVl{Sh8I8!UZy-aXzP%BT%P#!k zY&jP3N3_u`zM1kX^5s);4Ws*;KOwl3OLJ*C$(DJUGspK;h!dnIFbez3Mq?b8Q`cLtz5EVCSC zcCXKGO4B}he-Jc~i~RWPpnqijJi9-M+vMjeY6RK7 zsC*=att6u2$pDAgos)cCvdSD5k+NQ&8%o5&=({DPq?~MwhcW|@58hHV!j|psWKw<% zk8+jdlKE1sWCIt55_PSEo3IL!D>MLqjxTKKh`&}Pv!ZU;s z7~0T?Ez4GIx0@?ZAkuP3d?MlLs5nIJoDExD|0+X8Xiqz&6sFR4is0VI;0IhQU<@)* zr^hXs`?!Od5?fq3u3HmnlaE?kktAGv_H4kT;uAu&)%yhR88oW&P}*l;P`{DK_hNGW zw8b&!^meG_YU3~#e0_I$_dPn{G3kaK;!Al%MVm9iX*5Kl`~cCqWIsNw3bw%H_&U&8hM5rNkagY<~DUn>m>W^bt{i zpK1mQV}U;R)WX#^4@&fz4>p&XcxG?2S`lC!tR$p7eQ)C{ppFy;ugp@oRhjm_E7GnU z^zqx)%A96h_apIlU2^X)GZ9?v@9-K*5gYOuyr7owdaN6XehQ?RPbaN!}0$3K3g4Q$N8ob7zMTl%EcN&PpRXR3aKE$C0=XP`JxG;c2b+dMykjSQ`y zqqQleW}?*3R&`=JmbX&NJlIcN4L(hV6DN~7L2$VZkqpsYA2{zW#Y8q-{`4_Be1^M1 z!G>zK|J)0mqMtqov?dO&)8nJC$GKPEU9mr-I7GJ@bqn=wUgr5`uPHwAgoO8v)#ACI z%GcYrRz|j5+y%;`*h2z4cFmHG#r7;C*ALiesC~N7gt++k@Y8QV@(I%uPKTs&$395) z+UO7@Ez*6NM?~lwrwJ?y+oMJ1#fyMx-Mz!15}Gd+WeXbA(>>-rvz6xDiCnttQ=?+& z7!W>VG9&J6LA}DVvf*Z0Zz7S_ZbNO>P3e|F7H>*V39b912%gI8OaG1{ZRa_E06HE> z?_LWpweDEvICVGZ@oVNea#~RHEW4q~vXqmXQcCs;v~ zt#i&sc0Uj_8AWg0!;+c(0a`8cbm8uZmXSVuXO0%BUF6_1-*P)~t`HPJ*FCEb%Qinj z4)sn7f*cbs#kg0S4EiX+9=?E0ys-}w9tP}ptNC#}(8h~2;YLWlh$s~6d@IFqFlFhm zzzP+RR+GQj~99!88KvjoLq#?S<4cGJ?M;XIWrAtx zs~wCfve=SE>zX%cxDQUQ+lcb@w3unDOsRCu>pP#A#h6L zzA3?U0(h5=;PgpFPvEtkJ3|yI!!`(lTl(!A6Cg}TW>4L3Zyc-w@)w*R+yWRtxg((1 zUP??#+Q{TzDNdj2k55mxkxX}Qg#JGGEPYkyLmn5|@Fr6d8`GqFDRlj9-F0pnf##tQ zM~VbyEy9U^nf7;pq4Mg=RTuX9*ZVgP%Ataj^kf>vIy*EAtLfpD#%r%DHDQvnp;IE& z>n{Pf<<5w1r-}9o7UksT7ZcJbW|&OR%iKRSqo0IslNjC)Y{fL)8FIqg zsaW?v`+ILwzS`*YT5i=y27Ov`X74-{Ti@qQ|1g9`?K677lV6^m*D|%- zojxq=8lQG$pRGcmQi_V9vv)Dw^m+iUP2)Z(TA$@UCkmR2iX83iv>$*8XqHwylyA9d zM3OZ0_wjdkQ^jRzVLDev`sCzH;i| z^EtSH>jt>npj!AR6OK{wzEk9+xMUJuIA9U7Azh8;9%_0!xKq&z@QE}+V1ahAVDKW!ko2@ z@C2RTCC54#+2e#jr<06Hfo);`C5TzJ&Z51_l7H_kem~!Bs5oD9i>7I+R2Yv2$3{WD z&d~ssb^_Tw^{1-qiB$NXS;GB0i%Mo$z;;o_&4@x-^KIGa1mvu{UyZHR2qp{*FA+T< zx!eCRO9SIu8O-`=A~GxPWkqI$`$r~6Z7h(1B+t@kwP3z=NZ`o+Czghoacf&Y2g(j= z-Cxp!Cf?c19~1HU4Z>p64d*WRL~F|xnAESA(v9Y1?EXvExwF_N= zp0CzV>YdkD{BKV2KZV(a%SSdY)=0@^w@u}7Ktpc3ZB)@Wfhe`J({33!Y@-|2>gjn- zv-S{=O4e?dH`+G)oreCm<*6xJKGS?>=img_H$dQ7;ub|w(X04J4gmVN0R~p+2h&N} z)yhgJSw>kK4%=Fn5p?o^Onf4eZX2`?@YhoYlb^uycdTp^g<};dWQeDZ_07Sap5dttsV3tDZY!W>Mk|xxcfZ zAJ^$Q_YDmJx;hJ0NaiCJt*_tZJJ3i9GY-0({e}jfzr94rau_tBuC!1@Gro)xapyDx zq@Ca|7sr!^yzUD=jHbB!C3)B2>GQ)4Uh_fmL#_9@N{3|c*8c9qr`yb_TPURNBm7%C z8R0-?Vj8{CYR}s1i-D^8z^4gwCL9LH2qjarqcOsTci z!sNLq>oj^yR}yd?xU6F0<4uHGia|gy5=U36;1+zNJ8CT@(s1zEOk##J1(*77nF))qUl8?l!BH0RaANn;BBH)$DN?@jN!QVcKWVR(xaPbouYa z%zKk&2O%-G|0V(F(JR~ddF;RW(s?2DiG*+3xlZC}woD1yQ;wDr%inz@E5NpSGO|2EGV_k@I)4i2p zfpC8K-lg%phaTQTAb+B!F+yf&8<7?NF9o+}bAm8@?*iC^-9O`!5(Bu1OL}+5l416C ztRtVdMZ_u2DOD;PCVx|5t7oP4r?7bbqL|i9@{M$I$ha{jE*1lSqQF z-h+#y-=pA_IlsyIX^}O359?$0!90w~m@m&!K9-)7*!*&ywh=>@E2)BIyOIy zVNHfrWI*W+z^XUB!zz(mo#TzrOkCh+0%^O$uD{T_m4AU=%Ovg|6e7y-(lC%=x(xIb zFYo_U%yRWKj2^-ssZQMDE)t{$fE@PZl+K|DW(M1CjiUJ~!Vo-Dqrp5B-h68!9KU*e zWiYb6i99DJSzutQkwC8NCM0^_gIGItnih|6+0;R~;s(6V5#6|zJ~t$`o6cj`4YM>} zt_7Q<7HUqTFdE*@yJOFrt);A(;O49#lTjG}5Ek=ToH^v_G%uY)G70p(&V@!a--%B- zOAs_IS1Dz4-&^GG&N;prRP@k$OQgG3ayud%J%UC8oxdf;lIu~7(b#xu2voJor|UI8 z)1J4X5fx&=WOXYQ2;{9EvofEE>-~e%mT~D(-NCed(XIE12A9l~ee5Ub_5R}u+INyv z>s_?fMOH;Jtcigq^8Zn|=7a8YHuY(Clj(-7yt07|plT-M(&4e4!4bbP6)%`~X5Sod zc*uRS6&dsph4LM-T{>xd$nhnw+aF9*SjZWz(*32VuqOG$6Dsz!zi~}j5#nr10(!zNDryyqPaLmLCasM2AsV-!?cbt=VmX!u=_-Jwy^#|%y__z|+697*F5qR!K z5-KF?mm5%>)a@Ocp)mmOt|-g?2Q>xWy-q4_<+gi@b6apJJ#h#&*cBZ9L@Hqy|8(WX zN1smOd6A+B$$iy7*lMW5Hs@1(2rfDidQ=7TW@Y-N$hGL8%G&$*)Xfxp^KNKcf>xLz9Fg;htnD z9Ace(XQ2kbX8K{Ydp_D_HbLZiU~Vnj8wqyH&*#FmnjcB--6>`X0WiD)Xvs8G;8K#A zzpC?c#j6DFfJvacWzv#L?Og(Gzx~k@BPe!lk^AT6kL*#7UvDATfoC7X z|EzV7Ju1t*zmQvrv-8wmGn989@%7JQ98h+gvn^4qn{}V!OzM$`cPM=VRDB>rd2}J0 zS6%Jf(Dj;SYtk~e0fxt<`p(;Ts1d^>s`WlFG74+Ufxm?maoEu%ZT?o_Dg0yG67(gH z_lX{dRvCfi@7b7)jG(cBUNZ4j+oq$w_rDOg!~hC5an4uzPS_qcsr9XVKZAZZ=%b3UKp;X#{*TWD-EsS zfdfgKef8SF#>CdPE$Hd~II;9_p``?eCce8QjD}qC|3{wxvyf*d5s?rG(P8~hEgmmR z4;-5CZlK^HzpD+zgfjil+MRvGDM2S?9gat0Zrgj>erJ22=mly?{BJMFv64#bD2zsP zRip zn|T|_4WUfuE$@FQ!O`3|!ZO(9!ar%iWL#6uzb~YYb3~DyahWXxKAio(hv_E+ACue> z*Shrp;?-nO)YcipZ{u<9Me50cZUgL>m|S>hEB0-BFF9*>Zl<;Mn1Swpjkmx`E9L!X z2)VLV?L$H*2(gn;)XtiZ1WM#u%t)CN4Zj{2d89DY~*{ti~?6_45B z)r%Oak2ISLxzres8@f^Z|5lf9-n_WSe^M5qto30C2IqzLIon6@(5{yWm{9iD;h#1W zs=rEJ(!U0LVKQpz>7d}NW4Oo$e9u!|Ffc4UJc7=Zj4|>apTFOu!Hj27FNWN^Lwrqm ze2lo&T93hMjg@!}uE@y2d9SbTh`d;T`0dB1LXVnpM+#VlltiieD7o(YUL09gI@+~v z?b@Uta5Yt55O2KyXsw|7<$lMc54O-zy-f{u5QC=9%J8%B@&3h9j>oR_h8ywCf;eaz zrI8ZwJ+E8SUwJUs<;{7}5JUp*fI(k-z6^i}=E?g24e?i3;9Jnj|ffCtCa-s{(| zrGaGi`mf})O zK7WAf{cy_KD67YApO_99uQPGOu`$eLeG^hzp*jwZna+8Wj7XyJNp!YT&}3&pQApa6Uol(Ugdcr zhK`CiYV7e^5wZCemdSl$>fkY&@btZeAAYx{cK#jxQXw31Y-CTpAu=73;W+YPB&XX5 zCd@w|_ux@PgU+D?Sy*DJmL&w$4~ZSIGV2`y+`MT*-xGCq;5vNMlb+dq5b}xOaGAS` z?oN-;o666bY;ilBiq9_qlUi!^QTdd|lrjp6C+Hf1yy$ z>f;N9uYG`Gh73C@3;~S4`CHX}JMkp6bya?rU~+J5Iu<+`yUv1Eny)Lz&@d*dz>`zLXV}&M^(5 z$xT_angZt0{`KbkAoPw4`}7GPi~j{Um>fNRzcPOQMeuAMv)us(_uwM5 z_3mrPGV$E~9xWlqGcUGbB}ObiUDW-Dnn!uk-yKv!H1NLDQ1}9hCm4w%gMAAozpe4I zDdI6Xp8C6KKvf2=RDg1$H@j@fS?}~iC)G@TwT~g%{~j1)^LM*;4gm2f67V`NLp;iC z=5cCp-2j$Aw@Rk-L-Ie8mDqzjEf0Gchf1#tJY*UKq1duVPep1X9k+A-ZoOE8Q|O$P z54eY9{_e6IfUllQJMj2!0Wk6Zd!#Q7^iZW2?U)?eH8?BG%!@(MA&UW-_$!845pBam zFPDPaWy)+P4bsJZXU;1qrE_2-gKzGd7KTR;gw>LtvWi3j`i3trPwjrq)$;@JROI?V zDqXIbv#gx3bP(it_{&=ffhfC(XUEnnSxEejk@TEFsM^!N4{)yz)B(?iUht~m$pGJ; z$%y)0`Ep4r2eJqN-R;hR&@lSc3su6~O(t(}XQW2ox+=^z0L=Myq{@>>R?zk%^T5~P zGE9^=zGK!}qzEnrCz_hqf6lcUr_gGvVRQGjuHO~N=@LJ!k|RCR7lI2((hmO#zXv^C z@TS9GF=t5w%tF!qA;+TU$*Fa{7=j_`jW_FRp2@(lD)yV}ku);VO$3=Jm=(SGmf67T zT=d9y(^33FOJ&a8pXwQ`TCQ*chyM-1d=YOd83+=P3rZj~r5KmXK(AJ9G$^M08UiB* zW5veTW9z=tFd5$*S9tXbItbTGcig2CFprI`z;5q7Y2^>DpQ?XvUgASFsr!Pt#x$cE z38a#|Gn@KgZnV^DKB(_Rk~aJLM0A@250l-7XKadkK+G1M!u}ZNadi9Qa;M3`RI95x z1sKSyhHPYAV&5#>iZ)$Fw=QMf`Vi6HSkv9?Pq2HOq_FIJlzNCyHDf<>w+pG+F&_SE zRz(Popd*@Z!{IxooT#TUwMvZ!&gb4%Y3nlta}gQX>8Fs9A~=B1vV>hcJg`XM+qbnu z8|;Dy+j`B|qJsnPa`{tW?w=`B?bqa8nfuS++MmzigIfbsbDK+;QvqAS>7kt$pinpR_XLZtNc!W_Fr1 zdo8xpWQ??!D0Ws^1%lz6_Z!Mk$DGbP>4)w{6RZN|Y`Y)VK< zM&YQco9=$m$UP;Q*L~=dJXLyIXy&n>!A&i6q++95VDX=P5|nenXgz!s(NC#55^MUa zOS5?1YsIKLaYUawEqfn&Jh`-=P6_XjHfdDX%$cj)M{YTn^_;Z8w)n7YxR2hi*S4&i zt2q0fJf5g-qdHJ~$0Bv?$hQe-Q9XUnvaEk4beoH%g+6x2miU0|+VD==s4fA8>hcvE zh)=r5IbT;7MqGf+a>+OPZ*-D3%*=HX_qAUyutRSQ!0K8x?c(l*8jXE!4c^~<#^+tP zD@tmmPsG6&qLaX0Mc;|eM|nhS$*Q?tedB@6w@`zYbK032zS0@fdCs4mSmnb4Hoy<;q#=rZW-{cgA+e9m}|tc4pOiB~vl%W}X&ll`~RTX&N;^o|9eI zcQ!kdg!?m26su&ijAEgrLF-og$``Nu zk_>k_ox}Q9Mk}BHG3WI(HsASl@dB~`@qWiy=IcRrnb@49+%{Hsd|Zx8@BQnAfM&OF zLi8eM2WH_dFa46%2@JN~rtYnNUej_WrG#z!X3gwq$QPl=>nBlx)mUHQ3T6aBQ z!NcUn8?QJm;h|!>DT7)+UlK~3MnN^~H$lag33uj-D79_JpxpM|pFn{Qb)I5;rzRH# zM=O3gh{|dY!%Z0+I0IcvUM1_@G-zlid){835|WaJ)S`=r5XvAr+k_3Cmv(zCbE`;% zks5m8ao_HsHO;lsUNoODWO_7^HgqAPmGNDk&!IS4P)}l&Q=1Tua-k0xr_mS45sgLL zeVD-!Jhoa|yU+a$!DaJWgP)(`Ta%cdFa5m*YIk9I&u+v#ql13HICdNC7rN=xZ0ZRO zs(mRZoG+xt6QBP(@wVPhPJrP>^8lpuI;!#fW|FdRVRQM0s)QhJ3Ga#9P2X$h$;sJE z;&qCwYcGs_jolIzOPqU!e8m;dJCsCQlRmV*_r{NnPnt}f-3}O&)Z4wdp`lFyeP0#h zCI(-P&+DetZVk-(0aqz#nF`#6-c*h8AztttvCvcNWgZ9u>Ibkz`NOC7vqj_ZCR}`W zZfpAc8xA!_)Ck&1f(n_z0m-!+C-lQ4JLg+pIEHZix@}wT4lyOOmKkWh)ZdrJcDA}p zI9?J4`AoE5`r>+|*qT&)x=<|B_eNWM5?Si8^m$|Cc3^VPrL}dj{beIV3v%VxbRKC# zr@M?^bcuzxKTB0(E5Grxsuz_t<@xHZ=vKl-ku=Q>qQGkUa1PikgsSvA2}VpS2zlGN zf%1+OR)!f0m$rV1f>uVXSiPE247~7y^p~_5)utE1m-@UfTaLUhZO<;QspcjrHWMHj z+qUJJGb$-V7Z+FClavQ$x`*F&e~b6itk1+!N;Kb5^5y0>Kev$?dw2uHB;L0IkZyNQ}UWBh0d zH6F5$4Vn-(BJjJP_{N$0>Ck>G<&5Yep3y2#X94R8s=`DiS-16CvWxwDRrUxH6*5q+ zJp!1W37sFlOp)|h4{rT3RM|XIsfq9Mdjyku*WMg8+0A0SoH(`G4)SX%*J7%veBa_j zqxD>rP_+C?HKxj6ixf;QWFUcDPQpPsSpCjxWq;g#M4v+fzw9Ogz%uAFCkUE=8RjFot{gPH((sjNSDDjY z$GTEo7I88JngneNKE4a`!%2oQ!K@_3fC=SS%YJl=u_BsHfs#-PSLBO%`Ekc+LhwvY zNpxPO1=6Rn43zBnMyYmP>VrP+x_D3=`ZsHuK;Jk)Z$>BhE+%)RrZ@ET!n(H3(0YIp z6M$UT2(syd$^El};$hCV8*LsLm;7h!hq{QLhr(EVqvGrEv!ZBW8fUN`uHPx&fIKyS zL@Np&zaK)ZY;r~_31B?AL9jMtM)T8j+V}6^*BQ>>vy5qfQb=hzuJ@7d>Ah0nXc{V$ zEWOz)x|RB41HV>$fLp*aGHEV=MzD)~OTc0sT%fT|^KFT$wIyEL&RE)TM9(uSR7fTl zbC$r{$UK;$aRjZGcYDz{yb^e1?jKMjfxWl%r8Qf-GS_1fv>hto?RA1 zlMZITg`I*8ZHwrHD}k5&T1m5z)NR%~>@fY?xe`9^((1As94`$TXIp`xm*_*`mzCRW zu6ToFS&=fm;u?B~I_{`0&7LJ-nCM##`&eR#9_@!0tXO?-5YKwrZ%JEBp207x0Taq#cIvu@ikF!#mTl z_DEt^{pNw1@Vpi+s1{_SfggE1U5uDmvNE3=^eTgkMzazChcl6$f~#A}-Uzlwd|15vJjJaU47!ry}lx|NdgvFoTNw2KkQ(hbh z3notQf1LC%WW@7GT#le}_xn3V^^fEyoe3P*0RQvIZt#0bXnU6qUJ57(AHbbAVz>%H zhJ@mY&4hz1vs=rYRUWe>N zQw{X;LY0<_Kq6)4TsP-~mHE1PTr)LR0aLk=BQ=I$(f9N>hbZ!TUuKZsz?9@P3=1oGWN2?MeVcAioRfJ9q-a8sA9Tj8zFIan zSm-q}r@o{N$d%CrZdMc2WUbCBOUN&c$l)f}$2wKv^3e5a)p-oQ@y+?rMys1%4?k|> zXRd8~hm3(IxX^`Gh3F)q<}@o@^wLgdd?lz|q0hXBxeF6xP`v!USg6J17ib z4I?w)-sHllaldS4X^Qxu*~(Z z)cnyiyRm$K(%t+Umbte(x7q656C%zvR!D+Bc!nCl?QZO`8P-J$`hTk+BTHvb;4Pc- zmLp?6^IO8=Bk@y)Jch9PXXkzeLC7qoWS}Nz-Zt~jk6Dy6+*_L76$rqGRZ_%w%;0GN zW5A-CBQGeBuZa!tbMn_-f+Izqk5g-HAi11rU$l$%Ek<#8sZB;in6bvU=7VN%3v-ln ztnxwPt$8Q&T9qxvM74JS%xY~wBp8p<1Ug^Ode4!vU+1@H&n$Y%)@f#q5Y9UzX7%8{1J|6j!lZko2okrvC8~BAxQMRAcPIUTn z$-qO7h5H};ZhneS6CVKc)SHafhS*zZYwNK$T-%^iW@1mIya;brT*llLeMf!5+)4IGA&OImUHMP|ebxz^7pHyA<#8Ky z6_&OJNFmP6J8O`iNQ!lV3m4aTrdnRDpLw02lH%BUu}19XLjV%5t+X|{M zli`Wj!|GA1P!YJqU=Gjo^JK{t%BJg~(~&|I#a40Dd-v}3zLI^RMq9Nrhi3b%YiVuL zuxpVJx{pA6wJv%09t;PUt}>86C}M2I-=Nojx*zMmfnwgBynpKuySVKp7!?~iDx(Ju P>fS3kW!VyGqrm?H8`(gv literal 0 HcmV?d00001 From c909a7c423aea546a5d31ea7d424bdda2473f1eb Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Thu, 29 Aug 2019 21:18:02 +0300 Subject: [PATCH 6/9] Move omitting redacted_because into proposal and add security consideration Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 2a24a41e9..38d699e10 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -23,11 +23,18 @@ limit would cap a single redaction event at a bit less than 1500 targets. Redactions are not intrinsically heavy, so a separate limit should not be necessary. +Due to the possible large number of redaction targets per redaction event, +servers should omit the list of redaction targets from the `unsigned` -> +`redacted_because` field of redacted events. If clients want to get the list +of targets of a redaction event in `redacted_because`, they should read the +`event_id` field of the `redacted_because` event and use the +`/rooms/{roomId}/event/{eventId}` endpoint to fetch the content. + ### Client behavior Clients shall apply existing `m.room.redaction` target behavior over an array of event ID strings. -### Server behavior +### Server behavior (auth rules) The redaction auth rules should change to iterate the array and check if the sender has the privileges to redact each event. @@ -70,9 +77,7 @@ authorized. ## Tradeoffs ## Potential issues -A redaction with a thousand targets could mean a thousand events get `unsiged` --> `redacted_because` containing that redaction event. One potential solution -to this is omitting the list of redacted event IDs from the data in the -`redacted_because` field. ## Security considerations +Server implementations should ensure that large redaction events do not become +a DoS vector, e.g. by processing redactions in the background. From e6f85cacff43640ca3499b637b581f7973cb9a8d Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sat, 31 Aug 2019 00:53:08 +0300 Subject: [PATCH 7/9] Specify that "existing auth rules" means room v5 --- proposals/2244-mass-redactions.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 38d699e10..6999b268a 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -58,7 +58,8 @@ unchanged. When a server accepts an `m.room.redaction` using the modified auth rules, it evaluates individually whether each target can be redacted under the existing -auth rules. Servers MUST NOT include failing and unknown entries to clients. +room v5 auth rules. Servers MUST NOT include failing and unknown entries to +clients. > Servers do not know whether redaction targets are authorized at the time they receive the `m.room.redaction` unless they are in possession of the target From 7ba4564ac3145bae862069a16cb2c5a1308fbfb4 Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Sat, 31 Aug 2019 21:04:15 +0300 Subject: [PATCH 8/9] Remove soft fail auth rule option Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index 6999b268a..b2d35dff1 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -35,28 +35,11 @@ Clients shall apply existing `m.room.redaction` target behavior over an array of event ID strings. ### Server behavior (auth rules) -The redaction auth rules should change to iterate the array and check if the -sender has the privileges to redact each event. - -There are at least two potential ways to handle targets that are not found or -rejected: soft failing until all targets are found or handling each target -separately. - -#### Soft fail -[Soft fail](https://matrix.org/docs/spec/server_server/r0.1.3#soft-failure) the -event until all targets are found, then accept only if the sender has the -privileges to redact every listed event. This is how redactions currently work. - -This has the downside of requiring servers to fetch all the target events (and -possibly forward them to clients) before being able to process and forward the -redaction event. - -#### Handle each target separately The target events of an `m.room.redaction` shall no longer be considered when authorizing an `m.room.redaction` event. Any other existing rules remain unchanged. -When a server accepts an `m.room.redaction` using the modified auth rules, it +After a server accepts an `m.room.redaction` using the modified auth rules, it evaluates individually whether each target can be redacted under the existing room v5 auth rules. Servers MUST NOT include failing and unknown entries to clients. From 30106aaaacf6c2e2c10bcd95963202466a7a1b3b Mon Sep 17 00:00:00 2001 From: Tulir Asokan Date: Mon, 4 Nov 2019 21:14:18 +0200 Subject: [PATCH 9/9] Add section about backwards compatibility Signed-off-by: Tulir Asokan --- proposals/2244-mass-redactions.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/proposals/2244-mass-redactions.md b/proposals/2244-mass-redactions.md index b2d35dff1..4f410356f 100644 --- a/proposals/2244-mass-redactions.md +++ b/proposals/2244-mass-redactions.md @@ -17,6 +17,17 @@ It would be easiest to do this before MSC2174 is written into the spec, as then only one migration would be needed: from an event-level redacts string to a content-level redacts array. +### Backwards compatibility +There is no easy way to stay fully compatible with *older* clients, so the +proposed solution is to not support them. In order to not break old clients +completely, servers should still add a `redacts` string containing one of the +redacted event IDs to the top level of `m.room.redaction` events in *newer* +room versions when serving such events over the Client-Server API. + +Like MSC2174, for improved compatibility with *newer* clients, servers should +add a `redacts` array to the `content` of `m.room.redaction` events in *older* +room versions when serving such events over the Client-Server API. + ### Number of redactions Room v4+ event IDs are 44 bytes long, which means the federation event size limit would cap a single redaction event at a bit less than 1500 targets.