From 3f196cc5b3c4b876f4d2f82dfbab614c68f4d1d4 Mon Sep 17 00:00:00 2001
From: "reaction.la" <no_email@protonmail.com>
Date: Sun, 18 Sep 2022 22:08:33 +1000
Subject: [PATCH 1/4] modified:   docs/pandoc_templates/style.css modified:  
 docs/scale_clients_trust.md modified:  
 docs/setup/set_up_build_environments.md modified:   docs/setup/wireguard.md

---
 docs/pandoc_templates/style.css         |   3 +-
 docs/scale_clients_trust.md             | 172 +++++++++++++++++++-----
 docs/setup/set_up_build_environments.md |  36 +++--
 docs/setup/wireguard.md                 | 124 ++++++++++++++---
 4 files changed, 272 insertions(+), 63 deletions(-)

diff --git a/docs/pandoc_templates/style.css b/docs/pandoc_templates/style.css
index 5bb8522..98320dd 100644
--- a/docs/pandoc_templates/style.css
+++ b/docs/pandoc_templates/style.css
@@ -6,7 +6,7 @@ body {
 	font-variant: normal;
 	font-weight: normal;
 	font-stretch: normal;
-	font-size: 16px;
+	font-size: 100%;
 	}
 table {
 	border-collapse: collapse;
@@ -48,4 +48,5 @@ pre.terminal_image {
     background-color: #000;
 	color: #0F0;
 	font-size: 75%;
+	white-space: no-wrap;
   	}
diff --git a/docs/scale_clients_trust.md b/docs/scale_clients_trust.md
index 84fa3af..201c1ec 100644
--- a/docs/scale_clients_trust.md
+++ b/docs/scale_clients_trust.md
@@ -2,6 +2,28 @@
 title: Scaling, trust and clients
 ...
 
+The fundamental strength of the blockchain architecture is that it is a immutable public ledger. The fundamental flaw of the blockchain architecture is that it is an immutable public ledger.
+
+This is a problem for privacy and fungibility, but what is really biting is scalability, the sheer size of the thing. Every full peer has to download every transaction that anyone ever did, evaluate that transaction for validity, and store it forever. And we are running hard into the physical limits of that. Every full peer on the blockchain has to know every transaction and every output of every transaction that ever there was.
+
+As someone said when Satoshi first proposed what became bitcoin: “it does not seem to scale to the required size.”
+
+And here we are now, fourteen years later, at rather close to that scaling limit. And for fourteen years, very smart people have been looking for a way to scale without limits.
+
+And, at about the same time as we are hitting scalability limits, “public” is becoming a problem for fungibility. The fungibility crisis and the scalability crisis are hitting at about the same time. The fungibility crisis is hitting eth and is threatening bitcoin.
+
+That the ledger is public enables the blood diamonds attack on crypto currency. Some transaction outputs could be deemed dirty, and rendered unspendable by centralized power, and to eventually, to avoid being blocked, you have to make everything KYC, and then even though you are fully compliant, you are apt to get arbitrarily and capriciously blocked because the government, people in quasi government institutions, or random criminals on the revolving door between regulators and regulated decide they do not like you for some whimsical reason. I have from time to time lost small amounts of totally legitimate fiat money in this fashion, as an international transactions become ever more difficult and dangerous, and recently lost an enormous amount of totally legitimate fiat money in this fashion.
+
+Eth is highly centralized, and the full extent that it is centralized and in bed with the state is now being revealed, as tornado eth gets demonetized.
+
+Some people in eth are resisting this attack. Some are not.
+
+Bitcoiners have long accused eth of being a shitcoin, which accusation is obviously false. With the blood diamonds attack under way on eth, likely to become true. It is not a shitcoin, but I have long regarded it as likely to become one. Which expectation may well come true shortly.
+
+A highly centralized crypto currency is closer to being an unregulated bank than a crypto currency. Shitcoins are fraudulent unregulated banks posing as crypto currencies. Eth may well be about to turn into a regulated bank. When bitcoiners accuse eth of being a shitcoin, the truth in their accusation is dangerous centralization, and dangerous closeness to the authorities.
+
+The advantage of crypto currency is that as elite virtue collapses, the regulated banking system becomes ever more lawless, arbitrary, corrupt, and unpredictable. An immutable ledger ensures honest conduct. But if a central authority has too much power over the crypto currency, they get to retroactively decide what the ledger means. Centralization is a central point of failure, and in world of ever more morally debased and degenerate elites, will fail. Maybe Eth is failing now. If not, will likely fail by and by.
+
 # Scaling
 
 The Bitcoin blockchain has become inconveniently large, and evaluating it
@@ -155,11 +177,9 @@ with both privacy and scaling.
 
 ## zk-snarks
 
-Zk-snarks are not yet a solution.  They have enormous potential
+Zk-snarks, zeeks, are not yet a solution.  They have enormous potential
 benefits for privacy and scaling, but as yet, no one has quite found a way.
 
-[performance survey of zksnarks](https://github.com/matter-labs/awesome-zero-knowledge-proofs#comparison-of-the-most-popular-zkp-systems)
-
 A zk-snark is a succinct proof that code *was* executed on an immense pile
 of data, and produced the expected, succinct, result.  It is a witness that
 someone carried out the calculation he claims he did, and that calculation
@@ -167,24 +187,103 @@ produced the result he claimed it did.  So not everyone has to verify the
 blockchain from beginning to end.  And not everyone has to know what
 inputs justified what outputs.
 
+As "zk-snark" is not a pronounceable work, I am going to use the word "zeek"
+to refer to the blob proving that a computation was performed, and
+produced the expected result.  This is an idiosyncratic usage, but I just do
+ not like acronyms.
+
 The innumerable privacy coins around based on zk-snarks are just not
-doing what has to be done to make a zk-snark privacy currency that is
-viable at any reasonable scale.  They are intentionally scams, or by
-negligence, unintentionally scams.   All the zk-snark coins are doing the
-step from set $N$ of valid coins, valid unspent transaction outputs, to set
-$N+1$, in the old fashioned Satoshi way, and sprinkling a little bit of
-zk-snark magic privacy pixie dust on top (because the task of producing a
-genuine zk-snark proof of coin state for step $N$ to step $N+1$ is just too big
-for them).  Which is, intentionally or unintentionally, a scam.
+doing what has to be done to make a zeek privacy currency that is viable
+at any reasonable scale.  They are intentionally scams, or by negligence,
+unintentionally scams.   All the zk-snark coins are doing the step from a set
+$N$ of valid coins, valid unspent transaction outputs, to set $N+1$, in the
+old fashioned Satoshi way, and sprinkling a little bit of zk-snark magic
+privacy pixie dust on top (because the task of producing a genuine zeek
+proof of coin state for step $N$ to step $N+1$ is just too big for them). 
+Which is, intentionally or unintentionally, a scam.
 
 Not yet an effective solution for scaling the blockchain, for to scale the
 blockchain, you need a concise proof that any spend in the blockchain was
 only spent once, and while a zk-snark proving this is concise and
 capable of being quickly evaluated by any client, generating the proof is
-an enormous task.  Lots of work is being done to render this task
-manageable, but as yet, last time I checked, not manageable at scale.
-Rendering it efficient would be a total game changer, radically changing
-the problem.
+an enormous task.
+
+### what is a Zk-stark or a Zk-snark?
+
+Zk-snark stands for “Zero-Knowledge Succinct Non-interactive Argument of Knowledge.”
+
+A zk-stark is the same thing, except “Transparent”, meaning it does not have
+the “toxic waste problem”, a potential secret backdoor. Whenever you create
+zk-snark parameters, you create a backdoor, and how do third parties know that
+this backdoor has been forever erased?
+
+zk-stark stands for Zero-Knowledge Scalable Transparent ARguments of Knowledge, where “scalable” means the same thing as “succinct”
+
+Ok, what is this knowledge that a zk-stark is an argument of?
+
+Bob can prove to Carol that he knows a set of boolean values that
+simultaneously satisfy certain boolean constraints.
+
+This is zero knowledge because he proves this to Carol without revealing
+what those values are, and it is “succinct” or “scalable”, because he can
+prove knowledge of a truly enormous set of values that satisfy a truly
+enormous set of constraints, with a proof that remains roughly the same
+reasonably small size regardless of how enormous the set of values and
+constraints are, and Carol can check the proof in a reasonably short time,
+even if it takes Bob an enormous time to evaluate all those constraints over all those booleans.
+
+Which means that Carol could potentially check the validity of the
+blockchain without having to wade through terabytes of other people’s
+data in which she has absolutely no interest.
+
+Which means that each peer on the blockchain would not have to
+download the entire blockchain, keep it all around, and evaluate from the beginning. They could just keep around the bits they cared about.
+
+The peers as a whole have to keep all the data around, and make certain
+information about this data available to anyone on demand, but each
+individual peer does not have to keep all the data around, and not all the
+data has to be available.  In particular, the inputs to the transaction do not
+have to be available, only that they existed, were used once and only once,
+and the output in question is the result of a valid transaction whose outputs
+are equal to its inputs.
+
+Unfortunately producing a zeek of such an enormous pile of data, with
+such an enormous pile of constraints, could never be done, because the
+blockchain grows faster than you can generate the zeek.
+
+### zk-stark rollups, zeek rollups
+
+Zk-stark rollups are a privacy technology and a scaling technology.
+
+A zeek rollup is a zeek that proves that two or more other zeeks were verified.
+
+Instead of Bob proving to Alice that he knows the latest block was valid, having evaluated every transaction, he proves to Alice that *someone* evaluated every transaction.
+
+Fundamentally a ZK-stark proves to the verifier that the prover who generated the zk-stark knows a solution to an np complete problem. Unfortunately the proof is quite large, and the relationship between that problem, and anything that anyone cares about, extremely elaborate and indirect. The proof is large and costly to generate, even if not that costly to verify, not that costly to transmit, not that costly to store.
+
+So you need a language that will generate such a relationship. And then you can prove, for example, that a hash is the hash of a valid transaction output, without revealing the value of that output, or the transaction inputs.
+
+But if you have to have such a proof for every output, that is a mighty big pile of proofs, costly to evaluate, costly to store the vast pile of data. If you have a lot of zk-snarks, you have too many.
+
+So, rollups.
+
+Instead of proving that you know an enormous pile of data satisfying an enormous pile of constraints, you prove you know two zk-starks.
+
+Each of which proves that someone else knows two more zk-starks. And the generation of all these zk-starks can be distributed over all the peers of the entire blockchain. At the bottom of this enormous pile of zk-starks is an enormous pile of transactions, with no one person or one computer knowing all of them, or even very many of them.
+
+Instead of Bob proving to Carol that he knows every transaction that ever there was, and that they are all valid, Bob proves that for every transaction that ever there was, someone knew that that transaction was valid. Neither Carol nor Bob know who knew, or what was in that transaction.
+
+You produce a proof that you verified a pile of proofs. You organize the information about which you want to prove stuff into a merkle tree, and the root of the merkle tree is associated with a proof that you verified the proofs of the direct children of that root vertex. And proof of each of the children of that root vertex proves that someone verified their children. And so forth all the way down to the bottom of the tree, the origin of the blockchain, proofs about proofs about proofs about proofs.
+
+And then, to prove that a hash is a hash of a valid transaction output, you just produce the hash path linking that transaction to the root of the merkle tree. So with every new block, everyone has to just verify one proof once. All the child proofs get thrown away eventually.
+
+Which means that peers do not have to keep every transaction and every output around forever. They just keep some recent roots of the blockchain around, plus the transactions and transaction outputs that they care about. So the blockchain can scale without limit.
+
+ZK-stark rollups are a scaling technology plus a privacy technology. If you are not securing peoples privacy, you are keeping an enormous pile of data around that nobody cares about, (except a hostile government) which means your scaling does not scale.
+
+And, as we are seeing with Tornado, some people Eth do not want that vast pile of data thrown away.
+
+To optimize scaling to the max, you optimize privacy to the max. You want all data hidden as soon as possible as completely as possible, so that everyone on the blockchain is not drowning in other people’s data. The less anyone reveals, and the fewer the people they reveal it to, the better it scales, and the faster and cheaper the blockchain can do transactions, because you are pushing the generation of zk-starks down to the parties who are themselves directly doing the transaction. Optimizing for privacy is almost the same thing as optimizing for scalability.
 
 The fundamental problem is that in order to produce a compact proof that
 the set of coins, unspent transaction outputs, of state $N+1$ was validly
@@ -205,21 +304,20 @@ problem of factoring, dividing the problem into manageable subtasks, but
 it seems to be totally oblivious to the hard problem of incentive compatibility at scale.
 
 Incentive compatibility was Satoshi's brilliant insight, and the client trust
-problem is failure of Satoshi's solution to that problem to scale.  Existing
-zk-snark solutions fail at scale, though in a different way.  With zk-snarks,
-the client can verify the zk-snark, but producing a valid zk-snark in the
+problem, too may people runing client wallets and not enough people
+running full peers,  is failure of Satoshi's solution to that problem to scale.
+Existing zk-snark solutions fail at scale, though in a different way.  With
+zk-snarks, the client can verify the zeek but producing a valid zeek in the
 first place is going to be hard, and will rapidly get harder as the scale
 increases.
 
-A zk-snark that succinctly proves that the set of coins (unspent transaction
+A zeek that succinctly proves that the set of coins (unspent transaction
 outputs) at block $N+1$ was validly derived from the set of coins at
 block $N$, and can also prove that any given coin is in that set or not in that
-set is going to have to be a proof about many, many, zk-snarks produced
-by many, many machines, a proof about a very large dag of zk-snarks,
-each zk-snark a vertex in the dag proving some small part of the validity
-of the step from consensus state $N$ of valid coins to consensus state
-$N+1$ of valid coins, and the owners of each of those machines that produced a tree
-vertex for the step from set $N$ to set $N+1$ will need a reward proportionate
+set is going to have to be a proof about many, many, zeeks produced by
+many, many machines, a proof about a very large dag of zeeks, each zeek
+a vertex in the dag proving some small part of the validity of the step from
+consensus state $N$ of valid coins to consensus state $N+1$ of valid coins, and the owners of each of those machines that produced a tree vertex for the step from set $N$ to set $N+1$ will need a reward proportionate
 to the task that they have completed, and the validity of the reward will
 need to be part of the proof, and there will need to be a market in those
 rewards, with each vertex in the dag preferring the cheapest source of
@@ -227,16 +325,6 @@ child vertexes.  Each of the machines would only need to have a small part
 of the total state $N$, and a small part of the transactions transforming state
 $N$ into state $N+1$. This is hard but doable, but I am just not seeing it done yet.
 
-I see good [proposals for factoring the work], but I don't see them
-addressing the incentive compatibility problem.  It needs a whole picture
-design, rather than a part of the picture design.  A true zk-snark solution
-has to shard the problem of producing state $N+1$, the set of unspent
-transaction outputs, from state $N$, so it should also shard the problem of
-producing a consensus on the total set and order of transactions.
-
-[proposals for factoring the work]:https://hackmd.io/@vbuterin/das
-"Data Availability Sampling Phase 1 Proposal"
-
 ### The problem with zk-snarks
 
 Last time I checked, [Cairo] was not ready for prime time.
@@ -362,6 +450,20 @@ rocket and calling it a space plane.
 
 [a frequently changing secret that is distributed]:multisignature.html#scaling
 
+### How a fully scalable blockchain running on zeek rollups would work
+
+A blockchain is of course a chain of blocks, and at scale, each block would be far too immense for any one peer to store or process, let alone the entire chain.
+
+Each block would be a Merkle patricia tree, or a Merkle tree of a number of Merkle patricia trees, because we want the block to be broad and flat, rather than deep and narrow, so that it can be produced in a massively parallel way, created in parallel by an immense number of peers. Each block would contain a proof that it was validly derived from the previous block, and that the previous block’s similar proof was verified. A chain is narrow and deep, but that does not matter, because the proofs are “scalable”. No one has to verify all the proofs from the beginning, they just have to verify the latest proofs.
+
+Each peer would keep around the actual data and actual proofs that it cared about, and the chain of hashes linking the data it cared about to Merkle root of the latest block.
+
+All the immense amount of data in the immense blockchain that anyone
+cares about would need to exist somewhere, but it would not have to exist
+*everywhere*, and everyone would have a proof that the tiny part of the
+blockchain that they keep around is consistent with all the other tiny parts
+of the blockchain that everyone else is keeping around.
+
 # sharding within each single very large peer
 
 Sharding within a single peer is an easier problem than sharding the
diff --git a/docs/setup/set_up_build_environments.md b/docs/setup/set_up_build_environments.md
index 13877bb..4e4fedb 100644
--- a/docs/setup/set_up_build_environments.md
+++ b/docs/setup/set_up_build_environments.md
@@ -11,10 +11,10 @@ platform environment.
 
 Having a whole lot of different versions of different machines, with a
 whole lot of snapshots, can suck up a remarkable amount of disk space
-mighty fast. Even if your virtual disk is quite small, your snapshots
-wind up eating a huge amount of space, so you really need some capacious
-disk drives. And you are not going to be able to back up all this
-enormous stuff, so you have to document how to recreate it.
+mighty fast. Even if your virtual disk is quite small, your snapshots wind
+up eating a huge amount of space, so you really need some capacious disk
+drives. And you are not going to be able to back up all this enormous stuff,
+so you have to document how to recreate it.
 
 Each snapshot that you intend to keep around long term needs to
 correspond to a documented path from install to that snapshot.
@@ -49,7 +49,7 @@ To install guest additions on Debian:
 
 ```bash
 su -l root
-apt-get -qy update && apt-get -qy install build-essential module-assistant git sudo dialog rsync
+apt-get -qy update && apt-get -qy install build-essential module-assistant git dnsutils curl sudo dialog rsync
 apt-get -qy full-upgrade
 m-a -qi prepare
 mount -t iso9660 /dev/sr0 /media/cdrom
@@ -194,8 +194,14 @@ accounts that have sensitive information by corrupting the shadow file
 ```bash
 usermod -L cherry
 ```
+
+But this tactic is very risky, because it can, due to bug in Linux, disable
+ssh public key login.  And then you are really hosed.  Better to use a very
+long random password, and then throw it away.
+
 When an account is disabled in this manner, you cannot login at the
-terminal, and may be unable to ssh in, but you can still get into it by `su -l cherry` from the root account.  And if you have disabled the root account,
+terminal, and may be unable to ssh in, but you can still get into it by
+`su -l cherry` from the root account.  And if you have disabled the root account,
 but have enabled passwordless sudo for one special user, you can still get
  into the root account with `sudo -s` or `sudo su -l root` But if you disable
  the root account in this manner without creating an account that can sudo
@@ -204,7 +210,8 @@ but have enabled passwordless sudo for one special user, you can still get
  account, and disable password and ssh access to the root account.
 
 You can always undo the deliberate corruption by setting a new password,
-providing you can somehow get into root.
+providing you can somehow get into root. 
+
 
 ## never enough memory
 
@@ -431,6 +438,13 @@ nano /etc/ssh/sshd_config
 Your config file should have in it
 
 ```default
+PubkeyAuthentication yes
+ChallengeResponseAuthentication no
+PrintMotd no
+PasswordAuthentication no
+UsePAM no
+AcceptEnv LANG LC_*
+Subsystem       sftp    /usr/lib/openssh/sftp-server
 HostKey /etc/ssh/ssh_host_ed25519_key
 X11Forwarding yes
 AllowAgentForwarding yes
@@ -439,9 +453,6 @@ TCPKeepAlive yes
 AllowStreamLocalForwarding yes
 GatewayPorts yes
 PermitTunnel yes
-PasswordAuthentication no
-ChallengeResponseAuthentication no
-UsePAM no
 PermitRootLogin prohibit-password
 ciphers chacha20-poly1305@openssh.com
 macs hmac-sha2-256-etm@openssh.com
@@ -450,6 +461,11 @@ pubkeyacceptedkeytypes ssh-ed25519
 hostkeyalgorithms ssh-ed25519
 hostbasedacceptedkeytypes ssh-ed25519
 casignaturealgorithms ssh-ed25519
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem       sftp    /usr/lib/openssh/sftp-server
 ```
 
 `PermitRootLogin` defaults to prohibit-password, but best to set it
diff --git a/docs/setup/wireguard.md b/docs/setup/wireguard.md
index f0e9731..a984539 100644
--- a/docs/setup/wireguard.md
+++ b/docs/setup/wireguard.md
@@ -43,6 +43,11 @@ Supercedes OpenVPN and IPSec, which are obsolete and insecure.
 
 I assume you have a host in the cloud, with world accessible network address and ports, that can access blocked websites freely outside of your country or Internet filtering system.
 
+We are going to enable ip4 and ipv6 on our vpn.  The tutorial assumes ipv6 is working.  Check that it *is* working by pinging your server `ping -6 «server»`, then ssh in to your server and attempt to `ping -6 «something»`
+
+It may well happen that your server is supposed to have an ipv6 address and /64 ipv6 subnet, but something is broken.
+
+
 The VPN server is running Debian 11 operating system.  This tutorial is not
 going to work on Debian 10 or lower.  Accessing your vpn from a windows
 client, however, easy since the windows wireguard windows client is very
@@ -50,6 +55,77 @@ friendly.   Setting up wireguard on windows is easy. Setting up a wireguard
 VPN server on windows is, on the other hand, very difficult.  Don't even
 try.  I am unaware of anyone succeeding.
 
+## Make sure you have control of nameservice
+
+No end of people are strangely eager to provide free nameservice.  If it is a
+free service, you are the product.  And some of them have sneaky ways to get
+you use their nameservice whether you want it or not.
+
+Nameservice reveals which websites you are visiting.  We are going to set up
+our own nameserver for the vpn clients, but it will have to forward to a
+bigger nameserver, thus revealing which websites the clients are visiting,
+though not which client is visiting them.  Lots of people are strangely eager
+to know which websites you are visiting.  If you cannot control your
+nameservice, then when you set up your own nameserver, it is likely to
+behave strangely.
+
+No end of people's helpful efforts to help you automatically set up
+nameservice are likely foul up your nameservice for your vpn clients.
+
+```bash
+cat /etc/resolv.conf
+```
+
+Probably at least two of them are google, which logs everything and
+shares the data with the Global American Empire, and the other two are
+mystery meat.  Maybe good guys provided by your good guy ISP, but I
+would not bet on it.  Your ISP probably went along with his ISP, and his
+ISP may be in the pocket of your enemies.
+
+I use Yandex.com resolvers, since Russia is currently in a state of proxy
+war with the Global American Empire which is heading into flat out war,
+and I do not care if the Russian government knows which websites I visit,
+because it is unlikely to share that data with the five eyes.
+
+So for me
+
+```terminal_image
+cat /etc/resolv.conf
+nameserver 2a02:6b8::feed:0ff
+nameserver 2a02:6b8:0:1::feed:0ff
+nameserver 77.88.8.8
+nameserver 77.88.8.1
+```
+
+Of course your mileage may vary, depending on which enemies you are
+worried about, and what the political situation is when you read this  (it
+may well change radically in the near future).  Read up on the resolver's
+privacy policies, but apply appropriate cynicism.  Political alignments and
+vulnerability to power matter more that professed good intentions.
+
+We are going to change this when we set up our own nameserver for the
+vpn clients, but if you don't have control, things are likely to get strange. 
+
+You cannot necessarily change your nameservers by editing
+`/etc/resolv.conf`, since no end of processes are apt to rewrite that file
+durig boot up.  Changing your nameservers depends on how your linux is
+set up, but editing `/etc/resolv.conf` currently works on the standard
+distribution.  But may well cease to work when you add more software.
+
+If it does not work, maybe you need to subtract some software, but it is
+hard to know what software.  A clean fresh install may be needed.
+
+It all depends on which module of far too many modules gets the last
+whack at `/etc/resolv.conf` on bootup.  Far too many people display a
+curious and excessive interest in controlling what nameserver you are
+using, and if they have their claw in your linux distribution, you are going
+to have to edit the configuration files of that module.
+
+If something is whacking your `/etc/resolv.conf`, install `openresolv`,
+which will generally make sure it gets the last whack, and edit its
+configuration files.  Or install a distribution where you *can* control
+nameservice by editing `/etc/resolv.conf`
+
 # Install WireGuard on Debian Client and server
 
 ```bash
@@ -250,6 +326,21 @@ windows, mac, and android clients in the part that is not open.
 
 `wg0` is the virtual network card that `wg0.conf` specifies.  If you called it `«your name».conf` then mutatis mutandis.
 
+
+You just told ufw to allow your vpn clients to see each other on the internet, but allowing routing does not in itself result in any routing.
+
+To actually enable routing, edit the system kernel configuration file, and uncomment the following lines. `nano  /etc/sysctl.conf`
+
+```terminal_image
+# Uncomment the next line to enable packet forwarding for IPv4
+net.ipv4.ip_forward=1
+
+# Uncomment the next line to enable packet forwarding for IPv6
+#  Enabling this option disables Stateless Address Autoconfiguration
+#  based on Router Advertisements for this host
+net.ipv6.conf.all.forwarding=1
+```
+
 Now if you list the rules in the POSTROUTING chain of the NAT table by using the following command:
 
 ```bash
@@ -291,7 +382,7 @@ Sample output:
        Memory: 14.3M
                 CPU: 8.709s
     CGroup: /system.slice/named.service
-                   └─13820 /usr/sbin/named -f -u bind
+            └─13820 /usr/sbin/named -f -u bind
 ```
 
 If it’s not running, start it with:
@@ -309,20 +400,21 @@ nano /etc/bind/named.conf.options
 Add the following line to allow VPN clients to send recursive DNS queries.
 
 ```default
-allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1; 2405:4200:f001:13f6::1/64; };
+allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1/128; };
 ```
 
 Save and close the file.
 
 ```terminal_image
-:~$ cat /etc/bind/named.conf.options | tail -n8
+:~# cat /etc/bind/named.conf.options | tail -n 9
+        //========================================================================
         // If BIND logs error messages about the root key being expired,
         // you will need to update your keys.  See https://www.isc.org/bind-keys
         //========================================================================
         dnssec-validation auto;
 
         listen-on-v6 { any; };
-        allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1; 2405:4200:f001:13f6::1/64; };
+allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1/128; };
 };
 ```
 
@@ -332,28 +424,26 @@ Then edit the `/etc/default/named` files.
 nano /etc/default/named
 ```
 
-Add `-4` to the `OPTIONS` to ensure BIND can query root DNS servers.
+If on an IPv4 network, add `-4` to the `OPTIONS` to ensure BIND can query root DNS servers.
 
     OPTIONS="-u bind -4"
 
+If on the other hand, you are on a network that supports both IPv6 and
+IPv4, this will cause unending havoc and chaos, as bind9's behavior
+comes as a surprise to other components of the network, and bind9 crashes
+on IPv6 information in its config files.
+
 Save and close the file.
 
-By default, BIND enables DNSSEC, which ensures that DNS responses are correct and not tampered with. However, it might not work out of the box due to *trust anchor rollover* and other reasons. To make it work properly, we can rebuild the managed key database with the following commands.
-
-```bash
-rndc managed-keys destroy
-rdnc reconfig
-```
-
 Restart `bind9` for the changes to take effect.
 
 ```bash
 systemctl restart bind9
 ```
 
-Your ufw will allow vpn clients to access `bind9` because you earlier allowed in everything from `wg0`.
+Your ufw firewall will allow vpn clients to access `bind9` because you earlier allowed everything from `wg0` in.
 
-## Start WireGuard on the server.
+## Start WireGuard on the server
 
 Run the following command on the server to start WireGuard.
 
@@ -437,19 +527,19 @@ chmod 600 /etc/wireguard/ -R
 Start WireGuard.
 
 ```bash
-systemctl start wg-quick@wg0-client0.service
+systemctl start wg-quick@wg-client0.service
 ```
 
 Enable auto-start at system boot time.
 
 ```bash
-systemctl enable wg-quick@wg0-client0.service
+systemctl enable wg-quick@wg-client0.service
 ```
 
 Check its status:
 
 ```bash
-systemctl status wg-quick@wg0-client0.service
+systemctl status wg-quick@wg-client0.service
 ```
 
 Now go to this website: `http://icanhazip.com/` to check your public IP address. If everything went well, it should display your VPN server’s public IP address instead of your client computer’s public IP address.

From 320f5bd9628a836685f6b1f4b12b40601e76f0fa Mon Sep 17 00:00:00 2001
From: "reaction.la" <no_email@protonmail.com>
Date: Sun, 18 Sep 2022 22:17:36 +1000
Subject: [PATCH 2/4] new file:   docs/notes/merkle_patricia_dag.md new file:  
 docs/pandoc_templates/vscode.css modified:   libsodium modified:   wxWidgets

---
 docs/notes/merkle_patricia_dag.md | 23 +++++++++++++++++++++++
 docs/pandoc_templates/vscode.css  |  3 +++
 libsodium                         |  2 +-
 wxWidgets                         |  2 +-
 4 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 docs/notes/merkle_patricia_dag.md
 create mode 100644 docs/pandoc_templates/vscode.css

diff --git a/docs/notes/merkle_patricia_dag.md b/docs/notes/merkle_patricia_dag.md
new file mode 100644
index 0000000..0765d02
--- /dev/null
+++ b/docs/notes/merkle_patricia_dag.md
@@ -0,0 +1,23 @@
+---
+title:
+Big Circ notation
+# katex
+...
+
+The definition of   $\bigcirc$ used by mathematicians is not convenient for engineers.
+
+So in practice we ignore that definition and use our own.
+
+The mathematical definition is, roughly, that if $f(n)=\bigcirc\big(g(n)\big)$ then $f(n)$ grows no faster than $g(n)$, that there exists some value K such that for values of $n$ of interest and larger than of interest $f(n)\le Kg(n)$
+
+Which is kind of stupid for engineers, because by that definition an algorithm that takes time $\bigcirc(n)$ also takes time $\bigcirc(n^2)$, $\bigcirc(n!)$, etcetera.
+
+So, Knuth defined $\large\Omega$, which means, roughly, that there exists some value K such that for values of $n$ of interest and larger than of interest $f(n)\ge Kg(n)$
+
+Which is also stupid for the same reason.
+
+So what all engineers do in practice is  use $\bigcirc$ to mean that the mathematical definition of $\bigcirc$ is true, *and*  Knuths definition of $\large\Omega$ is also largely true, so when we say that an operation take that much time, we mean that it takes no more than that much time, *and frequently takes something like that much time*.
+
+So, by the engineer's definition of  $\bigcirc$, if an algorithm takes  $\bigcirc(n)$ time it does *not* take  $\bigcirc(n^2)$ time. 
+
+Which is why we never need to use Knuth's $\large\Omega$
\ No newline at end of file
diff --git a/docs/pandoc_templates/vscode.css b/docs/pandoc_templates/vscode.css
new file mode 100644
index 0000000..6a78ac2
--- /dev/null
+++ b/docs/pandoc_templates/vscode.css
@@ -0,0 +1,3 @@
+body {
+	font-size: 85%;
+	}
diff --git a/libsodium b/libsodium
index 012e892..8cbcc3c 160000
--- a/libsodium
+++ b/libsodium
@@ -1 +1 @@
-Subproject commit 012e892841ed6edc521f88a23b55863c7afe4622
+Subproject commit 8cbcc3ccccb035b1a976c053ab4de47b7f0b9352
diff --git a/wxWidgets b/wxWidgets
index 8880bc8..2648eb4 160000
--- a/wxWidgets
+++ b/wxWidgets
@@ -1 +1 @@
-Subproject commit 8880bc88ff6c2cfcd72c3fcd3ef532b5470b2103
+Subproject commit 2648eb4da156a751a377cfe96b91faa03e535c10

From 9ce5bfc9395792ea427ceb8e3498c4183e0e6beb Mon Sep 17 00:00:00 2001
From: "reaction.la" <no_email@protonmail.com>
Date: Thu, 22 Dec 2022 06:02:01 +0800
Subject: [PATCH 3/4] miscellaneoud edits

---
 docs/images/gpt_partitioned_linux_disk.webp | Bin 0 -> 30668 bytes
 docs/images/msdos_linux_partition.webp      | Bin 0 -> 19410 bytes
 docs/libraries.md                           |  20 +-
 docs/pandoc_templates/vscode.css            |   2 +-
 docs/setup/contributor_code_of_conduct.md   |   7 +
 docs/setup/set_up_build_environments.md     | 256 +++++++++++++++-----
 docs/setup/wireguard.md                     | 153 ++++++++++--
 docs/social_networking.md                   |  20 ++
 8 files changed, 369 insertions(+), 89 deletions(-)
 create mode 100644 docs/images/gpt_partitioned_linux_disk.webp
 create mode 100644 docs/images/msdos_linux_partition.webp

diff --git a/docs/images/gpt_partitioned_linux_disk.webp b/docs/images/gpt_partitioned_linux_disk.webp
new file mode 100644
index 0000000000000000000000000000000000000000..7d1a05e2f948c77fd4e45f29564813d410e6ea7d
GIT binary patch
literal 30668
zcmaHSb97|Uw`Rq*t%_~iNyoO$j&0lN*tXprTOC^+yJKh4zc*{%{4sCNTDR_3TXoL2
z&)HXXm8B&l2HgPw4RH}gbww^sSO5S(_q9QT0k}Z`(xRe@`Ji840igM|CU(x?OaOqL
zy^E8wqzJL5mNqfeApjnL4gd#G0~m}<oE_y<Bvk)d|G(SA5&-0%W}g0EtpB&o|0qQ;
zHFGur06>VpEQCxPom{@K;TPs`cX9lOe|%wd6H6o0FI@eF>72eg_=Q*g$&LRDpZ~)a
z|H1zm6uOhDvgp^?(7)uw7XKGE{=cw^rIX#44cnIu(A3WUD?X^^e__*q*ykU%vvvLI
z+ke`>5yG3<tEqhLfnOUwKoTGgkOL?Jhylg`SAZ437T^M)|JvJsNt^-7UwV=M!5{ZO
z{)%5-#$R4m0Fy5dF@OWW4q)^jf55*SeA#@p|K`@&oR#H2A`o~H003g^^YfM*0Dwvc
z0NxWmKVJ(zKi>-h0I&@Jpx6Gt{T=cF0IvHldBT6ofO!A_QV0OhI{4o*<8%O^EgS&A
zUUf8bGWyT&fPH;}nwtXvH)Q|-f))UPHVXj2>iidPU%G#KK+!S)p!&ttw<!Q1BNG6i
zu=t9t`#+2u`pe<}@b>?;`QQ9~&D?K{UlAFhMdbnPaDQ6ufMe31YTG#HA7sX$Kh6@$
z9~GmNoqd_iZ{9$04G-&1JlFWQUqw&DfiQ}&SLLK&OCf&fxO`6bX~M&p2#08h_W~}D
zpMqxGpYk8!Z*Z-4Zmo9f9G80Dk6SIi9j$hg+0K5q8_s#2<}-8@(}l2QvA^Z;)^*9;
zoQ&00FIy*Q9$Y+^bcS0gHPdze@_Cj{-nd0`xHYzRp{;9ob#4x7Ej3K3nYFABwdPDF
zPoEMuCjzBe{DoXUCw7G<%W?bk)kK^&I1*IfKiyj`0y_|qM^^3ciIT{qqkwI@B_6%X
zdiTFSe{DowIBsrkzLSu_Bb)EUIQ1j51p?cl+$q6el6Lxnz(qs?goB3og+f9`r?+4N
z6LL&-+)!C?u<7_rvU@yox33=0feIWXF{zyb_oe!$Tcv(_T&`u8es;^7sjj}Y3tzEi
zH+ynYy(%WyX`Gj8y(el2D&8rVuSza!E8I0c=3J%?w9ZCrAFDg@zWkitm9J{ob(cHW
z@3qdB>`rZVKR^AItab99<$qI?z|yP`*E*HhFN3;2a&KJD`%XJ>e&#;7<ek;KoG7PP
zfeR}I76{{x85u&pwtmLXt-Vao^1_yvmj~pSdnqMDU;cd5GIJiExK+qr?s?prsMU&X
zPEBn@g=#1$RH`5yorOq298k1)xq?dq%Ep<lqvn93L|LO2ViLXs6qlIe89Oil#BPlZ
z-pU<aU3-_8m&oqR&hKux3YRh*hJmV<M_wvS(0GdL@N1ixbiMGuL|&UMF>*+5nL^YM
zH|2yKqKnI>WQPDTe`PTpS0s{1?+LeAoj;U5RL5HEE>@}@`;FIYl}nuM${Ou918Qi<
zQZM4voTeWIX8hbfaXReqq&F?>gY<<pzSd)s^HA4!C)>%j*5OvWEXh9^6SEo5h-W|a
zXn0d^&kC1vsyrVc_xAlEUNt!r+`70bunz7ToFP2VQ(FHb>8#7swCP`cbh@<ibE4c2
zOMAJ>x6Md%>t%NURuk>2)Y)sHdf&y+Jc7Eq2DT(?bv~%8jfm~Co|fP0-raXNl1Mwu
z-Q#WIPM{j4NCK6#L0^}F^R~%0uA}U{hdR8_I!1=T?}$r`kcK19EfehPM>_qS2u6hF
z0SADYMUL$~L@|y-0A9dSD2LJt{v?RF2C8|VQ${afZ8icj1@kt1B3hce^T%+W@;55-
z_a7iN(g7<!=yjoFm=Thu5D`}d@dQhiaq-`!HBb+bd%Av52<XH(L^=JSQpU=QG{W%~
zqK>-F@J`MbIFShw>z#|k3{fhC4yGF>ZBTq89?=@%a4d+2>zDLJMa`AZZ41<+lK1@Z
zlprBF<li+qcshISCl)b&wuA$#-_T2$g8@}W%eOlRQH`aKx*<j&JzkL;&a520X&i3A
zzE#cLt|dj1p@I`rTr#+)MIRC$9wX4tN}^%gl#GNv#!k|QiExY{7G6RZ9ysm`cZ%(L
zV+u~2%(_|1XJ;<!t^s>8J{>hj1Fn{CqDk7I!V=<hMquQ3feXj<nZQ5EotvP|{#^wl
z3GyN3aBoBB=xQr*1qG}4`x~ScvGWKiggikcKHkaBKF@?LWv888C&;|KguV`gvP=u=
z#)m}ptTxAx*j8z$jXbmLm^LbT9FBGxT-8{F>K8F&X9Pd>9ER4snI9A$NOTQ3irmpW
zGhA9L6U5w=qY{<S#}cswbRnJ%@w{ll$-bj9QVjUPyF{tCP;xEMk*nvr26W&Tx&{2V
z_AAwIn;o>hLh^&=X0k?2-m==1ObNJ11cYAmL8wv%77dNjN{WJRWEmHNNJ{My*^HzX
zvR%dtsc`uZGR!{??Bk0;Is;`+>%!1Y9<eG0a}QFD>+8=$p--YJsRO*`p++Q;F!$m-
zoV3j`u)1oG_MXmoH_%#rY>>eQQzVFyse&1ip>Lvzk)csX?!x&ZWeTuXKtb%15i4_c
zQDUT|ceH_4A((+ErAF|mLTyvQdhit7GiEo?YL%({?m^wI#**66(`aH;tQQv@Xc+r2
zzJ6Ij6r_|Wz2XOwO7Q!+uk%hIih6|H%n6<6Q;G7RmO8wosdx9NY`)6j26e0xvGv02
zN%OEKa;hCksO2juYq@f;F9BiUak7Fy8Aq?(pTNN4eJ9T#fPX9?IAazIwnNcWPDfAU
z&d-g}7P$I5MNn-?08>)oB5F#RwVQ?ps~52qmLJiD0<OX7RQ+PV`6I=kKrvfYA3YmP
zRTgmxJc1l4&UdBOvo%TasxQh>l-m}WtuuJFpzlmv7-`>^(2jQ6=jW&>?~3mN8`si!
z?qbS44cn_NsR|>^4P@7X{1yzV8!@d^x{OT1L5#r=)6OJUdxx43k#$7>t|L#W62<Nl
zZ39a9K%|qN>nu<{#jPR~W~#ryZjQf_dKH3P%@FPwh)&1#s0)Ez>y0TIfE0LEjiErD
zIb<7-gtG~S0*~DSD{2SSLO>{~U+uw(S5~_kiNAQfmxtlS-unTIo5OH(Rvn4NJXC+=
z&iF_4c%fy3T3nWNog$~ZG-pWe&T8nlkz8qH_VMp*v=l2%dO`xi{s65r>w1Em#aU(S
zQT#`X*;84%*B@Y~J$ll|ZX^%_3;HKEh}_D$ZmS{Q>roBs?xd=(lxv~%wc?wjr;(jB
zkkv}BZ47?~NDe^|KxE(tUA<L5O>%O`m9`T5gt+O3+fL%HbpVTd%OICR9$u4|CKAWj
zE|Kvd)zIwS=PWD4gFF3)`Kx`XdBGFku6WU%9~?eLM6vUE$jv0*ZY=d4)gPdo>p5pj
zKL55LC&M)c0V|51pf}Rom~ie^dz@F7h(A<OhWJ(+>F2p)^OI0>ZX8-|R|}u+p)yr#
z!Ei-+W9JDEEVEMRUE&vH+_RGq*iK|bAlu(&ZVhv1KB+`|9ejwIMB~e3`9QO?yM938
zLehDZq*D~8ZLx>mZ%t{rKj^D%m!;ifw|v*Eey`OKZAbGR)T&*hy(~V1yu8J&UupgH
zhIF9+Ye}3_TF1o<zm}~VUlFy0lz>n^Mh2oDElPx_CgTI8a5o2TI(&*NAv`hA#YdQM
z>TG{u1avXQ^n^xy^lL9tq^caex`pix*4|u9UdF!>A&kGrv@y|k#z8OwUK@&Wq3f=c
z%{f{JkM2wwtzfeWbdH>XA_=@@&)M}D`Xft@@<_9$)-8HF#q_anv7T60PYr<7LbwyB
z9Br+=vIn<a{bdTkC<qHdFhyo*`~^V>75=N+c={vum#Y-7Ro|Zl3B#3|+MY_xaCZy(
zE8#7nbXQcC!FnVu;UtF;k<;jq)5iua%O~r^<-h@*K<r`08F<^){$F_XJ->g!+Hz!J
zJ?qUD<N5BXGlkAP6xgA9Ysz@haHHGK0)fhwh4pO6q3p>&m@WI?_25M<9JZfG(XKA3
zD4wo-TL)CsIWT58t<7|VA;ElClzv$XE&1+odpUX!(O!<e%EN~R=T-qI8E}4H=5+7j
zRHdb`qS5FR39+MY-a>W5;>Q(buh5sH8tj?vUhi_HoI8Z({bhXtv#@ds=w1IA9xGIn
zOs<cCIFl98-JMGnn<4b*lc5ntpKyp9<k7!1B~~~DX8obrUGdWgc9A>nl-fF%-oMty
zf7;dgFvR8YdUxdWn*-aPl*<#7F5EeQ>GdJ5-{)xBNE5|c3V_oK(EBs0cg~?|o-P?{
zFS=!jwE~;;rj4!~4$*J)*H!z-IKv%62Ml(^C%rhc&EYWAC(zx*NjSN7peRAfqw;Iv
z&!(vMu_VeO!nmL+N1|Yp9lC^4mquq$F^dutdR<&{!=)3zBFXEns>iJKIA7=A=hzM1
z%4w}CV-sxXz&IvnRfAI)<nIMqc{>n@`gCEPdOdEImC^6%!a1VCcW^1R$D4T{H<91f
z>=pK3IO3{Di%W*<+xy@kh8^pz@GV5pjcDxb^l9$*69$R|1};1s#yKACF`N_Pujj#d
zu{$z_{;7u2l(RR!>cuSaC|}g$?-N?6BtB-}iE)4{QVF&Jn({%`vU=l^r4ZUckIACW
z9xl)G>c!QG@cBG(AKb?8sW@Kmc&~#VNx57T>%v_MQFTpT8N(j8IzJMBRRBH@<V#$>
zJumLq__Vz)$Jx7FQ6qOpu;Z6qefg;-C>4C21kM$R)*xV6wXKpAK}-^%vHNc9(DKfX
zI<W{rL|<XQU4O7o;Ga1UNV!JvtRdqD&JsK2wsMigl4EzGSzu5CsPJAt?lYZS=1fXR
zq`M*XVBe~A)${zkxo|<(vTNV-Z)@F+UCh~@A`Lh6<h<>>79M7@?A)JdL?#&MZ`EA*
z55q|evFoa3ZO6Z9HxqRp|5yUD+auyIepGoJzK}Q<Klb#W?r>BOfAQMf_-KL})AL8e
zjTv0eJxy?LtLHm$O0#fDk`SYkJnAJM$i@3gMR`UpoV4`gr5?rm^}W8mF3w)Qy8AtN
z@am78-FxgFTqPJ&i>oaZTHdI?ALPu!;<9@F7ntAGB7%$P2TP2uwzw?Wd|V;|hp!f|
zw|X4u+rbL(3!Qy$!s;%ES^(-HxR;x7?y)HZhMWbqzKPyZ!yt=CAFchDJ1@zEJS83$
zp4m<A{hOQHn<n04?sG7n!Fq<YQa6h#QWtub&PE)TUhU{316wshe3Ue=_Qt@gG`W2(
zM9R&9g2~+tuuL)JT$Hi;VBsg;om?F7pO{$Y;Q}8eny_w^cTTB%-{EIZ&BUD>Jz_eG
zessH&6)f8~d=COqzOeRCOt&thdF*BzLNw%bkYe|C$|nJYQE0xx&RXT#T$w6um5lKQ
zSEsP1v4N}YL<?)uLlO|YFr-#RrIkBX*Vd4H3%Nil*fasbF!_D@$Qp&}>o>)rkXK7U
zd*PFg8Ti^D7ZJK<(Qim`oQm(5apYu-%2mKTTNSF_rb}awq7$mg^}#L3#evY}J_0&$
z9;m1EM`kgeC{_;S-;_Ltd6MFGIN6_L;f(5yQXJUq+O6&0J@{15o=aFJhZ{O*{-SSf
zgtvIM5}`T78b(i6bhZ%*qyE2UW<{~v`sT_A6_d9YBWB-ajmTX-YAv|q#$VF&fES<)
zd^F7C19J?!zq`@nrRL7H8Op%P#GG>Z7WPBrzKkI8&k?k0!jy3OVVd#CKTPtmX_kgY
zG_8<bdA*luU}X8)3#8Sp!j$f;TZYBDY4!xPjg=heag-{gjSyA7e6~5<Or-O9RQQth
z)=R0faU<e$n4v!1y>e$7)rV;J80>Q5kHv_;zRU6ma<t@9n!pGpEL3D|!4TEi8kEtV
zPsnq8C+IuJEYw{uQKh!J+P_p)ltNq%;z<|;T{m3}40M@JMEp0UBwXI{P{;x^lS7pw
z)Y|yWN1&K#k+YRm*=P6T$TGax59a<b7gQs72luKc0O=r@4b7myY6o(S9@Rk#*t}^Z
ziFC_PX=aCuM4Bl`C`?ry1FiiXu!8Yu^&4wD4skyMl9w#(F?V&lv!t3h+-K3n-!nB6
zTf$8881u6Nhre4RtnQ;aPO(?5i9|vlDX}v^<g0*=Y_b{ZQjso$z3?r_r8T!>_gd>B
zOKab8yC5B9WPwbJ6Erl-RS?m#D04qhfNatcV-Z`UE$N82ba3eoKn#~+DuB}eECl=E
z80aaV-sBmf8*#ssRKpe*E_<pl3{g-Fag^-JfDj__meA8MvO!0Rm5-^g6lz0at?!J0
zg`D<V%O}YG;gF+kDg=Euth`nv*V{ht?-&P44tfmPE{U{~L1bKm``59?OeN}BU@J&-
zt`qVmtn(i~sSB`s%^RD_9cyGp&AwCWq}8W|<)ToK9?J%qR_S%qH!&Z;Agamoh`{lc
zhPC!mp4xTUGPHNH9qeHRw=+`*@v_;wF7cw|<tp!==qiEmb*#^&a7Dkre{|`>yhpcT
zCI*(^wL~znd@gII-<SLR80<v{i&2gH&S5=-oFGs}Cj_5wasQkpMj8gGjaoj6ZM87A
zy2QBUHOLyx7OOR$v9B~!E(e-Ax+oq4P0KtAXu&u(g`=fS*tL7&v$&`yAS-Z4;)fB&
z9!iyGiy)WlC2z4r6;S=Ec}C#oAf+N#EO5wTe&!&YXxfnVJ;YcFJ2w{)9Uh=407cRO
zH|&n%O54S<u}bVFzdVzTgcl5QUiUbc=Vp-F8X(K5J9n_mK!NLn{CK@0<2OU)sCwwU
zhi)e$DT&>`0(ImnO-1pBAZbwnRcX_E_17_MttNUOnR*12apyqeo?{zLW-;_SXxbAI
zJ#oC*HGX+0c`iy$WM**c5I+Z=8uAXX6co@C`%Qt$_~X9m9A2{g*@e^$^tqx_4!48S
zykmF!DoA1Q<}mJl$RHnO>GSFDJ`HhTa&d}|ptqnw9Ot@@NI{D0@~&DI&1*UAV$Ff5
zXz9yz#R`-GS7jdyc|2mKVi5o|kXWUqo9erIwpKrDfAXqc0XE^*^KKUbzGBMi;*d@m
z<kJo*9Ws{_8kxiEQB`oHh2mxHBwisLk_588pzj89);`jzLf<bjHGS8{nLiV_(4Ni|
zr0B^JP!w%iQm{P=$)HPu7R`(G3j%YLB`ax~DBn}jg9*#Pcv<Oin0PBm4(WP90R141
zIdDWMb5*-BE-!0CciDvHi*y?XR{F=txE8w*O%2BUT4gkGOGjcH6-J0i)`+S)JkcD~
z>bxp);f6E(i$6Nwmi4_auIq&fBvdD>pV#KnwgT4MieW377Ec{j@r)-H6FF=Uxg^+?
z*URr<CKklXeHN`l(4jIfbWx(~^%2%c@viQcYtFd26|2f-UU1bAvQZP%6%i2cVs!g1
zQQpH9n;IheM5+u-bIF1-L&Ga);5J1?mDP5IYD#FI#f`)fUA)^xdS>A9K^9JxWIv{r
z_{)}oHLKWGMiXo)N$lW$NAlZyG3d;2E!sKEO`<Vimea!#iA%P=I2E)`yqu7jSYoHN
z+B`NzQJaUjg*<_5RulM1V9H}v+=@@VXrhqp8?j&-u{j-9B>V+jmr?c=lrD}7^<>U6
z)C=pGfxANAwpVira!dO)F6IgIprPTo6`NIW`FPGl!MVqOJh|$Z!QNxg=S1T2cev`G
zGvt%#wXO}Gup^u;S|c{c<`ghwRFEU2)fI0{e>d{tn85)+l?z7)mZpAhWAR5>J+_gx
zM3a$OtG^}ThX#3)-;N~Dx0Zqh)I;po!K-E-dmG=oAD_U-L7yyuN8qxS^{|KCo?{of
z5k8*C<h#xEjs<yrq|`B#ePYgS&ev7Vhkl6mMzNOpdVvw}29|RxTAfU;gqcg*AkLCu
zflXDK)M5lO%CC*D7GPl7iY5JrE=Qt0KKANw9;#0Qsx1=>;yr70v?J|%AUf%kx>Z2{
zv4^Zk+-7qv=`ht`_(0?2(DOPGc<3FFEOoUwvjV{-rksegh|FFpe;o|W%Xxido{-_i
zQ!9q;mSz2Qnu??5fRNaGAJf#hhe;eIf-<;bBq)~q9Ehy?T*LlI`5JXF@Nv-8bKhE$
z6737q`z6e~89bR>wJfyGZ1}3hf?@-2d1;ty*|6;6g@lv^$NViXYJ0+^DlHF93;k0J
z^#o$;5EP3=3r~5YRIlO*LDK$Of$b}Tq^fYP9s^Z+0u$X2Oe=yika|+M_+y58d{LT~
zUo487EErCG6h^y7Ii5dNJXC8Wra<M|Hibh_`mCKvm+O^l5DTs|S!+&qJ7@`KX{t4<
zuxxzROkih{LB@rHp4B4kfdQm=6AK1(K8bb;DMBj=)fd&@5YJM^nX+L)pJoo>`uN=7
zQpmDDZ0dX^A@Lm?zjGD$Dbs+NrhXsSMygy#Y^j=9PcsTmLRiGCEmo6~ti<8<Ej7wf
zKC!&Fs?v1zC}!y8tO|8^@#N=4B$V*S*z|eADO3$Z{op)CJJl#;?LTqAns4yV2ZG5q
z6s%6;G(evKbciR!{hPYu^g>q=4U#+K^gzgsLd*NY<T*7)`KnDsi)xxq2`|s~VB?Wa
zRurudD;c0;X-le%5ASe7?`=^G#W@sxvjh7`a-8N0>qbiArogN&tgba!CL8+8l_N7D
zv^A4>8<}K!r_Spte~0Fg$sCZmx`a*+K=wu>?4HW!nrM=%*>Ip|@vtHV9}kCBG4it)
zhtptpyuA;29dMW%ei%V%6zhB&xeQ8*2%VRl<6*`c6dpw;CkU!g?KyeKzsr{lZ*q}p
z)s9iwVc%Qiuucnk4k(QtGLYuQavM)T)ui!#q6JN*2*(N~AD-?Vz3xr|R}!`2J#t80
z4804wpJY8}`{wk*D|ru6Y%s%xMJQPujL@Q9J9wOcSi<E#zFl8qf~7;CSAkPNef>~V
z{NvpX9GZ+xuX6(Kh}ppGz~_m&P_?mOdC`-Hq8hB?a!(qe5HD(r;WOI4s_+evs_N@3
zFX@K}y(f_=c(6R=a*j>4s_1YKRdh@=N1a+A*8YOe&dr8UpCVAhM)m`bFdbDBR+_}o
z*0NbIDxUw~j6Uj<5KtKAL`_g_Pn5S7e`j<rIHGW}%siuw*0+V_)e4w1vba4Xu~Q6+
zR)!zhdw~;4w-ny4M2KYpdBYI6fQb~<EKvn*N&uz4G_;3A1;VI0L1Tre%8<jASTi=C
z_a~o(o`>zDzywl6Yj6~-+NrMyWlrs=LGNDc{&G$~g45&mEE&@LX`(xF2?*jWwnLSR
zK!SqzY9*5<@P!NPnBUH?eqeMA1~CKU-@uu5K$@Po3%{+`)OJ0QN{wF_!KpOR;KmUD
zh`{Fvvyn|nX*N0<t21~D$ODs33}{Uc`lfq#cAu{$H&Y7=tt&bfrcP<mO)@(#$~rFi
zIdUfIZf>buQC!=Ie%2waQ{;-pP9AiEMMEz07wf@2r*;2iONqc68enVb;wGMzI?^-V
zU*cg>nvJ4sA}WC{<s6O;1%tQNqqhrr&zxR3OSJeZHw-_~c@3MSk6g1V)ck!|BImRp
z!ed2*z}`}#lTpYrYyEod&DJuk<3gGXkm7he#is9)k_egP77J1ZF+!k12yeyuc!Ae&
z?BBJ^5BSz!z`m9?o9u24&$Ve2y!j1gqTbJdOI3#}Ik}%l*(8!}-mP1efZ3~Qeiy%<
z$*GxrU2&;8Zr029LrlHJ!2nu`rQz_tgdkYJUn+6EclZYJ@k;ba>pv$da0&oA48$qQ
zcj|mQ53C0zppcukXA~|$=60I{ks-wL3a96^222(_-=E8M&dHNHo*yvW7MJUidL>Dt
zwkrpB*0MdYNxrWMQHX#1>@a2+s>7<miih;m3JEuV6Ev<hLt>f%6Hv6da+=_dG8JA_
z5<v5s^4J}S?apqy_3sPF%@~d`5RZ@!unALT1n{E-AJ_}DXYdDXY&!W-=XY~XWlz)(
zIaN7b#N=NO0~GYT9duYz8ubFN4x$_XPB$4C3E!7|<6G>xwfoJ4wWg1}H_jAr0r8!+
zfGPmLhz@TqQI|2O$kYQgY&4#v<y%0#jK%JH=lUm>smI<i&n-z9dfBE9K1JFSYr(IW
z@oU?{-K#c`FjdQvi`(-kZzXO#p)d>I7Qt;cY-OW^hyII+6-)6nmA92precwCf~y*Q
zLA~??pyKO?28Jk2@yf%CsDvgE>1*{@9#+KlC(QZ9XVR$j&<T$a6n0v((^ZU9D9qn}
z^rk7RnKfqRwjm6sRM<z)e*eoT)G$jiVTW)9En7{!6q4_9&>I~UMVxqp?nNkaCF&D_
z2MN+cAN*j$z_dC6>aqb#bLNa%e%{W0fTdAi|JDzSsp@Ft2jT8lEy59<-R|HS>sbH}
z32Uv^B*Ews-}E-H$2fI+>W6C4opgX%&U73381YG-;)HBC{a1cEkN7R8Ef3?W-JpAq
z?+?FEJQtB*UA8z4W&qNijkjHc5N|X;56T)XFL|5pe3vZmvn@sCY3Wr(HE1iW0ey&K
zj18U-KHjNmhUON(Iiojuc;B0i*>C&WcK-_sBZQiG7}_bqd7fAEc#V=6ejC@=N{PDd
z!<W-vBQ-5N&A>@xr+o1C=O$X`8#E~qM1c?m{BddqKkS{L5?2f76{EX_E!1Wrgtf>X
zsYDroHr*Ty>HBV;{l{^IaW46>AuNQf^_^jc6n9hBZwU9h)Md(!KS^saS7@s;{iAMK
z;c?z@8*euv*~0TyDH4`kLQ3Fj)WY$UD}IF^x~ZR0VjQ#`b%Rl&7AGz=1U2%yOM5?0
zskeUoweR!2(Z9(RjB)=f*=l>;TBl7IlmS=qOM%n^OGM`U&pcJGtuM3!Q4PCiP_#QN
zrL(f&^w1DV*%O~5OL)-TU&jma2%a+$G>a(yI4SW6^uG^n9kcg_a%m;9j5v{uOyR{8
zpeWI5>-wGP{!F0kEQs6Vo`%EZba_Li?jiS<mg61Q<LNnKuPp<kE|P()aE0%U%$@^c
zpzK{fL^X-HAdUgB5F#MWR$Nt^2!Q3J8%fyuyoKHir{Ani=7NLd3MGBUP`~D$hK8rE
z^ipJkSyW1o-KZ=oA2{8HjL{;(RfsbPp9N6je$w!EJw=JWfQDpw<FC#4osVs;a_cma
z;9=p#pZ~cr{7L@A`Zi@`Q;h|yN~ic2Tkh~43hcg`)5J=}EltI0cPAwNkRXq$1b`uV
z_+c2<cZer{9+n^Gyn26po8Eug;V_Qlku$D;gL#fI;3<(^<JG!G(BiE+rOv_Y(yVkC
z(;UwFmTP2Q8kKV(G$FPH%30(?MD2($&xDS`6rf1_S&2vwG4tb1L+Yd_z~Qrb-g71>
z=W4}q{;J+AOSv1jPVq6heCfPkKdez0!|Lg$vEr)36ybGvrP(>K8N&F%*;o(NEKW3-
z8gIQlO0@b9$b)mFZ208Zn?lK@n^pH<{4J&Uk{{tD9zVizse`#Js);yk9KE=$(SxPX
zDUnEbGpr4z$)ah@MwXF>DH7T3$Xox|_-*?4lg$H&Hl1;;lpL{jej`(F;kx2Xg6J_?
zw+2b`b;S>q1*bWna(J}V6o$7qaZ>)KJ2%(+3N$h4hSzlBXaGLMI1H$|Y>-Ub!OB|z
zOyr1*p|OvE6*PFH=Fcu(J2zWW6qFK}B@rkbEiB3PJ26BhwIpcb#I@qcf-ND~9Bq-Z
z{gp0p=l~!HhN0BGMw_<uC=Yg%TAqpim4Q;ir9zM{r+Xg_*DwFi6g+$WfX7-!mdtzZ
z0a`F-@!ucsC}B;0!5PK4QWL>O5>V_dK|kMr2#HT{V*4VsE}vVV&-+_ngw6VK&eoQs
z#g{X0Q_w9u4`w8|UsV2K+f;|PYng58`j{rD%KQ#%uEPW*VUvq7ixX@78%#H$6O3+(
zf%KP<XD)52%{iQ~v!y1P%XIgs4`0?1PC#N~9y|2*zyY&VcB(mB=6OK!wkDumW;oNB
zFF6AC_nlT)4~+Fex5|2<HXX%-0MCtx=73&u7F}&xkC@peOHaPVNQSg5Aw(aGTYadS
zhq6>57C}To?jyhO@fP??d;;092*O5oelPYlNJxl|!*}3~W-Am%3L3U1JqnGU!{8AF
zmLj1s-MW3`wZPKlYSU4Xg2CMaNiUn>T9ZXQw1T_SK`boV2ZDaeiXK%RT{X3E5w>`7
zMGrrT0A`=k?YH0BJU?|5qfv>Ip{JyqEaV`DvXj`FN8<W<K3oR0$0EmIAAz9EW{vxa
zxSLHD<BeSwlf73W_^04hw-+_(J!qwaHpF*5U~BwrJfh+l^^s2k@cD+{0zrWJsD|w{
zomgtQHX&ggg8>8r?Va05>~DnZ_x3g9*i0KWx3!rPt?oK@>`6ek3)}W+UefY~jv!$r
z0$jNaGLSR|<c#V!VW&n%WP(JX{$8BV-n_zr{b5F8MIO}E6~+d94wIf!7&-AKlEV})
zVTRoBDJd!G@I152tnBNC$|HV6*=1<kL(Q-LAyUS9$>Q19zu!xQe9ZlaDq{T)5T*#}
z=yEX47`0SR+3v2nXl@(?{@N0Rx+8@8xiP^C_UDdtJc89jjpH1XbqEEG@ZF<B?m~b)
z0YLk2KS@CwbyXGR4Gr0uRXZ6*jv&7>09Uq2&z;N#*U`~o6ea}sJP2+!%4Rq@HI;MV
z($>BN#|oeF8@;W|dmLylREu2>GqJ^BmD~<X1wtBKa~al5@uD1IZ`5?o{ih#zDQsW+
z8nh1JBo9g0*jTl1`#uT01kK`5F6%Q(yAlm8q+)^%eC)lRbvdW<DAmYW(?QYhz27Ep
zvu-_c*Vt3C=F*ySxa-LG%TbYvdx*0gSQ|>V+YC8!K|C#@kC2Tq=zwEaI6Cj@@;l&Q
zh)Uxt-a~Q562sPc2{xVF2<M_DkR-Ie!p{cd*0zwujf;63+AV341f#QqHKZ2K7aXA-
zLK66%7%~nzM?361Rt|FnDP2BH$(UBo@rFJ!!NkK)M*|Ve%3#FZe6xpVf3D~AJQ?XK
z2D^DqzE-QHQkkXAjRU#;2l-?cXE~L1tO(Wd{X~LS8=Krmygjl*>L7Sh*X^-`$+t<D
zM87F}vNa(I0jj%?U3rG@Cf6B4%q*MUhRTkE@LEDY_OG=qvkPRWLU_)PLDA8v7QKf%
zeokN3xf6t!A0|1?v7Nx?^S_kE?0XDC*5L25{jHf2zJ@sLP?{%x0qH!G7cG1ohlhu-
ze|^eI!Xy>>U7tgQ;D@F!i(PwDqJ`i?<tHjKKveAQFXz6u<?5pmpp$?@4+`Zr;J3nH
zJCh8~@|ke6@f(IX8eFqEWDQ!4PU%%#V}G+U5doDl>jFsN%oca1YJ>t(KagHj#RDN?
zKE6s3kt3^`+e`&to74M@S?#CctGjtSeY=L3&8I1ZdRZ8Y>g@zLZKM5I3ileSbnAB~
zp0eB08+qqQxIb!uvNUBL;Qpy2a`l^(Oz&iHD~l_5>ot^gP6m?EWs!n~`s}rsY@_M=
zcj@A*Ab9;3G{D=`(a9_RmB^xc$Q=*{!*fBOuP0cB?_ysi97gO;He@0m%+$|n2VVQ~
zgdfU{KR=h)@cwK%62XWbH{DSz{HISioXT{*dMj1d*pIo*1u5p=8Oy>k3AD^-zXz9|
zmMLs&-b!)qCovLL1B6M3AYY&(u{+<>70MvLbr>JVy1(+IvG<V+1EpiKV@?yvP(U)U
z*A6e|{VFn2UDZ>HE!n)84;O%h0k7R%e|r;<C7p&8FFUi{;3vW48<hPoaHc1ZJ#4Xz
zq{m9^P^u+nOUe=GZ^_Enh`kG?z0<HPk|Rjw*L=;0*bWZ`>RKiQ+3eBX1I6HXAukW#
zni5f3MO4Js6VNn|7GUVXh2TB@9F$r(<`U<+olT7efssLjD3?Zd9T5CT4DxuX9MRo+
zFpX<p-WL6H&}w0bsV%wyF81EbV=iY%eW2qJ8_-G%?DZ7<RMPdwW|lvSea#5cv6{CZ
zW+F=0!{g5UMOSDZ6nMHlY>?=d#gM_nIJ=Z+YLldOBv+Q~`l79g+m^&DDM%2>rY9NW
zJGO9@ZHkI}SDi6XG|?&u-9IRK^COr$Gnrcj7D1+orT9-bygttWD)f8_VD6DyACZ)A
z(MD;`SHKmYRtqh$9eW0541f-Tv7>V7;guzMMQ(I3RO!kguXqcgr#x*Yo|liRpY7yj
zio`wOmZ)PcSh@3YNUM-HZ1GTdLrI9Ep~Qh^w@j!~slg442A{Uf1L=GM`$vkHEzJ53
zRhZs5q9_sflTJ!(Lu_24_*S|IJc7-QH645;?mAM)u8fO`$!Q-t&+&{t&JnZ`J43_2
zRFI0xX+Pq#xa@iMM*<`Wq4kdGGt@|YwW8Nq+|-~rSAa_SYK;SSG_(vfe~31ys@oJo
zW*q)5+TYUYwT=8h7ZfAHck)03Mc@5V<)&X9E=gJY1Pyv_S&%Uy$y=n>qmNT^kKzyB
zxA4E$yj<iBAD|73uTWng79`{Fr2+o*oD-B>vB>|r0C+s+4h<<yUccSie)YbZ#zoUk
z08FuN6r6wzB$9F1&v;W7GCnXyl%u{l?n{BDbhV?+2M;?Tk7wXGVU*x6h?vwO(V%R<
zD54ZpLSu{G`WjDgT1{{=zox2vP;J~#Z#>EBeNM#ygOz(_*cxHdKwo^@i(}Tf8)MJJ
zTS+SDpN)33b*>>Tw*jB}8(vZY&Tdb+@;V4n&T!Q>$Dq(z&(xZmgW*hf^UThV;ALCP
zqPUO+p)N4`Jeyy+CYOGbJ34v8zp8RyHk>G4=d(_y^`stF`D?nM_Bt;93L6pqaBsZm
zjgt66#5h?p?Ry|#-R&%C)G-ip+Ch9KQ$E7oK{hfNra;|Jb%DNEv~k?VY%wDkBx}r?
z?O-aHcrKm<R7hgD;S#1(t$hpg<P_ZAF5xNIs51KreJc)x%;yIn<p)Up_^qc<bY#E;
zD<Wqfj1tTgf{uO-9lzBN%}aHgcYR#3I^}7Jczu*v;1>K-2^|9EF0AAIPjD${7kT_i
zhx7teuXMmoPxfjjSfG~Zo=Q@*hfsNB{@fx#p0hCx6*7of=Q#l$Thh30q>h6*8|kb@
z??}@HR#q<M9|(w6`^SL%hI}FLzRt^s4B=p@kf1A;xr-|t)~Gch+(=?w|BegHY(^@o
z9TfW>2=VJkR1%@LSFr>pU78s<Tv%A}@(GCc;kA?3l0wXge5+>sTue4hbj_|FiF67j
zBv=oRiN%0r=KjeYUEx6JV-WkR;()Ki*cx$46*O=XX=m?RWP=|A1G^U-(UDmS(EUz)
z%h8?{;;uLQGizmvL6hTl4GFT`H&(;s+wn!3)M@CbZ}HuZz`lre%ND~Lx=r~KL~lta
z7vA<*s3vkomxt`o?RH4}D;SK4ivKb;%LB>Xo6CNR+egdwoK+e?%1dx$Vi?cf+B?LS
zOny(3`js>=!nq<L-HC_}ohmYH^bsursPUp5V$qY*wcxRj$bHfif;%m1cblZs@5J=e
z=P-TiK&`*~?sEJ(JxJNm>Y=v{m0{eE^m`^yTDJv0b(!JPHJ=K>fGGWxV#-07t)W)c
z11A3)xFu3OHgTTeLsHjFiPE5OpK`R0K^azdKEOyKKG%xnMNAPeIC5z}&k<RxJ$%`2
z;|S?OgDmWxSj!})Qd@R@CwC&wPQ0Lq4zK^94Jik#Q+E(<Wn<DcJi0k1DNX}?9uu9I
zH2;MD9Hq&}5^jxsoqHM7R8(YgU!CtXML!4>15dY0cUB3exY_!sWd<P>3E1I&r3-zP
zj4fnHP@dl)1VRYf+$Dv#n~BdJ9|-s>q54%271QG2>AHB5#0h;DhDJ@mg`m2CMX>yv
zXlo$muK@3^`-m2XAIP-XKi<y%BBr}cw&n*#Nz&q#PQ>AD3NnoC9FmLe(4Wu8`_jm0
zyb;_t-3x&|yaM!F)`|5QowT2K<&hr|l%Kf2*!g6-*=_w8^}AMHZxAXMfJwNV`TOCh
zvB)FYI-L4bufQWaqBeW+N+?pQ`cHv2+Mo0Z48hmHY3mqV4u#I*91<K25&q#B!oemt
zza?^-yc=gCV^YSwJxyKe<CGO$3guP#!7C+o^50W`{t{jYI2h^TSuLdw(JVpNSVlUa
zbNBNb+@w$ZI)M%tczzbihwOZB6&CdqNPobYg!YlAxVilUQ@7Rc=%I+IkiDpre+YSW
z6L_uE94U*9-eJqfjNv~9o*e*=$M1F6Fq#jpjwVtv;bbg7n~=xY+h~^t`_Sj9ED7Dm
zbD3-7NO+gI_W%!#dvhBqq(k?*j`gh{b^l1GgWq>LwqGED)WExYeVy6{S)D|1+iPr|
z%m`H<OeCOL%k=)Z>a|B+B7}7R=tx1w$=w2>9}~L3Y9CPn4*TYolF>VsA-13JOR3Y*
zGmP?wcLJ+le4?a(5{(SWUiI>br2Hl2i9ero{E?reg|@kLe(Qw2hs}~w;dJ2dcV>77
z({N-gX1{8&EK5g)-&BDqPErG}RIHQCr|Ho`L6egPp39b>4?9nOD!bo?{~n1kixLGl
z8F(`BWkbF8u8X5~yF`%#l0IhsHYyE>A3&!Y@mc#rT-+<-2W$sph?%92>%xffX@4|n
zdaaAMkc4WdNYT?l@Tsi7$w+D5jp+S6koXzL?c2!mR#G13UFMeNb|b#3AXZhm$936(
zgJOhkjwPDC?e}Wez~=2&8fVp#U~a+IyY8Lz0_Zw$0vXJrC;6bH>CgpS6kIkfsil6V
zQo$ysap)@WOu~+X3n^&duwTM^mYH>fh)GR=YzlncsE>Dg?Yd#wpCd*FxM-71ObIK?
zr{hJpn9JuZ4q5ym{iZ1gNM*PbTOaojQbG@9AC?o-ZawtGQI!`1986#C*Cl{8eD}^1
zW=L;pvA7>TQ99T32;Z%c<HQx;kY8{DK_)YAENV&)LLBAJbOf_;XX7Q@633S`zQ5zE
zoBe@LA|wGQ9@^*tq0UW7eSY*nnY~v`>54n@9*N152TY}Nuv;cfP<Hk3o4m9W4uVvR
zZHkY_?0SrRh>@k=Hq2`?{B&@{FGD~GCHC#<p*N7nWluJT#feQUBBQWMG1d)uff6<D
zjLiHiyHFv~Hsr<&)cJ6531=C?#SvuI3nvLOJY8C4pR*&{e?eI_H$u-dPMjpxm(G<X
zsU86>cmWscyoicgiEz=t=dr98#TQF*-z$3kdPaR`1?q>vs1={=H;`!OF~+alL2qZk
z(-3zMnjB&ceArtY-}!@urp5Jlk^sX@R7t%}j8W!{1Bk~9`f^c-IBJWBr-|TfgwBsb
z6_6g$4r540+zIg4V6ZshzrTBVk`2>kh$ojFpsdA}<(1?9X_mWgoiqhIzVB0QWHZs6
z$bLrJOg@rFfR{dT;HMs+n|Xwj9g?m2(%ewH^y72^(!9$)Ptq8=;Gw9q-KNOelvS;(
zFTqBcC}tGqKxmlWb80#!2qZrNDh}v%jQe$0Y#n22A_n$__*cW<{!nRkM#}(Q!s7VH
z1@==F%cHmza`vwR9ES`b4ahyS>})GsRh_eDGIiheP?;ES$5cTqgu33k2ULtS@w$@3
z-N=AIIeGTBx8>S$JS2&mw3PucBkq3hcKJ)#{Yb3d-&YdYC&y|eL9_OgdhC^Z{LSJQ
zsbaKz_i@lhQJY+>XVK#?FOZ>91dMezN|0xfX@C}-hT!3s+_9aOlL(oQ*GM{2ju<of
zK=$q5MyJ?w;3;dCRoG(0I=g04j=1qz!=Zf5lq6~|Ulxswa#6<5b&<V*G=C7g#};&_
zDwoVb!^;+C<&}Z`Q$}r7fKx5q^U9XVmfD=qoZZ}Q<u`v<-17V7)Wb#4%3|SJ@%9hR
z09lD=vndh%yrd0C2-xU>b58D7`fxmDI>(6%C=9dLsdbqNDLywnDZn~rf|Jkot$?kS
zgzHxlruJ3cPn|gZtFtce8p&IU&XMUY1lLEo>u3#>cjWgyi}Ufe?jR-<AY<%n)g?n7
zBu2!~_>Txz5cwGm?fRc*_?Ip@Nqp%dnp$rpFI<ton7<jN3#c33Taxx9!8)G!g7lE*
z$6-=)V96HFrNyA1h?nF`8YgE7{*|@=`fn~7z)b>F*Y7!fLZ8%64%TFIVPKDqalM7^
zoe8;To|?dREvGG3Iy|{nlF=sM_onr`!FznwA>cPbJ`Z0ZtI$~_GOXjOnS2q>^4qnU
zGL)l?!;{dRvp8kmF=LT<+Qc-j{Aj=YYY7Hy`W~&~r%qezm=uL+$<Q1tPoXFAW?{VG
zM@Pd}X~Qo?zXt1#ahvWK6_cgmPv(d4Fue0!1Y^O`jTk*P{^PUe&7RyJl?rLJ@OnRP
zjUYcTUd@t^<~Dq}OYV<XNx=xK<I%J#6%<!W;>|R9VN*4BuxLk_B%OB3*KQKT`U8II
zW`?C-snTwH3cZd;ZaU87g+$yD`Hfw@<<KtjGR~Oa92dnOI;4AbSXcH2mSvt+c9!Q+
zSf*iGQQ*dR{)zVc&G-`i0zfC2z6-Hpjk_n=LPne?!Czc_YYn0dXcpNOs|@fg6p^yh
zSo6c)w`*GUSx3%Y*!cW_4vR&_J7!zl5aZ=MERz`vBw|#t3HF=cAP3+7{_V}gVWQPN
zb8@iMby!e~SIt6muJHhqOEgt3SJt`gV-yakR`q))g!vOr4*NEi=vJZriTZp_5}Fh%
zF}+rKL)z;Q2;=$ZUML`)j(ptr>W%z!_X-{UIw!*aLdBeuc_}&x`0PI)A`$Sh>d&y|
ztGQ%GYZxyoUQz1GY%PlP9R_Uvh;T2;f6Jq2pFjk{kD)wbE=gIW<ZhHwMmBZ3_C~Q1
zqwd6J*geAG>I`p3y6G0_*W%~5Vf|vi-B^M3@E;_~bys8`t>MM3$r7&HyxZ;_3-am7
zzXIOw)BQVa4|$E3w^B3Ncs)wTwt`s_Tt<6*(D1xqk5Hio30ox3k-JcJ23rRq8zgE_
zXcsC6VZTcj9VE3I?<&0<lq-uBnQ}5a@h}s(gOxkPV-3AuI_YkNM;F+38Mb>v@m%6a
zc}IsGdLR1~slP{2o3*D~@Gx+erj&a7VDr&~5O4;@7iuaOsp6cM9$g%IS%aju-cG9>
zi*rK?g&nmi`TuG%kqT|@oHpv8%G0`=D2JbUDD?lO#$3Dt`lPY;FmiwLX^^n1WiZdJ
zVl3s${g8losUpiQ6E-rE;zQ9-62DO~oAT)s11+6;r-|q+1^-zpkCC(rh%o%jfy**&
zMRHWZrWi(p34ootZ=zJP^M*hu76Eyl*aRNGEdOc;<?J~b0<6Sci=@AN-bc%NyuO5j
zN67qa3+Ai=9L=>F=g|$?S(i8~gH}ls*PN_3tu=#6<y$+?>kKP)kU_ZC$vp?`Y@X?n
za8EEc;~2TWU>IE=+F_q$_Xb@G^5%A3CMDgz5@em!tY@0**!c-s;5;C#6J!c>>?nNu
zX9X0}QxH?7fpNio(pUX#QJV|LKfuC0Xv+DZtlGy_#X?@qMe=zptl8kEtjMCm(9!j<
zT<mbEobQ?Uo>RZ7q_jin=wT*F090IgZysZ*j{#IG0|j&r1hvQ!h;x8KU0n}xO$QDJ
zu#ZaVZr<-g%1~0V`7b4VAGRgDpncS#8OP~=@}02qYF_H9xyPmQEB<)j+o_@+yFH&q
z7Zu5#!*LsUE$;2gGoSQ}$_7~OdF$LCds~!v!kn&D;89-qy{o`LJzT9{Rz98_T9nIx
zQp;_RWn>9LW-nR(>d=dKjQL#3gfs~)Mb}p9w+1gEMItSF=hG^E$UL*J+}>`dC4SD$
z6j<(^$~&a`l>p9hd0Le{qPCl)(e@h2VtU&t6Dn&vB%tqcyx3{cc9~&lr>{~0O0;t6
zX_(p_a$DZQ`=0X4^fs4f_3aMP-q&H^Dl}l8CH-Q_{Oa1TQn^C49`|Xw<L+|PKeJ`+
zEo9Jc(M^)&HdFB7fU3#3&n>)FVJp!3x$vU3RB-i87X1k?KL54V*yPRog!mEmI`1;j
zcEf6f#%KqQ^P%VX!(V-IkkQV|zgdO{z@--vF8{vZ4CUM5=eBU>q&x?qi692b&%fO?
zouwYs1poTjtl#u@QYjYlFQ1=k>nEQMzN%_Za_cn;el8y~T7ciTt;W--3wdM0ICUef
zue4g^Ws6Zidmys5!E#hTU4Nr*^=5XOkZBzpn@Gb#v+py0rFhO}zEW9FNKD~*Ps(AL
zhB}Cb5(mb``dQxxFV(u|X4S5{?0QufoGabWJ3Q~Mn$sWJiR7nmn*n^-=il>MBA=s;
z&m(}mP}<aLRL5l$rzA9cgmjjA>Z#X{E5BbsGb?YAr(T+^A6PnO(|*m={S#Ur4-PQr
zTLT)2BWe}ES<7>8XM-``zTI8)LYHBFN#?13Q3JD^gQl+9;~oQf{S~l81`Kr^jS4>l
zo$aPSye<QuZ89E!9Q8BM<iEc|GA+?6WA%L9Ul-!9x4)CH2ffB`Bk|%%^}*>8*>8D2
z7u^~(0TnNwVB8!uCW1H{V*z>J$%wO{ED>40Bd!z3``;j{(kxO~RX_JMbuA^iZzth}
z7C(NygF9O}RnB#n`}*N>z)Sq&@pp=XkC#G;GQ?&RM$<!wLncX?$7^CMzx%S&jay)m
z5{~mGC+Pw(Vd>6nt$5;*O}k4)UzxiI4I-6hy0K=34IPYF`Rl!?tWx}atj3Qyx0keg
zrTL>2knKMy!IRx)ZO(=yzVhiWzZ6ailU`Feibi1!2$xrym0`<YUTouqim^4x1tDlM
zDDSfPYdN%gkX#QQn5KPQhU8e#3RO~NK>Jt>`eOY)$WpBXW*(s99nV0|2zmO$&fh9;
z`|!<xLJ03qs~6HckoACXoOv~ujDp&5*C7h+n3|}BRHi^h)|;Qdy82QMo|%rcfnvpZ
zjSI_kd}lQx<bgq7*ZTv}HsF+Y{@o3TN61qEw78m(+AfFGePYVz(6kvp=en?=+M+Yg
z00=|vXWI+T8fDE2%-WSp-G=5U9HBFTJu4k`X)slq*Lb@&ai7j-jW6!8kS#`hbKT!g
z_K5Q?{&mVX?;=Kyw&iOiCG$R-pK?{OBA}`BJ~jg!HOPoWtCt<d?>O8ejKDzqUo-k_
z9uM>WzaXRlhcpD+^Sq}G_8KDFzABom?08s&r3s0>OM0)+%TrgfeURey=dUPD1|QcI
z&T%mAe!g|5;YavVYB~YnhQL`k<}_|Q;iMI9HdNXs)XwyU$E9EB1!mJlx#+L9v;NM~
zC7B0J{QYEnBCGsW`>;ZUful8WXs!P3&-mQKj4p%+v>#Se_ZE+;;8Y;0>StRUKg(F%
zZ#idKP*;9Q8jPFYmeDLen_AHKqCI@R4PhcXOqZO(nR7TefY5RH|1gO;z-l$-a>@eT
zpy)m8c8%#|NAb+@^?RWf0R)1RO1{cV*lPb~acB;5kQ;GGT?kmfIcy?P(pwyUyeqb=
zDhA~qWej;jLq5oooBOI-<*#~Fral_BZRTp;A9pWC)~bTVb63?fiO#X$wc0<=>>l0J
zltXXFdMH?B;<M=r1|k&8s%kspxnGapSTP|`sa*Y#y67wBo~BHtY82q*I87QSFJ@2t
z&f+1tpHIq;mUeaXmy_rXnjUkn5?K9SsJh-n;5|{LEdAY-?-wPL=xi0myt#@VtLioh
z5gzBz@rL24nQ=-|!PnwsN6O+;uH;pIvC5aPrXY4PWqS`P_5CWwCU##yODT{4hJ*{0
z8>M&`h>(5%JmNLryUDxqsrWSb)xO_SXV5O}n3R|m^ohdo1A40On@7JG*Jma#hF4V_
z;1;A6YTxAoSwjE@iFl$!%G@Pc{C0ZDAYnd|*8g&gE}b;vw;bjaua3X4ebHTr7K1oT
zQ5IdMd+SG#q7GQXfijS_bF9$Q;*1fxWf5SyQ8p6`Qp<sYL&lXRs@G6C_QIJWExe#5
zy1)IFwWyf6Q_eL)p$OV6g`%1g<7r~;3Ny;$V0h<3Ld7F(lqP~q__9Z3RVFBmL|9+V
z+kag3zuNl>ueP3V-{4SOic<m<w-B5Hh2mP=iihA%a4inS9g4fV6fN%F0tJc}inVBq
z!wdb&z4xuV*82nAFRYWZGiT41&+I)pGfd9-S%t>st$fRXHF4Wco@WoFfBKG@pZE|O
zuHs~G`%F3fv?x)YW-_{j=tR{@i<9#g$WjzDl3O8LdntHn5pGWL6r=fEgs-faK}v^!
zzEMufT=q)H8`XhHr!HW5=Umk!>g<XJCi}4Jqe=Qa_{LM&&*Pn%(aq8u@_3e1(W8{|
z2PQ+Cv*-k?MTr(SBaqh#sEnjIyEs~ti6n-n?VXj{mdN-lyrxXAVaREXVovvjQmS1r
zHRj9KlR{xpmXZDKqGzZR7UE9kBWLpORTNNwTRQ?R@;2&%0*(P9<XkDZCy-twjdT&J
zbn5q#7}JbW;rWhgc`znWxzxL&T%8AIH!}@6`b@HwGuBbw{UtJTuc^&Dq{JOo+ClRo
z&}gc%^;5t5V<%PkX!9@kFUM&oS?v(5pT@jbJP{pX>8S5k;Z22I)0s&ctsAKn;%tbq
zd>(qia*vXd90M9iXLEzy!@liT)VM`hspmnrWxWO)(eMz_CVOT1)%}7Ctr(nb_3AGp
z*Spc49a(;uD|M202E;_|$<w;135g{k=!Ptiq$%{3{?4VbP__f@Wk}UOiT(8+`Qt9K
z7|Z!2tlzwT>B4C}po9)A_#%C&K)3Bshkh{!`Al>ukLPwP;AibBTrlu!c_+Uhz#{5M
zUW-Uzb@0|w?h{d(diB$MmRPOsCVaXRw@f3Ye$u4CG(d(tF~d_!$Mf)O=F$x_7OWCI
zq_9J>1$Ic5@EAf)lZGsACaSXSx9+#lone69`wT>@u=wo&ha@ECa7P}J(3v0NNb{Ab
z{)KPxNs`6-hAGtm!ylID62VJEIH#wZPw^pJwZK7zw~?`d6f2N{{Nf6ZW$oFI2|vaZ
z-d+pH*aI1Vv14kXm!?6sC!E*MHkUd&h%A+y3x!RWgoDMNsKlsWehCG)O>QLg6OGLs
z&r3RE_%?@S>QF_t?O@dIP#z4d|CDroHX$K_uk#sPg6{%E9iC7^Bw|WLEK-fxOh{wk
zL=kGB9ATD9&K-y<u}&O3J0r+QqWOk@XTGd{huqWACQwc<ix1@FbSPs7tEe!3pN3nY
zv()eoVx9MV)gf~`iwf^_SH8TdatN)B?mYVk4ZF?g_JY1BZOL*y1FgksGHvr%WL`zV
zkUV!{#zzhV{?EDA5=c{H-h8Yw_R`Wf*?8(B-P2~opC~VpcJL##*9RHsUk-*z<1YAX
zVp7&|VQ-%b@#8T57}tfonv9mK*YmurEE4m|Me5z6^Yn}_euO;%u`EpdOgDFm&Czg!
zVq25FR;Fiunr7k>*z%;{1I+hS$4^>1aTaNo2IX`oCelbzVV!DWXM0;tf)@XXpE)XW
z<m|NHY-xNRBdRRt2Mx&(kEf^8Xn0*6r_g*(y1vrji()BYzEdKXs)l}cDv3!9*3%|t
zDPWeC$q)LBSyH7HQm#SXo0Rz?X5V3j-o#=;MP*y2*Gv(=DX56+zgimfOLF5;knD&{
zi0vYD7GQm-vj&NBjE|kwZ|z{)$&*>4)bmBHd6>n4XvdxK)koR_3S>UN?uFbjpp2QG
zc62-!K0VgOxvcDweSy^$B-#Ktj!uy6zg9x;o?oY#c>ZMM!xuVjBRj0!IMJalme-ct
zn3$dfz3TI6@~VWY?g52cgbPFrNL-WIZ%7y7gc=UxTb=AoOu&r{i|Rj}u;qdBu@~x=
z2??_BG8p4BA%_$8dNS4sf*T*Bs7`n&ZS8Jh6hnGYZ||#GMR1bL;=6k%C7PjNim~)Q
zR1nsBJC3-)r?-59NV#vo=K_)YSgtc^=AHwZAtPc+EsVtdydhnLA2bcm8Y4=<BU+?D
z$C4)GJZ!mBK)_FQk=z#2p=d@k)~$rz-f1VFW0gdGz+PJ(sxAek2hD3QF2|(bvA6~M
z=4NCW<E9x@IV7Km2qF??qLd^~oJ0k@B=4T;b>vvnGQS0=Pg!qoG^AjWApPi$#3dmX
zy#&Z7W}^NR7@mgs{G-lPtFHwSnnQ7{2GN+uz6J+`1=Fa>N=oj8zG=s-zD~UmcvZ){
znyrM3FWph2n3X1piRmCb@XX(z=eb@G#ewuCTk8I^v~Ag__Sxqxd7$CQ*j>wniWTPH
z=lPe&8{KMJ7Q-0oR#U|S@m~=Mf}bVyAYt3Z<@0s3=9qs>)1MX<F1JsCG*jhFS|>;W
zzszWJGnkW2?`~X=Njnm52MhE7hOM{D;>}5Q@%y6*iel4B8M+_Cm@)w{EU<hMp{qoI
z){TbVAUOeYRU`h*D83cZv6XQrCl>X7ls&3KE;`-KM_Iqq-=Cn7Vd;~7B`Q5IH=hC0
zQF}Rke`gBgh1C;MQloSv0IzTt4~=(j9~{wiiP#d6w^h}p9zJ;aBW6<?7my5SYIwz3
zq<?zuYVwhke!{l5RAcV5Q1@#`z&j?_&pQ016eMvg_+Da1$dnJaGnHl!_tRWH$6{F;
zj}0dtxzybqBwbJ(9QYpp=NjjP2H0wq={O@2$1awUi0tO#=pwyahL=YUI{=>HBr0`X
zTVGY&(9^uMSaEZjo_`=Wuko(izq?s1-d$6a5Bl7fd&M?wks@4k935zhO+AZ+D@O|;
z`_6p(g8nzcC18wK6+*Sf${I_d*0s;7uDSf8dNmQfU+1O>w}OT@v)J)$(9t%T9l(RX
z<Uh(@EsgQ~l|`tCV7_2?*%{<y=WwP{N`k#h8c-uCi<4&Bu!R%>uw=?-l24ICb`BId
z$ea$Bl0{x}V&Mxvz+{df48@Zmq*RtHM;|^+m(TVOYtOXkH#RVm>QO{`x7p|Y`#GYk
zBQ35L)Rh*^+XH4r!?5nmMl*i`F1aq?QjJ7_h5ZUxrKRL=9?9R@6!CsFc>Iv1^N1RX
z0R<^WP8+$<>UmTJfz+1<3tZvkC@dv&n&;J_u?tn!5}ABqm<C2rlU#Cad90p-umi?d
z?t>b$9dJiZw^YVflemh_ZvOO*cUe~IBV2PEX*O<Hi)mI}l)zHLPryHSE9dDbldL`k
zw-4#+7`41UvfRSYO#xtK^_d9WrVqH?Xm}FK13rSXv%D1bcJF=FVXZ?`Pm#FX_GjPE
z#gRKD<QLWP0VFKGX>R&?Z)z+hYto@0ORh}nJX3UkdEc1AR^5Zp*&jy^8o;qYbDqIN
z5z|a!BNTAv(wKRlp&j8J7to}S9TE?-0fb_GZ(Y3-R|}Du%Ss9kDYTP5R}72d^38K7
ziamcq8B4BSiu-~CbvRmUhmn;cXxQ+janxq8xb~g##Ygo0x1Av#=Pi}S1Ffw+kQs4_
z=nsHdR|(8EJ`llFSt%E)uhcH)@%=R-UAX4<EA^4#X(+M2oM%S0Xz+g8lf#otP~mfY
zOhD{2RU@&_=47KmyQ}L63tfYJ{9HNA?~-M*c&jTdi)wJYdpf3ES{YEShx*ClyhwR+
zP_D-jziWQAk>HpAxsVBE!_99GLd$GjC_D+jP0uwk^N}S0)ayrrKRbnhm$XZw6r90T
z?}ZuZ%;VWxf%;aT`wIzbqZGLr@Da>fiJ+wg2WGat$$FoI6b~4tM#6Q?6gY+n6l?|f
zY0AZl$r8~K9%ZSiq6ZI{t%`7Ed#-%rC*yi|ID`_Rp?%xdtMe=(DM=<BW2)bBM>i4u
zk7hNebg+GXD(7o-aLxN$2Ds+C55T-71x)5eYMIcB*6L&gacc0C-VRObSWA4KIyg1|
z2NF#WLNo5SO_6Zdke;=Ni@dd)Sk3(><M0_Z#dJ!y!G}9e3*Rf#wxhCNMt*g^0Z<&D
z(>0%s<DQnYmwt99O*u|gWtm!zz&Bo*DN!iKRM4UMV#r-Vl!h{1Ejf-hDn*yBA7&ws
z!_UG-=(n|^ASKeM`@sjnu7_0{-@d&&_Z)}A1wUz$SrxZ#>|12lmd#(o^$Uq0n}|uh
z>;cfhNZ=2%Q8A-WNv_qO2w_vo^o&JVIKKoNHuQw@8<SYp;$u2_Y|CjIO{38I;4^;4
zJ$C?{<a+JOtH#zU4QcU%`I{dSE|&m2L;$2S&HO-lKOPULSy$7l*7CasEYNT5IlHs0
zfTdojVu?PU=zaT4P|39ZB?YpRPnlR&1)Czd(DeCnA1M`LS!N-FX8fTe9gG$&%~VJv
zSO|&F|0?7zY)x7q_Lalo)b;5>-NX4=_?}A!2(n_x>&i$oqL5#TZNM;2md&d^*bAaS
ze?5f}@>;idD^ARyZQrzBcRDH+__@ij{pEo{-09_H=E+t;Ri*CzO`~Zz$-(uZ2}}1|
zq_S?Gf@u|IFM698<&H&4pUUrUrMiiXLs5}m(`?WY@UW&&-mn6;vW-atzneLhM!7&&
z`Wle24PWYi3e@<lSFWIKpvZ%raYA6W^<h7~9)#bZ!@N=u9fpOhCMbu!;PoYTVc=Bx
za1bW+C0sqI>+B=<M~{v3)#czi^|$Px?+vMm5Bn88Yu9T$lAnUa4J*UeXjf45Is&bR
zsVmn^HpJ`*@I!m@mix9W8`>k!#2Bx=<`rAUck|TF$-npP2eWa;EOPZ9fCQS>J;l%g
z`Xx`cYm1s31d(m_3J9su8;{Rj0ym|iW7#|~Ne6wOz92V}Tb62>s68<a4NLhrX4{Y1
zmvVeMx^&V}Ytt3FSn@#C5Yxu<CNis>cJ$PAE7)EsCQPEDU}4c^IS}`)34_PH9#zHz
z$KJUyW{EHF#P*hD=`<0JU^{9BexuxlCZDzfQj027_*!EGq?m8dE^_%*wC-|ws^q?v
z{d~us;<HtVJEAtFmj8{%?t&kF?Y9yXZDyj#a;~v!{aITY-?nnqKw}Ntk?*J$PB^6M
zoW&|k(%j~Ni?B4enZO}Hhsd(<o1&*HB45x46`yoVNL}=9ymH?f53K`X^`*b*8?2`1
z@<m4on16BB^eoKo4j03Aq0Y_WC)uj2DC3z%bSFmzJ9qF+`CVfu*~^ea-0-dUp`(!0
z-lv+HN~)hv<tN%Tx~T!e+IZ6j-C~RnaXr#A4Dxf&I8zu@JFhJ*9RmmTXXe|_tVt=o
zf;!#{rH6#W`-s%275k{{dv}32>1P%P$1C4hn^pW~b`34Nxw%)-E^c&mS2KSTLmfZx
zd_iA!U`JH8U~ZBBy0O@m`LZIUQf0pPz*#3+?4_rjt~3GXh<g{=hsj@eybhjw5URz!
zyQ~N52lrSD|C6K_zLw9cNJm(>xU0+jPp*a?ZYvku9~?wxiY6#16V#OwN^SfoHOXFX
z&rB;<e|;AAAlrn0#6VbB!ewX`nElZLQ0N!jBW>I}|3re$t?^fN>JBNr?DaRCn!7nk
zTSWx%8O*S)dJ1e#^9bXn@fZ=(4G{MqC@Zr0e{3(u@?~?SMSJAl3ejb%l6hsyYK?8W
z9+eCpeSJV$q+Z`@hoo6Fm|yE@=uxsxG<CTaC;QjlXQKE6&M7WA0+jFbWEMvDgVe$J
zhP(!%^OUQyf<&K4C}T#w79S#Y6^@d0lIzlRLv<CF>*n_SQ}gu}J`{YjRpM40o?Wt%
zIP=zf-Nv)Ffx?X{UD=YF+1`E~fGZ#+Si8w*(BU6vLaKx9V?nho;#mb6`<NhlNKKjM
zd$$1TI(bm|*%_Pdg0oN@dXUJv(?U|!$@lQnpUnTjqMCK6(F-k11?9DM_8J!Vn2k0Q
z)@z6A(MW)g{TGE#{8K`BGfz^QiD$Ox!?OTN#VOpXU5*!r>ImpkH9U=mw{<+>y1;Ie
zEmGW})YfP`z~b}4a!<~kt0Qg~>c#h&y2mULV&ak#Dw85<eco|*o@k<7HhVt^Vo?Rg
ziTWy2sGdCpz)Vs$a05`gFvAmLRg@$)B4Y`gqtd%7)9O>fFPA)qjZ>C?$h@I05|McO
z@dVwq$^_N^iX#c_a*>fxNy+}HKgQJTSUXp+F4SDO&RszNE;K-$Jd$4zGxb{$l>$;1
z^V3O$O4Ry-zEDW6Kd(V$3eO9_3zDF&3nTUW(^UNGU(k0r6bEHh6V!W+4J$`%T_-u6
z_uJG<en$`53VMw+y2%Y(`mS;A<nd<Au3L(Oh<%w7%>w1NVFPDdt?6lWPsQs8z4zHo
zLm&7!5G7g)OEZV6U<PSuc)NxIA9y;I+;<Rq5=|>0V`*~10CbLkJBiBCIeBu5s?)-q
zBmS<Z=kHyg?}_?pm=f6DDg22cTk;q49racuCZv=Z6P+)J{V;D4rn}t{JWlgIW?gOH
zkzx9#{~W+F(z)m8OYh^6rndcJjwt!sG;PcLRGpb=%bTJ?pL^@X%cW+)_kd%!UmxFC
z?gF&U(=;)k7v_Or%<G7?BJz79ir(N$^^x1d>cjiHZ`35!BAD%0DXv>~UnUl4T8vOv
zeCxj5s}JG&&z-%z?^t<#e=yEVVxYr*W+MU&%d{*Y&u<8u6MDw~By=&j2qv6I6BS~@
zx49>MP(l@>eL@auL<&oa;WwMm0Zw;5t0`v$N5H$MvtrOqRYS8RIzl)POl!lbNT$I&
zu5Mj0H=yV3{&xe1<E1EmAZxZ|$SadpXt5Xle!F7vIHG7*rPLu)UqK^Pl8NJP^Wv9V
z`C~LOq!pCo5wyKM1L{qqBKD764emjgPX-p9!v^m}Uw*_erfPa)-DEMu7Fd{<NJu><
z5O(7H^TmN-EdnD@m5_92`du?oFnPb?152N6FKu#m;g9s~^EfsKp1Yr0h7Y$3kdN>O
zPT_t$^|!?IIM(C}khwgd{(Lk;Lf3VMyK?`drpr4aUz`xpewo(^(+?R7XP_;cFv0JQ
zIcghARp)XL8D;|pE6m?V|DA!}`*qMcguS!oD*V*sr+BXSh8XUmP7PVzt#D}F@e&2{
zxCa>?BHnlu?+fXOuj%ixo{p2^&Y!jl-kfpx_^3ZUAa{o<kRtWj_TQC=G7w)MbyEkl
z?xUi2w*#C`aYe2_nvqg&&I#9f-lH|5pdF1E2E%c<+1qy28b9dWjC|f9)O&@XuK3VS
zRY3h>l$YU7S>}@fUMa`oFPc!#+WXaCOCoJUm}3+uS!x=WwmiU&otgo1b%#T08Mf+`
z@9_2Mn)T9r%c;SmL8-A#<hcBjX)oqYx<9=DU3@+*DL4Rl+Ln?2s&1HweK@#S_P_Nv
zeC@Y=ce$_{OFiX%{H<<vr{eznO!OvaZS9)z!LF`Ofly1?I88$I*DrnN8pz8HP7!51
zpS8%cH=Cu7*dQ(COwxDqAIrn1>O3`8ym}4fUyLq(5=~y*?{TeI@c5p<3vlqj23koZ
zN!tQ_r1`G$>ovYe&^^_zatMVH;_}xjT9!I;QjRiQOrlBJZ!B~lPjDz%SaiRE_z*fZ
zw<*NFBmO~38Vnfs0v}Z+*p&li$-DG)7Xn?yN(i#Vd@mbAiaQ@r6MrCxb~zN4xVNY&
zPsNN7M3}C<XXO2qqGW}959n?+^;6~?e1-TJfore!eiwSnrjI8QE1;FQrYwXkHqyI&
zHMG9Pzj_+kbS_1$-H}=D>#S}4j8GHi@<5dsTArw%H(IVIm#Lb^o^`S`3{ot0!RC%2
zzIG5-c7pT}LqeQq-7t(bYjCfSOYp42u=t+bRa=+D;AKdtR<Jg$t4)Su*`#3-JwZXe
zzF>YD-SxY1?Bl)C)WfBVnb5=78sEdscOC?^-qX;M$}Y`NlIE$`O)c#hT4fT^nIuJc
z1q&5Yb<cS{c+@o)ndH>By@dNtEr$nok)+0#xLBFOjdLT9Uw;aptACdl^G@D69~onN
zIdC<7q%aEk8OvA9Fxz+TlX^L#K2BJKCTIMONxbx>;s!g<GJI`OiN(4>SOg)6NQFE@
zRWs!Jj%5SOad&Vi$MuAkr=Gshl}b5y*Z$2ytEm4N4gOThmc!kq*z-5Cg1a06ui@X0
z4yivs@oDp*7&asb-Rt*E6Sp&_ZN#HEAk3<fmy8d8ep<82pS|aE#tima^AKI58jZMm
zRw98)5r34JU2``>vXCCPu#FWY`GisLIb$eKqx#OwFJA8sHbhhwY~D)&>hC7r2v~i#
zYXK%{3PW$NuW&hI#3oP4$vi?7w1Az<(z7b%lZg$#qe4P~<TT}~?CE(4i}+@k&3rs8
z!w2*rEfi&A4UH$8K|BU@NIx3Le)JHTfsEU^$FPFF<OMm(z4jyz6m<+=-OYOSzBYgR
z)g=sD712V|0ZSmPc-7L}2#>5?8nw=pehl%UE1oLxSygIoK+Hdy;ye+~lJ62x%gHc2
zC1tv0s(`xCsO%id_*qyqR^ya8)r_E6|Hki72DU1ZO%RrK7|vlr_33%gW_M5L%!?3P
ztvYpb7fixP(s}{=um0!5vi-kdaFywBm4+J$bGo8+28K59C*{h@;6>xjO)Ho)L2pTZ
z42@OOcO4?R?zKpVdg)H7H=Q27zn=I2zzSN*Luyw^D!JjHh(toWkd6+!M7_j+V-CL$
zzr?q_t4Q}1H~UFWW*MR|kC1_m(>ZexvtJfQv4yom8S(M9Zz;2CdAd11+M{yEYjJBY
zu*f1hTPzw6ahIN311#{F+#8qemUy>D)3RN9X9b?42juVepZf7iARbM>)t}YPP7$XR
zuq56+S)aB)Sh1(nThx$DbNwuy&KsKZ0RQ&`jraU;H>-X<*0JP#;`ihQu+})3!wuED
zIU}dCOW+tAN8}x^Oe{aEe`?AfeA&|T;(9g;ze=BBim6n^=h5vLdfx@0a3Ud?KH}JQ
z%7Y^0c+AE$NNE33z^~puF5Rt)mwYlcG}wMaGxvtgZ1Qhcv(X6~jXA5*;l0Zk`LBHK
zC#b=YHMW|Lcyc0eBk~NoYP9tTmY%tY)zJJ+&@Cp`*6sk&6R8!*nSX%}orDA*-cP~>
z4743liGVM8NUenp!b)#(D1|Yfz<-h6(UM0a!HehWrA19hR(SW{bp}Zkv{+~(NuI&K
z9frLKYMP}lg?Yi}|LQ|UTVq}w6C8iiXA5jA1E8_Z^EZptNr#3CtQoN``#0XFNwwv=
z?FMk{vAtH$MM9eh3}lsFTbZevk}<@QitTR~qNN`e&-sqpHuY+!GXAaB2Qw->!bOv-
zNg-+3taJ)I?q?9vS1|+|OaW-00p%aUh1Z8mSR0WR(N(cK%~09TG(xlQnmO4$2xX~Q
zr<RCI=ZB|b(Cl{w$@Yy<?v2A9W2vx4SOfw0(O0c8z8EhM-rzVl7LJ)ijrvPl&nups
zka1l)q-w{JS3m{=yJbQ6BC-8!Lzxe*^KbBjzVN-8a(@il(v)$PVPp=|0j0iocMZ76
zubQMo-6}I{ZN8LjHOr8Onvj0Rp_-=e+}^|RSYOvwiL3OCT~Q$baq}N8$zeW2%J|Da
z?GI*T>k)-{g*}OBMgABhkyXMnBDfR&BwzRvnt=Qx-3sP_73cN4paS|+)$c6xO|r=B
z)V|g8uX>M@w_nV<L}PVST7;D?m|TwD-eP@uwwj03R@fpe@)noUi+I|@QFh^1Xu0{0
zPXl<ScCUI$BfS%}=6Ct!ZzpRUN5GuON@ii(OI~wd3$UFS`uJZca6}T{{9130XG3X~
zL)8N#>4!)RK^V+R%d!fej~)92RexbAGth>9f-5)GozlC`9cTG5`PH1Xwo@l3@b9*L
zjfaLKg6SbVl95y=;+v7lhEN%~(&cohsE1K>#a4evo}M{)<TN^JW43!e;kS(MCox@g
z?=qwCxSA>b9bH^dhcs&I#B-M(8pAmXCo{Hhk@!NhsI(40Ba^i8p`LOjn;P=^<3N(a
z$|4tu9W|lIeJ5n~_D?S_CMY=qY&}^>H5~Rz-ZF7=a|~<QMPqrrmot~BCe5SXn5H^4
zQ|I@MPQ-UKBXPA~7aEbVQYC5vLPf~t4PNs{?gh!yc6~9dY}LzL7)~n*6hBuU;!)X#
z4xlWSSH+7vaF4*u<oQh6=|w1CKDdVBlQqXUxrp4gkoE@>ExR9Xvp$Z@0PJLE8ldpi
zS!E;xLoNNds#S8b%MpDr#k%)5Tryjtp`jPoJ8E(Sb7j%UD05giGSJT2;MPe{9!F(T
zZxr=;t|k|ru|vn)-u{a9$CgN!?%S-yh48KyxYX};UkfQzkI<!;{W2r)k|fO#VSJJZ
z3N-myM*2Y7_q9I$d+tR_`dgC1^|-P+{6^z(tbiyu8j_D_uyDTT2#?|&ndAi@^AUO-
z@BUguQPxTb)>QgQoulJhE7~2{jSJ9wiiCLK_VJ^Zd2PaP0%&h$S}}pLjovZ0@vX!1
zn7j6gOTaVyQ2VKfURxj^&%EH|8+WpuvL)LOSQqRbB<m>50+g2acy3cAH*AH<^9d!*
z^u#2CjY2Fo*-ubs-dtM&$HodVX)Tn%@bEb|<2VPD_EI!KFbP%t*s&T}P?3Ljrnsf}
zFg<~uj|*^`*Nw5Z@)7h!aY^tWnn$7dNs_j~JwDT*;=>s=nm`#Oa?-H+@^uko)Gd0L
zB^%8{d=x&!8CMtF9{*%wSn|TV*S8WSYr`ms_ccn;F8du%+%|L;CBA_ny;T}@)%+E;
zqhrc>WK4HJg(+}-Re)#N+kFtU6T3K_7;75(#^LY|NXY@?=RhJOybTAzyp@SU<y7f~
zI15LaO66T6wnOTs47@80&fWx(6#BF!7|t#^cmh$w?2TdzdTh?l#{R@liXZv#DR?h%
zST}K8pAN}^I}cajFy$1zMP*(A?a~1N*PUA;`__94@Vi1MD||b1zIlEeNf?<s=gXT;
z5Tp9<`k3U#1*T1Wlj*65S2-{D`A(mufr;VqMoGK0dZ`1SYa6%4)#8Ho6aXRr1#&GW
z?dv}vcT5Cptvl+iCcfX{M-r<r4FGy^Ta2|RRO`F!e~2<nr+#Cm!zt1!9JX|L^)(O|
z;UpY%?2<qI<mU$oh}M9oP>4=kJ!Cypg3)>~u^W_Ab=8G(6!>pYvHcxX<Bvg=sE88g
zj5Kv}X?IpkliTz5uw&zM^y;QXu#fJ26x68f?Uf7M003TRdWrRh$PDUIh_0FA2ak-%
zY1qY@ga|FxL^feaPo9Yb4PChpeq+Zkr>ZNpqXIPlRB<-Tjp(0NlNZ<26q_|<?<RWc
zxl2hJx`$K#PSO9_unDbeOB;K_!V{kl&)x8A7UDq|bohOXigM&-Uy_t$zrRk?8^mR@
z)Wiam^Fvx<tc=~&TSBn7XKgrp*sFXe#f53HRvt~ES$=RkH>20J9_F=-C>ezLr<$l>
z>d{uNqNX@oF{>3ZzxNh;=l(XH{V}|<VytpU$BHp&AxdD2Xe_0VLlK6!61D6Z60!IE
z&{=qwXJ^(^)W$?lvUb%u%SOB`ipL*DPM)ja^LC)C)FE>5&>-Pu4o+aAO%E3ueb3&I
zo_R{@gTPj<k&#fJ>6$J!Rk9rU%xJ~$a(3bxzEWNmt*W&_T`nvd07&sisooaH;tGOJ
zLW|~1>d;|w(ouanjnHoGt8h!#5rd~f6B(}g7Wup09UqmV<LztKOz0}=kKRC;5uZ4;
z$s)BaXtKXW+0ynYu3*MSCl-b*r+hV+$`|>ei%0{=pR>z2N<|2*pwtsNHJ2y8aT5?q
zzh`(gy-9@8=7?Ol@O^=AUxCnWGQc%(TVTucuF0wFa6t6aY^||h@CM506BBvjcJuN@
zE3Xk_6i_fAz`iVhc?bFB8W3H18HOFL_v3s*tbJkW8d>Linwns=pL!i54&-pzwDt>U
z#T#oEcgLbxzvKK-vHqn&ox_Ua!6eV;(~^qXJK>=NgSV+Aqj8_d?uXyJ|2Vrt?#dD^
z=RjD=6iUl>;zsJH6E>x36aV9rW)44^{I)iA$nS&G)_tXV->z>i=LqxrC5x*~HVbh<
z8DN3C;+Grq6yIE{M?_P%bJtVU$TEB&($5aguB;a(eq!h=jE;&~eo37?VfRJoGd1D^
zOSAoslrNf%@Gh1*@x8l&PtL{E985@04*lH5VEd-?JyGjT(aj@Vb~ZuopU=Sku>EAe
zh#{f=<~>VmtR`7lX0J?_Rb}jEkbOEy{gKD5(+}>2F{GNWZCA!Eh#-;dHvF&CiVdHh
zFS>{bo{!eJCZSkw3(&~KP~d3W@{FrZ_TXZ2yB)Oo?=36IV%~BizVo#xe6dSvbra%7
zOuX8nmX+Q?Thq1ym{2azm|}(<W;I;oiCUgiVg<YTHlXLgpAjgqr5gzZU8JYrJN<?)
zOaV|Csay22-jVa4543@Kt~AzkoW7j2P&v_IjCX=R_mAVgqjp-x8S4yG+f%=hR~T{h
z-KR6qIc(6|X`EYq8n}M`eW^IRVXa03bthYcJIT(So2HDjJWcQSvPB_FAqs)YWk=w%
z%w{C{?Z6GpJBB0X>KVQZ%H|+>sN?lQY}VW9Y6oH(wv&S=1)ZMD_=v<eAM%R?y&2)Z
z>%f3~taeb=`vFZ(EIiUPqOClBf!rRhvD;lpf-#TMJc0J^uA{yP`jJZQ+Q8Rl=6bp)
z%W_Up8-H}`A`)Hy#p^~4r!VU5YFAxL<STtR<@P@qpFZE5u5u-i#q9Sx*2ir6bpQ?0
z+G|-jB(C5MuCz#db7LhXf4fU|`w4dNUembFNTW%k_=h2$j|@9^-`tS|dO+=F8t+}R
zVK(9KYbg<R`$@NNzIkiNCG*9uAUi9_;p!Y8*&O>^>#{%sOUlk`oN<wwqINL0L7U+-
z)PYqp@<1la%kL$0Ck3p@Y`=Yn;tS$$l8^KeA|#qApXU+>dmlukL>)~XBL1B0EO{#H
zguXRwY&pk&AU3{vgD0GqqJh^ffRBi05@FG#m@0DiT}eHPQ{rvHKy|uh7Q3?QJXy-G
z4_8AgO*W}le#!gE-6Ns8({(zB>UT4TAHGXH+38)-Y|p1IGplpJiWVnA2;pRnQgLyg
zOdd6=u^63Nig++)#~xq9NDR<>KFFEz*g)@C2ABFf6#{Y(EuLbDv{MNO<!P?5^<z))
zyjRMP;w;eUnkU9jdfE%0K^n!Fz0kY+*|<`e@MK%1so;+5E~2?-wWG%V8aG<!Sa9)d
z1R{Mdmt2hgR_0SNeZf$t^7R1ad}s71Y}<t?rzYg&^KC8x@z8LNzfmVF%(bBra@^0~
zIWOb<`S}RCw~c=n4&AD>+$h~K4d~9#YvnGfHsy3*$m;V&6E{<<Qy)#a(hAt_Vuyz<
zlAW!~J<2QT=)f_H@&_L5AyWLZI;9()$_uHJUqJ$OKh^K$75bdL_q)hgV?>OoTbG}!
z-HglUES*_LM#_~Qy6$Dpx@Z(HHMlv^zXC8k|7C7IKtbG0XGJC*IJFQ&c%Y#6yOp=S
ztJ1hLb&28TdSLVP!0nqSwA!#_7W5IOU2=uKI*V?qEyJd1laQsJ%#rrpg(=wrXYBwI
zQoZrpg27)@;BGYd_%kJuD}~vG+2YG}4Hl%+nl?glsxFPHMN3tnkD;HK<&{yVE&V_R
z481@s$Ti0ISNyPM?3CtDf+p)|jG9^b?bHLMD;Qc)2CuWqb3GZ|k?tC!>1xg_U5zU>
z1*M-$O$rrby8V>3UmTY90;%XaIde6H_}7|=2sLjcKUIvLx5PhG1f$?FCCfi=ck3(}
zoiN{0vvX#;{?tO}6HBNy>lVC*2b245E2G2aR`#I3|1$M@ioRML0Fcs=lZJ2B1CWzr
z0X%NH1K<4#0U3Y*r!e5V_8|OC3&9Hz5s?0D<P!?NMgXTDc^(gP1e8DLC^${=H=P8h
znf~T^+-Hdk0TF-=KWD-ZFr0qeZmAr8ScUzis|!v)zR>^t$-=2e$^V>X<djr^U=A)2
z$K$?6U=SEA#03@tgMjdN9&RCC9ym8b?tfYIC`kui<tG*ZApFw9(F9@xg#k^W7FPBm
zv`6h9X@OQ|BDC7PN+2ai38<x&td}!X-Ah>m;$;I7G^2ef3KaGb^00HXgThRJ9(K0&
zE<zq6v?gW_rcfa`{aDON3;e?Zvk{?vR3+iy3<dIV@Nj_Gr97<Mz_f4~&SvI9YLe1_
zOMrh8p|ym;9ECVJ-QC?e+_^a%oGm!H1O){-L10cWm>tf+?&4_=Gx1=zccJ@7f+T#?
zD`zW5n3aP)@KK_Pse>y_gch#<FT?B{m6ZM!Z12MH$4m~0gB_=bi6bW$2Z+<o?$O#m
z+%7OFH+bd0&G=urT{Ju$p`2<^7YA2o2vo`qY7e9Pr@9&B-@1;j&bEIXFoSSHZJ~B>
zHW#=yu76cMHrl`3j}BW{**X5H0Y~;<E|``1f5GxU?0LNM$NYbk!>j!(?|*Rq<L4tI
z91I~z2Z-yVJ#vyFw2w-K%p4$AW<q~Rel9a^u!$f)J3ko0#m)ob<z^S;5(Ke>1Wft)
zc({4^K_JjSa^&n?U?%nu=%XCCWDYC15QrcI%F7QGVCOX#5M<|p@N==7Kutk#${Y&f
z<p=XY`1${-|JvCK9&skN|J|NPIc9J<U~WMker_;?-GrNq4{iq^Kf8b_4-ecd0e({x
zK0baZFE1_73?d}$;B03CZ!#-86ALJ(JJi&X7WfFQkhqGR2rZZcZtb6sDz+vtb2u+N
zuC46N9Nb<0F4wTKgQ~+!9<k$suNmRx;^N^J;O6G%0SWxgp#^nzfd|*4us<0_3w(rL
z2yQ(bLzBn2gIE3IlaPcn)CA_>tl{8bD?<BkR{nKO37!>ZCNL986BraO>)#~R_$NtO
zK>|X5gDa%uU}k0R`Tt^l%)>t|Dr@BeSL^wAPN_qk{-$iLfPW%d$OQ72oh~MBP&3-U
z3*lSA*;_#2nGTP(zu2t)mlicM0h<c)m~pd%_ywTsJW#M8yD3DFmmMN#DhT1{14GPt
z;4Sf2eHRCFn7fHHRNMj%4IBY@aQ*3*fJ}db&ioIjyCw7yQ8)_hTwr!E=pPgWXgT4w
zb3P{WUv6;z-yZ(C_TQ5JA9i?8@<{&MF^K~I^ZE}0|3TnC2>b_u{~+)m1pfa+;J=18
OP<!}Yjyrtd@_zu{Z%m5-

literal 0
HcmV?d00001

diff --git a/docs/images/msdos_linux_partition.webp b/docs/images/msdos_linux_partition.webp
new file mode 100644
index 0000000000000000000000000000000000000000..67f690fed439ac0391104fa949862d6536500061
GIT binary patch
literal 19410
zcmV)KK)SzDNk&G>O8@{@MM6+kP&gpIO8@}03jv)0DhUHL0RR9r2JgXV0AQSf^Ye|(
z;XeF`5a>MuPxT3V@A%Il$WQ-+>NEb=s0aFAPX3NO&i>H)!~fa+;rEsPBh&xUll}+)
z|M}kppVdF$fB*LY{yF_$|JVJ$dyoFU%s=NnD}4Yz{d;2n0RR8ipVtrQpOilUzBl@R
z_D}BrwIA7iG5l}m|G<B9{jUED?O*f1nqNl#NByt(k5j*o{h|Dq_HXY$_kY3s?fujI
zZ}?B$5AYs~{44(l{72&N$QR`w%D>P5Y5a`z_x`*57vryuCfEK${x7I6u0JpTS^f9?
zXa0ZjK8jz_e}wfH^q=kj?LEMMmH$QmQT{9UQ~Y25|NlQ`f3EPL`>*<s+W&wb<zLtT
z;Qx{Qulia3SN^y7-}PU*KGuIh|0(}>{LlK|kdNkn)xYNdfB#4CyZ`^(@9w|<|8|es
zum9)U{hx%k4Z;9<@QQ9KZP_bW3<Z0>o|eKcQ}t5QRc!0TKf?H;@1o7s8nUITd^skl
zmc)mg0i<m3l}g|e;0R2jJ{@Efh8X3jGvdu#k9A*N=8a|_n_u*H?sBubApqRiwgX9N
z7fHk)KtbJi;;vq_FV{fcvGcJM+*I4NY~_2N;VX?RlG`$42W+F<4U70RD?3^KAA(#s
z3qsC=Cfru3`ko(zFvYnYNKkNY@{>Imj6(p`UT_)!Dgo8SO}i7S<cZ0XAd`(utuUwf
z2&uuir|d=`8BE1z4CysiODp)>YmX(5S2^qe`xEfq;5%@m-t&Yxa+72E;uExc!202r
z>&|iqa@hr;3f3Q7DyLe*K5pDtGFw8O;^6xa!k+af(|P60j6iX7>=687n;4aScbYmP
zmIzI^c~XUJRJhdIav|n!1UuZ(5?1fqmDb|e=1f1ylVDmyjnKB3e~>P8SsOb*Qfcna
zO-24FWl;<Y^ohW#tYePSML?S-2=`U>-e~BGX5de>lT~(GbLZd>P+aTrIb_0EIR77`
z%J=QaAjiQikz$?kTYiOZjlA5@Gr$ZC-SiPW7-7#xFkpU+3QKR<lg67w#+B#})kS!R
zF0W=#`Lg9Kf>!}#YxD4KZ5kGb{|UW%MoeirzGnABzI6I-hj2f!l{2tK=WDxloXd3D
z)fL!hblB-s(c3-8Az3UgXG^UIFYx~@g;YsN$;C6=w%tH6JZZE{X|zmsI)4Z+hBFtf
z8jRr1JEtR$8%uiT$o9Xt8xAD<{h(-(s_C*Y3Qt}`x8EoifdM!Bqz@dLiP*V?1G{$W
zQ2^{eBC{Ulw?2LlgA!TCq?)U;(b3qYq~N^NRf&RG$EE${^=(8JC^}|9x|_GidoN-z
z$12jw<ifr9dg0N(Uj7h+5?RL&!)S5Unp%W*qAu->orL!(+WQqZXhBss@-`C;&p<1M
zjJM69=tUk(7e4A5#HQ)L`FHi%srwELo;2Df0ow04@z?d+zEL7NKd0jU(YZ}R&;Ls@
zuUqyU89ZsQ`o;CZ_%3wRz@0LF4eeo8FZJR#kvDiPGv3!uvlJpsX|zmfm$(T3*uP1!
zlU68t{uVEeqS`IAHiyUqXvfT*-FGXpanDaz?!=QJRh{rSQY(mGt24#fW^l$NvyVwN
zS7o<8eWvXTna1~W${+m{)m@g{`S?Lho?E-ZEst=&@qzs2C!)V&F9i&zWE0m>3@v_&
zDF*|!Ka<AYeNls`crqvMYBd+BnFlL_U;>r6J^(FC4t8ct^#{~;TXW~AC!G&-q^e6D
z#E37n7~&vmwv+{%5V8r2af<s{iFN+mEdZO21dIQv$Y_g)*DrO2n!u1H&;b7YP*9ly
z?#!f?b4`^@nu#CUUc-hx|2_4B3lepEa~F`hK(#B!x2h;>f3YuaTA80CxbWv{rZwn`
zzXvW+2Epa02K}7`uakf^&)IdGh^05Nd%51p$m8KtE_bdsmdu&sd)cdG*aJ_Y9`Do#
zh$8Nfo}=z$Q$BVHZ0d8%KR(O@%3W5LI{_ou89kQoiBrW#>>-o%%P(p4hveQEHvF~)
z)<FyFxI8EYMyKpcHM@2A6Xc<Z1K&VQ=mm{`9LD*4#^Dg2*@iMUu5h|(E$p}hJV~l!
z_KjOG%Lo$wCl{3F=g*h4>!DP&SmkrnvuMl%Ab6bffxvl-`(C?SUrHer`JZbqTo^Wy
ze%W7uAH!(6v^dU0P_5|)-r>&i`Vo&$Pr=;%)cfd|cW$(whTqWF<i?ivHd5IH4KwB4
z;)VX$i?dSlXNg#zA%fk+-G0ya&=F5y{*0*Z6XE|O(#x?%(^C@u{nh`U;@jls7PVuw
z(ITz!B<@5Klt_JYsEGY~h}oAHz$YD)n2wouhX;i}xH0(oa^A|AV$f~(=>$UriUQP7
z>p8aKn>fg?h@fum#yTy3VC;!42;452DndWu$PHciOho(HF%uf2F+A>LcUM+g4`9ON
z%lDL;6U#60j&GQhzJ(MnnK{oqA<XUtXBzPYDdrjcMa|^0j%nzos=oKdR6NiS@6EE`
z#S+(X{GPi5Dt%K?@{gb1{^bg}_Pw(-g&6ik$zSl^qSL}Fok%O35r4puS){6{(u}mc
zoN6>Yj)%MPxM}O}!`7PojWH#hdL>LQF0zX4?7ith=XTNU5G_FGsguC!Nk|c&r7g4}
zN4UwMNjA6@eTaxW_v$hKgdoI|$4E}@9;1Z9Wq;teIu^OJ`JAxWjuZ7A2?B!xFPJ!1
zRE~QjfkX|IMn1IPc&+nWC*o$Uk8+)q#hj-A^`|rx_d`Q(Ww$<krtJ$s-`a22xT&kv
zHSB~KlEajW)m@gJU7|-WV@P#+uv`<dl0dr_ZY7<Jk_FhaaV+d)kS@iW*Z}?Z+$Q51
zSEYbl&NteDR+Mo#66;SA^UH21uqQD~ALdSlcbz!7z-6hoBH`Jq00RHwCK@TeW^0iN
z%BrORKmn{S*}U1$FVE}OJlOcv`cb6G(r5l8d1Z-QJP8Dt+h$t)f12;TPn2NWl{>gv
zRr*o~wd(G23gB$PrZ6^ad00e(t0x+!yp6EM%R?B!gI&I`^5!#qYv@=l(7zPt!Xo4@
z@?JDDRk`s}Kglxl+VUss-IPIB&chM!FAq?sBYX78bUPx3de9zN;8u9*Xw5lPn^;?5
z33Q=eu<RQTqDM>Mm8#MY^;v)i7PvNWtyUid2YZQ&DZ1gSx~Gk=F8jKr99*-yhPbD`
zVO|chM%D!-r6s6$;$cm7%sXM(*W2QR?-U~H_}1DiS~cv=Nk_?&?`Zx?S9pX>4A9EP
zyTX+|(DYRM;&l)w6i1tL`cgG=6{9ZzKW)}D+Y<na`|+tMsn0h*<eN8RSj_Mki{#yY
z8bS!(0&=lm<f>#QE6{-9(?1boF+JfsY*ipH=fBP&VeaO;mD5#5+AVjT94;Ju1Re;8
zBDtq}>1Gd%j}_?!M4C|Kx8n*4quZ(~IHm`p7^@?>veHmHAS6zO=U_JGYODboWXzL|
zPE=oc^|Y92gnVq(8#r0Z>=BztqI7;S_fxhxmi=Qw2W+MA^pv|@vL0QvvRJb+TaJXo
zk)UP%GPs0X_NICQT?VQNXb5xYxh9S-<1;<Wa@?tm+n&peC!@=j65o_Bor%An0nFf`
zi1^FrC0%iE63<hFz8~=PDSDsyK#fd64<5%Ls0386WQ=^DpnoMi1sZ4kyP}nh`+38W
zqzt5H_u$yoPlHA5a+^KZ@+#^Qs?0?tug{jGyGs^AJ7;x#h;<Q8kO^mn!2miml)nF*
zB2k+1T|1_FvudX)78$9`X_==@YRw%KJzUmw_*ox@{ZP1P?yOFEcE_FP0b`#bd&q}=
zA3L&gFge`=PW@pVQHDtupY}`><FFq;a3?{uxOD%@dr~n-7k|%y;HWB(?pDji01u`V
z+sh>thg7++bsdhc<ddHAJ%lyF1H*JFtWC7D<b&uS{~v;wR~HdYxwkcBREd(-WK29H
z#XwpbpRRKTf9q=Ei|spB-y~hv$QLmr6#RXl)~0Ig)d|xqgy(Nkr-gA#$go~Y09b?^
zSR>&sG3`Lv{8fB;zyWnQ>q61NkQJIeS1Pj?h`6wUvcZq6r%f0<m&6-OBp>}x@SE%u
zjRhSRN;k?AP^&R5MrRwCD1%RnLKs|di;^ejwBSGH<QZU=nTSmkx(Dtye0bG(sukxe
zMtIM<J&s}@xq{t0e)O-cY&A|A<Hogr%zA!Y^W3oJBLdlzd)1>SCy<v#g8ICMAe@@a
zdUy+{;rEJ3?@^3%E^eAR*IuP$@ehgV{N@T*eZk}9!#s{n+DGP`-<(_BWbEZ$>8$b8
zG70e<md2MEz1j0KrVli}z(mlX+(a7s4EdlkUG&qz%OV)u3TXvz#5E!^za7-^r0nXJ
zKo)|jh;{EYDEbv<m4)nf)PMBEEZ==vC}*mRgPIte)CQmXNVlNmalQ$Jv)Ab(Bv=#L
zL!1-xf4y}8SWB21OwV*sz%lK@SAl=&HJNy1Vhy%v53%QUVpPPRsD4&TjHuMv#v6Sx
z^ilL*FfTEnS~#)gX15#}HeB2$E=B=oWg3^E3Pz<eZqvqmV*VjJ()-)-lcKW4imN@|
zcf+&Vtx44mLOu}%!n~Vt?GMm|JDg(~CY3;sP7qzx7hh=tyg?H(0zSjD9P+YG*Jddv
zNV*>J^%-cpcl(2H+zg9Zg^G-)T{}Drig<Z**g>Sl>gmiLXe!Uxiu|R#`O_B(c?MOK
zo5e-<$rt0lIy!c~=uWz*BN`TOhX1UbnjN4J`&k6;=$Fz0Is&&No%Z4rV3dnU+H>1k
z^1XbA96|&_(t9z1OA@f?W2mr3wbTZ}mx`ppV*70%R9UupU3RfCsWDt;<!t55##mq8
zg%Bp7zA;^83*oU}toG@Ls^xrI&oAa4JF=nXgIvH*Ybkio>BLv94=IYG!9R`um>OS8
z^7#}C_Oe_K)f2@jGvI$yPJ<x_M5P&@@|5$4z9mW&BMcg=*Z>J2V{SEL((jqga`70U
zzi8RKzO?nxhU~^plRA^4$|)0A*j6`-=2Vu{>Q-tIRB#Yk`t#A>#hEJK+q!>(F%H<F
zK%$mqyW1o!{@6Du3T4joeV(uh=xq^77{cfyihy4E47ME0#&ZIVMC#rVC+unr!mQRh
zO8bk(eD9(g@Uj)%injJt2cgi@Le1r0AUnKFoY-OD0JJCBIrlnZ0GgCw07F=KGzW!H
zE@(pw8X!O@;lie@#Q-;9hG2d0W-54UHN2iY<lRU`j~IY(t8QtE!bG71?+^9+Q_C`k
zoU)nPr@Wrd%TvbM?=fE~fHaoLQh4q4vXP+wHx$8l+I;{-@pH!kSnCQ*^=zOT8#nId
z5wJ)|aCHwVx!dCBj7}OrO5g+GFgVXP&Ee1qlGq$#HEztnZLvQ#VXdwEO!BsbOd`d7
zrp5U3{4$G_SZkqRec-wyG8Fq&iap9D=Z^5D<QBU}F}O3=2I5=V&M)Vg?2oQXOEA&7
zp}_al(FZxeHP=cU&ta8{=A-Y0Ag;JzIe)GfZZ+Z`@tAD)MVt+I;69&VRK*JEX2*l2
zdmk*xygto`i3EHP&w*fM=@e63Lq0edvJs?&h1Tuu^oePNra6_S0z6O6ME2FfLB=^E
zy29}kp@czJDMO=n2sx?y{Vh^rVZ`Qom428Mu5#3RfF={e`U)AVbz=j3x%!N%f=C_S
z1^VV)G7Au&PL{?U!RvYkwY0qRVg<TEq<hPTS=w!@{#|BN6dmAabIv5U+a|;i_ILd1
z-1Slv3$ZfUKHLtTNX+4}_so1qwvZqHb}udb<uy?%%~ITwYzT6N*DLP3VlIzH7#JRt
zhzF{?-Gk4?KABECZ?Dbt`n4m16YBLH<#9{)JWeJEJy5$k&7u_|a}Ye#of<R$ePupS
zhvv(y*pU!NyCC#B2cYSpt>q+1w`|nT9jc7l5Bu3q5s?`yHohC+Oy2p>X`JbX*iyQy
ziy|ob5<SuhAfAZ?UX?*<NMmS8-t_j*6mY+~0kCW()Ed40KYegXsq2Lcz;kpaKZ0!u
zyEpZyy$w4b|6Y~9$&|0>WZb#j<GFXd!ZeI51@5oHs(4J2+Iamsqg_VJE)~q6H;Vrr
zWbARIg;U=v(b3lm-l^!qr)i&>FSPFyhxb8Km{$HKG<CMUgN#9l>K10Z-Bw&XtZ0VU
zo5FZ^?qR&<J$=p?hPx!xG4*_kiBJdbK9jlQ96}GgXciWlE~vq`a}TSSF^ma(`4o7+
zOKwnvg#K%Ivf1Q&q^_d<?MO;}0JeMPqXVFnNn7EQ0S`K$y1(yfC>$7y{-d&y(~-md
zNaZD6z8|i!77V5gJboUQe=vm{lcx^#k}KKHRXpXSfW~_x<}YAbA~cw4Fyks{0CgPs
zZE}Cj{ddg5#|trCZeqFHf&DrdH(xi6n%%iY2G9<Q`ia1;Jf;{mv}h2AZ&{wBS?X}e
z!BbKpV;^S&hnh&hjHV9$#P|EcmOlwgg+SNr{ShB*{Wx6b?4m`tQ;n++hWcI7wh8_;
z0H7^j_v1Tj@*-HI>j;XF!VrdWH>(^QeFO^v%sIQ3)v=G&A)KOHBxw)+8s5He{q{3-
z-PL-bJZkH6vwuxS<1!zJ{>O!*e=ljb8@Tt%j#(DG#K}-pYneZ4Vmd)G(jjs#X6g)h
z4xaeDk1eVIzfLZ4>Vlhvp^8tCj`*R8j52zUS9!Rqh8prHZxeF@<F}TOBz!7RDEu5t
zG|ut{fDUtn-`>Oc6#xJL0009|w8BuV^qbJ-UZ6%l{W;Im2UIA&J(I+9IWVkXmu3QW
z0uY3AaKoY;5`11wmSQ|imV&|gC(IG`#56+6SG68J>rA29Dsy?i^09zu1qY2ANsZ8{
zbE9*U0EExN@u5qkTY_ifwXEyiF-Bx#v#)2h0LZYSqb{~Lw3i6(Mc~WQgB2#A3xCFC
zO(}Hoa*qR|VaPbOel68iW5XTDmf8C=PJgRFFIEVZQd1#G=>~5)GH#=qwh^8jU+jNb
zRksA$XEC3GZXy&9G3vJDEUMMtXM|<}L(<kh5Z#V|p#k6#G@Jv_-8O~k2n(s~ydWHO
zUHV3+ntflrO@m(uAXFA&z@0c`vu5Y?N-hJHMb>Lxk)Cj+3CpCxnLPh@a#@rZ8t;u=
z<p1|{x}|e9%WFX=fht+2(@+87y`F{AGP?0Tz5Qj)#i)E!ec=%TFFb%rz^~2HyS)dl
znY2Z2apz=VU9rw!W_EpVF40_67ytwxQyH4%-uM+<E@UgVJshU-YX(xwjr)B(B?&@M
ze6A)l7+9|N6p0Lf>0i37+dFSCE!|;lcLyA5NFR_pl>`DDU;qQh!^I<Z+7t*BmgQAQ
zz2rZZL~sm1h(rKb-kvs)*ejm%6e>UZy`=ZW@Gh;$mukQIfK3r@xQhCdqrO@&qRr?u
zz}qsH!!xn+!oYA?e=oU!$Pn={T(?V=a84kFI0dq-osLn0x3nudgb`?QI#b|C^;(t&
zTt&hBAgo~GCD}p*$5%ibQmX9YP5#>_GRa}F>*|9@kH|kjkOj;5%zZS)%c2w0E`R^j
z%=_agG|36FccY%E9(p50=7hG!7F;H&7NT$<$tHTDBR{dl|EAs^H~<IrVIpHr+>}}n
zH-07pNwMe@9ZR+!%U{@1*{TcNvZ<{IoVTJ_-F0@kxkkdF4LY;omZAaQ3|Um=VoAq3
z<=V2Ov&DRmW2TFM!)@m5e9&z&&fwxah=(p=iDj+in?gPupN-La5%p_LlQ7QS^FMpM
zcN{cw`v`V*IWuSJ(r~~Nv7#q!#uIdJ^YkypCHJmk!iBwPcHKl?yx6)Q_v}q1vpW?R
z{gmHZcYyrI{bs^i2PPM1?B{udK`UecpV?9d)?utE)01pRD#{wp@YEB`KT7-8&anSs
zE1cNi+0)1Bxn6DVvZzdeLMlDtuncdSU>%6W*F6(FLRqz4ZZ_ovNm2oPZdI)~000lO
z^B#&NjI=3SDMu<%;`%FZ_%60!x4d@Xcxu3S5yZ#0l;dia5$-~AhuXB!$<C0cCD836
za-v<%Y$kc~)T9)1ER=sFS?Pa@8MGDcf#LjHlfOXX7$e>FJd2n3Lr+K|+v)2gbP;dk
z)8|SY#F}ay<zx{;nmOe|H{6U4NL(?NwrF}G5uH05*WBr{mo%LyDe*Kdg{vIP6FieT
zZ8V}`)&cfTcdfr`iNo}}6h3m03kWV~Mb&(*e-{AJH!Bx#k1G5q9<wHqSLlS)BcKjM
zDMd;<m{f_80#E`fDu|i>>+4|16(u=3Batib4amJq%BHwNKL4Ki8=;pfI5i!GZGjnU
z0o2OQG*vU$3k~j>%sykRUPvd3hOod_PS4c>k`w04u!}HN_16PrN+Z|Hlke>=qD<zS
z6jA4zf0~Q)-`c@Kn)`+*R;4f@YyHFkXz4VhzBBElnIm01{CN8sy@}3WBp%xh|1&yo
zLIaI5Ur9hzz{t_b%a5spM9km&BT(@TIz1HWYbf=Z05s7{68NAAMVFmvmHD02rlAQ2
zDe7B@Oi;?@rg87!b)$!4etz708_;;YSL8|shY~spk~U`lsMY~9KM%@#^x011E{_@>
zIzfE7&rV?N6h{iSAFfIo;OajJtuJ^qYsM?FY)mN4NjTU)m@kZoqq=^g2P<>~oe`dt
z1#z0DHSl^YhnfAwNqO-;<?I@51AC(_N10~+ov%r0;<}(K6PW;#mb@VGRuX?dCiXQJ
z5`Bi^{nR+E;VCOzzGGqazlZ8+m>myv52n_puE~~h2wwJ&FvUv@17n5OTiX__KrLS{
zNzSH4r)@^ROjkII^`I<~&l1sK!JG%#qhG}>G!~9wlq_jTBW}jbL(nJX4|3fBoKN-~
z*x86uw*Ya0r82{XPbs;$UzEgFmTj3IM?oQsO`AZ*9YH`adlZW)`j)IkGzhxX(fn70
zo3m#Xg^YQ>yXZ|a`SEN%7G!3IH0xHH$y|lo^DtoA&P}tk@Ea={Hw{$OU1Whxy7sYH
z1>O_k)m5&h=yI4%=bYvRN@%<%u?>8tfG9I<?K_=WUMATTNW@V-Rr&QR;It^|Y)2{S
zpi^o`o8d+~5h3Bct@Fhb4%MF!000e*Beb-{Cd=ilwbw#Wb&hT!l@Y)|*eu{=_N9WU
zcqa|oAk&j)2=T6rfeeTR#BS-;(m?<H*N=m&yOLmO&3KO-t43Y4DEWVL6ZUQ;O`IbJ
zr=c211GX86sllgh&Z0IZAU#e1boA~if!AfUg`)9NWC1Hd`>PH~gc{W$K_IdMt4#_~
zRfWWZ^Y6l2vVdsuFS$ih%wyGJXJkg)gKPm2Q|?Kd)T+F`nu-%nxENve;esIsG^UUx
z4$$wjwu+?z>pF>9$xBt{cZ@0F=+^F|sor|ntugi5)G4=RSGs7op}=kD5^zBJN&3HM
zO}PqytQ87{Zui%xmp&G7V<0kGy?D|FX*)qnTmqtRc6XcZ%m~O#uf5TLo=sPIu7P==
zu!T)@k`Rz57Zg0tVTJP#EI0v@-ExmhS=WaAvXM0=g_&QTs>8Qdi-E>VF*@+U&D(2u
zvcG#hw~LFOG@Yh6tsVX@iLih@Pf1fo<)o=<4Lm_MuYg(}I{E@p<*fHonwcNfjUF1y
z@0}!UN+ao&d~sVt-uIv={tPw@b-4Xw6YxXQYKRMYR4!FDJA}udnRRk<9#pX}BzT#g
z-j*I74%LK|5{L3cVgVqt3EK2g*b*XcFY^uOFe^t@e`W9cbb{37QT+)6EUGd^O#{%k
zZvO(lnb#hPxZLX%qf=PUUkJJp;fGaG33KVQ6z1nJi);ot>mVJXHA$StYETn@{PkU2
z7V#555eN*>(TPgwy?TRk))qm%u78Wd>uw2UY-)<4HlU(A#r?q$jjRsx(CRp4p&RP2
zURB~26@XR#ZIOTlHeHTn+X&-2`~ZiScMhU|1*ym*4~>*m2-dw%a^JY{f@UO*e(YUA
zGr4-xxVtUvG<^tqDYF)-eXOg#^|Pw!^A^<zHG_wvPnz=BNb75mR}H7<RG=5;-xv*;
z5ps)EE~a};ug(0=tP`9qn;)M{Q?!5jH_a1X<iQ{tTzZxve5*4$)e5u<>q7wnAMb;y
zJGq*^P&ZhW?YuK)n?W3VWFneb8L_V#1xl?sA<y0-KM33aCrQ@B-xs8E0}S`?>}Kh^
z3zn)%$YZesmKCa3Z|m-b+uagV-HU(#00+X+R=h=@yAV>_GfwC16U1u>V9p99wz({M
z?_@rqIqz*hoJnZL_T9@*4g6`P)!GTamKbjqB#~kr>9leHg|#;5oAXB2+o^XuTw;4y
zx`;VmIH-4}<Mi(cI-1!~`Vrvgb#&UKULRr@9L6W2jia8hzyJU(u3S$kOoGb3oAG=^
zfo;3TaL%3dPv3K@^Ylc@YfK&`0bSB?i(;+pzPx}m>CJ0i${clLz(AU?P*dGxuL>fM
z<oBwa?qgabbfcmD8O7LbROl)8R|6j@+C%u-_cYVQ*JaGQCsBtRqi?8uhr+%49{kH9
z-XHuWJE0#mhd}rXxD=|M{?<1!p&=pibPG^0V`Kz9?0pT5rOEus@d(N!OnuqCrk~rC
zn*4PfuN`AqlD0DDKlLu>=dggEEXDltDLL$rumAyzU(=Fj`8ydTl3xzQget?mLdZzn
zNJ^Lan^aT25U8>lUh+A5v8VcnT5S`O8-#Jv*D9rR_=jigho-uYV%7b1S&>2a2dVk{
z|H17Cy^hnrTTlTRH%s_w=fi{wB=fo!EgD{i(MDoHV;WzYnlvO-XtSxC-o5pxn}U9|
zQ4;g%%o?+ejt;h%1;Mzd!J(&Z&HYo?%c_~Lx#&-PyP|_^UP&&od0g*BARiYZII-m<
z?yTF9E|k=2|0leN@!Z>Mmv(7*>i0C!e6A(9eMWo*OSVY$6D`ow^W;bewleci)dx5O
zW>5Hv48xX^tyNqxOvhEvYQ`WCp|Di&005Ip&S}#MqDJZms%lRp{~KP{gQp3#=XLvO
zD3zep5>sgD{PF+h^!%{WU2&i&#c{QB`44il;5x_f%&ViNRfgJ%Ub=w(n<U7^4t8^;
z#N+*iZV}-!`|JF3t5D;_61DMOb)!cJi>q*kC>aD6UP((N>A{Wp#mBRu{~ljoV;o%Z
zA&&ZfOo%Atkd-g-C;UQ>{U2TU<PdQ+Y3Z{)jO;-xyQDx{kw6V(p>Op6knEs?)8YKa
z&x<PH2O`y}|G)oav3vRqVOv%C<o@1?;DJU(c{u>@^W;abjE=>tQEti}A-3=a!j4UZ
zH!0^FZ@<Bi3hUC?wqw9V^qZ{!y>6t&TpG+xu;t$L-+))5(8xOre)UdZ9D;P9MjMZ~
zM2qF%(D{YTE@IU7WJlW8kK&_Ryy1i5b_DCffM1V`=9sp?0+#<0SgXt9H0HUTpHnkI
zxdysfPE(>?=2T2<^1o<zPE|D=yV9L-xzGSs7~K!wbE@<7HeFg^{J|IipzP|reWU09
zz2?L@v#&1>rQ0CF6z2v6cW6GdE$qI$Zd&diof96Yt)-jv6TF{eLF~z!T&%PT$m-@z
z@j7(WY5_vB?%=+0C|y>jl#6Y7mf-uyaK7}?F;b8VEpX!}HA$l!l<(Jf1*tMQ+F;TU
zLWks1O9pr0u)XE>aTj$*x>Qjh;NJ*3HWo-amX@GLVXn1~P1FmnV;4xlx##yo*>1|K
zsYl3`48ugwAi<YRX%HOdueYDWpWOL2mb@&Gx>om6(9yET04UkSP|t*t7iByqY3Uw6
z5K_Rq^qX|_?(YstCBh@rQ$}HcWg%WTaj`;^rTJcUiBvSwZW9Wo-})j@w1#G&1nlSd
z<>zUn8v0{!br0XD-L%{5cz*kl%ET#o<>e$u@84hPKH8`TPC)X|=i0WBCO|N{iLqWA
z#~>y@K*Il}-poJFtu985=p$mtoPG^vJ{f<>sb4~h00mg4y6>ma2jbR{6PUief53-s
zCUVD|`T=rTruscDXwUy<tWsGc&n63q-}o128Apj5E585(%%i{IkP>@vdPHICA+qA`
zf15jJuIXuv4tec+6T`xD!3xJV=3VFzzySoE=5c(Poy}l2K4N!+Vw^DN^(1klkt61V
zOxQ72F!cm`m)k|(*)Aj9t2JhWR*!XJi*F$g%t*z`ex`ZU?Owcj6}H}tlgCZXH`J5d
z%v*&8{p;-nt*%uee->gG1L-|<oD&4dJLP<8KicXo8UsK}x3ezuXtDtSz9u5}n#Q?u
zm8Ua-g$~XyF<IWRu<`)u<&#ueKf%0l>-ID)JU$+ONq5DBqphSD{1=0-h%RI0YVc+1
zE!AvVX{e!!S}jY66>~<1wmY3<5Dn%*f2spukF#cHzj5F6R8)K-rHSKJ%e=h%l0+;w
zR|+G>P)BTQ+U=PPvM4b0fuDtoVd0{i#qH56`Np8>do4iO2*YAooz`!7Sn8l3zrqL?
zqng7Fi&PsFa8)!(V~ti)y0`go0lO7GCf&GZK>jizKLB)HPSR*EkZrWMqhWn}P9aHm
z2$tjuvu$&ygMN34Gm^4Lrx)4dv1OK@$k2L(tK~U>v+Lw`G&RAKrE#L3r`tF@D>XU6
z@|r@t8QMM_rg<Pb&*Ko$jOTXXhKK7*q2)#cg*Z9r^G<%A<gP>HUH||99R172x5LM;
z{;o@_Odr<pm;^>-VgJ?1b!mg>(Ko)l%N_y*)qzj>S>w}0_uk%`7bkTJhS_-Ov6(t`
zgSLNKI$1c}V@s_#B#xFtUH7BW=}EWz%y&kC4Zk5;$@;kn5y`DMlsU-eOZ3))X5tAc
z<Ej(puUAYiCF%s=@4Hp!(Utx)s%9kye@!s80d>>7lYYtNIXtNs5s&yZGMQZgk1d=3
znKv#n_9k;3T;pb<3YCExebpQ<HRt^QvvVu=XWrgf(c4+O+4N~}#XBk8j_y@gkxTWb
zNrFNIQFF<YS!c#p-{d>e>nvOUnhYj)PrQnSq$FSNBm7WgPq4vujjqBjl4aOM(oDMv
z+SE~B!EDXsf4TqfdaN~y+GZ~X$2EtDP7Pwf!_f;C-37pSI4I+oJi#(Sul8x(8#{^`
zEe@~3UmU0Wtnulhd+%>e3zM@Xz!hNBy5u+D8s3JYW;H0bG<4^t^C|Ni-{X%eL!7Qv
zYn~<9mCBk}@8;lQG9xm(=Pl1W*k6d|g}@p&nONXdpT`&Vq>?9aR-Ptu;v$xnQ6)#z
zR!-r@*0vS=9PO65xTMwf&s<TE*~18NC8BdNATNjC3WyJqi6hDyjwS-AtK6fJ?0@=6
z@{JoPh7`VhBC9$T@s&hhn4QLO3zw=l9PT%H#Mf9Ce1x2P-D9P*bD6SBQXZcwKU1M?
z`;2IwV2KQfLrRtey9T@fGIZU=<`I&|m=s}chJOx3$zJyr=+doC*DIX1=fU+p+Sjyh
zL2|F>plQ>xrc!yMO?5{osmu3eGyPt|f{ZAJ;#)Frum0TBN1c%|SQen@C@#T7wWf+;
z|FL3#T1i3T_ND6qcva6+tY<ykN-NW#Rx@<oO{a|BU@wOqeC?7n9ae8k;bEn5$+Pml
z&TxIg&RKa+Nvt;F@eu@kjYj{TW6Sy7o~mEAP363Q=#3J}*3c6Ap6e+%7TQ6f$8fHB
z4aOBgM>`4)1nZ{&K6s`URt!2eAkAPFU2542y%PgjwNqQ0ka&uT!th>bEo~g5x(ZPM
zEcrf3jb2Dj4w1LFmcYQ&nYcx^a=5rdU)~!dWp@QvgI5QaOA#`;&Tr*-tR@F}FF#^$
z%e>Th(?1G`50Z%een9!yj4VzMl-qdXf}r%`zc6itkSED&yF~puJB$+yp+AL}nbe}v
z_O90luFUqmYVbjj&!<~cc&tsD`RQ$~t*5W4yqF~5o7!IFIeU`ALO*uB#iVE+NCR6C
zT>~?FgF;aFvg>{^=#hqJ4p&ZXG}25QJ<S{%;j?2$&fwuJs`!L28Z#5VU+}yI(P0Y_
zNZhSW4}vDoFLcJ2rn?>u5^gSTr7pen_Tm0|TWf1+>*aRZe4MwQ&RsS*`#n&)2YHg~
zhuOz7JoOenZkvSaZ(ABe8UTj|%{5x<-9>b_%qF}#GDO8rW)&NZefX-5%;pU1hpcB@
z<YA6hgfORj&yGqR&vA{WG)0?FR@WG;X>*C+f<a%P=SX+QKCvN8a7gd;oxVj}Y1Ma&
zsh{AkB=CF4eLI1pMC2i<S+5_hSsf<yoW2W2wFDdHPZ<D2X-xXoJuzM0W`F+ZZ*6;>
zxC{RDwon(>DaKTbL<9{f#WcgGQi}AJ&)Wjf2{{{?bK`z|PIa(kU)_v&<;Y(+u_lhN
zh6L0|3oy4|a)&5&P<&_Le+{8@w}VJp9G>7tQ4ENJAk=ibHy;pVtZE=JWdiperP#7a
z+<b^~zU-X$uwhJ<nkqJ@o_{Q_E7v#Mdl^J05l!<zv@ql!hzU*B(||Gfq%tPGm5GFi
z7{{@qc)H@>d5M!4x%5h(@j_=UzOXz86MWKS7}K#M>OLpM$T`HYx9q;1RTaAOXEHlu
zl0zDl4>}TArjc)(J&HL^i`_jq4WC?Ix$nuu?G4dhldyLTTcmo9o!dWT)CS!ShqQ#H
zcyFO2Ksy(g@TWBKkx>zA$ni6->4cyYLfHfQ5TWpv^KM{4Moubw2zW+1Rm!)*fQmV8
z-`No@{TC<k-lr&uf!!`r@a)t%fLwLYZU;l=G6~*A;BH;B62OHJ=<$WH_*NkKUvQWy
zG=q3DVml6dwGB(Utai&}_@04?LLCV_@xX?LC&k5v=wb<oirn{y!uz0M0UupyO6Ehg
zhyWR;aLVK>Z387oJ@|gqw7jC+0SVGMw0e?2_sJgEM^<ZEkSH0hb3E{gr*54%<eIsi
zh8*uMPlXcTy_cwVuz@L^JM+C9dKtNcPV04kt+W#$MJoCx<D*j~BbqcmVxPr<Mt89$
zAOub1_kKob%4Gk)hoX=mGQ1h6oeJs-+2NX3y>*o!8GiMMU()ovS5UbE^_spQ2UgRy
zAUa2n*V-#wWq2ZvjC|VNRL%I27&0^1(8kLHU6;(y*3!yrW?oK@pDXD*Ou+c{o?f>d
zr-d->kQfe3bDe&`@`(}b^$XVRB3Y{kZXI$E3Nf?pxWGSIisy<o5V5|pFvC&A5r&)U
z2qD2u9INlh1cxM-l30(KR!)DYx0A2;sb-(D<;`(!PL{lS96y7`E35;iDk-T_`-2ww
zuOv^93fIF`W^v5+GL9f7<arpMgy#p6q1FP^obG?-N%EZgjly?Ye8@)a_2nQ-1mS-I
zFoFPNFSzJMrZxnytC(^_wp!xiqHY-UCV<9{Z>!$Qk~xJ}oY_~BJ2mNaVqD+i@{V<Q
z_<a#iVF#_wR($34JQHCy^r;lmMQX^|O)4gWr2*V!g@E01sP*eXZMvx-CyE{BR7w*B
z>x24BR^zRwjEiL3FwKh5-AyiqFV-v{rktI24)6iIR=_pk{in1}#v07QIs;pjg?_Hc
zhu)^QWrVi~H4AXCW502p{yyAs0f}UDh>Wp0L}X)a7Jilh@Cu*g7kP-<`f(jJ5`%3%
zPb=>2+z|h8V@nY};k$F2E_{$k&>-m!bEv`h!8OXZ+=^4{C&8hg;i*{0mV|ta)%Qnw
zJbQ@H$sUA?Kixp6rnAjsBUUn`3sS-=4P?-ARaAjO8^mXmZvZMG>muQOX|I=SM{FV8
zuq5gJ?_Te4gg^bE9*P&=Myw?Sfs;BFX*i;AT&Kehr)u>KoJ`BHUBel@(~lx)Y6jfM
ztg!X9$jm&Bj#>4DkWOXNVv4pm0nP!xu4$=Dle(hFTDW|hHY(j6!GgFNUi3i+sXFz8
z2)1HMW}sterxiyJPLjU)4p9je_(cT+%aAlV_Z4~01>G8+r!X1_roZPj+TPu7Cf5Ms
z9Mfs-Sn-;D#h)JK+f;TuMaQrYSp3E4%C@>3Uol&3Imp*)0Ad6u+Da)v-^RjY12$;B
z_W_M;)@eK5v^W$GW4h(Y*^2A_j$qx$Bk9}xqlMzqoao${rEdTxgo!TJ{MTkb0^m04
zZT|b1ZVH$204&_{!d*75FB<j3k2G;}WDB$pD||SG_L=lky{9)SQ4SCTR$|7P{UD(|
zIyaQeR3Zhy1=q^n))vnMFMfTW1}a;bpicD2r-U4?5tFtrZ=TE4jh`y&Hx1{3z^GUB
zQONWJn@z|Mb98T{gy@}H(fq!&8a5Kd-AmvwEnKW?oXg6eQuq0{k*Wg*Z5_Oc$Cf2-
z^-Pks-jW&s9jxMTU2KRg_u-camG+^5&i~yFx_4=!+>u5|PvQp1IiO6mmiNKmbujn`
zKDF`VIYKu@WK{KpH{*r-{7_&10MlEM!%o2ZB}W|rWF_|M@sJGQqvruRO-hB+kdUZB
zIkGY1!~EPWAWF=1Uaj2BeH0@Dg~8IA6^mf5e7|EFNqV&&IeeSxC@**QIc09R(PNz9
zk=vPJ`0Mw*<NANjGQsVg8$L30aw+n4VdRbCh>WvVt{fNYgTey5dUWzY)UF(*{wERo
zD(V})(S;3FdVM2QR%lOP6>g@YE7a;6A`Lc{Dy{oM?+1f9FB$|F4*(tMZgcik<Zbtf
zGt^&t^S&?i99@?(2k#xj)b?Hmhxm=|4gk_x*8=wF%$SJI^Tr5hxU{k?!iH&00db?@
zmv9|2Y&6tscC(iFSV|*9=ggfDr;9%UjyYdg0Y*B(X$v(u&F@u8_zehd8TaU+L$`sP
zJvKv?l6VzWihnaPhlXlydZT6IgigxJtcb-KGFx>Db+(m6egZkTCL=Yv1G9GS#CI}J
z793fpPDnLt8<-eG8P(MR*y45a-zfy}Wyv(1^l67rBxBplwS;`03$Q7%@ni>jy|DL!
zB01$7Bzl|i2S;j8Id+_dW^LmD=%KB!z(4bsSaog`SnCMmfP8^>eCIHm%Ws(yk=3-I
zBx5d&RpxV|glxRvP7{R?(cTv}s0XSw*p%MapQ;OT{x!0n4g7MM#dsb)Pm&(1Y7T+s
zU^JW2Ghj)~){_9mcswrW!Igno<si8ui)L9whn-!fg+g{yAr0}K2q03G9DXj4>2r;z
z5g_B!Ol{k7I2ZFqp;Kz<o%>)=stO}#Ip;R0q<MQiMfa~e;{QR#*>fkkHm|TR8aG*e
zwfv1<Z{w=I3w77DAg`QSHYsgT7M^t-^YL_tOT1PVr6~UM{kI?0X#;PhnQ{v1Um%{@
zk{+G|Gb^TrDc=WRo)7&!KOQsmR3{8q{gE3AFr79XMp8=Wnc3EbrqOKh7;-<Rk~6)Q
zPtrlNle1KPwV?etBTF;=h-jK+qAr?n0|oEiK@odfLaNK#kSH~ax2g;#?v@$i^2CU8
zO9O)gyhGQCVNgZ;=d`YeYL(mLeGUXh+`Q<lmt^>7(X#&B`1$Xib;q@JCqFg8@!QmC
zT#se$)Ia>=O3TKTnbh`88PgW9(X;UdsPYH`#t#U=H;0lL%V5jUQjcRxH;9{!obMaT
zNX}i$<93r+L&3PfLLP>G<j5jV-<W4`<3PgXKtwvb)*CQ#o0P%vPHZ?3n;%GkGwp39
z;!U40JRJ#cXGNm?Y4EP!GEV)RB3%w>JsMVnutQRnZW>$n8vp+!ocAoxr=gr|<9>^#
zS7kmM_~kQ;^q&G*-}75gb{K^8OOwt{Z*fUQAFqja=Z42%US{NFK<U(1=96;WDA^pV
zf#z;yG39PCXeB!i0nf$K9WG#zXs@68$9@<iaX1(AMxj$`?QK~Ee=TKt=|S{^pN8BF
z;&uK1YzF_B*Turc3K8`RD0U{-enL%4A2tBgR!>}*CtNoNrVAJ1=?<49!15v7kR))P
zH1jC9c%#N3W4*6~0~(#=D1{25lQZQ;z=^2k$_I~nbC=}8+ROmgLBY0u{>gHD8DD;$
z8z3}$wz^?-<Wo~{-}$ssQr4xktYJsG*3mr^)#afzQaX|ZlO2p;c%sAAwjj6!?QcZ`
z15k_-bV?8MYfVCr7Xo$Jdp_+}-Lole(8RO>H!0A>yFb&B)d0hn7y?r<0p!vDKB5Xo
z&W@7Z<aY5B*hG>*YLa`l0CUdZjwyo!h$fZEV_>Lt82(qLGwBE@qF07Y7FtNqo1=q8
z<_t_ZQ)1N2@TLr)he1BlJXF@)9IihHv`H(QG45t4s~gAE-f+C~^qbPeT8d|Ow!O+O
zes~S~UusQBWwvW^sbOoh1OOhi;K{PH?o%q<A@#iP_SKHbS&?Hz9(b)O$M&c@bqJL|
z>sjW2xRud@0NSZNY4Z_M?>505qH(S$&=}!8X6q$ZlM}&#wxTGgiDS5)+`~g)I`jlR
z3z7EF3F8wEAsKPjD`424jjeb~LX@Bny*(mg!Q#B(=DL&ogaV5SEtMi`JJw7`?FuQ)
zT0~BcjOb~ZE1KJEnJ!p1;(n~DHXgw+XFJU)NAJr$sMOZQZo}UHjmb<VZ%J$hrAMiE
zh;kisanyz9fGF^+6H9yS_5S;SW^5TKmNWnfel{T2M|8nyZCVXQXwW>)0?#OiR^b&)
zO?G1T^{^LKDCc&Fr`9La9*%KQ!2iKQ?JtTZgysh2-AGtiD6DkR{@s|Flb7==Q}n@T
zU>xQHwr!?*96F=70qmkavD}O4vBxrbGGv4Az5vd7(Zs8yVl8(-p4v*z;<h=Z<g6PZ
z9><*{`BLs#Mye3l1}k3WyWt8VKmZ1t?8}J^cB$;i<4PM5;W<$Ys{G1F1+V<*VIrn0
z2Qq>P@4fs5T(?wUv4;x7i9OzNdBos4AXl2a(|6r8{dLIdc_Bno|AN!aQzFWP4gq+6
zqA~qVSVzKIuro&8Mq4RiH!RD_YClM7q!W5pZRkIwtkWG<$(g+-vPzp@&B@jv`SIco
za=#W3VpoEem!s5L6v8*OW;h-BprF&Bg#it*sa&k*B^Ac%AkRoizwL#5x5yNyP179I
z*$7Y(SYrrW#f1M`^fEc*n^ppgOdbiwYV2jb=bs1Pg`XZUHhV0Zk>Hs6(+eAQci=cx
zaq#>+f6a+)+4nfGc>Ncvu{Npp;VXsNw3l(Ql~w0Jk9Br`qK>WObB;R2sr0Bj5my4|
z{!7a>wOHCF`C2mMieh>>h^0C{He~5iU(;#1B}XaZzj(jne1?0&E*YlDiOyfJx`vSb
zggr*u9Y#9M**8SKm2o!RbT^^!`MP**)>V&uhik7o*}^Al55F5q^k;eEoQZ2mg;-Q;
zi(eOT2j3s@5_q}a4e`I4U0n$s9OebOH=69Oz>Z!ZIeoe<_tClya>tj6_@4Y-Cu~1V
zDMt|iOe~u=#Q{kon_6k8v7?Zc4|TXQ5z?;j?CgbsVxu3y?N*#HfCP5fIBb(KFm-&7
z3v$>nLK;Zk17gBY94MEtfhYC`VpClsJ82yx_RMCY8%h+%ICKJTbj)($fz{vDOWz4(
zL5h6#@KiVI!XJwU!n(dzL#XhR8ugq29lk@OPULMeS{UNn(`~L0Cd_$_*n4dZln+J_
zlNtPks-5_SMUvok$a7=$YZEl>6t>ckgYSS0Gd6n%ax(GPo?{Rh4SWOqw7k-m6jrAx
zv_{{lFwJcgzF}ZF2_6Vbf6tO&+AB#I2KL`9*=(hPKJi-PF`=h>BEv^;u*wvw7lIv~
zhO&F8O=r>nA5ox5)IK_QyZn+Q^aI^bUbU6##QzS&WpHjmPYIt-I_-lP5|-JvK^*P3
zfz5SGVUMv54%C%F5JX(t!l^{X8tw(nTgQ+w0Y^z%biELv3w~)3jq=bMlQkjIGshpA
z)hjw!0rDuRfy<?g9Ql{h=7ad|l~q$7QTp0xZLi0nHNIOzy`6w`T5RUg^=>lzaPn>b
zD-uk3cWncjIML_(9+1fX0l*G!!t#N`6<-EZ5!uE`0!6Qtg~QPxn8ugHOSBtIS7!+6
zZOm{jJATqUIkz-UHfc}i8CC_~4xzkOz%ly?3so8BMiO8<PdAO)9y)is{E{T}1Km$N
zRkVvo?q(DT+L0;bF!pb(a8x=`;(PtBCIn3eE=MA0#Z#^6+%i5(Doc{HMg?a9oEhKx
zquB(>)xp-kD!DhVxV!A_#k9evZG^QL9+ZXlQ7j<Qh>j<Qfv#_@$3`!GK+81qH!J1*
zn%m)W!!gwAK(3IsFopVZP>t5G*?1Oy0aRV8yOpPT(=Y;GgQOwV?gxkn=nS5Y^`6AM
z2VyhKY0tENwtW3C{K)J-^|Qbc=<k623(<`lMSmwW`ktx7x0-=W1tv9#uC+?LMzd?Y
z{7cB7z2b=xPl&|EL_btbRjcSbpTb6=wZ2^<^Cuh<xl&iMvn<K-$C2ph%MT7YPP^-m
zCRmFF`^}QvI&nN*5kAXY0k1fc4QC)pgSloELyVA}z5C;rHo_}YPus)u2iK9R)&hO-
zV`88U_-RNqT5NOnV{WZfkQ=f*Gw=pFkMYM_uM<8#9{l7i_tjjKTiN;6<qmNBwI6G?
z^Jo|cggZVW`viD*)sc!mwdIVY0&u`;k{9LhiipPO&iNfZmoBJ_s1c^<kT|dSMJg&~
zWnDyCJlr%}d^6@ika~4dUUL9TWw^&`5O5!VAXThSV6@@qgFkTNNR^nVudd8U7ohOy
zs3qp}8od@TGBte5i6w9moWCiwu9<EWSzf(DeI@V~zPjDkj01#rNL1?f{7DE~bEj~~
zS_2vSUlJMHteXtqK!p9p1_|>sjRLQhj!_s?<OvWKi}bMXazo<KXW%-QvdarpkhCCm
z0~1c}TclzNOTtr2{a3#qVE3lm*<WaqXGZGY#yU0ilZ_c*@F46Z3>!4Cl#D7sX@!@I
z7P`{16ItF^RBmdx6^|VZ!pb$CV(apN^c~1J+!T@+Jp(5WTPQ#<Y3`WA*G#xeybRsp
z{PI}kyiOW}L+0K!A$v>JGX)O182u_jj!q5CG+RW~4v`!3eY*f7_wB5vRtD-9pm}uT
zGkK;fILETUojiqJjDQy`+kF^^;(nxmnJ!WgArqz-z#+EP0a$npvjiINuRMkZa(-|m
zQ;62YuLyt7Zl)AX*4j(R&Zi$NwQ#|{F($3%;^4~zV`+_KaH$&~#<6_M*=;jXqh3;E
z2Y;-~Z)xD|7^{~dbXw<E($s+@VC3GsEeY}@4*9o*{m-x-*vNN#D2r0tC={F6#Bw5n
zw|YUWOf`w({_kH!&*N_63CFFtI3rf{Ucq^xL)THYyd|9s|1e1hZL(e`j<dPoL{%T+
zVUQ7O+MRiP)~a0jW-Jn?z!~4T<9cwHt}9t{x(_(&kkHGVYioW5gLCo<+w+(f@+~Hi
z^)L&ha;|`M{|K-F;1CvveWX=dlARTgyKi0(=0%+GI$>)}iF5vxM9zQJ5?2<;5EEQQ
z89=rvKbauPV&8Gi&j7=41QPwt+fL{xrS^7Q>Jt=<o7yPvp;OPqNMr0gR@1(fT|TYP
zwF2RSOgZ+w0GvEeglE!5-+^pQSvv5{DXb;aZgqw=yd6J;0jsPkD@Qe(UO!M7XAuzT
zQ_k8bPrh8w2mYUApO{Yp%+=5ywxg;(Ye}R%Oakc~tDqe}!Ylt=S)X1KILKcYU$yN@
z2-?u+MwS->vQUj4ZbZ(}r<m?<3_);4^Uv5VQQLdH<Q1$wv+N!Ix$H2N0y=QfQN0>9
zcL)dswx)r2f?TJ+H<KODU=%^Z5d1Ff(1>axj?9aSKl@mO2)(S}X~{-84wYF$@uuR8
z#|9ekaKb)@0L!a%Rars`G$o9;1txmV8FOOyQM&@{x;0XLpAjW!E#}G{)DdQ-ojWA7
z71N0*ki35iaY(#<G}F7}dbva-X1qXJGc#xf0gVfC^nMG|Ze6}vR8|mtQgRErj8_D=
zd@-Z$ZcN57=3^xj1OQC1<~eDd5`K*QI{1Q9VlsuV!Hked4Rz{B>nplqI}>xE{!V>#
zSN^1Qi?IRRMVPf$m4od$$V%Ha(o{(#HrUKTUN{6VSC-%M7j+{*i7yP?{(0FrFQVbk
z=Ih<nrh?h$7%r?>TD6&w%bhJ=k{Qn7_~ZpQr`K_Qq~&{b#lMZgA!5W`f5X5+S4r!s
z&H&4PCdpRGs!t$(Gf?|WiAKj~i3RtK;%3mRtTsNhKc5bA{)n@H!6JW-eRWgHgPX~!
z5{l7_>H9-!p?_6Y5hQCZq7FwIK2rPzewF{z0@fkl8yhHLw0cDeM13j)8yl+4iz^0?
z_m3yl#7>k;%^jQ*>ad_@2wY~ALB|nZ1S(+%(_-7RI!kP8q&tONcg=blDhTh3_Lr-J
zp*B@^%hbt|d>F8ydc!e@5TjK`XkIMfO!!p;lgSMQ{gZYqk5wtANP!qnjA@}zHPLwj
zMfpxdBYP~pJgboCd`E1YC7dvL{&v!%v%~mC;B$SCp*EKSz0O!!6sZ-bVpyv)Tcsqq
zPEjSc7I_o@g!d2BD{}d~_#|uN{c$lZ@@*!gLT?(?ABlQ_553xoP=#3jRU$@Mr)~*7
zbG%MFEsV=16@O@DLIl``xi^=X0W8G<3|ylf@rBnITUGq9bnr$^X_r?1qtn)vnoBug
zTj{9%Q|nZ<d|_1!k=^E`>A9`Txy*(U`$adLnz7fqjjm9wAqm>QOrR%i6WqX%zGh}x
z!23Mp{E>WlJl-?HtMcAb8-Le^pCIxi5W240T8F8A0_h+gpo{lXMm5bZ{2#MV(jSIf
z_}=_QC}oYqwnha9#ow8E?SK;wqxo5a$JEf$`g+aRq$YvwTsHm_i6~mjvyn7X(QaBA
zz4OvubkEFjXNR)xsymcwgP7I6t?H48RS-6$v40M$6PL!Q;b5Zu)pZQ&`RcaP6`*$^
z3BFfy?N+vPS9{(KFTfzyQAynulP|PK>_Ai#wb;|3E|ge~lEiw+7FO4r)<fL(ZVjdd
zAqkEtnrkC&iS)s<x;^XisxUn~t{{}qlzpLJb9~(R@SDi<xzeAQyvR46&7;{uJ8$AP
z|9A12TqL`-MmV|;^Nla-9>VGM`uwMYb)8ba??ay<b?xN*`oH+0A2_KaLB(p9NUPr$
zHGZO`NDXV28l`a-gPHWfumpwy9l5aKTGx+mX<BzDXW^uKYfq*0&KZ=+lFo6FCiXOh
z^@0T}79szJ?L`LmmYk}nxiyEgGs8n@9-=IR856-RvJS}p6}YDPvKU+Oi39n)hZWN{
zYGe06b4BFNu6I`?4d5Y>H-mma7R!gIq6gisqiN3KGh{2oId3Rl7w}M}I=+v$w2vO&
zXS-kVLh{YZrD7xIrpA6FegWP{`hdU!zHg0x>N*fl&}C(D_k^dc8L6*E7vydvpB9?0
zdR#@Us1LycYftv^Ob(qA;j|p4{9;kBawMgF;$iSMdIru6dK80{eDZ7246R7+{&oKt
zf~zj~WY83$&dHN5;Vj>H)}8>V!TiHom9RvNh9rE)FKQzy<xybU@^&+|@#`N?Jb893
z$!?k<!H>xmx+=4C&<fM)5prgH0Fd1QJw)PFK&wwyMP~TAhDE-tG6T{ut$Ml7(dR(n
z!1~BkYkvF~Es1ETAvoBj^oek#w*3J;>AvZg_J}>J4@8%}6i-`9oKu0GlWF&JkW|5@
z19L4Gj@4&>2lxio$RvG3u8=~R%wfUKPpdxB0T;GPoYZrMWS1(x21SPg;_b--rnUJN
zxKY!rnP7iv9Zc7nR7E26C1zkeg3>eT@UEw5QLVdt^s&Ttcu)JI>3L`GG=Z}vs<WFW
zWhbpxN?@GQ-?>a0i+f<;@8w*FL*hGR;Vj{LYBBiNUMENcL>gD>tGAQ(6sZ-bVpzsZ
ztyRr2h3lr55o;;~@IKbwJY)s_w@NZQgTO3=kKpe}G_DQe7RU@5My0D}F>Crvt(_99
zP0TxWqnltW+6{3X<1TPusmCR39UQcKaIE`Zm<R4$5v?K9#qwZ76cwv^l~{}>E}p+C
zN-OK`>%^}PDkUI|edFJo0Bh+NRnpkO=cPl%W@x+}@`nk$T`ec=tzCisrGtX0o`J@8
z1$;!uCK*Q*rT+`$$04JMQ6Lr%h@y5}<z}nH@s7T}RMH@6I<9SCkk<QdUWls9w9F^T
zgkexgNrj1j?J;enUVH1F(zvhl&lfn*J<<{wdhGfjS2|eL`mN+OW7kufy;N<1Ra=aL
z=!I@%O9V<rX+LpyM!m?4tY=Lah8`l2ZBxArl~D-#ciO{4P-=UXg`MM8lgCZk6aYBu
zx2OeJ0R!vWCRv25sC6dC<18$^r)ZCwl)m^^wH+Zr)J4)0w`X;v2K4Z$gZnE%Q_$*E
zm91_SYF4h4(ZdY|1x_>Bi;{8I1PzBpm3%*cqPGR@2J9D1_V3~YRlOUpU#t}B8`aIc
zo4XeXHWzFwYm5*^{`#pX8O`YBLzJHP>YnrxxP}d)?X`2~6wIu0ZHl-dICtn<SNdBt
z{#o$x&M@nhz35r)*sy2PrNU-O`Rww$fFcl@1V8FQ&zIg8!O9v3JX)!tf1^mt5`Qt6
znqSueta@HARX8X{SyAPSTO;$!l7;e!zRY*>>R-nic~s!a1eM9pD(t6XpvSMg34)QI
z8(!&P(OvG9WD<j)$x{j45!r7MEB^*NL8rByO6%uDbuB1Dc7^`OQ8pFsm_Z@!h1Td3
zwhh2+wrloNZ=4CdMC_jtz((5k`umLGW^r8|Zi4}TW5~dp`6^KixkN-g%E<^tT1_be
z;cG{n)KW?7vU36n7P+)(Sh$O+OgL-U9=*Uh!9_<`r1%fY%m{nKk;kQ)Q~;*kzl5gj
zBG_?!U*qb2BSv{+B{GDwP?{T)n7c=$!EN7`>&_fQ!~pcF0N6*Cmx$!4^IF)W%g_xh
z9}uSd&tWQ#*g>Kp?7xe~iDryhRm!)(7g^)-CZbb^8%i^=_ATW*{)@3Yz%G28IVDx)
z2B5hN)e!askfdU~HDULj&nvhB^ctiR1SzxLX#`YprRqZ?KNIHFXQIodwKvrQdEd1=
zn7_j=#+4RdxnBcT=oWo8)^Mce8Bba!a@Kanm}w$8oSH#YdfoG(3~>AIp(Eql{}AxR
z->1#}Gdpwv3dWa398J~LWy>TZVy-L=LQO6&cn|b@bXKci^ktc*3i(8A8hhl4G1t1U
z-u3z};_Uo#$DQ5tFTf9tQ>S4i_ox>m2nR<`khQ7%o`;~M(<_c5&NhhgDe?=5vbi;I
z{-)J12MWMbHJ+0$>2?)_mwNKHpCh4R82_UP86ICercLWu%wr^_4?S4(_K%M%AH{Kt
z2}^p~qTsSYF2*84fp7hf8bpNV<9GkxrDP`w%KA0P^<7{=JP>HIcyzdX5-^g9m&{jt
z9gV*Mfc{egG+U&@wwssohd<LZUtN3i7_M~MkY3%D1-2m{S})}XPDu-*_{4%3EsJNV
zM>60_OmGu<14hmFv4+&6XvvA;u846;mGpfHr)ct8ToXIrB0Fr@4r(HFGLmf(N<cH@
zDY((UA>t*w!PgZ42dkHZ3u=4gp-CQ+@)@2M8Fh*+*f&m7xN(S^ixCt^g+t`xTl1nA
zsE3<i00rTizYCR8jv`vg@>lO@m-Y?{P-r)bpkiYs5W@XyE{tJ_AE8<9()G;9fwR{v
zOmg4|oyNoLqC>QL+r%E`mHGT?zP7c?8xh^Y(55C_IWwa>hM9~1=UHO_*w<s%nz%EU
zB>C-$6rA+Rn*1TS0MQ0x+)nNA<PL{gx|*PvnaQ_eNDFM|y$~r0nFs&?Fz*)U=+yj&
d<e){#*V}}q7+a~p000000000000000006f!6?y;w

literal 0
HcmV?d00001

diff --git a/docs/libraries.md b/docs/libraries.md
index bd17534..13b85a2 100644
--- a/docs/libraries.md
+++ b/docs/libraries.md
@@ -445,7 +445,25 @@ environment without MSVC present.
 choco install mingw pandoc git vscode gpg4win -y
 ```
 
-That Cmake does not really work all that well with the MSVC environment.  If we eventually take the CMake path, it will be after wc and build on MingGW, not before.
+Cmake does not really work all that well with the MSVC environment.\
+ If we eventually take the CMake path, it will be after wc and build on
+ MingGW, not before.
+
+## vscode
+
+Vscode has taken the correct path, for one always winds up with a full 
+language and full program running the build from source, and they went
+with javascript.  Javascript is an unworkable language that falls apart on
+any large complex program, but one can use typescript which compiles to javascript.
+
+A full language is needed to govern the compile from source of a large
+complex program - and none of the ad hoc languages have proven very useful.
+
+So, I now belatedly conclude the correct path is to build everthing under vscode.
+
+On the other hand, the central attribute of both the makefile language and
+the cmake language is dependency scanning, and we shall have to see how
+good vscode's toolset is at this big central job.
 
 ## The standard Linux installer
 
diff --git a/docs/pandoc_templates/vscode.css b/docs/pandoc_templates/vscode.css
index 6a78ac2..71458ee 100644
--- a/docs/pandoc_templates/vscode.css
+++ b/docs/pandoc_templates/vscode.css
@@ -1,3 +1,3 @@
 body {
-	font-size: 85%;
+	font-size: 100%;
 	}
diff --git a/docs/setup/contributor_code_of_conduct.md b/docs/setup/contributor_code_of_conduct.md
index a884e62..e7d89bf 100644
--- a/docs/setup/contributor_code_of_conduct.md
+++ b/docs/setup/contributor_code_of_conduct.md
@@ -15,6 +15,13 @@ that frequently strange and overcomplicated design decisions are made,
 decisions), decisions whose only apparent utility is to provide paths for
 hostile organizations to exploit subtle, complex, and unobvious security holes.
 
+McAffee reported that this is a result of plants - the state plants engineers
+in nominally private organizations to create backdoors.  Shortly after he
+reported this he was arrested and murdered by the US government.  (To be
+precise he was arrested at the instigation of the US government, and then
+"mysteriously" murdered while in prison.  Prison murders remain
+"mysterious" only if carried out by the state.)
+
 These holes are often designed so that they can only be utilized efficiently
 by a huge organization with a huge datacentre that collects enormous
 numbers of hashes and enormous amounts of data, and checks enormous
diff --git a/docs/setup/set_up_build_environments.md b/docs/setup/set_up_build_environments.md
index 4e4fedb..6ce316a 100644
--- a/docs/setup/set_up_build_environments.md
+++ b/docs/setup/set_up_build_environments.md
@@ -2,6 +2,29 @@
 title:
     Set up build environments
 ...
+
+# partitioning for linux
+
+For a gpt partition table, sixteen MiB fat32 partition with boot and efi flags
+set, one gigabyte linux swap, and the rest your ext4 root file system.
+
+With an efi-gpt partition table, efi handles multiboot, so if you have
+windows, going to need a biggger boot-efi partition.  (grub takes a bit over
+four MiB)
+
+For an ms-dos (non efi) partition table, fivehundred and twelve MIB ext4
+partition with the boot flag set,  (linux uses 220 MiB) one gigabyte linux swap,
+and the rest your ext4 root file system.
+
+In `gparted'  an msdos partition table for a linux system should look
+something like this
+
+![msdos partition table](../images/msdos_linux_partition.webp)
+
+And a gpt partition table for a linux system should look something like this
+
+![gpt partition table](../images/gpt_partitioned_linux_disk.webp)
+
 # Virtual Box
 
 To build a cross platform application, you need to build in a cross
@@ -45,6 +68,8 @@ the OS in ways the developers did not anticipate.
 
 ## Setting up Debian in Virtual Box
 
+### Guest Additions
+
 To install guest additions on Debian:
 
 ```bash
@@ -65,9 +90,7 @@ system updates in the background, the system will not shut
 down correctly, and guest additions has to be reinstalled with a
 `shutdown -r`. Or copy and paste mysteriously stops working.
 
-On Debian lightdm mate go to system/ control center/ Look and Feel/ Screensaver and turn off the screensaver screen lock
-
-Go to go to system / control center/ Hardware/ Power Management and turn off the computer and screen sleep.
+### auto gui login
 
 To set automatic login on lightdm-mate
 
@@ -91,23 +114,33 @@ autologin-user=cherry
 autologin-user-timeout=0
 ```
 
+### grub timeout
+
+```bash
+nano /etc/default/grub
+```
+
+### autostart preferred programs
+
+To set things to autostart on gui login under Mate and KDE Plasma create
+the directory `~/.config/autostart` and copy the appropriate `*.desktop`
+files into it from  `/usr/share/applications` or
+`~/.local/share/applications`.
+
+### Don't let the screen saver log you out.
+
+On Debian lightdm mate go to system/ control center/ Look and Feel/ Screensaver and turn off the screensaver screen lock
+
+Go to go to system / control center/ Hardware/ Power Management and turn off the computer and screen sleep.
+
+### setup ssh server
+
 In the shared directory, I have a copy of /etc and ~.ssh ready to roll, so I just go into the shared directory copy them over, `chmod` .ssh and reboot.
 
-On the source machine
-
 ```bash
-scp -r .ssh «destination»:~
-scp -r  etc «destination»:/
+chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
 ```
 
-On the destination machine
-
-```bash
-chmod 700 .ssh && chmod 600 .ssh/*
-```
-
-I cannot  do it all from within the destination machine, because linux cannot follow windows symbolic links.
-
 ### Set the hostname
 
 check the hostname and dns domain name with
@@ -119,8 +152,9 @@ hostname && domainname -s && hostnamectl status
 And if need be, set them with
 
 ```bash
-domainname -b reaction.la
-hostnamectl set-hostname reaction.la
+fn=reaction.la
+domainname -b $fn
+hostnamectl set-hostname $fn
 ```
 
 Your /etc/hosts file should contain
@@ -152,22 +186,137 @@ ssh-keygen -t ed25519 -f  /etc/ssh/ssh_host_ed25519_key
 Note that visual studio remote compile requires an `ecdsa-sha2-nistp256` key on the host machine that it is remote compiling for.  If it is nist, it is
 backdoored
 
+### .bashrc
+
 If the host has a domain name, the default in `/etc/bash.bashrc` will not display it in full at the prompt, which can lead to you being confused about which host on the internet you are commanding.
 
 ```bash
 nano /etc/bash.bashrc
 ```
 
-Change the lower case `h` in  ` PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '` to an upper case `H`
+Change the lower case `h` in  `PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '` to an upper case `H`
 
 ```text
   PS1='${debian_chroot:+($debian_chroot)}\u@\H:\w\$ '
 ```
 
-And, similarly, in two places in `etc/skel/.bashrc`  Also
+I also like the bash aliases:
+
+```text
+alias ll="ls -hal"
+mkcd() { mkdir -p "$1" && cd "$1"; }
+```
+
+Setting them in `/etc/bash.bashrc` sets them for all users, including root.  But the default `~/.bashrc` is apt to override the change of `H` for `h` in `PS1`
+
+## Virtual disks
+
+The first virtual disk attached to a virtual machine is `/dev/sda`, the second
+is `/dev/sdb`, and so on and so forth.
+
+Be warned that the default debian setup, when it encounters multiple
+partitions that map to the same mount points is apt to make surprising and
+seemingly random decisions as to which partitions to mount to what.
+
+So cheerfully attaching one linux disk to another linux system so that you
+can manipulate one system with the other may well have surprising,
+unexpected, and highly undesirable results.
+
+What decisions it has in fact made are revealed by `lsblk`
+
+So when you attach a foreign linux disk to another linux system, attach
+after it has booted, and detach when you are done, to ensure predictable
+and expected behavior.
+
+The first partition on the first virtual disk is `/dev/sda1`, the third partition
+on the second virtual disk is `/dev/sdb3`, and so on and so forth.
+
+Dynamic virtual disks in virtual box can be resized, and copied to a
+different (larger size)
+
+Confusingly, the documentation and the UI does not distinguish between
+dynamic and fixed sized virtual disks - so the UI to change a fixed sized
+disks size, or to copy it to a disk of different size is there, but has 
+absolutely no effect.
+
+Having changed the virtual disk size in the host system, you then want to
+change the partition sizes using gparted, which requires the virtual disk to
+be attached, but not mounted, to another guest virtual machine in which
+you will run `gparted`.
+
+Over time, dynamic virtual disks occupy more and more physical storage,
+because more and more sectors become non zero, even though unused.
+
+You attach the virtual disk that you want to shrink to another guest OS as
+`/dev/sdb`, which is attached but not mounted, and, in the other guest OS
+`zerofree /dev/sdb1`  which will zero the free space on partition 1.  (And
+similarly for any other linux file system partitions)
+
+You run `zerofree`, like gparted, in another in a guest OS, that is mounted
+on `/dev/sda` while the disk whose partitions you are zeroing is attached,
+but not mounted, as `/dev/sdb1`. 
+
+You can then shrink it in the host OS with
 
 ```bash
-cp -rv ~/.ssh /etc/skel
+VBoxManage modifyhd -compact thediskfile.vdi`
+```
+or make a copy that will be smaller than the original.
+
+To resize a fixed sized disk you have to make a dynamic copy, then run
+gparted (on the other guest OS, you don't want to muck with a mounted
+file system using gparted, it is dangerous and broken) to shrink the
+partitions if you intend to shrink the virtual disk, resize the dynamic copy
+in the host OS, then, if you expanded the virtual disk run gparted to expand
+the partitions.
+
+To modify the size of a guest operating system virtual disk, you need that
+OS not running, and two other operating systems, the host system and a
+second guest operating system.  You attach, but not mount, the disk to a
+second guest operating system so that you can run zerofree and gparted in
+that guest OS.
+
+And now that you have a dynamic disk that is a different size, you can
+create a fixed size copy of it using virtual media manager in the host
+system.  This, however, is an impractically slow and inefficient process for
+any large disk.  For a one terabyte disk, takes a couple of days, a day or
+so to initialize the new virtual disk, during which the progress meter shows
+zero progress, and another day or so to do actually the copy, during which
+the progress meter very slowly increases.
+
+For big disk images, it is a whole lot faster to create a new system, attach
+the old system to it, mount the old system, and copy the files that you care about.
+
+To list block devices `lsblk`.
+
+To mount an attached disk, create an empty directory, normally under
+`mnt`, and `mount /dev/sdb3 /mnt/newvm`
+
+For example:
+
+```terminal_image
+root@example.com:~# lsblk
+NAME	MAJ:MIN	RM	SIZE	RO	TYPE	MOUNTPOINT
+sda		8:0		0	 24G	0	disk
+├─sda1	8:1		0	 23G	0	part	/
+├─sda2	8:2		0	  1K	0	part
+└─sda5	8:5		0	975M	0	part [SWAP]
+sdb		8:16	0	 46G	0	disk
+├─sdb1	8:17	0	 36M	0	part
+├─sdb2	8:18	0	 45G	0	part
+└─sdb3	8:19	0	  1G	0	part
+sr0		11:0	1	484M	0	rom
+root@example.com:~# mkdir -p /mnt/sdb2
+root@example.com:~# mount /dev/sdb2 /mnt/sdb2
+root@example.com:~# ls -hal /mnt/sdb2
+drwxr-xr-x  20 root root 4.0K Dec 12 06:55 .
+drwxr-xr-x   5 root root 4.0K Dec 20 16:02 ..
+drwxr-xr-x   4 root root 4.0K Dec 12 06:27 dev
+drwxr-xr-x 119 root root 4.0K Dec 20 12:58 etc
+drwxr-xr-x   3 root root 4.0K Dec 12 06:32 home
+drwxr-xr-x   3 root root 4.0K Dec 12 06:27 media
+drwxr-xr-x   2 root root 4.0K Dec 12 06:27 mnt
+drwxr-xr-x  11 root root 4.0K Dec 12 06:27 var
 ```
 
 # Actual server
@@ -186,32 +335,16 @@ issue the command `visudo` and edit the sudoers file to contain the line:
 cherry ALL=(ALL) NOPASSWD:ALL
 ```
 
-That user can now sudo any root command, with no password login nor ssh in for root.  And can also get into the root shell with `sudo su -l root`
-
-On an actual server, you may want to totally disable passwords to
-accounts that have sensitive information by corrupting the shadow file
-
-```bash
-usermod -L cherry
-```
-
-But this tactic is very risky, because it can, due to bug in Linux, disable
-ssh public key login.  And then you are really hosed.  Better to use a very
-long random password, and then throw it away.
-
-When an account is disabled in this manner, you cannot login at the
-terminal, and may be unable to ssh in, but you can still get into it by
-`su -l cherry` from the root account.  And if you have disabled the root account,
-but have enabled passwordless sudo for one special user, you can still get
- into the root account with `sudo -s` or `sudo su -l root` But if you disable
- the root account in this manner without creating an account that can sudo
- into root passwordless, you are hosed big time.  So instead, once `ssh` is
- working, give one user passwordless sudo, make sure you can ssh into that
- account, and disable password and ssh access to the root account.
-
-You can always undo the deliberate corruption by setting a new password,
-providing you can somehow get into root. 
+That user can now sudo any root command, with no password login nor
+ssh in for root.  And can also get into the root shell with `sudo su -l root`
 
+On an actual server, you may want to totally disable passwords to accounts
+that have sensitive information.  Unfortunately any method for totally
+disabling passwords is likely to totally disable ssh login, because the
+people writing the software have "helpfully" decided that that is what you
+probably intended, even though it is seldom what people want, intend, or
+expect .  So the nearest thing you can do is set a long, random, non
+memorable password, and forget it.
 
 ## never enough memory
 
@@ -426,7 +559,7 @@ I make sure auto login works, which enables me to make `ssh` do all sorts of
 things, then I disable ssh password login, restrict the root login to only be
 permitted via ssh keys.
 
-In order to do this, open up the SSHD config file (which is ssh daemon
+In order to do this, open up the `sshd_config` file (which is ssh daemon
 config, not ssh_config. If you edit this into the the ssh_config file
 everything goes to hell in a handbasket. ssh_config is the global
 .ssh/config file):
@@ -438,22 +571,18 @@ nano /etc/ssh/sshd_config
 Your config file should have in it
 
 ```default
-PubkeyAuthentication yes
-ChallengeResponseAuthentication no
-PrintMotd no
-PasswordAuthentication no
 UsePAM no
-AcceptEnv LANG LC_*
-Subsystem       sftp    /usr/lib/openssh/sftp-server
-HostKey /etc/ssh/ssh_host_ed25519_key
+PermitRootLogin prohibit-password
+ChallengeResponseAuthentication no
+PasswordAuthentication no
+PubkeyAuthentication yes
+PermitTunnel yes
 X11Forwarding yes
 AllowAgentForwarding yes
 AllowTcpForwarding yes
 TCPKeepAlive yes
-AllowStreamLocalForwarding yes
-GatewayPorts yes
-PermitTunnel yes
-PermitRootLogin prohibit-password
+
+HostKey /etc/ssh/ssh_host_ed25519_key
 ciphers chacha20-poly1305@openssh.com
 macs hmac-sha2-256-etm@openssh.com
 kexalgorithms curve25519-sha256
@@ -461,6 +590,11 @@ pubkeyacceptedkeytypes ssh-ed25519
 hostkeyalgorithms ssh-ed25519
 hostbasedacceptedkeytypes ssh-ed25519
 casignaturealgorithms ssh-ed25519
+
+# no default banner path
+Banner none
+PrintMotd no
+
 # Allow client to pass locale environment variables
 AcceptEnv LANG LC_*
 
@@ -1765,16 +1899,16 @@ apt -qy install postfix
 ```
 
 Near the end of the installation process, you will be presented with a window that looks like the one in the image below:
-![Initial Config Screen](./images/postfix_cfg1.webp){width=100%}
+![Initial Config Screen](../images/postfix_cfg1.webp){width=100%}
 If `<Ok>` is not highlighted, hit tab.
 
 Press `ENTER` to continue.
 The default option is **Internet Site**, which is preselected on the following screen:
-![Config Selection Screen](./images/postfix_cfg2.webp){width=100%}
+![Config Selection Screen](../images/postfix_cfg2.webp){width=100%}
 Press `ENTER` to continue.
 
 After that, you’ll get another window to set the domain name of the site that is sending the email:
-![System Mail Name Selection](./images/postfix_cfg3.webp){width=100%}
+![System Mail Name Selection](../images/postfix_cfg3.webp){width=100%}
 The `System mail name` should be the same as the name you assigned to the server when you were creating it. When you’ve finished, press `TAB`, then `ENTER`.
 
 You now have Postfix installed and are ready to modify its configuration settings.
@@ -2871,7 +3005,7 @@ when your subkey expires.
 ```bash
 save
 gpg --list-keys --with-subkey-fingerprints --with-keygrip «master key»
-gpg -a --export-keys  «master key»
+gpg -a --export  «master key»
 gpg -a --export-secret-keys  «master key»
 ```
 
diff --git a/docs/setup/wireguard.md b/docs/setup/wireguard.md
index a984539..b68c515 100644
--- a/docs/setup/wireguard.md
+++ b/docs/setup/wireguard.md
@@ -155,6 +155,8 @@ sudo chmod 600 /etc/wireguard/ -R
 
 ## Create WireGuard Server Configuration File
 
+This configuration file is for two clients, one of which is a bitcoin peer for which port forwarding is provided, and to provide them a nat translated IPv4 address, and an IPv6 address on a random /112 subnet of the vpn servers /64 subnet.  Adjust to taste.  IPv6 is tricky.
+
 Use a command-line text editor like Nano to create a WireGuard configuration file on the Debian server. `wg0` will be the network interface name.
 
 ```bash
@@ -165,6 +167,30 @@ Copy the following text and paste it to your configuration file. You need to use
 
 The curly braces mean that you do not copy the text inside the curly braces, which is only there for example.  You have to substitute your own private key (since everyone now knows this private key), and your own client public key., mutas mutandis.
 
+```default
+[Interface]
+# public key = CHRh92zutofXTapxNRKxYEpxzwKhp3FfwUfRYzmGHR4=
+Address = 10.10.10.1/24, 2405:4200:f001:13f6:7ae3:6c54:61ab:0001/112
+ListenPort = 115
+PrivateKey = iOdkQoqm5oyFgnCbP5+6wMw99PxDb7pTs509BD6+AE8=
+
+[Peer]
+PublicKey = rtPdw1xDwYjJnDNM2eY2waANgBV4ejhHEwjP/BysljA=
+AllowedIPs = 10.10.10.4/32,  2405:4200:f001:13f6:7ae3:6c54:61ab:0009/128
+
+[Peer]
+PublicKey = YvBwFyAeL50uvRq05Lv6MSSEFGlxx+L6VlgZoWA/Ulo=
+AllowedIPs = 10.10.10.8/32,  2405:4200:f001:13f6:7ae3:6c54:61ab:0019/128
+
+[Peer]
+PublicKey = XpT68TnsSMFoZ3vy/fVvayvrQjTRQ3mrM7dmyjoWJgw=
+AllowedIPs = 10.10.10.12/32,  2405:4200:f001:13f6:7ae3:6c54:61ab:0029/128
+
+[Peer]
+PublicKey =  f2m6KRH+GWAcCuPk/TChzD01fAr9fHFpOMbAcyo3t2U=
+AllowedIPs = 10.10.10.16/32,  2405:4200:f001:13f6:7ae3:6c54:61ab:0039/128
+```
+
 ```default
 [Interface]
 Address = 10.10.10.1/24
@@ -278,7 +304,7 @@ The above lines will append `-A` a rule to the end of the`POSTROUTING` chain of
 
 Like your home router, it means your client system behind the nat has no open ports.
 
-If you want to open some ports, for example the bitcoin port 8333 so that you can run bitcoin core
+If you want to open some ports, for example the bitcoin port 8333 so that you can run bitcoin core and the monaro ports.
 
 ```terminal_image
 NAT table rules
@@ -286,8 +312,11 @@ NAT table rules
 :PREROUTING ACCEPT [0:0]
 :POSTROUTING ACCEPT [0:0]
 -A POSTROUTING -o eth0 -j MASQUERADE
--A PREROUTING -d «123.45.67.89»/32 -i eth0 -p tcp --dport 8333 -j DNAT --to-destination 10.10.10.2:8333
--A PREROUTING -d «123.45.67.89»/32 -i eth0 -p udp --dport 8333 -j DNAT --to-destination 10.10.10.2:8333
+-A PREROUTING -d «123.45.67.89»/32 -i eth0 -p tcp --dport 8333 -j DNAT --to-destination 10.10.10.«5»:8333
+-A PREROUTING -d «123.45.67.89»/32 -i eth0 -p udp --dport 8333 -j DNAT --to-destination 10.10.10.«5»:8333
+-A PREROUTING -d «123.45.67.89»/32 -i eth0 -p tcp --dport 18080 -j DNAT --to-destination 10.10.10.«5»:18080
+-A PREROUTING -d «123.45.67.89»/32 -i eth0 -p tcp --dport 18089 -j DNAT --to-destination 10.10.10.«5»:18089
+
 COMMIT
 ```
 
@@ -296,20 +325,28 @@ Then open the corresponding ports in ufw
 ```bash
 ufw allow in  8333
 ufw enable
+ufw status verbose
 ```
 
+If you have made an error in `/etc/ufw/before6.rules` enable will fail.
+
 If you have enabled UFW before, then you can use systemctl to restart UFW.
 
 ## Configure forwarding on the Server
 
+### Allow routing
+
 By default, UFW forbids packet forwarding. We can allow forwarding for our private network,  mutas mutandis.
 
 ```bash
 ufw route allow in on wg0
 ufw route allow out on wg0
 ufw allow in on wg0
+ufw allow in from 10.10.10.0/24
+ufw allow in from 2405:4200:f001:13f6:7ae3:6c54:61ab:0001/112
 ufw allow «51820»/udp
-ufw allow to «2405:4200:f001:13f6:7ae3:6c54:61ab:1/112»
+ufw allow to 10.10.10.1/24
+ufw allow to 2405:4200:f001:13f6:7ae3:6c54:61ab:0001/112
 ```
 
 As always «...» means that this is an example value, and you need to substitute your actual value.   "_Mutas mutandis_" means "changing that which should be changed", in other words, watch out for those   «...» .
@@ -326,6 +363,7 @@ windows, mac, and android clients in the part that is not open.
 
 `wg0` is the virtual network card that `wg0.conf` specifies.  If you called it `«your name».conf` then mutatis mutandis.
 
+### Enable routing
 
 You just told ufw to allow your vpn clients to see each other on the internet, but allowing routing does not in itself result in any routing.
 
@@ -341,6 +379,12 @@ net.ipv4.ip_forward=1
 net.ipv6.conf.all.forwarding=1
 ```
 
+For these changes to take effect:
+
+```bash
+sysctl -p
+```
+
 Now if you list the rules in the POSTROUTING chain of the NAT table by using the following command:
 
 ```bash
@@ -374,15 +418,26 @@ Sample output:
 ```terminal_image
 :~$ systemctl status bind9
 ● named.service - BIND Domain Name Server
-        Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
-     Active: active (running) since Sun 2020-05-17 08:11:26 UTC; 37s ago
-            Docs: man:named(8)
-    Main PID: 13820 (named)
-             Tasks: 5 (limit: 1074)
-       Memory: 14.3M
-                CPU: 8.709s
-    CGroup: /system.slice/named.service
-            └─13820 /usr/sbin/named -f -u bind
+     Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled)
+     Active: active (running) since Wed 2022-09-21 20:14:33 EDT; 6min ago
+       Docs: man:named(8)
+   Main PID: 1079 (named)
+      Tasks: 5 (limit: 1132)
+     Memory: 16.7M
+        CPU: 86ms
+     CGroup: /system.slice/named.service
+             └─1079 /usr/sbin/named -f -u bind
+
+Sep 21 20:14:33 rho.la named[1079]: command channel listening on ::1#953
+Sep 21 20:14:33 rho.la named[1079]: managed-keys-zone: loaded serial 0
+Sep 21 20:14:33 rho.la named[1079]: zone 0.in-addr.arpa/IN: loaded serial 1
+Sep 21 20:14:33 rho.la named[1079]: zone 127.in-addr.arpa/IN: loaded serial 1
+Sep 21 20:14:33 rho.la named[1079]: zone 255.in-addr.arpa/IN: loaded serial 1
+Sep 21 20:14:33 rho.la named[1079]: zone localhost/IN: loaded serial 2
+Sep 21 20:14:33 rho.la named[1079]: all zones loaded
+Sep 21 20:14:33 rho.la named[1079]: running
+Sep 21 20:14:33 rho.la named[1079]: managed-keys-zone: Initializing automatic trust anchor management for zone '.'; >
+Sep 21 20:14:33 rho.la named[1079]: resolver priming query complete
 ```
 
 If it’s not running, start it with:
@@ -391,31 +446,74 @@ If it’s not running, start it with:
 systemctl start bind9
 ```
 
+Check that lookups still work:
+
+```bash
+curl -6 icanhazip.com
+curl -4 icanhazip.com
+```
+
+See what dns server you are in fact using
+
+```bash
+dig icanhazip.com
+```
+
+You will notice you are not using your own bind9
+
 Edit the BIND DNS server’s configuration file.
 
 ```bash
 nano /etc/bind/named.conf.options
 ```
 
-Add the following line to allow VPN clients to send recursive DNS queries.
+Add some acls above the options block, one for your networks, and one for potential attackers.
 
-```default
-allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1/128; };
-```
+Add some real forwarders
+
+And add allow recursion for your subnets.
+
+After which it should look something like this:
 
-Save and close the file.
 
 ```terminal_image
 :~# cat /etc/bind/named.conf.options | tail -n 9
-        //========================================================================
-        // If BIND logs error messages about the root key being expired,
-        // you will need to update your keys.  See https://www.isc.org/bind-keys
-        //========================================================================
-        dnssec-validation auto;
-
-        listen-on-v6 { any; };
-allow-recursion { 127.0.0.1; 10.10.10.0/24; ::1/128; };
+acl bogusnets {
+    0.0.0.0/8;  192.0.2.0/24; 224.0.0.0/3;
+    10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16;
 };
+
+acl my_net {
+        127.0.0.1;
+        ::1;
+        116.251.216.176;
+        10.10.10.0/24;
+        2405:4200:f001:13f6::/64;
+};
+
+options {
+   directory "/var/cache/bind";
+    forwarders {
+        2a02:6b8::feed:0ff;
+        2a02:6b8:0:1::feed:0ff;
+        77.88.8.8;
+        77.88.8.1;
+    };
+
+    //==========================
+    // If BIND logs error messages about the
+    // root key being expired,
+    // you will need to update your keys. 
+    // See https://www.isc.org/bind-keys
+    //==========================
+    
+    dnssec-validation auto;
+
+    listen-on-v6 { any; };
+
+    allow-recursion { my_net; };
+    blackhole { bogusnets; };
+    };
 ```
 
 Then edit the `/etc/default/named` files.
@@ -439,10 +537,13 @@ Restart `bind9` for the changes to take effect.
 
 ```bash
 systemctl restart bind9
+systemctl status bind9
+dig -t txt -c chaos VERSION.BIND @127.0.0.1
 ```
 
 Your ufw firewall will allow vpn clients to access `bind9` because you earlier allowed everything from `wg0` in.
 
+
 ## Start WireGuard on the server
 
 Run the following command on the server to start WireGuard.
diff --git a/docs/social_networking.md b/docs/social_networking.md
index 55b06f3..24dea7d 100644
--- a/docs/social_networking.md
+++ b/docs/social_networking.md
@@ -5,10 +5,29 @@ title: >-
 ...
 # the crisis of censorship
 
+If we have a mechanism capable of securely handling arbitrary free form
+metadata about transactions, it can handle arbitrary free form information
+about anything, and people are likely to use it for information the
+government does not like.  It is not only transaction data that the
+government wants to control.
+
 We have a crisis of censorship.
 
 Every uncensored medium of public discussion is getting the treatment.
 
+In a world where truth and reality is massively suppressed, forbidden truth
+should migrate to a platform resistant to Global American Empire domination.
+
+The Global American Empire is at war with truth and reality. A
+communications platform should support truth and reality, thus must be at
+war with the Global American Empire. A crypto currency needs what
+Urbit was supposed to be, its own communications and publishing
+protocol, in order that you can have transaction metadata protected, and
+thus needs its own truth and reality system. And thus it needs to be willing
+to be at war with the Global American Empire. Its developers need to
+figure on a significant probability of being arrested, murdered or forced to
+flee, as Satoshi figured.
+
 We need a pseudonymous social network on which it is possible to safely
 discuss forbidden topics.
 
@@ -264,6 +283,7 @@ of a million shills, scammers, and spammers.
 So, you can navigate to whole world’s public conversation through
 approved links and reply-to links – but not every spammer, scammer, and
 shill in the world can fill your feed with garbage.
+
 ## Algorithm and data structure for Zooko name network address
 
 For this to work, the underlying structure needs to be something based on

From 6fc26cc9d02317dc7c1ee76aca7f9312d108b5c0 Mon Sep 17 00:00:00 2001
From: "reaction.la" <no_email@protonmail.com>
Date: Sat, 18 Feb 2023 21:04:50 +0800
Subject: [PATCH 4/4] modified:   images/nobody_know_you_are_a_dog.webp
 modified:   pandoc_templates/style.css modified:  
 setup/contributor_code_of_conduct.md modified:  
 setup/set_up_build_environments.md modified:   setup/wireguard.md

---
 docs/images/nobody_know_you_are_a_dog.webp | Bin 6688 -> 38470 bytes
 docs/pandoc_templates/style.css            |   1 +
 docs/setup/contributor_code_of_conduct.md  |  21 +-
 docs/setup/set_up_build_environments.md    | 246 +++++++++++++++++----
 docs/setup/wireguard.md                    |  12 +-
 5 files changed, 241 insertions(+), 39 deletions(-)

diff --git a/docs/images/nobody_know_you_are_a_dog.webp b/docs/images/nobody_know_you_are_a_dog.webp
index e87596e37069ef3bf755c00a62ab4a5992a9ed57..e29605d5d0a322e8256dbc082cc57cbe1955be0c 100644
GIT binary patch
literal 38470
zcmV(vK<d9zNk&FKmH+@(MM6+kP&gnmmH+^7%K@DMD%t^G0X|tGj6xzIp%&?vL?i`-
z@}IlY?|zxvS{}u=ga0do5_w*LwHVI@pL`}w_r7j@Xy}jPe~0z2y}zly$L722UDmyQ
z{}2Cl=_ie!9d52?mS3p+oAW>NU#0&${s;Xx{6Fyj{C*7aH`#Cd{(}EH{A2q6@L#$A
z=09!z<NquFU;M}VKPi4Vf1mzG*dy{^=-=i4w*KXRhyBj_Vf*gb4TJrEppUmdZ2yb?
zJNJM6pYAWxzubS`^vCzF_P_VO<Nm?_rT=gLf%(n*|Mw^TKNKHT_6Ge=|G)h2yBGO?
z{Xg6OaePVr2mRmv|Mi~*KhA%`f6@Hu|4;w_|Nq<qNJSC)X{pZqd1x~QJAMWg4V3Gy
zqa=-a_EYtPf^qCJQ2J<O(JGHeu4};Qn^!K_QF!yAlQPd9OD2(NXJr!@b;^+-$i>_H
zn?>|z7eu*PY&mvG@<f7!r<B`lKLh6SKO_q_D&u(_hJa!On1<zFLGKM@Qu^<|`zui;
zK;%_3nkYRUBrhFX#wU1^5|+-j^SCWSEgW^SeX0A&Ck@065%}C0B;8V~RV}YH;~pJ$
zh2G3g72>tmhwA5OE*kvteScJJ1I;A(HJqJ6+<~R;?7t?ipvQl~oP(@^o%QIvdHr`d
z^*ZDP`wO9>B_0J_`M`PX9@dL|<$Z`F4enHdaVcFt88Ip@F)iscb^4}v+`h<3-jlt$
zllV3bb(f+)0PC_Txz$-NUm|__aA66$YenRgm)sude(F$evcy^+`131%gB@2TS%Amh
z+y>m8-y1|+SoE(za;xe%jdpN=95dicZ4<{}n|zmevt-%Req6*)Eske!#G$3jiv7(C
zu=&p<Tvsi{G#>eJQo1o=y71DCjRkX6C+@J-NM8Yfy|%u^C)bpcD93J?<!(TP28QeI
zM7*%^r6cDd!U)iHzC2p&a2*;5WNtCReY32^o?d~l`VZb{x}N7M$ooOnx)u4cyT(*<
zOP7|g`V0M*LEKD-2-vt7N*1^#e=;;8C;7VN!oke+_OO{Jy(&5r-}@;hBWT|wuiy$Q
zACC#is5X!GXlljRtKzzQM=jL^<?~>cnjB>2zfF2XhBJnaHx#Ek0f}&Y)3n@z<^q-b
zAjk#BVgJ?_LpP=cpf9k0e*I~wAF5A+YA+BO1FY|*Q`|&A#@*i=*&W^$u@SD2R)yKK
zgbCxV6;x|LEe%<rfs4-s@0Y}_u)re~a6jkkPriZuzHs4bcnoeIqAa!7qa9<au<er!
zI`MVCEr*;pt*_4wf#G|FA?%QA$s5!+A`$5S5Ex-2s6lc+(8gkR!=0-*gIdNz%Xitt
z{5rR^gjlxRLW&}#qs`;K17!<EGp9<JnBMYrIz)Lh#_LjQ(6v}mMSjvGntD5q)wJp~
zkg|t~g@m<}Av*Qpj*LC&*t6OU{Lz+dF2n%v&rhTmEI@Mc>xP4te=oKkfkaN?&mV2c
z(_;$%fR{;Ai8VxO$2UKSE0CD%z=~k#n<YEF_{CNIYhr8h#-8<DY2D3;+p`L;eRtbR
zZW+6kijW4qd3m{syiwH`G9pY_>`;DOKETjm;1Y`m5>LP<h8((mraO-^5|Wvnhz0fB
zYXE%I1cL*k)jsEWGfF@?YfkrD`;*+N>(4S3;YU`J_!#)TzqK`01)k&!zot@V_U6z4
z&5X{0>@W97!2oOl%yi4vFKDHm)YLh;0*^`$@XF<f=L`P;lc@obbW&R1Zg<uq^DM^w
z%50c=tHiS7A*tD(90ANF-f5I_Ak|b8W6#AP-p&9lQbf-CC@0>1e141Hd>DCHAP>e?
zt$1|-c6TDGB1)NGIz8pGk&!}gr4hXE@IqnAzqtOEHd8xB=U|CEW?cpQv0w%TYYlJD
zV+6pfKTdiDUm6O`uhAsYx8EGcRMNb!Y^opPLJ4!K<7?yN0+?%dr3&wxSYEf6IXZkc
zQ--Ww26)f^X1Au9@>Id#eZP68$rS@lC(tSr;63VY=7dmjo6is2FyRtU*RUT%j7w4r
z-+xs+zL77lYnJSmqXXIgr$hWEd~`}ANvh$KScrA6xU;Rqz5|xRlm7uQzEktHc2)WK
zsydoN_0;CmBNnvCmH^+Y9wzzv?ttM$Tcr#(tsaJ!dD656`K?DiItum+Z0bIHPiE!P
z^A$&lS;c)hf5<GS9@ESE*P|8U@PA+E{0!A)a|B=$44p_8T^)uvIueqmas)gkQMbC?
zSJv5OM)$}tl29__Uc<1hGN4;sm4_F;!V^+S6KzNIWAYguScAVdjJ<Y`nGc(9GX-s*
z?kaK$AA<fNt)Kty3@o1TklA-+Sc=;H;lAT8fDgXo7U-V<opsD)b}M|5yWiKz>x(Lp
zH-IF#?5m6EevUcZcRq%-gLF7ng;+JqTz$cgeFe3qVL!RbsS%pDQDW^U<z0(8*mE2s
zNG*wlx7Pr-LK11v+9SBWev@wmhh12(74mlIpE@ngQp9nrJDC<p=L0=3Mj4&rS%)_o
zv#;#bSRmAjTDQ<95RArZ3FV=xS4lQo!msvCRjkWm$$4BuZtTdUJ3Cp9etl5Lryp&a
zFBdL*oZatuCT-XEnG2NBbH#c;ouU%*v_p4cWx^LJ(w2g)1Twry^dqoDQ)G`!KwPc$
zmtv&nXUUC+YxqqFQ(6lDyoFQ?Q&q2alXQq#p&Rz>;%|*^^1^5Ky^_r95Ro8^D(+eV
zdE8929Z^8hdDKw{MJUW5$SMmSi>{O+^nX1}H{5zwj%Vn#g$72PPQ64{T;VjJGBBDs
zGE@U3y<Kte7Ijy$v@lk6HC6fQ>rkx&WKqn}L)f+rUs^(eM@{3j6@{8teQ6C<g5$tV
zMTh7?_Ky=U>DXlG$_ZJfg?GxVj3SWY{!itkbfY=CckwqIDb!33^N@|IR{8tJ15YKK
zkFDCyQDA~EhdU1dekV3#gmiYw1@)_;<GWo&A1~~TwMu-WOZ0)~@+8zCw8%~c(4Ns(
zIJQbwP_;wp?Sp<x*_^)#njAXuXQ(n+HsAvHpbfms*9F#SiVgS)$J1mb{BSB0Ia|iM
z8ZLkCEXaCMoyTf)wLJSYUyAHPxNyy&It&5>sU*q7|8qCXC*X;bm{M8}tKppJOjSim
zHm<a@x;__rQod%xPPIeUI$MZV`e20Q;+bm)|H;Z4jQ$hvcAJ6MFn;VK*vK`?KJ4k}
zDv=D75j~XB)58~DQU^(HIG=;dYnPv|T#;lNv#yV4d-<oN4%h;0evtlUJbD*yWQbGO
zkFj0kk%${=O)tb8s_>oPG)tgRq-ZZE8<LHA$`A)t4(~amzX^-4$qREhzsLd!<kv+D
z{d+*Cd-j|Dr7#&)MkM*rIJgy@t)*}Mg)f1Bngz(BI_o)WgJt<R5}n!keF)|8!JO_i
zy@-=)-xQlQ#0_{C`Axao_Jmh4`N`&=8bHuC#!UFLD6?)%bwj(WW_F5(6&Cg2`T<{|
z?HO5+l%)cPl{iMIGHifuRt6%|3^+nzXL}Sc7w&JjJ_wiMmuMaGg<8X(J3q-R!KJVT
zjFKqe;fXh-{O=e~YE6Kf@%WlQW?;#D+j?TmK5%!jdb8qgZ)b{(z1ZEQvFJfsz<L6V
zG~y0>a9eQY%|0D`w-&>r=wH7a@=I^!Hc*DFPeqw_wRCcCf~$MTrA7<rrMOnRDH6J_
zRQaUuuo;p2?UaHvgeK915=7FA*8@?aJ_#o=xs}e_Bj-dSb(ez~*afDN0j#oPC-{^Y
zT=#00T|M2I!R`JFo09rlBWsGw^U~7~yoBy`h;R)(p@SdCouX?-AY%W<{){^}#XpKk
z<LCLaaqus!^$y)?6o_wiXJz9Is+N2mN^5?FEfAdM;mfB=45Dt84JQcg;+v|(D_tvz
zhmJPeYLpBB7^|OId+4t$Ta1mB6FPLIQ!^aN^XOpJK&3nLL}Rqbr?Zg$vUjKi|1~}-
zwA7XWD7Qks8eBpO^AZVbo9PGdQfBsVAI$Rq{P+y@UbwKkeWO$9`mG)z6-k|ciOsC-
zz0bOUT{5b?mrmT>x_P?^D+AJB!cGE^oMH@BVFurZ2>w&?`@WL5;K~8^B1_n;vE-to
zW>-fB(01JQi<hn4v;NxjTu7f|YmCPXIeLW_3g^%dO}V<Fcv9p4=k8rUbiSy{VZ>-9
zdyIc>TC+GV+VnqaCkt%mqa-X(6!g28!OBChJHa+qC*XC_9YhkZ6*(|%{Ea*KE=O`o
zxl?41E%=Iq8pG%K<7vDVl{AVCsBKe`1BruWnNgm0f7eB%0s5z$FUnM&%O}IpbDRnY
z)~s}&DOdFsyFpt3;5o!JF`i!^a$RiHD6om_>_GGbVFIh@aTR^ZFdEU+csvNu#RofB
zU=IufaY%7C$OZ|uL~CgaKqZmzlg5%s-b{Um_EQ}YSOp{_K?ZP!9#*pMo!Y0Nep)O#
zpXI5Lb^l|8wp3r3No5JYz1b-{G$>FxSbnkuk9S88*zzTS*5i^m%Gu+lL||3iJTyVu
z`W54cvUp4!HN2eQi-O3dHT3`+#~kam-Kv4F_`0yd5JYt0GzUqJwSls`AGMQS#(+e>
z1vQ6*f<yTe^<%?xB_?()y)~<y`3R+6xE_MpAx|3WAxsPMwbU+)-G}tl!&jS6NlcgG
zq-L^U%?fVwV`v4lA1cva@qII=P7RkP$O6s4uoV$N;sSvutg75@Mx%{uNOS)`<uuLc
z|2Y(IQ+0;m<`7Yf0L?`s5dBVy{K}1wKi~a?<XGFG2ck6da*pa;j{w|!b?3Qg@mb_c
zcQ=fJtaUK?1nhodifnX8+0P1)4EG~whA7B6)08ZAaMZ!^AJsf@tE<lW)yf)dxxf6h
zJFM+GS<VMuZWaq};ozDWu}~lY{{DHUFJQ~Z{V$cGD5P-vk2c<0CfJw;Tlo1-v?1ps
z!Pq0LS7_{)VM&^PE8|<zcYm?lL3znf2cv2T!t#Yk=~nyl_9Hgk_R1!vY;hMdNNujy
zu&liI)<I{?3LA^mSW!nFq)}2_ql3e9UD3wXMFTvTdcT^K)~T%!QQeb2G^Cyn%ll~s
zD7wfXd_kB9nH#;rufHz$W5Hb>(_zjoeNf!I%rpdj?UPO|+h)I7&L-eirA=Ue;Ayx+
z9L_{>RylcnG4!v*j@8XdJK_)ccfLcyYc;U1YXFY0gU&5Pn33*LHCZf3Ekj>vH#*ky
z^HPuqGN%qI?C5TKO^{JmpTK5>`zME+Ga?JxKVC#};B(fP*T4f#F8hHzzK?3Y|3D?|
z1iX8<qu`&YtF&}_Cxhr*jRW#VJx0%FuY*Auz)G?;(L+J4Q=8u{=<NTCwVdEmVJDh5
zzXep4=U3A-3cCASH0*QZ)U)jQe=NyE`%A_sgogO}*rqI2FwiAy^4&9x9}M{4*7ubH
z4}~TS@rkuq+$+g*czy&9&!RD5k0MaaX`ab!vFv9c_Q-`nNtqT)k9Y-l%7-Xp1^wnx
zdpF8SQS$peX^S?=bo=K;Nxchi&iXE|(F=KadSC^~r~<l5T_XVCdSF{i2vgY3EOrzZ
zge0mA8Ncmt$2wKcy~U?r@}=tkbe>6<r|_77AHowc8KE+)?<|b_r)pk}0t{KFl40HF
z>y`nry!MR~CaJ#UIfZRJrp?rT5gF^5?e*9}fI$qF5>;ECC1%u+0xB&2*^D7l5krhq
zoU43|J=|%c-QM*J#l4(k^^5|2Avs@9-PmB2kT4&^o8Tu{g&A$4Nsc>zEmv+bd8fPP
zZ|9)CRhi~*N72E`S2;_JaSt=d(+gk4qkl?qV3rz1eANLfC%lvYlisV<MCMz&bBB9B
zG)<2kecmx=kU-dQ4CeOncPW>zH#*y(MHXm9oF<*3n9dOavum#$b<FgZbw!aI!zFX_
z!*lP4-B^Y7h%VNPyW2ryQ4*4f<9)(XYR$M7xDFG_hzCAZVsNU#ypDel(?K-L%d99p
z(JRD^RsYROXBbgs9sZ2sVOG|`mT!b0^<@pgjNkv2C9{=`$5R-QQc#aDU9rAuURZJh
zcLjmO{Dau0zrWzAAN)H-e-(@!M5;pvSwW)|by71vx8munS=jdGjC%l$YBr;%`U6%0
zUbp9LfX~R)238gXp86?&CxUmb#sjSMz~?1Svg4ku=F@PMPEsoh&<3+~%ryHJAuM4^
zF}uZ_%We9_y#Lr}li_j4OFa-#{s!2AlH;2Udg}b3o!cV-*Fv2)mE>!%u=q??_=;x5
zVl9<5ZWzF&nE|GQB_8q8-4@)w<UGqM#uh}9RR=qHm`|E&QX8!UYA{Q8i@Wh(@f~0s
z4{4e7%d51EWNFc<zQSzJ(w4Ld-MhIbuuzuQN_8y>GI?b~&9ibnyaA-b4Jvxf7X4^;
zoKK344|yy-m<K%lT=3)iF@7@PS=&?jLN>c#L7OD|JGmg;Sq78D`TkMVlH7*ddH>3L
ziS>AsL$xt~lvWy45daeoACf*?UNmP`O+sUo3Y9pLBdN)36a1WKL)|U6x%KpIt0%Uh
zao9p8;|<jmHoj196|~usT-eCkHbfiF-C3v@rM3cW&e*pbjf@))I4EdnsizulZN#D8
zPyc}#Dy?F_Aj3T*2|iZVw2PK7v!?$$-?iV8!*ztrbu6`bN7#AiA~UW?owfN<M+l=X
ze0!hu`#>Gj6wF(O`djvbSv!e3x<YtwRgAhN504+T*~nivIM)rkvPs{tYKbM%@GDl1
zfAI<XvzDaiJ-e(N79KUCHmBshi)RL10D*}fDXmb`#H<Z0o-c4mnoS2{T+VCzc}1$;
z{$SUzx<fzNhk4F=fjxfP3xVDQ({U~_tQgvu0Y32ds-p5b<wbD=FQL!S?0I6`NSJ+6
zS11rCK<WRisN(F9XkG1Pm8~L_2fH$y*QE(18w|YSxvv&1Fc7O^pF48MLxlUHfmJD*
zo&M=hbh<D`g!L$M+Ah0bYA!h($C;&r!gGH*_ufzQ^R7C$>LW>13jh5KuMlX5ESJhG
zA6@2)`15SKm|Lbwn~@%3zE{rskZo1^SA(o_QCH)t1pRCzKK@If!Mj6_dT6%&<`2}{
zD@qFuzzSyNvN*o{69yn?nHY;c?}2?E1VtdeH}NKw4?Cd9iKjIw{{myftvPD55R;2v
z6f3tv8+_H<$W;7;Yq1lRU6xlK5xK3adfDK2!n6<#tWK{hjyT)}A9HI~ng}^-z1)g8
zD|&_FfwyG3YVm13f`8=~6x1PTzgs`vuUZiAW^zt$$D_e?z6@-UhY|3$(sa5CNZzhz
zvzIGV`V$q7YMJ@v`+@`&&#Il6@bbeOQ$=|us&1=TMJaAny@cH@<P1{Bo@xHS1ravm
z2mNb4Mebb1<US3{ZTafX9?MDAx{>Aip03ke^>hE1%5ScQxBbEtp{T!B6C~7rsYFma
zsP)EidS+5Mq2Uuat%NQ<>0pgN_u2F3`xcnYZf_6SIeRuCcx~Ps58FP(75Q)UI-)r<
zi{J#c?l-i|w97p0FwNBB;SloI<sprB_nwx=#a5HVGQVzeuNk44W~IbR15avR`al4s
z%27$QuRQq?fYRCtAK_-fQH)fQXhh_XV$#xdRSV|0-A~=$HTb}gO!tmnd-xR>e_Aax
zIuJUh3j-6Ur3EN^7XT=c8ZR`$qAH~GYlM?Qyi00K13!Jl09GB*OvB$`I{9Jojm=h=
zw9wNSAV0|$8kblwkV?}?utnaGdFlJ^-upMae9r&N4W*;v#2qfT9SJA<f<7`@#a;i)
z9YA!`Mf-?8A1_d|w;^ZJ=z^7rEVq#=%v*I>YBFNs2`I8K1C=-{Pee*Hu9*lY?mL67
zxuvw>X0AV{jYrGKm6?3Evo`rhE_`_rKdmS$y8L2F?CZYx|4y(3tSh%-7w#Qlz#A0f
zwNurJ5C74SCA|hH5nq4K4s};A-PyRXsc0iQxo_SL(^|mVwM}_?rp3Qfkpe5{EWrO&
zW5%Asb0c5ktfw_gyEQe_&hZod?j%mnylVwI8~9weMsNCv@M}a0t$Wf`jN4`Oz;=Rh
zoB?bY!Dp#kg8uO*wNP<XgnbH2jSXe7lSfPlsFPFL9LmMwA5HiEX{HRHI}`T2O?h!n
z7kP|xV;lmgCL8mIgaPZ-9*Di;$Wd%P;AN4o*PfVJe~;aephunGZ3g}V7pxeXmysS2
z=&1Ry`?@=iLFXWb&*>CxFyXOYq**~@f>e5=anr&DK8MQ0AmP@SyL#CSwbk<OaEa8V
zx+I?B!k@Al<*2a-c>~VAWnEavVge{kXd`=Zg2W(ya^Nk-UCcGqGsBO_WA~H0ZS_QN
z`U9v=j~s}1{++ID(us7>;hP$g1)ebo`W`i&)&8^UF_t<WS*0I9tzSSv941Dn&gSM=
z7j~buYVb_j(TD5G|2>!q=Eb~<`H|20h(J+T3h`$fC<vTmLO25VL717Q$gKw~RRatv
z1VZ}-sd2K85Sw%EdX~YU=WFwOp?9^xWj=hm{e&LU8n*G6rFY*zTUxr6Y3oCIG8+FT
zttEd?Wbfiwdbw@wTW(~hot(Zl?Pr7z630c)pa$n{JMjiAc70{K6@4`F9Ft`e#-sX9
z4OViCV{bwp?p`^H0D}m=A^;H?CototEV^ITd87&+dP+lpvlS>ZHJ(VjUlV<34wTg$
z4){!80J-njmdJ1U2D92aNuy@76P=<{Eu;TG@fCJw&7|J&i3tE9>S9v9j25__*w0<&
zJg-l3=q&@XdA^^bUz>@D?wUT(cpRg|Q*6=t@_2tg!M(-_g(Yd>nlEt_Oe6vN{A%<3
zT)REAewi6SP*-yfX)v?#$8MzFa-Wy|2K6R+fEdt|t)NE5tBf^5&k-qm;;`xofTN$X
zZm0CRAu#8!HOJg~(Akc0cFl+>p3+T|+7PU3xgTtmC|QGRcWX#F3UPyq8drW=vUf0#
zY(Q>gEKEX;B|S^zO6otj9qhd1<xlw^d8e92;mcaj9OzzrC*iizVta9crMf+c{p)jL
zs91FEp2sh4(|KU?l0crx@%NYu^?BO}yuMy|!N?m6v6E`d3lh%Y1J2jF((1St&-)7G
zO*TB33CfNdzy5G9F`g0!#gn~g@CD8eKrbEU4E>XN2~ay?@E`-YUB-rHKdG%Fs+tkT
zzfxG2R@LTz&?_{!7W=@H?)U(jQ@Z_VSTm&u_zc;}fUt6CpMoHC{uCntr_Tw&58PqB
zNd%OY=Zi}QBIJ>~tCWkaeO+poHh!=QKOtm%dGhp8fj-gxXys=M^0HY})B~N>^*dv|
zS)w>9XeT0<qO^0FNKu!3-Zf$|ziChH#V$HjT^QNEfD``k#Wy2${haB71DPf_)g&$c
z_h*y-RQ1g6$yAe$I0D)*bquJ7V4)vpjWeaR8gndJ0T(PFFTzH#!c@-&scD-ikc8da
zx0uLLd&mJTgiGC~Z0kw=kwW@jR>F;hm2)G{TpLZhRg`GI=^zyq;YpCI8A++0fp<o+
zzZTt*L#*~~XH2F}^+ezwwso94nFSn9z%g4X)|$jfR{St$!PNn!EWs??G66+jEa0u^
z`!j_#Zyug~v7uj6hHo)}FeCx;|6Ezch3GHJrXQ!&yN#fg=K9|4CGk9SlK{qB;Gmdt
z00R|cDjyQ;1;LiORn2_jQEhj)xxpqIJB)<j*T9raqMQGlyk1dZI`faRuv~V1-Mda#
zFOKlUPRhH#vKBe;|02Cch|BRV>d491V6me2M-^?9Wx_W^e_?;E<hD9D2=NWSZmz1F
zIYM8`%e;``D*zaFAL|#EI_et&XbPT)C09q>__B6|y3uqhjA=Hm*jeG67}3F)(D89=
zGP9z&lw~g+WN+!#k<{k=^?B~0aW3aNt&0^K{Ra>lK|k%o>&_{<5+g~^`-3B0^239)
z^>jXyMDn^?&-l{}!ZkbbM1soO<L;K*S?mD~reS^D04tMP3ZEsW*YuB+PY4af2w_z7
zTJP)yorA75J&mK|e(?r(Tc0t_rDvq8tQlo10>ttM&hOWs2Y2>4kcQyT3_*U%=&Mv&
zYN3{fs3!+g3R(|ESs0B`XKZ~Fix$$e4!%rXT>Qbg=gEu}-gMYMG?CG<<<3IbQQ-^<
z(cME`#1}<5BYhM@LN<p3los5n)medaVH<d5Fo}G^DuIVl!<r)6%iXb6&{OuMTBNuj
z$Z(_Xj{%QT__o^8*lO^I<cuYECCq`(fq&Y224hbPThg&lYgKYQtZoL^pJg?2wPac|
zZl?~p(#K>0m&3*haeDr>k}h2dMd{cNd?~u&g6P>MetqM)w!2QkS=?OTTaTs<hDeaK
z5UF5Dc2}<AcU#;8>L6jit=Qo{P;C0>=sndHGz+0}z@fU2;YkwxrRd${>1<P|0Pj`|
zVYZcy#y`Zr`f5f(FzFuyKV}fP*D5YpxT90i-ua%EnEB?5Z6zYV4fc?=1d2p5?!fta
zz(zR5W&bJ2@5pE>ojWe)9G*~NQd{#*k-hVT(0d_fZ0H+l03&n#oUx*3kRr=@5~(qv
zcZ2-Bki#aUz+GQtR~<P={+{_BS*g+{aXdm?RB7Wl?^&KPsP3lvrW>d!uP*?lW<mu_
z<DF&$q&?_>hVmg~QsXb<j`TC3=}qxwLHds4>UdR`tZ5e^r$7!gF0eJ6ipL1xW~j3D
ztHfruUy&w&TxrtQ8W5AKXhKv7cOKpUrRFo<jvJLQ!VzE!@{fcd8N@^GSj@Po@q+Vb
z@GMQk0=e_iZ7=1@$U!BHzEliFoI*sPA$b##NpYlr4!gemDD+mlKaFuf!3#Af{B;O&
zYBfz#*H-6@_DM;Z=|O!U9_k}V^TDTloXnMTmX5`wuSN91ImnD15oL+x5#;90h>qTl
z=0ZoH3ZkuV)s<OPm`=k0Ix1N|+Vs<$=f>^NaDOpHBk}a{YdpQG<8+>Z5|kdA(^b$6
z9SFoj&S^6c&A)e%to8<2jLSzJ`t_CRDGYwC<9#lY{y*?EW;{p>o=VCv1@+lmLVQ?c
zoDncEEXom@={(EPIXOO6)K(21wlnAEUni$bRhr1Br5eb}W?-;}iUmfb(rlGu0IjmD
zvI!pS5Z-B(hm)oYmAQtncuZ1@_VjD@dX<AFudyEKbW34iuNS$v9&q&bTnDH;TNQ20
zsq<{lJ+H)v2Y`lG4<166<S#d^w)%ABe9NblF`d9Y#!uMI{RnnGT`ztB{2Hu$P`75A
z3eudBGya8YlNA2`3cK<Xe01qMNpH(Pva(1>v}{iG?D}bhyYZlW;gfd1bYAMK3<!(v
zd(W{F4T%bzlY_m|E27>`sR4k=S+62p6d$lX16(VJCBTWmn3tIV;a80x;=<|&7{X`=
zgVk(nRo|ni0cq8HdirrvJq1{rlMP}uxUCEX6$R$qLPx7Rb*}f+@#)3y1`af1+v*%Q
z*j4>MLf%BqK+pV=p6x(HKB5}5#+4cLa3kZ#uG?t^hdq1h!QfcPGKnY@jVN3m<|<em
zkA;wD2Y8^;r#)?W5p-(Yu+rZ)L#Qauv1Q=pA`Gl-1^nl*N`nkcMX;lKFMC$wKSQv^
z-vQTyWlf5t9GI*9%D)P}lsQkY^A)KTo@CGU1jpd|X++t)M?py}y?_J8;{kbKj&<W;
ze%1Hd>f9(022ny7SY*CQPBfW6tQ6A!D8Ry($^S}fo1=U0<NOqkznydx#F@9r^uAeb
zdWNGgx5B_;pjLw_Z<(8$(WsF6`7s8svi1#q3Mj>uiLS#j#CO1W1J8WO9(GP^0{gna
zJe9o&hHlWTTK?NX&q^8ceg*^G!yV}r4n%Oi$4-nKV~LPthODPLx<8bBv~FEuF>u10
zwC|0fzr)fFkb0!z_I%0ogdx^zWA4F_zEtj~Lc#I$Y;2E4{)!(UKLR$Xrz1kfD<bc)
z7IQjWTB|6CZ>QU9Hkx+W6E|K_^rm<Z0l^_RBHzm0hQ3TpadWL&8ssILgUeue<C#Tn
z`M=!mJPI(`!468v_fx$EbRcx~tEd{qp=w$E3iYLh|J;n0790@GQRMXMGPKg@QASfr
ziIS{9L>|(!&4ZCdO-ft0ZXmBBE(2a^9ICS{KhY0bayg(Pqoe1xy{<1~tjw#^d`G?^
zL<OiGi-Hr0g5nZscr3ur3tZae+C{R;FTH*`{X$;T5+wwt?nS}&ivm!KcCJngyUbHP
zO{7^3Qd(WY-=7Qd8v|iqFBKIrC2voK|5L-Q9HSf&$PCg|Payr*`+O^R-Ljvtg#49o
z71Ksdi59ppxncWvtld6a*tORE&(Mr7JVQm<oZ-rEfJ)gOh$=4yMy2+JhFbB&V@Pz?
z;^Q<I(!&Y+2nkX>H}XoTz!N@56ckRiU=4tKfa&8m3_6XY1vUcoMG=l(7cZEU+L@<z
zEs2i5oF$(K-3u|5d@JW}Vt!p2GPgRISbVO~HEeb8L7Mc#-WX&~dk~|CkV|uraE(jv
zWZMAAPn;T&r5CWx<&+TQ6JM^L2v@0f<$haH@i5P%X3MVHH8{0`!r=g}k4X5w872oY
z=>m;?7}!&JX3-wjU~T#ddn{dlrkd(}sE9F)&o#9?8uJ7}!|aAKFeOdTwvP)KAs2nx
zzN4||0R4&uX-cKi#XBjI|L+b;ae8I&fJGlV7i@ip2j0RDX!Z~KSP-sUT-w&6CUx8a
z)So|3THt8{SN;V>2B;ow3M?Q!i!eqDB?oQ;Ku0m5z-Q?_dx~D<@;Rb5iGG9kZbbR@
z(NOi+=)BJ@W?CGaSJYAJcP^72<&Qh5s9B|LjMGc=<Fjj{lR@BT=4v|^{H^~c$ohQp
z+_pT^w^RcDRCp5wFGnDGm<1&5<@|t@$AZ>*<Ol?BA8Vl5wx*gdtWC{j<HQ^AJ}bBK
zBwsE#1fYJm`~Hf`=-o^$0U>zpB}#~&dJO9rN`4P@u$}KNzK&i55<cI1{s#;DaxQOz
zi%h&x<I_1iDw+%Vc(nad&iB0hB^Ok`#BD;60R)(K(XXy8$`}JI2rPsO-!|6B^wu^d
zru089H`=S7yKFOfnA+xWPe2NUtZth0LA$f$F%g$?@S)nliAW(>*3%MSw6JnZZ^sNd
zEfm>*TbZX@wx&->q?kS7H+VW*q(Dro+{|ZCL0=c6e>qmf-%d0Ek&QM)3nfrS)8Nh1
zH#F`$%Mh9q)%%fQ5p8PlvP?%2)Jue%ODU}i@rdRS*Z#!Z{u0u@s20N%^Z$7;^h=M+
z!|N$Uo$y9Nd_Wk;5a0Dhy~S*-U$J8o(112X_tPxc{CN8tq`Pc2FGncg5Hg>phRV7y
z8D^Qu=#O+vK0dH=`b?W(NK@8-7(+h|!swJ$KHn*YOn3=(@5l5goAEm3_l%4PB&+xV
zqukBjN~GW_>Dhs+u)ZkKvx5#bLeMU%J-ylV*T7jUBF{vx2S(R(*jf4_8p5UMu)7~@
z`W85iRFR(-RLg^XVs1zC)#hm^G1Sn|a9&75oBN3$+~c%XCooy%qHjeCKtqRa1Wuui
z_QgUCdKmC(Um~<GDCG!tc^J2S)utLC+xs>(8TzI0mO)Y1e#cdfy*k}%X1!SrXp$vi
z=F=B>@ZI*FsVy{xEq76Ri^@EhX79Stu(U85%Dt}cX=AG8Zbj7k)7gmq;hN7F<iwrx
z_X_g*$NGibPA)xfd1lei4Xk10tf6_p#*vgR0lB9XLzeF{?d?t{ui#O03<-kg?T<Fv
z)Ug7flcG_CD)zE%jPS8UeOLbX=zei!ATFrmd6B*m{R*3oJrd&jSbATrUVx(*l20jp
za@&i}8~vBKR|5kE3zR<0WqVqp5bN8)evezUywadA*XmzViI-687opmIGctDAQOO~p
z3EYbB`nI0`atAks9w}TxzozNW)NgTU)$@cL`_)j-n)<{UJ_b~P!a$8CCy<d~t6hj&
zVr&P4a`Z=8+v0#ogCKUWvfMy97TokmM*q<A;|QO32@P)x1gS~YNiFLp>LO)a5D(|;
z=%wie3t+Wl7_hSB*z+qh&I_(@!M^DAre}vshVp~jS)(7*ZamSP`xogB$wb6JHwDGO
z2K4_m-Pv+T8u>J!UU?r0-+jvjb;)0z4ZL6*dE%^LY4nxG{3^2dW<zPcGH&4Q`FQHm
zm!}%f<`lvjqMWoX_<4s7098?X{8lLx>F>{zk;;9C0%-z_4cSnzl7f*fuHAIs(hz^!
zZlhNS`DRCGal7Xlf|eS@AJS*m9XpdMn-XnA+^t(zN)RbkVxB|#*nElRdaWFj(TL2D
zD37+Y6+d>P?1u%4YS5znV?pLI39dLx-mah0rJmNcv;9bXb_Gl#=L&D8i^W8{B$)il
zPVNylmm?HVtR%f@#Dq6&{kDsDMGqgiaZ}tau@Wz;1U|ms;55N2q#sX00^7nX=c{5*
zy?(YKV(>$69d>xpRHhCTu9n=}6*X751ZbATPjA`T7cWu5XK4_`W`~s*TD09*9CTR}
zyP^U3s}-DGf5AE-#7ZfwiA=e{MT0E!4u4!vq!dZb3%p*WCAeWj6=g$qWMFH32AC=W
zWHKuqaXIX_k?;9m#&SzwhLL7AH*S`?l*MrS=qPcBCkH(C!|B>uh+tqD-UB8uHmjJo
z_Zdy{V`9L3xEA&(x>e1ZiVmk_0@4U0!P8cOgenT+^=V3qVW?mb#ERmo-e5b{@<NG@
z5_eqNBhp<`KVoHR1G3({4vMI6)TAEoHk{`kwUr@r0Ko@p3Np)CTcvtyE^C4d!fzlP
z@-lV02xdSsksQs<J7DDK-!b_m@CjQoxxqUu-;m%?BOKK)Sa!N^yTKp^4SQAEgr7+2
z7C9LgZ#}b1%=*yprngZ(z<rE4Jb5OVOV)0Vx5A54!L5(7RT;~%HY_tI*?cN3e1@SK
zP4Rji^a3gY1%4xGBHSGMbf~1Bxx8UFOod{Db7_t#NDQBcGRPDAR5RA3UAdCeZH3t<
z*>w@n0q6Hn+MGK*(iehlQsfCRFP^~RiMO2$^-b!k^MEsk28^%{46&UOi*?$pE1L1r
z<>ZQaOH6+6N<tm$Jl=ba2&A9ib3YC%z%sz3vm#Xf)fPg#zfomx?zmuW4A8xA^|n)p
zt-%{!L<UKs`|lz%l@mWqp>E9CFu+!8s-*05fvG$A(A{E_RrGbj84A<0#bNyO$)22G
z4v34aJWImAn-jknVL+;&4&}0ci0p)4Sg~`l-_adQDEsE_?JDe6jId2M3^gWHL*8{b
z2?4=nle1!GDhd`~L*sR5AG~|Kg3-0J@!vTmTYV#2p>G@^#xX1hHA``MO<0f^X9*ob
z3sWzar1v9K`EtoUG?_v?G>v7VD`$Uvt`L6IGNlojAikFpiS^Wg%NCPdRkHplZXVmG
zk^jZoX*}C3S!4wn*M6Qc({*{bDW9A_E{v*E1yXo^xdMo?_cF_5Mlu6cUdD_j<M)pm
zzl2YRbFL!&r1qfEEVk9#aY(DpDS`dxL`J_jQ*6n<p!;(P{qPuMN(mpCw{cz^TAmd(
z#YoiJEPQFtGAWzWp^i_pu6DBjZ)B6<Kl%f<4~DxoTfAw?{TH1>P{A%{{gs~yR^6S8
z`LP`fJtWA4u{6fxJdj8pbJF&dQ)W0ji+?ECcFI)5sbQ!gTi94+WoPzj>)9%!@g)EV
zj)x8&hF3beve2PY4`@@@EX#}Y+XC+?_|Y!R;I#C<B`Yg~Z!wam-^qa|`XK1syo~5&
zB_Rhtuo1+yRKi@e{6Rt<AmBW4{mt+my94cCI`-6{evJDhOR_M73uZ0artoQ3j{-=u
zae6KR`qZ#6{W+jES63J0Bg}plgw63F4(caLckI;Vd`z`83{zr|Mh<L%t+l9BI7>i8
zXwt3z#Yu3GBuD!Lei!`vq;zDRs#RNlK`dWJFb2}`R#Gm-xSk!S;RDSjR+6H4tE7s#
zG-hH{17!Sqx8)#F(u`iw2M`PPcB(XY6i=G$F0I`o7YiGfWhC1kiYtcJG$ap*XwU<a
zfcnK#F=1IUBevicA}kyC`_GpNbV;yl#8;;3LkJ^WcaPB>1YVT;bcBDXXWCF1?+=ui
z*2H=`RxM`)l(8Pt;!&9vt9Zz<M)eN>cTCYj<tBkpRvCd_%~x46xTqb=!{?v<JnocY
z4VLkZS!D);^{=)#<#)om>$?`vhD9IT!>zAv9&`r9;cL#CwT9zjzb*Dgv9%P3LUZ>}
zy>PB~qQ;~Bf?p3s*$yXU;?AVeQD}Z(WSaYXQ8~ciQ5Mu5h}3Sd2$RisI-0MeH$nbl
z;O?>Xv-uMAPwZWWEj^tbG9&2a!vaqFGha&4o;Qy%FqwQjDb05sG9&Z_=6fk@+SNAx
zN*$%}?`!JUR%Xi0D*D&R5t3@tBh?9gO<lKUiMk2?I)||fMN@%6sHdRcfn`)S?6oS5
zBFJ5LOOXkZKXa#(&AIh<Zeud5Vvvw##>ZBFMoL--w*}Pj|5o--yXTW~B>&0Y_^lY%
zUddF{Q{v+&AN%bKiO2B)SWQMr*~+46J$NY{rsA5`!u{38pSyxIQG0L|J~Av@`Hv7C
zh|~7AxZWU*WDix4O~ti-SEdImKe+V#BLpl>Xw0pP=NhQnyLcL$@^6@9rO93cWe5-&
z0ik>ENGmo^Vv9?OS=F<Q>(0mkZ>u)Z+AeBV?U9gp>1M=AI9r*oiA?55iUSbdlg<*-
zh9q3d`T_*k#s}#f>R>_W``8YCuPw@<vSg(t>7raPccDrq*~pgSv40~u#i^GA0p}Wu
zE?C>P>>v;+DE=+}NWP{a<<w{aZD;@~8?XNVmKO<AyPcT`Ph5K^d3!=s-K!SXj+k3V
z{!$$G=cfk5oj#m&eUwmcX@<8bF#BGwz4ip~Q6zsdd~hGjN%nmU+TF)xy|s3%R_hCz
z3Wq)>2(Qsf(%;>K7ZRmLtJ%w>PfJ!dkj&Qv?Bphido37e(nDN;*`f`luOsR7X5O&n
zmuP)wHV?8^=g>3oBNcyFsmG$m==yY>?X<o)71qND!|D?TH^B{LTL@6zjRY1bNeC2s
zf~i4C3)ND+AT}!!tCnJ2Q2&o8L%^oVB0BjHln}%wDULLg=|_2b!zxl2e)qysKTMYB
z>2riai(D2_bbi?6=}<rN{TcG4wlxLG>)Z{Fhz4?Z6hg8iUn*aC&0(~SL|d=_VE%ns
zt%peAjTgsG(_hmOi_Y!TK(9~k<fv1NTODl%eb1Ps^HPC7nE1h16<NYUPE%g5^OsIc
zFV)JjoLM+M9iK332Ton1#9Ony5IH7gU$ONaNeYF5i0oM**+hmzYl?|al9~@gUEnX4
zY+DV?(o>FHbG|i3%q2-%v^<yP<BYFh1CS&WZ>Q44DExzb>l8n<AczheetjLZ<T+z<
z+opaGc-*CD@(HjbRMiBH24Z8c>u$lURM!&ZIlx1v{|v)Tbx4GQyVS#-+Qd)cu9aK@
zbpVq((^bQJ|IAhs;30$9qA>{<(PZK7S)b%XypP<ReQ5K(jKG%LH-95mfsYBC8}H~;
zNQA{?r7CH|?0c;8F;(Kch(QVNAzP%!^a#NOOAU!l>jlUAjJHrXqCT*{m9U+bYJ86h
zQB5o3s9O2Nf9Vlx*e%!^!P%AgoS#Rb^&ks0dtvG)@9_uUHSEfd;lTsVJP+ninHi9Z
z{B(vw1yZW3xLvwmo=K)6beuPM&ZR$Fo^;*VChc<tF|~IfZh>IoLXX<K8MBI1V(1Zf
z!WpYKAuWW*Jf2x<<UtN`Z=~QK217pwb57YERpt}#xC>B-G^TcMwkbJi_@CLE>~PA9
zFTc;s(i#N;z2-#Vnk*1T*a^r0po^2l0<p-((g4g?m8G%pb+|v_iH}aUmX>BuCLSDA
zpQkY(DN-RO<-`m0ij=4$8(>&riq5xzAfEt>#iJ0~Y_9Mo+IWmq;{dbpSoS%t9b<KT
z-2Kxr?k}d)Pz@5h0tp0=<`E{RvrVZQDh?PzWK-v$RZAwNamz!sJAZ_Oz~<z&JwRes
zbY@#Eh<<lg2R-d^@sWa#Vss<Q64ooIQxtzy(ThL>mZ`%C)qBk8`=HqRW?Yc<$PGuX
z;t?x-tBVRbyo<E%0Jdk>>2~uRE^g3Wp*0rxm4w2JGO284bC6P=#ay|p5PKx&ncxs6
z{g1u4d^{~FI;TmL$KXklEG!4C&TyHRkQ#|C+h$ogtw&aXZsdgISWX((0E&}>Pbz5?
zLORW!>ZZfhUG6d9O&HfU9XX-au&Po<m3V<cf{K$}Dz|u&NXisKO=}z`vkDfRHDkVP
z6T48Z|K4(D@@Awk26~4LZES-I9K_TWRJ$s>TaV9Mf7JNCrUN5XilyjTxNifTG1y?~
zY07qo>!{JYr*D|S0Afk<RQfQ`!igZcH#*R#ghVv2{Tnm1>9%79x;xoXa$^$%cLUbB
zWK6dXNVQ2{MLeQsh0ifQ-&uM6KOsv;(P-#W&-RB#5aP&^q*L6f0?fgfcd*ItKH^S`
zCozM1cLA+=8N#l9g?lU+CetSFd5iT`BlVR{SO8r6(21X$JkF^k8)NngZJ~e<MjU>-
zRvuL8d0@C}T=c?DkGK-VJ4S5027fEhOS;V=!nz-GVxqdkXq?T)VxJFXB{BTq#qxNx
z38ezF<nj-?*5L%2Aa_tmll*ddi9Mc*O37+2Dv@=v17p!s4H0xC3)IDns}bVjcEq^1
z=|)?XMfBlPF$u`a#MTefPn40v8JFjFx>p_6^vx=+R8}#oDYs0Ou*4E~ogE-%dkpkF
zL}D<(z&sdb9=KR6IBoNDb8cJ{<XuPZSmBv<&C{`eR%3I9e7`*-?kM+tI;tRf*XhyX
zb3Tq&_Zm3jmmlbz44Am9_5*5;>fk?Od>*_aikCXSl?ZHqSJ~wc=K9R!bB(MCR{ZJH
zt7!IZAunP@K4FI+MA4&80bB*JjkLJ|b>TOV5)Ehy0=U!{wm?3QrF6mrNUwhQ2kz<m
z0Owbb2Z4h8?|0L=3!-X7$7x{Byk8NomqgsA<!GYztOfpzEDHbfL}w{Ca^Zt-c|*?O
zcS^muWVHf`krwBhF7yO>i66<2xq5L1j0?!Hw%)PVMFLA5M7?;1snIAUuh-0X_+iza
z6`=2v=?7rJ)c^?L!pjHxJoLv(KB%81HEUuKe7lD;2Tug=$1|03R@c6D8vN@9Jp<BR
z(X(91My0kju^kpHc_afTRg9GjCXFt6`ngr55@Y6I=1(CCN!Xo_=WYd_Q+CXCr6gai
z-q_vqcP~m(fH~WT5VB25s+<!1JA9U$lzcv9zFD{!NmXDGDA>YSnV{W0Jf6@1wNaC+
zImg&!h2#MU;^6P}UwM&Wlx_j$Bz&TMI`2fx6t6U@pI)7)`t8#7NP`XpaJe|SsP?y?
z71H*bz@~MDtW}>TEgqn7DsSg6Y{B;>dQpWyuIw6=Pm@?Q-3o!RJ0WT)o%N0(fE9F1
z*W8#{Qc7m1f97pkJjKWk^^>gdXMvm1e*PBRMls9j#0+|ve+1A*w%%bYPH_XM{D+*+
zj5{k9Cye89*Ilgu?bPY<OW9Oq#|#9c-gTuhW-L2cO(dZB@bx3?a+^rn^p_Ugf2X%I
ziIm%t>e7-dG2~B5fZBHa`CqD^YD!sW&XXh=f6ahNIqABaKz$(*TofYDZ2zQ(vya3x
zD<)J(O1^3?SxoK$VFt9g%)L_&v}k>j>d1x&j*#+tI+TA)w-h^SyVG#w<(6OIA+H18
zsk$+Xu%=MNyHq13WN^_u=O-!~nU<`6as$fXtb-uxP6YxFK1uIEu;Ooiu__Sgxk7|&
zJ$D&_9%JF4EZrdhtiF*{N|!U}=`kvdk3>57q1BE;(3>0qd)ornX*w^Sb3_cvgT+>6
znKNy&?6hpFLG!NYv(tAaFtYft>V=P<$Ew67E{8K^$08%KnbqLW1FFt#e=naot3KrW
zcw*y#=?K&svH)-3prLZVi!*N=seaOgg5Jx{<Lld;d@o*zhFe4uesd)A`3!zmR>s|r
zd|4h&1k2)y+lnq)?l+tnEm{l+FfC9(nn=$1Ryg}lfa4u8cWLnRHS5fub3B#|@#VU#
zhr9ePfTS<tF3m=L-o0$PRiXtwGmx#)Be-+?WZz6;)M<P~tTIz{Y#j@42S@18n8<^s
zb;ZM-6bHTjaF(=SooYtrb;YsEx;drGPa!INO`e$JQ#p}5ATnRaVlg=s<|mMIX4L0i
zsybN@^N6D2#J;MdM}3M*Qwzy9Bcko^jGpk8Dy*eeK7&|hvGwsRv*UGVNfR|S@x`M^
ze49)K^J#VBO3l-GEJKtgWamuvfx-{mqW}z1<%M#8p*am*i56RP*jGIkpxq_~vM&;c
zJvtamM&Sp(2I@hyH}Uyi>enTG1Y-{MR5Lexff<I1mll7ibhlx$VAdf^kN={EKzFJQ
z!Lf%NcIL4(y$G0g3$5}u%MINiE_C2F+fh`_y#oOj<L=`&j^dz8JyE!4)0`ENGz0)z
z43O|UB*)BR<`}(@1<9RaBJDOV=GldZr09@VtIqw08gLB|UuoD+Ar{S;_xZzd3KaC{
zN@plH0D_9rsI4(Jr2K5G9?XVgq1T}8hlNr}9$W)VpF8>iD!9;6a^qEX$8n@cpOtt}
zdYQ2TKClJ!u&-$08`dVi^Cr$o;n_#ERwiDT39i4P!&wBHTSsOWG|1nML7h-eKnl_r
z;9}k$<bs5KSsImXI0W^QmBEvmN))|m=JTGPfIwB#ve~)m3Bb6RkeZvA*-5H`^wc8g
zT<ulc_lMr`oN*byf{=~eI?gr3gH$S_iIhnG0TBTQz<2!?^CY}LAO*0cpVp3hiHvF2
zPGqgQnmETdFB8i+bk~*84QDhB2a3{ZGW2SH!3ag$BqMI^P*m`kRv+Ghfzn`aBtR$f
z+ei`6`~tLn@{H8>%C(gB3SXCRlVi4-DiWLyB|+N*=R<p`1-lv7K{pw^nzVncI)&N=
z;{E|&;)eVGfSdcuUC)B;0x&YqpbbzKuhya3Jf&FKY{GFUP^+pCtJF=6Opsuv$C2rY
zx?|8@hBOIf)TLe@$^9c|7VcPx8y=ZT5zBpK*4?tu3#R5BMi;JUj|l#k0-v+hY(77~
zYBAk3c&ZscxjsPXm^(s0pZg%{?rSbNmv9vdmtLBA8YjD<d>zvwdh)-AK%zeT5<X)Q
zg^By3?}~Ws2y>A-=2*6DoT~`g?Nm2Vp6e62n5-JL$!*tb7GLqyEZ+fY90P0B@UuXC
z&2iopN0)U`FP@6BZ(!A1+?7t5(;e7mGR8}MFKZ=cU+2f@NpM&JsGJS{OEmq&y1o2^
z_+r2U{w(Mos|Efj`i#Z);@u{KdquST;EQ$Fda-9xwV@_FVPe>eSDLUNnF6nH3!0Er
z3i77t9Z4y-SN*-dfv?iwR`v`>)dt_)1K{u@CqB&6LeeZ%OPi?C#+|T<NRFq%Y))v-
z-*agiZie(OmD=J#08TO1wqeneO`z7$?Y+`w<=LRGtby}fk<juq^WpA6lXqU`h+L66
zm!9<ZY_`81h`?)vkg5*!k!xf_O>8Sk{@kg#s50vnq<DO5n$pI@LG6nxXh#S^A_7k*
z@3AgLM*(2)n6<byEF5w3k^qU#?oIl;Cce}w6VuO^0L1^};{p^5RJdc>!6I<f=#J<O
zXy}paB(xqtgk~350uSeJB)~_&d4#%@PayHf6N#V@-#W|aV!U}Crno5Thz_up2+Lpq
z4=7W)KI`1m!x+i4!K_Xr11#)w=S9E)J)nz;AEKfS06jp$zb!Ovf1x$UJ`4l8t@#8Y
z(L8_No>>2?QmK^+WG}f}7&{pkRx`P`6YIcDioP$ELQ0Nf1YVIWGGG0AhuD0XUS9fI
z!`Q&!wSIH*q}^0Uk2X!7%1}E1`>ybG%mwMsvWFVhH^K8Ac~<F0aHED>waIXHyMLrj
zwnOgp!Uvt0&hx$Dj}*1xG5@lCU|XrCPancnvEP5LopU>{nv^4XI%(8v#J8baB+dqs
z0{VVjbTYw(P#k3b5TBJ?KwY*{z8C+|HmYJ(rFQlaDQ^j7)qm~tK(Hi%XQaP6LIidQ
zjr7QR3YPxe-3LKHe3)*8JS9gqV8WV!Ewi?l8wh6>>PCSGF=&PbH#B&u2F|0K8+RBZ
z_xa${96Q0J-Tu9+X3I4OL~rQsKhhzO<Xk;rM_-N?j&hM9Q8WhsLr>a2<2Z(GyK@`Q
zSie+A5xZ2D$ftY6z){CVUens>E`SLedJXP5Ivf7|O&i?H>n5`hxrztnYs}T|%;n{N
z#j}SunqqBW724>}L?kQ?F7#p`k7#T(3a1K1M#zs&2jl&<h0`s54hiOGCLm)%8P$A5
zVCeuqmjO62#g1S6+#9vLm=Ts9P7ewgMDVAW`w<A+G8h`#EZ1$abR1im-oZ%potb*N
z*8%-jQHQkN0291%-fVHq#_*}M8hD-XL_@n?I>8cfooOY@YTRW-hWl9Z*hsbU;X74x
z6WK@X-DzZxMbM=F!;P9k?=&8KcPZuHe3s#!05?!K<Pn^p3o(M)_95c5!=;Mq)vioe
z`IS;?f~4>6BI2ASE4W}=sIZiP&m}M?cN{PbshSE~QNE{kPyW9j^XPBVdBQT}ipdUT
zMEp^jxzrslxsdR5)Z;j%vnAxqiT&{++2)x}rx56<5v1P*Yab-{3i_Q1VlHQwx3#Pd
z%v9iOoz?azx(_dacle`h?~229_GS4X_(zS^<vRqWL<`{1USluFiss~lBP@hrC%yHw
z(b)lhz2*V$V^sqX?|LVBgamm8XLcEJ)qeEG9fjl(TDa*{S)gjaIgH-`Lvc6w4Ht88
z^aWRNGF6f&Ws$?XY`%#|5pUNbb#eEyMTl<sNsGX_2)o@-XRUi(I{dcz%=5R%fE&a!
z2_Wl+jyih3yj2^T^uzVWRfVQ-+bsrN6qNY>^hA#E3soQ;Qy`|%4eAj7juS9&dHI^#
z@nmZ%CfP4;#eq@Pkv39oq^oRt)t8$6a`5Gz`vM5;8p-nrb76pswHumAA6u~UTF=G<
z)b&imLj<dfC$nBiwEVK|n0Md8P?<LOwTY3ck$rWVOP-r$l+Ho<wSm%NYXOgfpv%O?
zumadBylNHN5EwMbVL6HY;+~B<ymxlB>Y9|Hi;nV7y-aoNksP9ysTD#x8CIs`VeQGc
z{uRy=SDV4Tdj=NVr3paIWGVdO!By3SVMU*T{b0VsA}wyWRD)hRG;IMN8sh^cz2F4a
zV~c<NRc?*cBu&4Q*N5M`8t7LE0fy)zJF2K?U>=HjXx*dN$z^>v6rF#-pCHtLzBt8m
zTMJq<zJq%#oTq(b7_%gyWVnN$d}4~gjaj02TzFc%t}m9urEpaUk!6on7213SeFu2o
zskE$ZCPUwFI;)f@YSZB~CZ;($_oUipCqBHr!3T(YTu^(@t!Px><jkppS14{uY%C2;
z#Y?COAIF2Ldk#)}cl-MjN6Ij+iR-PA=i|13F-F4Id`ISk+12tay(&8dTV5|_QOBb#
zh8*x}avCNG#d2}Q%;y1ch$$c!4XFoR#7CnQ4v`W!{*Bw-OsmBN;^4J&s8iKYY7NWG
z1HOST&*_KEVg7+?qY4_=Hpy5-@A|w8V8bDBPX|#NF3w2X))4kejzieP!A`jO>iy1$
zC=<Qrgi`llKJJ}bA>s@g8>WRyY|kWty0L72uw(5ZH`uUkKh|n!PGDH1H2gYqmARhh
z)obzm29Mu%O#97tVEjYx_NPp}k`*3NupO;>xJ<<$8Y=?By6dA_tVI6dq3>le4QrW?
zxK8L5qPHCGGJmfPpoIq=Hy_IKD&t=ylyO7b1eft%2L#Jd@&nP80&0H5)kur0%C9x{
zNWyndACofqFczLm#d>Qzzl6r{v=69Zj8)lX4b-s5-BB-Hy~n5{b*RkZ%}N;iYi$yU
z?msKb8dEhksc;%ajWtk-S|)s5c7FgHU0|cNkhXYX&W9Nd@9W^ac~)R=i<vxh2w8TJ
zK%YjtfzbPB#@Ml!NqWrE!7C_Dhl)e02Xlw9CxQ%J9I&?kMt57N@aj92Y1yPFVQTAx
z1{<VY<)fl<79xJhY9fN59mH~7j+Z&uiZU}NfS6t!_{jQ_t>ZFOS^zq7sD-X;Zm9E@
zF;NKQKvBS+fs|yM<PJ45M2({7^L*jFTGVr0=hJoQL^U|>>RlqmNzWy7K>gEL;U?i`
z_wer^qEsT}<<Xv`STn{Y@#LX`5&`4_1)ta}x}H%{NX?Xh7~Z4z<i=h{7exGhJx-i9
zWxnKo|C?7@iAX2r<k!;sxp!0qd_Q9k)G92p00}PbVjS8=^kkIsS?H<=Nv>d$2rmqW
zq)DCuG4ZcQl0;=*nuqpcu#wL<l<Y7<TCqNfJ3EidisMG=+$qQP7&lJgt60CmZsVjX
z&sxX)GhyRwrZgj{Vo!3Z?M0g(HLf)(-qUL7Kh%Y6=uD*iM5A6WVb;c}@wWr;!w@8L
z03PaQzUJC6*O(@@rnR6A6=7h)2#)H4gW(H@F)$rZ-^ntN!lH(t^EV@yKmqngG{pF(
zI&(y?|097!%3wAx%#FQ;bs*Xt(TCj}KA&HabjNI}J1cDa{t?GS;}ugVJ4)Dr80#xo
z8IzWaau~?5+5vsrMLO82x*CFU9XK1?E|cIE8Fy2$6#`|gLx|I?S&6?rz0CNBoo6|l
zs%$&oW2rDltazGvwVObW``DD0@j15c=|nIf@vKo`E?pkWp}04LdFq_GL_T_VQzS2`
zaG0+yJP0A{t>MS?EXN6vXNid4eoC28a+tnppU?!6zfXQTpxGcOKgBRD`k7^wM9Kp`
zoBE2VX@;M&{!`q6u=^KO%RUR4V#$GO&x^)F^dil6%-Y&X6@bln4adLBK`F@A?%@Zz
z62vOH^9FXs%gZVrU#($wyj#?{-n?#{tR8!^p`CDuLVvzX-w($iZOAhS7{A2MM~Rd|
zL`7T&jE-rm5YxZw#1^VWtZRhI&i05Vl*sufa@V}FboamB8-MvLbB7@}!^0vitQ%Hl
zk*Buhdq-zJkb<Nb2a!kXnE>|{Hwy<+VILx$b3B;U7YXg3o|!L#($WC&_NUKI5Kee|
zzGo`_aiiRz0tYi8D$YSxA9Hp3B3V8g96?Gf%Pqo$=a7w8aNOH?49YN<oi2ug^*mM5
zDy0TMVr_4_5s4@#FFOM`f`T41QiD9&uZa7IEVu?HScnB&q5%S&#gSR-mt@jpoVa_N
zrhp5hrhUs|U}plfc5X~`EW9vcCJ`qe^n>;w<*afLz6Lm@FU_z5w*gg)gc#b;L=VkQ
zO8obV*A)O81*_)C8EAsQaHP4?KuALn5P1diJS<D^bvc}{9IWIAuG<N~3du}UGEfZ&
zWtIl#9xoj`e0fPb-MY9-zeOcSWkw`+nH%8EvGW=2u}3YI{r5a7iKvDQ@guFb_@eBA
zMcKwromOpu-AUzSkh;$n6lC^HXiZpcthj~cb~L(s=K;>oQ;m8bBrYZ#A0=4O?Kr_m
zhr1BWZaH0a&e}Vj1gvGUQW)6>Ea}q|i5k^`U^>Zk5f68x^IH_hVe)ypYNsowxT@wX
zN&a;q1fiX6UtU76+kjkb_=i_aU5O<Z;;RI%B##7*#@!=6iihTE_U;a`0lTgc>GlL8
zGD@?#HD;bMz*BvWu@GC=m*LJh`FDs0841+KgblY57~PaH^co<vUUu^wa^o6hOrI3o
zNMK^Ns#D9!Dd;!8rh!04e@?>k=AWE{a%Go;Xm$AK)f4-~D$L9=hsfqGwCd5nR|9~h
zwZU9|ME+f_q&*-Dd6RW8p8y2dPr#7N86-?*n*!+4l{`tD<-*y&^6TSHe20yH!$?3-
zySd#*%9SE$Z~=fEj<T-geZc;!g|w%J3yS_o@kCTUb&#GoHf32{U`o>n`jT<sIm`og
z8EWzaTw|d~T!46wpm~m=>91|{*eVK@(5mR3A=WPp(C+M|cWeT1GZ?QLN|d)G7zwmE
zT^`GuQtcTA5MxdU;VhS@>4vAxOO*=nqpH2-uqYn}1WR9|Q*fN>2V6)~nH)3yqPS%^
z;W082#07&6AM$m>`#kEVA=U3eL-q5naWf<Yk74R$x?BOnyb9>QaTX+6re`Xz@`f@x
z6M%uBo=`@juv8dC>IxRJr+)4}u^vSovrDE)c5VF4ArLudiUvEbK||sv)rN3VQU+#8
zm|O7YxP051KH?r1fO6yu-eS7T29<`|YW8blaG)4{4>UZkE=j7&<d@+x6cy}Hm%FDq
zznmq;k6M_t1Qq*bKQIAXm-o2Ck+O`V*^`gi1Dx3fSVcAvf|ki+!Fgj62lP&@h$X%p
zE-EG&`8{cTrH)mDiN;<@VYU`)e3pQoYfai-e7}!1%xXLhM-crmksAyPI%)9o5*yRc
zXkyoKDzW`paSC83?P6sI5gpOVFl#T1O#kGmlqOzqjNBm-RTiA8LIQF0*0tN!yNjI#
zoGI{gAYm)AFa17Vnly<N5RU@n+9PhV@g!PN0?m3ss@H=?iaz&sZd<5Qwn=H7ttmJ<
zBZjAJqUl4;Xeou?J2Qf!WY)=nu0QvSUG+Hy;d9@v%p&N757&0V922Fa;uG*f)L2X;
z9}N6*vDbEXO7@wr$wQ>Y+gWm9GC>;dw9(u>q8AGJLRs2;p$nSFFI9Y0hvC&Fp^$iU
z3!H5k`QHy@47x}{w3w$9L)Pk58d=u!YV<?A`g+|P{Vd@UOVe5o5Dx+fNxLG2ZeD>h
z_0{zFmVZ;Z7oHi*L9163_f>3?je$5cbPG~57)b8o&HbIWWwhiI!Z0@5FSSOM2w|-9
zo*d3=|J9QaywvXyX~?5Uy>{ETLU&w*akO=U7H1(RDFiauK5C1;UlJy0cT^VL_I@*M
z;q{}cP7QG_7wh6@kIZgM?68cf>IzDNE;{$>WTcm`85Z70GWp_nl(6Q4!_@_6D3~Y2
z2}Xtw;xgo3NP8}2wSkmm9mHTC@N}0Os9K$wyW|?3iv*GwEv4HA<#m%M?;d>yGM%*i
zWB0eOEH3QJ_uiK1xYzBo>+OLgw&UhT+cJ72s6PY2<qnAeZlf!M$WnvP8k0VZlX)*D
zu#HQ<7r<84)u_+EM^9)ylq0=eg+u*Dfkn6Bp^|lZxUOH%v0Er|FB0+L3VN??(lUct
z=C+g?V|6fgJ};!v0j*$7a#Na+ezT$}Qhj(z?rAC=|7R2-iJ&Is%`}cwN`i8>ci^Rn
zS81j*x|)<TAK{eUA=}SLVt;7zg*`)N@$FSbkriFvn->}Iw>7y-o6J?(D>X5?Rib9`
zziX`5<3;|C4<7x?J!u*%ycfYoW(*Uv>v>nJxGjM)Eu?kx`01o5zpiD8e|%aG1InN*
z=J{jCsQXC%a`buWp?la;kCJ*rHOu}RZTF8GCp<xjS;b`np1>b<vn-c9{8P2Nj{AvZ
z&*nuE(&JtFgY*Hwq%`HJ=3mw(?=b<I2G_BfjDR_=3|XxtTOy16%<md(o{Bqwa+GmQ
zNTr*rI#>bFXynmZr}`3Hw+94Aeb0oO24RfT&rjKATa=+^EylYFm7tY9H;+IGlbW|5
zf<seY6WAZB8~;36rOTt-n<xt+B`TO2H!d@xNj5G0&f%14ra3zrz57qptyWhK4!`-^
zN30G9hpO}&D@^k4JH_5(n_KoE@G~=SAvhlRj?S`)`^esdz;u-S;~uB{fG&#wqG{bv
z37S{Qhfu|4+EHc-5pRbOVVbBPs_#QeX0OVt&ct~TGZ%kUrH{0EXZq&2BeD+F7{|q9
zClyTiD|jSI6Wr(9VAw`W{&+Uz@B8b#5-V;?fQzqV)gf1x7fG5}OPOi#U^R@(`bjbz
zc(L}m8y37{AZb-N>6ho9v5wSGN8LM6<6U&s#@3i!=w>#zK6^=|BB{OF+HN#~<WinJ
zhEP#5hdoND2<LRjnS+>_@I<^?&{JHUB<Z8C^&2lE0=~fXo-24E97nB@YdjIz*r+gJ
zohu#k4uN;PI+G>EILq2S8Es*!d%s{fy9bZl&)Joa?st-0ld29{JE2twl(C+4JvqqT
zEr3t~*Xs~7I%2vZOHYPB>ao-CA9(5yscoa|@P$#f8a8?CT}{eUqkUNCp79?sRm}N=
zS887Wn1eX^75nM*w4Rs@8|xUp`Tr07oJCRMrL|%H(sA*|awV^vu>Ah1V-3k9Fattd
zu{&mf$c^EXtx(#0@Yup9=@3}S1t6e>X&@3D2^hf)&hBz%HCb$=m;^@Br-jL+$G?Yo
zrEKTjPaV~P+B1v$k?1PWQrwczdyB&kbkNx#XOuWhLEuw0_SRaHeN-kIt+^{$@Q-1Q
zsPMOm_YWM^u^u(_%^h^ydz+mLswE>ByA3rMhI*X@9Rp|c7#Txa{)Chre=UaF%+!9+
zyJ>BZ+zOT_N+Y@`iemdd%|VPE{dLd0ok+FR;1ZsxWuu5Rd50^?)B!iSNSLk*Pwn1Z
zoihgFIZ;)io818A`!z8gxC1Jro<1)psnZnYuI#qZ1v~){toSPm*8$*TSZtOTy-AiW
z&Pbc<6g7*>qv5Y3mdRf@zX@BtnG^-oHc#1Tli{+S1TE6r*USS?{}X)V*v!lq(lRN%
zC6)szMf*&W16G!FYuM@R{{o<Wl~^`~$Jkx>ezIMo1=b`aYt+K48%v!cDInp>p7;K)
z+ZT_7h67o~qb9dz5QAINi#lIpH$1Sr`_mOAl$ZBh)UIs0bqQS5?yvEf$}O-f=9cwY
zo`sK}WSt-i)qtmR3hH$DkJ0BTqA%_@nGZtwo0BKzUtG?xeD195e*MDOovjyhZeD!1
z=QqSsiiWe2b?GHVVHZDWU#MkMhQa;pzGJKt1y&SQ{`e-Kk@onv=XM^UcU=U@Dw*aj
zFS>h}XC-!o?Q{E9FkE*~*<pcB9G8xY_fQOJ(jzX%$tn`nMSG|sr)zyRi*Ma8>eyP*
zln?nzz5)4neh%t-c!Y%O8|OtpC<b%zlL~z<{e0(2rG6L{Kq^Q!rA;e(C*!e)hdx|5
zw#|3F-*UpqjF)~NGZI_d8odF^Z{J-lhF3D9l`HJ<OJXhtg!^5Ox%#<h1MIu@>RIU0
zJ?9=e2b0X)QzYwNHfZ;*oNdqR?=l?kf7cH{H(R5&;F=n!$cFB4F!dXT_<Z-$_2q*;
zx@JvW+Z6n{ZN1lxU}p>MxBzbNy)9(G?Z0G><euw-4>Ubn;+1jtB{N+Cwo!Ty#gpzs
zN=@zcA|HfrBx^2643<sv<%Kn0H!oig=5(W?t!gG(cKFoLL>8A2wa!`8EpKJeVx&f9
z3b)Zzq#POjWP=)dNj(O&k_ZEo=*M^p6&gt)P_vo&pBw@`stgw_*hb@c5qb|KG!K;^
zC6+0;e){!>&dmXsx1dD=9o`_C@^%6S#<0XJ9pcb@qClkk#q-bVZu|-Ji@`tFI5_=D
z&e%NL-m30!kjN|z$6q}nYjg)#7sA@b;Yz1&N!i4T4`QNXse7^vc|-D?A_c=Je!gZw
z-3G#S=v&wQqWv|st}yt+YAmh_a6LJ%HNwl=Z*~*0hWd!EcK{+SHT%no2Y~kwE9^n!
z>eBphqn=V*Httl`J>;>#rbsLj7&L4?TQX^EwcZ_ur17xFrq~ae`2Jy2FsQV9G#pTg
zush%3mzZ7HP#JT$NitXAF#;2ueyOPJ9%B-rNL~L2>o{=xd`cJXdnoA8{YxPRg5>g+
z{`o3eWmHMR{sbcRfN6V%)B>l&K+fD>pDXFgmZ?ca0YMlAdbHzR9>y|{ZaM)?{pe1q
z12fdJM#5x<2jp%5&D+|O_i+}^{xvqAtM%nzu}PJ(Hn`mJj1KR~?trSBuu$z}l^Pi`
zzYFo%=DR{`KS5(|hru(cKgsud%Yh&wQm~`Zb#MI5Nj6H;aD~?w!rqb_Mzt0Gnupr+
zF`{S3Xp+r%0!`dHTvI7b8Ft@Qw#ZwA8M-IML-=PxbGGlY{7VV~M<-WBphz{saaFD!
z>&UwWGm>IGPpQHHSO3`g%?mquw4<ln$aQ7zyE9eekkMmrfU{^{hT#Qn+HztPtoHC}
zJ+lwL>8L@b>HR5mbB_JL{?>Qf;FW!`*gy{*<No?c5_FoA=DOJDrq1T?LUuSd8Hc&8
zHoKUG2|FTav0}lbn!Z*(!0GMy=V`VV#!wM{N=xZ{pc>-_Ux-VxaRLGbocn&db-#vd
zN2hl*-Am#BLXLJ}eNlKJm#ds~hI!iSDfN@i+9g6Y5h0%iFi#VheO;tggYC}^6r|?+
zV#A<Io~GX8KPaCYp+@u}>i2~EN5+w4O^n}|Ib6`oiazgj>c*jXKMI=u(-=}vTA*{1
z*<(`KK8d3_6YSd1!*T(-5@{OAW7s>S^OJ_aLKN^LirpE=+Q9P7HC-0+N-+Q)Nh(v&
zs#gFsZC*iA8_55B6=89$&yrhbfHxqsNgeBg70zK7hf%abCf#D?k;AsI0#rI{WjVcL
z_1|r84&;3B7T0%dLp7ZbKfm~c1YqTUO*yf?r@xj))=ZxO?P_XyV0tY!;H;Pf;g4m*
z0nu_91}sg7kBE`<ryWVi;WKTBO@K-b0SM1l;S!idyePO96Gvxnd*ylbl^<<&sl+LI
zaxl(jo@E;pZ!ftYl2)qVi@8CLZQYt&&Q1nqq-^_falM2}rx%sj&76W;CK=5zLvJYP
za_0QtvEr5h4hyjkSGOy-rbUjlOPqwk<!6rR(*J{45AZ`-unPeTc9hob2Vii%N2y^#
zrWfoJSN{tIl$K%LkSxA$ZyY7tGIb77Tfn7L7Ixb7@vJvwuaPk7{1+3F!igB$4N|Sg
zi&Th1VX=c#xJh=|h}q-4`{m2RtY3AD>LEwX;n8M<ufs{{6}ApH{dW~)=}}YE57zf=
z@mccU3KO>YD6n0`<ik*cwz<&tY-Qqu0-=Dwpfh4aD$$7nFwI66(9n17BOQ)njpE`Q
zM<`!9>ufOKv!Sce?sAy;t@UPU2k&jnk)}=D;(Pwm)|KxNs6G5Vqn$5nrV6OQ!AV>u
zliT6nE8G6(x-fo}R~gBUbyf!xualyU84V7RCeBbe76I*O){X1|L@r5^IV4YJIi74{
ztf{GU-QGA{kDMk?lfnP#ocXGF4z5U0ZrO^zI6|hq0z>zNh)v8^H^=P3Pi<2s*n&E6
zSq+F&ba{j1k||FpG7vQyz%+0rO|{$13&=O>*9A5%Pbu!}-XKEo%hA(DP=<efa9ZvA
z>YTJZ6YK~REe%X(@_tMBEk0-*w%$6~89F6-Jlz@E>lUec?8;oO65O59uzgTJsf2v~
z8~b90XL7?nlc@lv(qF6t^Kj_Cx!oafSSun0AaEkWcS`8|vR;^ogwyX$?2<YqKH%X+
znM@$j{Esu!*@}}tfJ;(l-_n5&_rQym8leGh9BaC@0Zd%G@z}}B9i2|3&svF6?4#^f
z)mNS#mg~Dic__6C90cYoskQ!^2|V_C;@RZZ2<)u@M*@%J+;8r-$8-tRbWLp_II7|v
z5;=|&^X+Rv@rYo5{-TE{gbCBfYzBA3IOcw~^@Uxx_);wO@e|nY1OVyOAxr`m@$&0G
zEpj7|qsw9j@TXl_gt>LvZX-pCJo7e#Ab^pS_t2wGb}`aW;CB!(5gee9ZdoocfG_8K
zg^*rMxLiqr+wq2NL_(CU9A91X2$y^srI_IDYphOw%|*zqU(O47^!=`cr~sbrcguRe
zpCIwZ;J!vhvNdnAqT59xUr%=7OZ@{)6BDtREBgWZG&s&L3iSC9ou@OC|CfuFn{u0K
z?mF0;1#YN!<FP=wvv&B`_VDk0`|2Q)W=E;C59`b%1^~|`<-EikKz&R+WVp#q&3|pd
zs4|b!_YVN+GUW_Ezw!i<A{}gudwGkx%3kSA=!1xc14iMR2o{G{t8%Cn>V}tK5L5?H
zJgSA(SPr?2dj?QKgNDVT@^nUls4U03{jEL4&LjSwpc-!K?h+H!4Uhi8WQTh!w$Mz}
zf=c$2S8qwXSb{2I3Ha36LLoApiO<*_)EY>V+Nq9wr&$WLqvtLZm)@pd?-qVK3c#2F
zc4-#4{TU9z!8m%G#!-=lj%8m-zwP%$@*lPd2^<!Mex<1s!+3Z%Mg8v+W>c1UxVhhC
z;h))ZqokBaLH7bUsR8s93)ok2G+$0TY`v$w^6;gFDZ4&(k;5VEE?W=EpC`)8PmmLJ
zCU$~3t?}|Y_FQ4S2ZN$pt&TlYWqS$(K>qjXy(-7j8t5F3plDdMj~k^LnJf7VFQd%E
zFpB_o$QHTU>7YK#kf|%8G`lP$i5n@WhSUwX_o7)k51H8*!^^4j(eJ-HbzxzqBKbR!
z{BqGE@X(rXEgwPH{7Or)>C^*OuC&9hOE{H#Y)t2z9HQ7cY`&i{#R}j<U9D&<AVFtM
zDtW)UI<WIP^MHqN@R9L+XiHs7HGl+x=3h)v-?-VHQ%;dfo>ha(^2q}-(rBILK_~jH
zD=&Ok(4uyq*&Sb{5?Zq>gou>y*^=J&g-Yo0tgw;AfuW*ENv$S^nY$r%x9^u_w|!ga
zn=noR>`g!07?dhKH%LPcvE==CDa8x&&e{7}s0cB%bgsWSpxu|xHU<vH#s_^VN8Qj%
zN$?(G#A~N0K8o8cDX&Ltrn?)V3J6ewiX~xD!Vv^gF^haTzK;8vP5x<9-N|f&V;jF3
z<<ro8{9V(a>9GV1T76ZI(Ab7irPI$&YPU>@5V~SC+t6km{oNZP==z_TkdtB$SW{FZ
zJBiTh^P3AIn014n!Q>^zbyR!0@tA4r)wu7_a1%3^_zhVMk`Y-(Nn^9VtDoWIE7*g;
z4cW?;sI?F;GQ@TvkAVe+@bZE&ok+xkLp;MAGJegf=F|9+Xu+7}xlp<~GX#@#mq)lu
zwCA;<cTCn7A^0W=n+Rt{7xBKU`X}kqui=>P`iU%fKY~xo&%NX<B6Ex_ANt%DsLxHk
z)S+zV{rk0FXZ>;MDCF?0v-Gel@^6BOVBKAVad&R%8*+3T|3*`Ib<LU)JRkFVaahQQ
z1DV9wLC+Ba!2K+_GR?(tQ)#wxIGEjke~{lt)~qdTD|Nn%<pnY?v~4}pLze>OrQG9o
zC9>f6CA^O9c^SeTz5w@zF(p<_Fj~ppb=?@M4eKf%_OX9YZ}l95vJc7Flie#K{K(%0
z&rYxP#wSqNwS2ujVwoE%Vr<~u6zpUg=p^oDZI~7VGDghbo!}lh;2wz(YF%<$d_LmH
z#Rmry4{k^UuD^Bb@QE;s2dLgBT<pXNPb9()GLE+rK+vV1Wiq(8GB`?zgciOAakK%3
z&p@p04->i2{k#Tn*<<UQuvX907v+)?>X<(W6?xB9ZmiOOwv@~0%x@j4GZ~M}T86A;
zj|MVw5;*fb6e#m*A@m1oIIlT6b#qZrWr%6t1!txJ(6kvfg?BCz)SPdhZGsjyH-2tE
z`lY)ov0cIo)~WK}OHJ_Pjgb&1TD&Gq=CZ%-(22*W=Ug#$)p!X;77h4(p3jIC0><l>
z?_&$+`#r)g>KpJK99<hZ+y>lf=aYkoS%1Z8Kn5*6u}aYpdn0iONV#R64il)J>~BH(
zBHlC%uo9`>v9=O7R7l?YPhujydKRK^ZrCGt7-4xfCyxD!5o@3T0I7q-^DSDFGHFm6
zxhNB@e&RpHT$$565ZP{q9>`oC;3*GDog5h8m58b@h1e1$XFwsL+Zz?w1g^1y3ky47
z43KW^dFkuM<`1?&V;~!A*?Wfjr!|FbivybwM;>2<gO+p?b)+)`-8ZSJu8OphKH)^B
zC4x0$#Z=JNdWx6W3{$sgf8iFI14PZVD#lhWcf@M6>Sp+&3Prs$l_EN<Fmjd!C(;WO
zvZ;_-O-BQ6^5qN_bzWC>HnEk7ERq|mFyNn)cJdfG9$no5^`PaOMApPZzrOwvIO*Dl
zzJG_@RhW!xT-)wWzKKp`C?$;3rPqe>T2-#mXosy+*g#>q1Cwrz9)H0WCQvJeSjQrH
z$KVmqA2JjCC-+uHB~|)O!78envHb8-WR3C3kirMSnzLPRT0aZ5-XbelPYOOJt^+e>
zAN}h-UjXfzCao-`EST@*`uC&v5zv-J`rV0jM7>^Dz6h^Fboc+5C7G|Cb2&*P$gN7a
zfwk@<y3aFQ77W8k1n91WA*D4EDo0~~!HPyqZ^eJxG9&H(PYj13!bJylJ=yPz#=~k-
zn@$-<QX@tfSHf~|8qZQ1sJ&q!<;(7ieB7GL_A$<{=Ce!0;a&|r0#YJ(70)}jNKy$^
z@ke8dE<VyK@9W4TAN`IeG+G`|AFECiYJ?zN7J$<8Wnj1#DV#xCl5!<+Coa3`*&;oD
z#UA-F`|zLq;_n|B*Wm4+ze^?SwKZ3ICT_@|7qhf0!g+tw(wuv#gWR&fk)>}Oq*_=-
z^d!&fVswOo@4r;3%R-n^vlV<cIi`#w@>`uYp~VH&j!_ndNnuFd(%K_MO>aSlbEHwF
zsoR7M*n&`*`{ZHVY!XcMyjoFp?;(Q~7-GKmI0C$NMU&_tK023aq(?k-woo%$A`G~F
zu&^nz>!3!(Y!??#+gWb<=__<q)`4la#~n3aK6`0ST+K&3EST1O1A;Y>d@x0;3R9}f
zcP$eWV_3ByTfj-v$*A0^E6c_(xKO)gl=Eh-Z_#%}9eY0b=hWr2(yPjunMej}N+G24
zm&3}W2(^8|k}MCi2wQshTIcT1D<|!Ls0^-=tZ;Z_v>9D)j#2KZ%CSb)V}~&2<?~Xp
z8fNW?LZ;L=OnsrUe|+)})%_58=Sz^dhYUqxt(BjtbP1o9aG!M1gEzgI(HSb)*ad+k
z>Z-wKI)U-33Sky9<=itzy~1^E9HPRDWKcB1pO-Z474jikceY|?L%Mqb37ex!Xo8Xf
zas>FtG#XLMqDFp9Gx<VNrDEa%c^q*d8jspygi&jNA=dM%&K2{;&jrv|E@{5m{vkL|
zwi=&!@2sNA10Np6%3Lj5{v&bHV)JS1g13#DmLjb4uGuuC4U}0s5nqa_qn)2kv@D0^
zWqhF@w4c8<_-*-S@A>^SGYmS_BX0G2u1IH#ELDYCK<YG-u#@@)zPbRU8?*{aB*r}Y
z`O2ROwe}YbRPex3K(`fG$2%AFJAp<0r1#Lh$2os9mtw87d0mL$i=jYu<d{u5X(%dX
zFi>YQKP52Yy?o-CFcYXS12I!h%aZqyg(Si=Ku!i-@A9PK9d#7g|JucjD^>l2Qvu!>
z3LE^oZahs04oF%J#YZ!g4`O->-nC)HM2I$B;yH+6VLFjO>wyCPk(|F6dLdeJO6Z&{
zkU^&9%V+aoVL5lVm8@n8au_JL6WN^#bPv(U=uJWC1GrPd9b}yl+PGf!9nJflF@-~<
zo9B3TO~t8h0!XIr)?$*osrI<kO^xkXkz)p!xMu#7j2i8XnF6>B)JfR-%m0`_QrK!{
zmHQJtqNNL06BH6G8#n9<(CD8H@4*wt0{Pw(N>yvq_qz-50l5y?^MR4rhuRrZtNrV@
z5Sx^Q|5~eyef^U+<uX_KXR$9hCeSZ`T=eMeY#7w+sG?@piGPcMSKV{{bco$(*GVU_
zRf2)IQZnRLaiw8v9bA%q(?M||Mz-7)VoJ8>pw1XK0}U-NwY3Uo{Lx>UPokiud2VfW
z`MU$|a6yQi{cX^?3$7hFz_6GjHaUSd!966JyB4m%Dk2S6xZ2(f7s)3(_#JwP59Lgv
z>1}%8+lo)6wK6+I$S(l2O$|RLz>;?7ba<b&d<&XWAjKRW7-<kU|47jA{Nw=OfVgv&
zUL8A`lZO*<`+EK{^Mc0Xtg+x>#w)*3n8y-Sft5{sdYD7#NKy#$@0IcD#EC#Ria{`m
z>g&Lbr%*Yey9Y($2hlMdOaYhxor}G(4vH400Z9oj%cJ0{vM#QuyV-&f<4lxs(+>&o
z$H)=Zc?`X=u3Hk22BZV!<`b@}!y5QXQ)`+q5({+b#<ZjH{b+>SKmd4~8QG>1u(dho
z><-xq6*<)iBfTZy<)5+6$m;f1scYAq>r}HfG*nd}z&7&AG?XDZa}deMDEgW4OY#fR
z5utESE~f~i{Ru0kTzq8hau4qO@CLR;D*cS^ZT@R3R4nBF6%9^_r&ztog}u<{*&GqR
z=sgDIb@}uNTWolWxDIllCF$R5@z6OQpEo2O9aG)m_!t38lu&Yai=NOg8Q4>n&au7p
z`N>tqr5l<oiD1ld#_%O#J40f+x0sdXt&oNT)Ly=u!W*$kHj&|r6SLZ`P{{#HGQ`kM
zApW3`1xm5*Y)ya<TV@NIWfY<k?w&eTj5o~tqHkcT^T~MuV^zYJ_XIa)5Fq-4sI3#o
zt+8!ZGDroorI1ahHfMw|ft;J>jw9wU^f9u=#9!P(4*>oh32mF1+!2<MhqaWgqr6Pd
z%O52K{i@@^Ew^ntAw5h?W+UXWQ@a_uTqw)gh_)JPfc*}+WFG?-CCQz3*3Uw^#719M
zhbt6@9ev((%eK|{4A6u<lOH#cN_35Z-aNY$TMeGlqcJb6^@whBnDXHRUh^oRidqlZ
zV+v!Xfgm9JyyfIC^x4-X<&c$IyN=sSX2Jyi7EDGtTTE#V&fCmb@vybiqL5wQ<dzbE
zyI(zL7UUw5iTB!#Ucdl8`ITwxd7NPYv=;P8Ud?*+`|cg7FDX&Wtp^+?ew&H}PI{-F
zPs}_ME~ofncW+V)yL%P;Y^c<-+);DembScspLl_8@I&3fP8(H42Rg$lIV}QOwZvAM
z6y#|6@rXZzqvM@7HHKR`SrOx>mFI?T*d|nKM0~Tzb7sC`rKaa+z+M?a^XRNRi9Yy{
zaA+xd_k2@n6)sz3Pw=oP&z$l9@qYKB8)5L!=u_Oqm)jkt8P2VHTEh=Pvst~h?=%UC
zDM#f3*mrY@0~KQ$koR{~u3RNjDcA)1D#`Ceg`deQp}&&35?!W1NP$LO(vhSAwn;lo
zl=$#g+O{4H>D29RmQYQ;0(_HYgYVv$LVaep1yz>@PGzE6qd4w`(46C5g<Em2UiLO3
z002U7&}yq-?X8sq)0)62$@HzI94t<RY#MPm<S*v8qL9*k3w3j85nQqa{g16N?jbW1
zZ@;Q&(O}+y(Z+6;9P#C{gG5HDtpY?SqM`Vwu=wW>wdh1Et}vK#>nz=IgDNH%fo;yf
zA;bB#zuNAwmvns|cf3Ji5|_KZle$h?CV-CuX0SFnvOHIJTtdR;{-5sSE6Gm4AFv=j
zufpf@Pk*2G1Y<NR%!A$sVxZny3{B!qZQF`6+Rp36K}d~;v29*BZppQawN4@<Bl3*0
zE($a3(vU?k?Tv)3H<*~ci;AQP<O8343(8^NG-Yb)$IWJRJ%m6eu%+iChJ9r>r<m}x
z`oY`tZsSO8I0}^ln;&R%sf&0;9;WkoK;Ez|rS72_U9(sIr<EiZduAB%Nzt8PSq0cU
zGX<XJa2m{{xL-9ON_FcLNMqrqf@Y0Jr3$+^jchCSXG91(zEIP>_T;^QQdh2-Dz9U?
zUuP#)y5v&$G!-dnC4UOp6;B~*u>&|<v$eVOXP3QYyz$D^PKU5bXl8xACh($!S>q?2
z<xI1DJ4X-u$*1oCwryL}n}qC0wwfHH%x#io8=FBCKTN>__RwJXToAu(?6zy!30Pmv
zmy&Sa*?{<BV6h+aAL+l*J>4%3V~(v`hl0ad))mZ-L&owFAx?`Fr<IjzZpK|mb0ze6
zgH$HG8W=1f)8q^Ty)6$7GuX{t;~J~8hQ)p-MRnYoQ*>U-kIf&gHtT&VR)^kpjdvr;
zaS$pPZ4*r89jc52J<xRgPVJjmIl4U|JGSo*YEt1g=ZTFuH=Ph^Edh4oE4Hcye#rHG
zAvbB|0&U5)l2ShD4H*ki$*H`v=+>91IG<QNe2i1olHJ}K9zOyG^9hzC1?tRUr{K~1
zRz4%ia~G5e+{+cqc>n9fgu;pJX%OPzSoRWG?fT8?B=fMjWME^*UPNQkCct*`OsY-!
z6I=HZ<bzbMXNxPjc}l3uMHFfl&Ay+_4X5Xv<0OL2O~Z--r)a~!qb^#${Q=qoE53|K
z3j$t|?EP#9ytC<Ooukb2*e$8kT@)bBAhOquH(d61H&-&SOV%7FXV|3ndM2+*6(?w7
zDluKzePSiPq|doH@8NAePxTEo{4CCUOI`S2@jFl(D@S5F%EHFaNxWZ8qqqNg=O?qd
zr1f>RSqzfpYQ&oc_1G$`2`i8(bY9IagE9y3D1Qd6FFpqUT=vZXLs6>&UIUd<O5WvQ
z%Xk3N*yN3Ki_|<rD?&oB9VE&VVG#q^C3g^bIoy0dx(e*GpPWa+GOpj$XvNZ0xtfeX
z1<<*iJNW15Dyak@uYZ!m!REGKAOLoNJ2-H)VQ+?1pgEFtVL#>8aabGsNj_1PhVvY2
zy_CUSxW3!-f^F0UE(JYG<J`z!0(>UPDS0`oX=8`g&RMPRH4iT?XygGJLbTI~NAk0c
zYX(yObDe51l>?Ess$Jf5hAGzNbJbMpik+?hBker*8EY1}W(Ei}KWuOUck$aW`gw#X
zZc^B+%uHIJt`A8X3(MUmbBhTR2G=K>+3Cjj+Ry6Tb3pP&Qx&CBB7Zv<?Fwh}-NLY6
zkRiG$|8zxJ>$aP0ye)J#0t#{404{VZPi<CsKa3L;(T%I-M!dKNTh%`^gAHGFviXLx
zo!Ac5>C?;%c_RUxNX)x3!XBp8$)Y1i3Kx*XyYVcQRsRkbh?;ef5tj#z@z2J21fO}@
z@b#?tEZ{y}uTs(zB1rhilKDxiOL_)}c2QTo%f6(!F3ElJb|B%JuPPL8c^E@W`sIAz
zQuCSEt7KQVxTi(sER{k;k$u76|5`acFGL`!^Sw8qTUL3}mKoZ-XIn=4{m128%YLtr
z#dd%J8}=m}`-xQQGD4Lg&GfT_u>TjZAZ>--e$A6q1da>0sQ9Zs+6?~0WR;Ay-0LPv
za$`8TP);%NhBNz|=NFqxleh)T<9oR0kUze$qE_x)<pX*eTj~3Cu4d1&#~0h?AB!YL
zjQeKM7003VKZ|*+`vMQYzH{Y~T`}eQtw-60U|?42_tzS^LP){F>CN_vQ!lM&WnJ<w
ze-sBUg8WZ`lmw^Fo6=E}C|68jr6KCo^t<s+k6R873BEJ7NA$?YShm`v&Gn+0|KS1T
zT$QY?^rk2H@jpX|9=dLZye(fM0>9a#@P<YiXlIsp|IUPN6w}WDIXARCrh}qGePSuj
z?SNa3VKCz$x3YlmosIEZ!teQ-+AzArp~1-$as2Jd%aNBIeRaC0z-D+Tg=c@Nn=2o4
z(RyFu5~L+p-Zg2k(5P>`HKg>qGryhFKp;tKSle2_CCo9jiz@)~FvvS_e&S`qu$Apu
zC1|zQ3XcNoQ$MR~pascbawy@G;l;esNqGlu5XA5+dusYX$UM$i-;rx#{li&L0+N+E
z^5K|=`ig`g=%u5TRU)4#9}uoqPET)QhzqIpmZ%eI4Wev*HROcSFuPk-^b!-kK3a}R
zrMlG;2Y76+7eGoo{XZ6M)I2ttA5rf;(?a_eSkB80orN+UJZ2(DJTyXc?yd{(>&yJG
zeisiI9eD6e051kNg689Q8rs@-#qZdrXG^IXcTSbej!j8?AmWK(!;9E?k}>gJj$bps
zT}vw^;O>y|1#3v5d1bv}B-ytxcoEIYr+;gYv7<Ao`O{`6JaIv}2~cjm8Q%L^w;~R#
z{>!zQ*LxmBT2;8n4HKL=1VncbKzzajCOb8mh`dP<8ku7~dKv9qPKiSith)GI21h3E
zD}{W1bL~#icRA2{ZGKXS?c^9!sYVsCZFNNzPbxE2J6+89F0JUje+52y8NTvHg*^Q&
zi;q-2Nr6o3Nv643#sl-wM`i75S22#SNJejVWHTTfoMInzc``kf7w$n7qLOF0P$|QP
zahoe<91t#6b`Qyoo*>%6LSlAidVXUxz`%)~d&t%b08+Q>d2wWGXdpr*dKRz?l=9SR
z1OC@KE9V&ET6AOVGpHGWC)inqZRjcEWuy5HQ;w8kjQ5Qnhpat<h-jdmSg%r8)nLU@
zp;TCu{7}UOh0WQ{{$|@rYxr#$C|juCCEy?d{~$lTq7w?gkSn$a+U~ePBm<r8Njb1W
z0Vxp>*>r>_^4ELG2Y<Y_8rs#cX%oY5m%=_Ts)HV)t>jrAr6d(o-r$NzR6rb8`af0a
zTmS7>0;FwkjoGWTFlY)S(BYv1)tTc005u2_j~7xTKP&bvV}-%6)@#BRy?^P>4JTNJ
z`b)mj!EB6Bxhz>x?U8#pVpO)EWJ3{uLd9}{$R$#;4L|}Lv~rZ}*ySZkA|CS(^7x<=
zXmeCJFRhTh!Zv0s3pV@Ih-#-IR58vc2)&)y(w-1JFV-aSRx&V9zz}Q6Zk8kz<MD=>
zS$$do$Vg(^z~1cE96aDiFmo=$rE2EgpOP`&Tm><SarTAAQVHxPvd{?>HrLwlA7a!s
zg9^zlKjU2w#ex{NKh;%BA2X5M#^DykR*_w~X8U=Ssm2<mtdWr!Es|^f2INl~M;nI?
z*!*$~=qtCPj|BF7w<a*I6;V)F$(kzD4X)P6ug*Tkb#Av$rR<EsIEg1(QUp#hc$dO{
zL-Sn%K@1?uqwm1N@Ki+fSE<(sPHTk4%vTTQ4U5C5_(+{JSDJkhXU8humfzT)-p^Yl
z3${TOK5lG`3jM1G7iKxArEvruNd1%@VT&E4COelFm)t8FniwLzM{ZpY&GfxROd>p`
zowwPr3+;M(fZz8<fhgb~xdm(-bX_N0px}H=)#SlY);28cIIbq}=@mecz8$jQiHt;4
z0LlhNGxy}CYwfLP*L!?sg*SNJaB(D$(%aO{k`wX9AXajmc>_)pV=RGa^|q&zhMESw
z@n&j<S$*r%SKlDQe#2%^R8LABLTG|6z<uuD`!L1)*O}XRJf^-8-!vKJStdI}Ke9(c
zV2=h)E&FXLk}T6I)A{<q-uXtHvHjtM+asW1cP|94wg+m~#5^iyB>tcn5~&=Bf!4op
zD{xGcg?q$g|EXycV&n_TvRi$kT@A3K^l(%|oCFl0U;Md<1h)34pw>vF-bDb=hdN;e
zeKmQsa$#LfHpfCc<LI!DqI+T)YA^U#Lpn2NTJgxi2`$OL&BNy35Y|G05C!Oz``Ad{
zJAldm48IMN^k40JpJYa9{fMyj^jXbPrPIS6h4fJh)b5$!M7VOvyTHvsI}rZvk+xb(
z)%6^CGD`A!Qq%lMd}Uh(qFZt3TkCAX2e61u6vrITc}*5iA{s`Kq1as|J+M^5F--@+
z%)stM{5aU>V)p@kUU2{2gNRo;9asBHRCKhSA4NHlGB(Y<_?!n!F*_UMzvU!gWNa4(
zh-Tc3<iHdXt8Vf{jzH2_{H|vC(c$nBzl${6AJ9II>3;zU`xh0?4XtI&S1<w@^(lc^
zSv$HAOmTR6VhRps=9zF00gz4<Fy*ms?(n96hGR}*`ntp_$3%|d%6bgXCJDG~7Vttf
zyo}4K@V6$6DUyDc=`v`?gW0ai3Livs5NdUKJqqUtZed**R1(w~T==Qq)w5oHH8fR!
z1~RuuaG5@5qD+Wr5b#ie_wr43oMfJ|cvOjf(3bbE$|b=5<YmUduaGf^QGttrU(5(Z
zdH8knbi@%&1S3NYDWfY)IwUc_8{^B~mn%nKr)&Sh;!JAD7VMec&9p0a5RYwrtDHm{
zbKIB9*-ip#8L53K?+aJnQm=5=gz)~$g>5{)Wwpb<`}r4pW$^%scXuG3W6a<YSeEba
zYa6m141~KKnx{#m`6!4wJQVYEup88PcBVQ#mcrI^4{2%Hg#bPesv3BQ+~dN{z_2f5
zH5dzd&;^AC#R8?aD>xgFEZ40J02Y`fkXmjuqPTY2Fci&#8m>-`(kV)^2mTGK)md{!
zCasOaOcBSY7Tnqg^H*$;DKm63+X?_hebHo=A7WzDUx+j)Jmu>P17GqjQ_Idfa04gt
zBDtcM3>Wo$b`UDTFXN6NWr&Rh3Qm?wc81M!$U`?Q$D@+qi!x6q{C;26#*W=Km;St8
zSI_`hU?AfXL<1c{fM5bg%)@AG(<Q+GxjndcBw1C)#wvkslS_9=S+zD3pt4MKaIo~8
z?OlytH&X&FM`o*xU?C}}<+;q65;-g1u99vf=E{Fipf{u=5xtG4<$#-r@;xNzhW~k=
z-*wxK18l?spD4@xafhm_*U#pkh$=BSnV`g{_EKCQPdy>S0GRd?g4t@*p>ph;@5=}^
zf<Qf90fV!FXh_U*hb-~R4nxr00xYyAmg)h6T0u5?|2V|dgAu4eP%%W+Ih+#E(^;Qx
z2F|SD?=oiaa<4k>(A&Vap!denE*wKF3M;v_qpxUi(HhGF548R{9a$%DO8QmrA42Z-
zTj?26`ebT8N&GeDo^M8Cm{*HUH?rgf`ki(ln3S#c2F7es@JU(YvSHEQiNKsX4jTZ%
z?MiZUiY-fAz9;<Fv#Rul5V{x(r7iy*4*ahnFdtRP9Y@k|1{?)}@u_ZQY?F|;V)#5X
zgjVpSczek`1jL>%$6k|1p{AG+dz1%Rx0&qvyRPc>IQdpHRj<IsEL^Vycm%u5Po$@n
zk|%Qy+$U$!cU+HzP<E<6(Vpe?EN714R~D5xh`~+b*M7jOj=jXUdu-AyJwtNchfh?k
zQ^m)E^)nh!N--D3Yp@gWjG4aEIc`$eHl&!BFWbxQMX<;9z}z)#88nKK-v9`^r6v<G
z(gtZ1V%K<bv)DoIu6|HAJ<FHg$QQwqe5xN!?YzI#y8Q;59}(Te83*quwoIh>Lfp>6
zioh;fo{m-7(isY>vf5SRm*-5I1v+VC$8?IJbM`>K;k2;&Qr$D&311CX*6+FWq|+{l
z=p(kO9VK*?ww~}#%7S;$f|;Xa#2q$TBq?RoEaT=9>aWq8JlE5Ka&~?601qg!Ie?JH
zVdH4o$fbpkTb8KXi1#F6oC7|gQQ(ZBHucBgIbrs2F47v!hD)+$%Vb2@z6Et6CqhgQ
z5e+w(|1ED6p9*Dn^qfxCueI*BQUv5`6br}fU_t9s!3qdRszZwd0F`a2#<;%?r)q`I
z7-(<BroPuio&vkzv6hRa%&OMJCVGnITthrHXBcDkzk$`Io@+y+?PKP<7Ehd*ms{s3
zW0wQCbNei6uXOuj26hjpir(APU4dgsJh61W^A~cI(}YQPV1G}s$Qj-4iNQt{ml>2I
z{B!{b83^`Zw`T;RwRUoP-q~Wp6v6-i08%yL1Jwd}s+Dun3K!UArgr&YwEl{z_7G5$
z(3DAm^=gFihs^0<b8!@_d>`bd8IigpSM;C)fwybjtS}`(&`$9|kR(LES7L(s5z{3N
zzQSx~z@b@!`oJkiQo)aiL5Uo;StwbF;q`VY7m2rD2fxV_!9I0C;{R#i@yB|-&T(XG
z%gtR`Mdb)O8sC=>fH=$0FF}>IFIwDZ`wxr%>762{U0Jq{i0X3bEq8ckM`s)RK%FpI
z^WU1b{O;yWe%u}bLNB?C<?9*l&^w+Ku~rD7nK!2JF93nO@a~UWq#ATYopOW{+cg37
z6$|Qsx`ol5HV86<QV+r6?%gv;J?)%vo%S+@Etbal>l{2QU#?$vUJ^}FQ)x+ljp=eU
zex>9)Iv5l|j2vIBUTISy!B6#lo#8pxt9U^5*VvO>v&ii#rYLxIf)6RPnprhh%KzI!
znnDd#%IE+@#{uAMk{x=c>Ed1G4NvI{OIymVdeuwWRdiw38+?R#OER)Mu7kcL{~mmq
zE@t36Wh=1tcTa!r>(ZLH=a&H-pBR>Nf(-+cpN;oW5H!w+-UI7HZd|?Gv4Lfi%w;wq
zXAmvsB>Ha}-2!3GQ+z#Y-SJW30;mo|p?>`XlL~v9Yo8kSj%_69_W<3&a|G+ou1c=v
z7=2%)v^MvYk_*$2+-Nig?GGP(_h-HRP<ts}<KcU?f!&npdsVQ_Pjx*&4Z7YVuPWv;
zy8ez}3WDrQ<I7ECdx=K1#mr|cu=2iG%&BW|YrU`8L@N=YGu4!_yg<hJweGm7|4jnG
zamRMUGkFro+20+O2V7^mMW^B!3myK{<{@3)ymIoe6-}>ap^j%6b0G_x<%i>AE<}^!
z`kkq8Fw^1`6=*axZN9Q1i~ik#-Y&RhS%-dm8{&y(akoq=9u*@s_w1-Sq9Er7>)mlj
zW>?#Oo9}wAd(9XhoRDL}=bUY;5iTZkMCNarek!iqAAd_!;yXW(nTozJR~gfZ2Q+QI
zSLzS0#wvl{m{*_Fn%(Xu-*i@voQ=#`#sPoA@88JEDKNENSl>yqAg7oQPPThEhh;|2
zgNZl*LS2GD6YDlap%Y8z><figXY|Qegj2hz61%U<-z%_{4A+NrC{h#a1VCS!HcrUy
z#Wfg|rb6ZGwDZuC(&0HOmjj^upzbYso#-$($7POUA_s8rYmn?RWO9BJ$srHYuR$cy
zT-(+|m@;URvX}W^jO7NI_DVqtZ`~Vil*No(oj_Ve`i7L?nMuI|O)O}z^}}g|TgtR`
z<Nv5Zg71RigtqOd?O~e*p+M3EMF~)OTh7V}YR{HHtH@I=x|?mpxOEW!0{8n)fb=zo
zOCY9IsR)UY_G?aCh$ym*c}ExIh#lnL>i+<y;vb5OYO-ymFdj_|qEH0jUyIq@y{y-c
zbX}AWHH(<eSQ8mm>NQT1nSr+OF4AW~ZWy(|qVpMyTnot7OD)aRFgGbrLC;~0MrlOR
zT>94tP-tSE@uZm&`z4+4R>`GHOh#FiEHl8;W3@YqyTvHN5eMxbTz-QqDS?QAg3a#p
zJ!34YHSE{&UuE%^3yvP*Y($IijowMBTK>$k_kQ#BT4va$0f#?$GtRvg`5t$%Q*kw^
z)R6Gr8OIo(&$)9n|2xi2C+f&(>p_O4{ncYG!}E&lm^z_m^>NHT>W=k`bmsAc!2tae
zn562_0S^gwAjlh@>qP|6bp|`2M!DsNzewg?oPEm6n9@I4=4((3{}-*~eH;-K-!USy
z_V~?Ev7$(^DZ~{hPFwHQF^C$V`(SFi_%~I-wnc>v)(w?>xiWu?tRc>2CENw%A?G#w
zc{?H><g8R{H`$Z5-D__rlgj9&vW-{e*V#`Kav4Xs5cxR$APt%h-hDg>^IKD<LET?B
zj#(X?OD$_kSvX@|jEN|dRWkQr7W@qIspt9fkhkzz`Q$5KnV2T%MI33{I`tj<R2eU3
zC*Jyyg;Wavvm!_PzE7m_9ecpK6*^ceF?{iYs2@a^uv<8SE)`|;z0U3?EYFTuBEG)$
zk_zb=fb<%qYt0J<)@K@7`I-FqLt;S}=z~8%rKxpY>!!ROSE(p}b@(jehFmzRz!qgd
z<dMk49C7F}@E*Y@d1qwitF@eRU{sWji=b9N?AZ8pNZ=*1-RzwC`O#~>R<_xFw5Vr+
zMNvqlr-Hb7)tE50;o2RNc!k|3lv5x9<(8F!efRlp%1o+tx4}ZSiwI6pNK_7&7!lkS
z+%$ndhtEt6)We=diYK=hd0FW`8o%?K1=M8pmpK?jVmTGF5@!p~#jcs)k9EQ`Ih!wJ
z&LqL_p9nM+vzVjvuVS;?L{+jIBf#ZQRnWNBB>o7mQPl~H1DGHtHcm!UdabMB+t1dx
zc7s%oM!m0NE?uv-VbLlzruz5&41StPhH~p4B-&zxDamIV)FX4%4vwThv=PILvopQ*
zZs@zo-=F>*dP@~b{$011@}Xmh)N#zEQ6OCqL$-L0(BHcH2Rg0=KqNyra=LT3xvpnF
zjvb1arcmb#!+ZxW8hsd>!d_c8+Rg)Qk5q$(X&NC9qTk#F(y--%V(M0&gMfSMO#SBH
z8r&~#sTpmo4jtYUxfuLrIG5zb#6ljvT)bArw4G^G=f8M;Lw$c?47hFK>Uc!Kkd(dt
z&Ya&!BV(9K$Kj0!T)98kHer^pCQYaw(IJS(nzBiKl4^zhfi1R`_qNF&Ew!@%@DOMr
zU?%b41iGI3)SMOSdQ@3ZK6vuAcV(83ybU`^rbYf$xWP2yRksQUq`t8l<Y5|1`nv`W
z!fmbyzj_=Sn+l>+=QhdGmE`$cY+9zz?8b>j8P%XE95e^?uAL$qSn#T|WzUKDHrZnO
za*R+<k6_^x0<2rrIoez6#mL;ii6&_~TJ#8q*z37^F6iUDp6MF`V*E$lE4FVCI`3hp
z=L{al0@KjsTo-#@(0=Y(Z)RF{GKmMHAEo{Q!#raDCuao^T_2paz)9XsRaF1_rHL-5
z{Qhgcl4{deWzg*C`uj@+@9H~agB-Pkvx{NRZ5TS;bLe(Wz>D`0c$U_i5EN$na?hT5
zrT3r4tS&VFUEsG;A%L}P&ypN@uhe%spp7Q#(ZEP-i*16l2L25M2;(elgV??-p(V{b
zpU;%Gc{07ccoNM*n3YEEY>{w8+8$78H+{EAui@amGIqytqHyZ{hAjoZ@<LntqJm*;
zneMOzciW0Dn*jug7S;AyrCM$Q40|a=K1uL6Rf0A|VY6d|-w1&FvAfN!DnK%M*?42k
zSjG%%PS>PMF=qOa&oL=Bw7n9@1)tsaw=&iVFQg4nE3MuW&E{o|Uu=r>9YXzmZ?l7E
z>%Q%2XNmWY@nI`E+cQU>vn92&Xw1A`3shLmo1co>u3{%<8Zv)_5}y2I=C!Az-ddqg
z^BG{fh6rsm^H$p9B_U9%U^wF(o|{TK!=!%}x#$DQVKL_FeHbmRnr`X3Lz!4rmxb%L
z;FxJe+(s$cgP3YSJ|=2T@-TuK-Q$vOp;F#}87woSGSo#gtd+Zfxjw>>%{gTz<#nXA
zcPffP34N_<$R}Dhn%iDyOcej~ifXgn{7`B6Lb&812$S*jW6?uN0}PO}+?~-1?=yX7
zVj}Kn?^GeIe0cO6&ZL%_cNJ<M*8&SJI5D{eOY$gP2|e6$?rc6>Ul|BD?d}_vjPSy{
zNnL6Hpoh^x(N6xMOZ>0=ACTM4;F3<M=xM6xe{`}}gjsANq2{>G3^3g#k?%UQ&Uvtv
z5DllxgVM$L12?gE>dlU2H#=><A(b=i)Lrc>@5S(NAyw{o`I4JAv_9thQ_9nria7F;
z`X}Ya<b6a50vM`x3G9MSd18JAh+6{dINZP{d}gzorLtV|6jFCK8L1a|cP!`ke1c&W
zBzH^are>oKkGq(75!AWZB3c>aW&j5vBAKhjCX-Bq+j{c6k3G1O{MiOYQ#xGexGPkk
z?KN3aFuf-YX$~O=px*y}@ebobWYN%CVE_a00nfH<qBwvJUx~XhnvEF#X=ukrA%-z_
zE_?za(H$Y1q>taZ0~HI5BBiB#6FBFTQs_sPs;!|~QV#yvb=JZ~ts8TG&AXpcyCp}Q
zegf0DqGoT~joGTBnFm)B74Vx1lXKI_9u$G-7<Pfwlx9HY%|GpxToV+G(uGEh0B*&+
z8rBa`0B3BgBS;F-z=pRZCouwJJo`UJ+W#bumveOWUDL7IyI&5e8^CT0sGvYua~4u|
z^j>4=*2$lJXFXGSqdi#>GA>EAH?eXD`p+QE)`bsoKEc{VX%sV2rvTtd<m!|pO!aFG
zcLM_ScvWsd{cXx&0dTwdfo-7=Lm-a!*8c80FZ{(S{*_qKVc>8oN9*MZOw?G{0tNUx
zL)m$qvQ-CySf@<=cBVckTlKItwDi|It)b@#>IucjCqI*ADkGXxGpMX}a;HDSJxnxY
z%-_nJf$(A_u!of+N>x9r{QGZ4+_1iDk4QBY;FYzNc|n#lmoB&Pm+MMI`5~bJF=)Oz
zz=B5Saxbl_t&I6df7;9?tjLlvy#L#}J6K}*<QPm@aQm%-VJhxv8(j+bJIm6Y@oc$>
zt=UD2b}wUkMY|KmjvzL0A(ekI84Af${C#E=kOmb&!a;EiJ|y^pZ4|50A>4K6$eUHO
z)~pT?vj^lS*7JY*!2H~>u2h+BFjB3N<9~of+>!%6>n(h>Az!{(aJtt9jsOfuqLO<r
zbiJ*Sn7|GU(-|4QGZ~30kuT_3>dEp%KMdy)`7zHXnb%w9iYj?3xL(GfcvOGl^HTx}
z93>KSFiCx{;F1X-36Ei3?nD*e*p&<hnVW8yohpa?DySGsrE>xGl*aM4B@hXY3fyYE
zRJYkqK<SF5yzz#0$tQwWA;92X(*6yHiDxh46J8WS)_>3N2MC>%7Z=Vh#GpVZGRC2C
zbb&D`l!u(&QyLV@*t{y`CxRQJf(=!K!cT6AH5Mso14KOE1TC`V+mB_{WFr}oSjP-5
z5cb4r!rMBC07Ui8b5F{-6MCe`{<NojqECT8j4IF0CAZz@8{0o^^(Ohyj15q0jN2-6
zo$a1g3I!#fc=!^=5#=%@Rc!{95!lWI$;JD-#)b#8CzWng$5z{s?@WiNy8pmlT(WZp
z$0AEJeH+&%3y9wHe1R~rS661DK4?7KSK+Z<6(6t%zYhfV(@82uc=>umk$T7`fLRVb
zQYf`c=P-T{{yQJURSwY;mcNT>@32XI;MSWYar<RuIjZQi*18ew12X&6%jHIL=Ue17
zG`SN9xPY$5;D}`9tvieZaq!aE8g>Gz-)3h4>b>dm)wK(T8hU3w&|cXVuf%ykhXy=o
zd$z%xZ$m%$hkx9Cb0(e|m9Vu5@jW4!A)PbSecR+G;S~Yb*v6K9L()PIym#t)NS}Pf
z8s*4LfdcrF3f9+2+SRsA^G425N;dNy%hL3H;j`8JrOHeB{}yLcBRp=ebV2ST*tsfb
zg)F*p&2COJp#^p=g#G5dPDM73cw(@l8!|T77iJXQ&25?N^)_g`HUSVeRPEIdBB1UK
zi1?A$<;i^xBg)PoRsQ{EQLn>BF0%WUeR)35>dJQXewQA-bE|j?yJ!!FPDMbTz|Y^`
z86rSf$)>y5Oy@mL1>VR$Gw{nJaoqiRNgxq7kJIPwF4}HNK!G%*!>atIS9T)t)8miK
z1px2Z$lN=&mJSVXW+txyPyH=&P|%JLUS`K?Ao1P17*M0kA3##Lk|Bql8{&1>5auY4
z1?D3hZNCSlM<Tk}JyPXs@W?5EAKa~!$K_5ZAmN$AUZ<2q{jOF{=V?}+_m6RCGEPXV
zsE6u{ZVj1@b|-BW2(Yr~RqLAChvW&!4ma|2863+8UK#1nXYtiW$u66L%exzaCYlUr
z%EO>GblQd^-u1A<u}?ET5T6=gwju!z-mFV&?ebpjh{rN~o_#cSojzh2ke`NLEXyN|
z6)|Pkg%K#Plt~er)Z{!j_VB@=%D1O0T|1?*itq*1`d2CXSF|nTOn}TtgN=6pl!Vkl
zm@;TIcEgorW-SLMS+{cMDa45!^cV0n)zpPSTEo2B)Fv~Iy6WClsjVw_i!|=|&C{vB
zX>%B`D-loDY7a-A-T&qb#NT)ew(WNE<3RWdZbRQ0!O18t3#-*-DSoy8pZ;5#jY^A+
z(wv64;)Otmmb>7-S14zhI_-k1l>ZM8_d#NQF{|&aDm;IEzBe}JZ{Ujt4@Xa&h=@gO
zZ4FY{lDMqXi)du1=$Ovp?Xb$)3OdJK@4gI;4Ms1%X6L=D8EbW`gobXQ#uK$)SaceW
zjmh!iNbwH+?X)kbQIS)Et%2wzDS58gT%?G%o!?0mHKc7v+BGBQud}4T%@xEW&GiW0
zDZPK>BG#>f1s{H+OOpn0kj6KW(`j*QV2OAw=>T@hv>UI8_Z5<Y0%{)59Adu@M+bO+
z9QB5bek1`1j6<j0e^QD|`MWz-Gul7A0cb-#Wb3?$>&M=>Y`n=7uIAllFrk>QS;V8L
z8DohHL?sJ)k=H{P>P_>VM};>u*-A@Ng?=85l#o)!VZp|p$oA;tpJtBw8XSLrlK7G;
z^s<KQ><qKyzoDqmfl@I)!T(<`^|{G}F*naGEX=35jkmEqxKHa7l~b)}@$%0QY2M&p
zTny=Vgbq~z34H&dm6|QL7pMlW3Jq)|gU+CPjhj#oDFRIYaUcfYBEQftr7oUaW6X^M
z(NHn6BPHm3@B+sFZawk*4ickY-<&s!P6)SMNl>MfS#xf*d{R_}R@h;yJ^ct4t=|!e
z;aW}NG8rv^U2QPC61YMG>&<8mDIQO+bp}qRF|0B=4C&Z0x4g*Tk_AKS3gR*hC2K1Z
z0t@V2*$)^jW}8qNyY$%2Z!IqM-y^It&)IWk^ljp-xvH9Vb)y>8R!CPV|3Iq;yW|$V
z38kwdXGM;@<{P8fNs=4tu!6uNYS2=qaX_#<2`2Ua37bGO3uDw;QURkZIK~3PtS#Se
zHmr&1PeQ4EDsp&*dHpbp<%kIQ{z6iS1G*+F3cAwkjQ}c#ZTUq_k}{K}HRSF{$6?uh
zSG8C86O@74qmWub3VjLhz}3h|Lma+(F$rbKa*$O#?fk@Z(sD^u)s``om@5U9YU<%`
zk(9Tkq`MHJTpH}z{1r8GZ3aBGu0Ydi)t2ayP*;wR`-<Byf{qD`6I`bF$fH4uXGi%9
zfFu7@MQXc0ju22wCbmAa@u&dQ@lqCa)Ll<|Jkn&gnfi{1_xX!nx-#B`a>R1KK#kdZ
zAfMc72|eqXq`9p0M_6YMecj=#rf$dL@=`nk88k<2k-<qdD+nmyi7nT8`T<;=|0DZO
z%?Uf94;r(g%u>IWYA*KoY6UVkN0D*hAXBC7b5^(j7$=P#Et+DaAJ57(b1T<%(<6|;
zUviYGOBHPW2kDrDA8)k@TxNuj{S<KwJXOQ@&&s|P?$K3%ewdS>E|XpAy5XF1|H|%*
zw1=tcCqF24mG=>RZ^MY_HiV{>HRK_~3LGQ!QU{gjB2X^L)5$y{J<CTQH;Dl}hCne<
zHCyf~pNS{exF6ZSf)~4|02hYd$okYmzPw!8TkWS{9uIt~zcNQaY%@To=Kjr3Ow<kJ
z1DY>ugi2m=2f7*gUP{m%%qn>`wO#8`$`gHhfQ%IN*FN@FuuImC&5__qQOTk`cxOGE
zCJ6_|v2CwN2y*=V!U#r`M``O_<dw3HX5%~~H}P@A0J#6)21fG)jdd94%!BYyX$gyk
Kd<%Km5C8xIr}^Rl

literal 6688
zcmV+*8sFtoNk&E(8UO%SMM6+kP&gnA8UO%rdjOpQD%t_~06u{(jzpuOiznh19s~k<
zTfZ6pTd`Qp+!j>v&k;-q;N<>USA)weVsrcQ*{GbS^RLU_&hw|hzn2<|`+LD(c2?>C
z1JGaEuf6}x@fiMR(@(WNkAHCa5<dz4zxGeyC;9L8FZmwLKjQw@dPV&k{ZIb?@_z##
z%)h+v+KruOY_tqZiLq{eO^b8#Y+Ij{4Dz(I)=WKrOJZOp-{+NmrXIhgu+L?)V_wNB
zgrqLxfm$vt)TvwS#X{Gjo6pBnu@W7A`5>&T@kF13hv&P$MMO%BJ%3AKxa&P+!?ZAj
zSN+?fC9GI72QAygg$pAi_WOY7)wdDPT^JxkDYGCt)OP49F!lW{hU2XDlMd}{hcGTY
zyTVXxVXUp&m`c_<Q$1@hTX-IXtgMZdd11!^SGbovtt|DE4_ap#Y%Uf21byrSm(-RG
z^E^@3M1JuCiOwLkI7p|&GC3hJYLS+~>CXf8S+WAIzB{avf_!HN{49&~^hqs-<E-?b
zzB?5QszMRk(EwYqspGeQEr0F0cXdX_M1ana!I~><^ZuI-=h-~8Oo@1%{bJ3FaAB*#
zi>Hn3tXQVRts9{A_#OaLMrZ*Pt{p`Cdli1*A$%`S98c{iT_JRRwS-eHEV;O=LJUqW
zzG<po@+@M-y>7{S(g+Y8+YwR0F4j8FO)f}cp!F${=*Q?-H9=7-KWB_)$pt^%)@Z{O
zDzU$eiEWMbkq+m=v(q72E__ErTt*RGmY6p?4_}DDiXb)j?vv;NoJgFq84i0W*-Sw$
z4n@fcPf25PWgsDyA1xV!SL5#^(5b<AE|O%v;mmwuje$PaYs6O%^pW8PL(0**4=-EX
zNT@3lb$^e`v%s}UlrRmI<aE%WPn$oiJMQ=b44+e|H)l*e^oiM%PFVHKR8Z`vB^gck
zXAk*3&x$e?0)RB4$Zb%2&#J~UVm(*1n6YmjFP{ZMD4=Wyyc6i5o>q;}ddOzZ37!F2
zp0hzdzcBOWIz08DFn3o@nw<iy|5`Maotgyqyw;*gKtMtu7t1xwL@SM<ZWJ@nNY6=`
z#U+@z7VjPuJqvdJbQ;U%6NMc3LlfyuWfp6{7TT7MOOa3i!AYCT3yZQP*+p)Mh!D?D
zp*oN0*Z3fhT&(9qB6cpOfgK<=VQQjNhRh2oCzid35;%#U1x*=ep}F@E#;2#4+bIME
z?IYzbb`noY(glNXo&M@oQp*<c0(n1w6*3yfxmGc%E#<9+QK5|AEl^0WEv)P#pJr*T
zWW&D#U?tz@m8G7tVe9%^69D)M($85i_5Cf0fR}%sR+Z2I{`iQ10000~aV>NakM*Y_
z(XXs*{*7Ez8UPC(e)<JYpXS`ylYXm?jt#53D_?KxrbtN|_~nX)jvbB-Ev&8q8p(Fg
zJH$bn>E4;hhuFhRxTkSDKOPjQ6<4o%@F{L(x_zo)M;p=p(UR{DT)%3^dT|++x*O<i
zNuSE&GdqxE6{g9A|Az1Dw(LhIZ6nD^#>_Trp?3ojeYe&AK9&imC)^B}rh@l;gf!7*
zR2pTGe{IN9yuFolGrlpr+eSQ6giaZlX9+R;8)IKC(@+~Qc4)p|wcDwh)_wovK7E{E
za}h1hPQ+)%Lr&o6BN%U7G$I}z72V5<xdRN@7E4u6eb!S?ntFpaL~0n;12rgr7$gc*
z!P{MZF3-`sd!jyLhLw8f^jT}^#{G?a3YA_}-G@$U0Y;6sL~mhQSpj=e3_^S~j{59z
z;OEhH(p*yfxHOm$%_URgxGhe=-##cq-80Tb&&ZsAMxC0Z@wIeWP3imE;N`bk>dnEd
zo)OOS>iXQ(hIDzM;YKK6sq7R6wC$5nld$;5bX?<El@xZ`NHf$a#gfr;_@@NkqOXoS
z%hgB(7V(oqZx73vma5iz{qN;^JHqSU`^47ur<fNd^ngX8Q=Z+vtS+@stl%0^78S5A
zB4=AF|3bwQ_Az0o>`R2oipg6b>5DKL&7=Ph_Arnceh`TqSLckMrXXCdJZ+E0lIgSo
zWfo^)EVHe9D~g@ZTueL*0Z^oVKIob2KmtMc^+nkJKycDbY1(PzpgT!K?V$K>uQ_x`
zx$m6p6naXbTeW6C{**n5$UX$e7^&HQh=I>0tJU(lLqi2BBAS~4?TI#boau&{C~gt3
zZBpjC=aT+qMy-56Xr*!>`z_Xha&|>Bg24`GD^r`Df682%_URd5vGz~?O*Vw}A{de9
z{0Zchd$j$D4gdJI^FI*)7G_KD2B=R~*=Vj&gv5CoBAneln3Kslba1HMXS_XyicsnM
z9hTcJR5Dr|d!urtQW$WF1{JMsu>K?OkyDkK_2)f|ciDJEZnn;qj#1jzE%Fys^5+nr
z<R?(SMCSEa4O(N$2BDbm8QX?eD)m!lSYwFgrCi7QY0e&H^=-&z9(KaD=-{~J+kkb@
zVi6qSGEzRb5Zv;_v!H<U8$~H1D$~OROINDmc;J;oWz;J5R*Mh~8sQlF4cf)MUAO=M
z9jAk_yZo=WSKo>2+UEbvito>@qBZrr(3*vyaYbXb(wxr(sqQ`nijmKseknNPr)XZA
zA(;RJN-(X(Jhy<LE+)Q-M*`U7-G<``8pXyc5I=W8bqB%tW9*aVO+Gp6=vAy1j_kzu
zB=856IE3C`5r|aI<a+%2RJ=kiM9Y=|`RYB`%K+ts`g3Um)n$N6e}9=bs|{_nTs(!D
zvF>*T;ue(ibjWGJq`s_7Xj(@(Q|1_xDDzfw%j4IXC?xL~eb>qF%WkUAQ#+iC-1R%$
zE*<r<oF|Nrdht~mgc$qBw3j)AP@ltIX(`j|Q~+|P3jI5gZRx3=i?>$SC8BD{+O9#R
zz5_oGKSRc>wIvNdEKP=Hc%?_HyoVLH<sWTlzc_=PFUXO)mDTo}V?@E%z8VN6bjMB3
zXInJe5fn*EAuu3*RZai_drBcot@+G%4Q48QW2ga&|4VDVOOdFl`?+j7tyf2^GJV@N
zz_R5nSS9yH9CDvj-;UWw{%P)sT7?Bi^B?ju;?<E3n9A@CNVaD*KqnEZbri6LH|*d^
z*^EuDd5xm;m6gTCjAND<Dq}nQs0csjI&UC6C~Hkyt@IhraW9OPJmE?BM&J<jv^QVm
z(DII(?I4EhaY&F9>gS7c#XRpuh+k*kn?%z0>A^$vY3zJ16!H5?5=PtqjxMa@x`O`+
zatG;SR$mSAs%eZ3ZfMKD5A~>bMu*WtLaSad`<tO|s3fAB{EszC#o2ja%%t(}-mnq3
zKVV)626A@y!z@a(Pe6Fu_$87#;o=-|?3;EEOx`+BY?XWgOb&DPM73M-_7b+29Dl9F
z(zi!ECL>005Y0S>Gwg*>r|-)=r|W;4)>*g<I@F<^H~7tYSU<ESHTo0c>MOuGAeJ`R
zp4G;h5+zDPgIo`2r~;ErFm932OY#Y*N+kl|%7m^Q=fSLvIgHJJlX~vN22TDonc{4P
zJu=xPazA1SDqdgdqc4g0EFr(Y%T4#lxR-pE7+wg5n6)atPKH4Zn6+3O<Rm<YU{zr<
z?dgUZq}G|BzCRyLWZYjinKDVZmOWsAp-Y00qib%x|I!=Z0U@QB_!~fE2&*YILe^7-
zTz#aaoGu!;Gin&n9`GUoJsaM-rxSI6I($q_ZY}!6PK@Qe!dG?#cN_>V#_JfR!=JXS
zK(D#*D#-r;2bo5!a2jx>3D|zK%<{NBLhLQglG~VKCMHz3X+mx>?S@xEBCcs1aSy%M
zHfZ2pNa$&Me37(tBHw!}`c#BeMBW{gMe$@nh!gH0D^ociu0?W;07%H3WHH-mXd7}+
zO6j2Ms>G930jSul#}8l3Kg1>dsjLMG%6cDBh1b3+t+>1uVR3U1d#JIb&Rv15nAv-e
zNA-u`^VXfFqbTP8R;hyCh~v3}J_u<!7f3+@oJ&0#2qU@gY5QhMiV&o!2fd@>rknIr
zPIPnrBAb0g=-Z$F{lb}};IJ<8Bl~al&LSpko-2UZ9rRRb*r4ggWo0kLy#9I@n=i+C
zlLB)L1<dF|3jV!!A9r)y&I|kX_YM277$31pF=VEmn?QVzv1>PfIi2>7*?A%#6j(=8
z??**?uk#!u+rG};b8QjqMt#!h|A;O8HIALF=~+$|tn_zmiFqmQCdbs?ad}ybz{JE=
z(Z}dE<0~8{s7cOR0E5##GL2a4iAZ|hu})QjCn`t~KbntSX&VT8dH`%O>X;M?{5V|~
z|Fb-|@}jFw%uEu)tpbdDeQ?cTW64G%zUoJtKAaRll<eew9N-4fB4mqRV1(n=8FRd+
zS60236qS8zB4u*A{~E1gCa-r`$~B>@S%JHG;oc>?pEFnYDj=A92`8eg`pw+pIk)BY
z=hlQ}Cn|#GISuN$-1B!Hyt)6Rx9oeVZ|z0}10dj|gbG;ZecYecsu}W>4GgR)pT5(3
zcdVL$jUsr+z6lT}L$*9rLM$#HK;1&BK=V`8G|iuZZ{JJ1(h6(Qv&oh&EbF+gMYOxl
z>Zi@Y*fLTy4F#7WqzWF50L4}4%?7t!xzT&6yaFoBIpVMe0F^r>@A79&CB~4y5x4j{
zFSJILij@`7OkJ90VGjcVXW#KYyu^!QZGE`VCv0s+&vfV*2R>M-X@34v7qmL2%**ik
zINF?AR?bKh5*N~Ao+wj7#&zSeir99xTN1Vj00^S>5H7-91g4LJy*-aXYQ>c&tVtRQ
zfj7vHnE(Kj$sRO0AF}CVbbR&91I-9LTItZ{V3!DH6ntbh>hSTm8N55@s!3ngUn}0s
z6D<BEEZls?awr`Fv3Aruha!E*f8<La%FcXd&-%a@_W!RqZiL2teu1Q=mQi_jrpf6r
z`DwIp9emUK@&&;73sk2v*t)`mVnN@ZeVpEP>ky3{G1->XrxgR=-V6`~nmU=`9L>yp
z|JdF&8QBKwe;T-L^2mfF5(OeJyBM>+KmK|LHkft*Fw36SgeU5g8m{sMq?1r{T7lB&
z2gnU|FFNiR#}weq-|EfS9*<8VBq7Pr5Zjn|)(#_5f5V_bZLg49^(`MIzXKp*<(O2U
zFXOvy1KzKXqLi+%r;txD!Gn^`rIp3N;ab1)E@j|jwJ(5?i3+&H@5JaNmGzXfF)_gu
zV0DIpDcr0qx<K|sZ6p)>SX#$^w3n)l{IA!C5a4G7^a|<s?Dc9f>xMzekgnkEJEd|+
zyt4pm^B0AbDVAKWO3G-tD9mB`&BDEB-I*fRV&Lk~PcL`X{7S@?1u{J^EE{J&S@oQ%
zEF*XWSbY?q(R6%STyoS>0Ib_s37PyXd&!Y&eZiU{|1tGlhH_}(gyjt3gjW5HH_Aub
z*vQ^Cr2U|gP1{)MXuPl>E>lRFRT79Mw37g>+=09Y(~XyBor(ugD*r$u5RnG04-nTJ
zv3>rP84MZ<5I4g6@e1`fLb%dr=%8UBg>^qNrRT}v@0?5_gLht6RG6f;;larda;Uu!
z1>|NyZ~QUB6_Q+xYl~;(M#N0>U*gBmrmv@@bYhbMvnWa5$;7)zw_o|$K+?}aA|Di=
z+0+2@^A<V!4lTDxUlaCYz2B@a$>MS!+osH{3LVyqM^aAM{MHelE;f-<B!ym~2P(ws
z9{F_09Dng=zrB!fQ%BAj9`pT6&z~I_&~|Fu#k6kJyms~8y?e(h4?aiE#<qX9-CxPU
z>>Gji6SbAT^8fj(E9gRm0Xo@cgzLFP=Zr$64@*M`(iGGb1N9u?y5@qfRQ={V&9=8V
zMA6PH$FN30M8sR_Jkjd*O{Fk_y%)C=^bb5C@E~%Scpy_&ZqEpAc}q21zzhj~KU{Zu
zeyeOC^LPDyZQPxbY38!0I88g=ln_drkTQ)kNiu!_){wDj*z#Mlc}L%8-nD~I(_QNh
zD`FUh*|DJu#vkCb7rrSD(rb{*L;Ul=Q~Xg*(eaELSTqN~#Nh5bd0#DnF?;XusCAo$
zb7H11MwCasUQ$+nh}EL!%0dR<Q}UyD4(^c%H8<7LkW+on-1mgIV_gYxTAN*4@ZlCw
zHN#J@%(JGcEc3siHNc&ufwHP|<CYlzO$WaPfjHXBQkoyzF;PPTI%G7Cnfmg^6}KTC
z;a(=9CkY)E=LbLcUD+BN!Rm85nq+Rvi}ZA=2t*I)qZ0WF7ShSB5zCd9Kyh^7I1R#5
z`YCqYUJfRh4&Q{dyk+2A>>yJ1&RJO4euM(`pYg8y+_ttpL65x4mZuOBD^rawH)?7$
zM2?XEXtm|$)j$P%Z?Gp`YcN11LG|TH^&v0`wQ`NWsDKLIKIegzrAB^~!fCQQalBbc
ztsfitDI1e$(_!p>opXp!H*cJ|(eV4PDt3t^anLyQfiUsZcqZo`@Z^~t_1g2W17D}v
zv@SKWB3yxTxH3MKsddI3k?|swA^Xo!dviPQ-)@qoHc=iyL=R0LOQ~L?8`xE<6<yk(
z({{g4r?t{;sM#_twtzt31|aPP6_TcA^gu@s50LU)l?r$ep&CJ-#qD*LEM4JoMb&zZ
z>{PMYOa^9sB}iAPOS(_TZ>a0s>CF{Kh2wKquq-tEDTJF?J`RUOC>o2DDZ!tWMOJ}B
zB5bBn*yNfxQZlW{s%hqPBH&;?fwxa%)}6P7r{FZhCqris$fVEI9*<_H@1xD?lt4d6
z#FEBznV{KjOW7`svQD!JA^#VRKS(jM2U)Gzysd!vk^3Er_7>62bngIuH7J#-A0?Hm
zbQpJ?Ty-ohhPl<aue^8=O85|4eZh+fFk>WqUI~Uq)^6`m@tmJpU$fA$C*wjQY+~yq
zz8^s6Q0QKJF3HLxyZzb|nz`i$-P_t@<zX5apslMdhO(=EN#s4EM@`Q5N|^zrz25Sc
z#l2n81E0bhYonPi6<Jh2|Lw?5dS|Y1l%Xb0?_VE2SekFQPe#m3U!H~VH>}`zl@3yp
za|8>%a_&ETQ?Xk&PZGVWhld@M%Na6ub(d|s5aZ%LVx}u(W0VG0`2DSf_1<e)@%C8i
zMPvW%1$srU)D~+lUK>)TtV{#Op?8LMosGMQ1dNU|nm@gUp8tTFnR{`OIRwq?39TA_
z`1|2wo>k`1hF|hVA`GNzHI|};q0i_dkQZ))ppJ}KQ$yy5e-S#XmYO5Vq{LE6mCd60
z`$oRN#mbR|Xu~Q@e?+^7n<E-puPaoqx2=#IP^B4<<{gPB)-Y)B?zi)?;WD^OCdan7
zHCvX<uh_{KyExYd{Ej~*&7`5dg6~Eq(TG3f!i=3$@J=Z$T64Q!*5Tbk8mujF)Kq1H
zcAG>MlL$&EDr(I^$zYH&PHZ>)`E2<^t8Qmu|MBg{_P+zr?~iBr8+~)L9wS4kG+jF(
z#``q!m{VLT_C%nUV?C+r0A3lERFxLFjyl1DyGHRk38W5uqa6ET0K&xQ0Qr~I!)C0+
zs}!@JvMW*6ra}pO^G~7&)D$*d@=j1^&3bYmj*Vg+0al|{A!#fwZ;rJq+Gq#kYS1=m
z)2h6I=8M96h;YxmH7`7T1@iTkDyghF1}fvb_#QX=tAK>BE|rWODK#hx9UyH~G4EPC
z3&iLv%%9*O!xAHON~b`xuKtDBjng7Pi<>B6f+vEPmuaT|s*Vm6ikJU>OY1KyPnHMM
zrtGMzZ_lREIycD;zu|}>@ZJb%ZHUdf26pg4DLh<*ayLG&s{Of~=OkuIhFA;BW%p*s
zuZU$j=S5|S?CSt%e$cq)e_o^_+!X?_bb9-wou~#l@VeLNGuwA!ze#kyPEV*v3IWSe
z4*D459hEsW-k1w}%h_EZcor-)PC0Axn&6*iscu=-ck(;B?}VrB<~m<2*$=3)%r5OE
z`Gq?dNsjIkpBlkyPKfz%i~XO9CI+Ypf`jgprRP0S9xgWFsrkUei6;A$OB6l{(F=$M
z2Bgsv%AXZ%v`5{nML^dJcL)boFO4_wu_I%(SZ4%mlx8+ECmJ=uYDZw1K|O)09WgTJ
zkaQP^U;71mswSv^s|hjp8*>`-ILIh0JNGW&?}!3`NG!t@hzk!=-~^Pp{$kXZIC(@7
z=J?ek{KYFyD>iSsShyd*qtB(ULt*0rZf`_Y_5P@~Kki9y@VlG~cZlfpvsXydfgs-R
zE*z2yLpycT<D$0b)>K75oaa3LlNUw1nveE3TVzuK%0d&L<<A%&h@5ovOm|onYoX?6
z!-inlEc!hb>cNYMA81v`9z7x}#iN;)!-&6YS{Sy_Wbpc{e*3ylrLt2*(cOAyS7w|`
z+~Nh{Xb=fNSapGi>k|_vf*gU^1WOgDr&z#P(7Z76fXS*6o!w9ysT!pa*6Er@9ez%F
zOTqPZ8bEX>@V^FfEmQQlnN?p%OqLLPJIxvIX>gKh1^7aMl5D>H^6$q?d%d$H&oy>2
z9h^VIeJyR@8rQ{j2o}u9*I;aEUfCKE4ub5FPzwT5m8ahoD~SMbYL7DGvzv}nHYhMF
zdD|?#b-1T^7=K3K>F~7-{PKY&>xyRkcEbilj=*Oy=dGdMrEzx@Gg(J~nw+k@e8G&~
z=-8)YRJsKWqSB!GnxZJe@|JTJHz5=@Xn-H&f{y|N2KI(y2c^o_%|h3y{QssGMj!~i
zsG9U2WiF4upfPWZNvXwtw<6lo_Xw)h-e+6+Ai9HKz-hPEk?@;a&2u(>6LyV&ji2WZ
z7<L&dH(Ovkq<G%<LQaPKuA047Qk+?bpuhKpYy4cN2JhI}@<vj?fW@Gu_+i*@G$Q^k
zb26ah9jkY&0mt#pFANj;IpadZqxsci?}#seBeYjD_~PmBl0;%b2P}tA20q&J5^`)y
qP3!4Re|t20o7Z@>wnPy?RkwC{KbNtb<83J{U^+Me000000000TTnr-s

diff --git a/docs/pandoc_templates/style.css b/docs/pandoc_templates/style.css
index 98320dd..38d8a57 100644
--- a/docs/pandoc_templates/style.css
+++ b/docs/pandoc_templates/style.css
@@ -45,6 +45,7 @@ td, th {
 	text-align: left;
 	}
 pre.terminal_image {
+	font-family: 'Lucida Console';
     background-color: #000;
 	color: #0F0;
 	font-size: 75%;
diff --git a/docs/setup/contributor_code_of_conduct.md b/docs/setup/contributor_code_of_conduct.md
index e7d89bf..9189c3f 100644
--- a/docs/setup/contributor_code_of_conduct.md
+++ b/docs/setup/contributor_code_of_conduct.md
@@ -73,9 +73,28 @@ Login identities shall have no password reset, because that is a security
 hole.  If people forget their password, they should just create a new login
 that uses the same GPG key.
 
+Every pull request should be made using `git pull-request`, (rather than
+some web UI, for the web UI is apt to identify people through the domain
+name system and their login identities.)
+
+The start argument of `git pull-request` should correspond to a signed
+commit by the person requested, and the end argument to a signed and
+tagged commit by the person requesting.
+
+When creating the tag for a pull request, git drops one into an editor and
+asks one to describe the tag.  One should then give a lengthy description of
+one's *pull request* documenting the changes made.
+
+When accepting a pull request, the information provided by the requestor
+through the tag and elsewhere should be duplicated by the acceptor into
+the (possibly quite lengthy) mergenmessage.
+
+Thus all changes should be made, explained, and approved by persons
+identified cryptographically, rather than through the domain name system.
+
 # No race, sex, religion, nationality, or sexual preference
 
-![On the internet nobody knows you are a dog](./images/nobody_know_you_are_a_dog.webp)
+![On the internet nobody knows you are a dog](../images/nobody_know_you_are_a_dog.webp)
 
 Everyone shall be white, male, heterosexual, and vaguely Christian, even
 if they quite obviously are not, but no one shall unnecessarily and
diff --git a/docs/setup/set_up_build_environments.md b/docs/setup/set_up_build_environments.md
index 6ce316a..4f307f6 100644
--- a/docs/setup/set_up_build_environments.md
+++ b/docs/setup/set_up_build_environments.md
@@ -9,7 +9,7 @@ For a gpt partition table, sixteen MiB fat32 partition with boot and efi flags
 set, one gigabyte linux swap, and the rest your ext4 root file system.
 
 With an efi-gpt partition table, efi handles multiboot, so if you have
-windows, going to need a biggger boot-efi partition.  (grub takes a bit over
+windows, going to need a bigger boot-efi partition.  (grub takes a bit over
 four MiB)
 
 For an ms-dos (non efi) partition table, fivehundred and twelve MIB ext4
@@ -30,7 +30,7 @@ And a gpt partition table for a linux system should look something like this
 To build a cross platform application, you need to build in a cross
 platform environment.
 
-## Setting up Ubuntu in Virtual Box
+## Setting up Ubuntu in VirtualBox
 
 Having a whole lot of different versions of different machines, with a
 whole lot of snapshots, can suck up a remarkable amount of disk space
@@ -66,18 +66,19 @@ Debian especially tends to have security in place to stop random people
 from sticking in CDs that get root access to the OS to run code to amend
 the OS in ways the developers did not anticipate.
 
-## Setting up Debian in Virtual Box
+## Setting up Debian in VirtualBox
 
 ### Guest Additions
 
 To install guest additions on Debian:
 
 ```bash
-su -l root
+sudo -i
 apt-get -qy update && apt-get -qy install build-essential module-assistant git dnsutils curl sudo dialog rsync
 apt-get -qy full-upgrade
 m-a -qi prepare
-mount -t iso9660 /dev/sr0 /media/cdrom
+apt autoremove
+mount  /media/cdrom0
 cd /media/cdrom0 && sh ./VBoxLinuxAdditions.run
 usermod -a -G vboxsf cherry
 ```
@@ -209,14 +210,113 @@ mkcd() { mkdir -p "$1" && cd "$1"; }
 
 Setting them in `/etc/bash.bashrc` sets them for all users, including root.  But the default `~/.bashrc` is apt to override the change of `H` for `h` in `PS1`
 
+### fstab
+
+The line for in fstab for optical disks needs to given the options `udf,iso9660 ro,users,auto,nofail` so that it automounts, and any user can eject it.
+
+Confusingly, `nofail` means that it is allowed to fail, which of course it will
+if there is nothing in the optical drive.
+
+`'user,noauto` means that the user has to mount it, and only the user that
+mounted it can unmount it. `user,auto` is likely to result in root mounting it,
+and if `root` mounted it, as it probably did, you have a problem.  Which
+problem is fixed by saying `users` instead of `user`
+
+## Setting up OpenWrt in VirtualBox
+
+OpenWrt is a router, and needs a network to route.  So you use it to route a
+virtual box internal network.
+
+Ignore the instructions on the OpenWrt website for setting up in Virtual
+Box.  Those instructions are wrong and do not work.  Kind of obvious that
+they are not going to work, since they do not provide for connecting to an
+internal network that would need its own router.  They suffer from a basic
+lack of direction, purpose, and intent.
+
+Download the appropriate gzipped image file, expand it to an image file, and convert to a vdi file.
+
+You need an [x86 64 bit version of OpenWrt](https://openwrt.org/docs/guide-user/installation/openwrt_x86). There are four versions of them, squashed and not squashed, efi and not efi.  Not efi is more likely to work and not squashed is more likely to work, but only squashed supports automatic updates of the kernel.
+
+In git bash terminal
+
+```bash
+gzip -d openwrt-*.img.gz
+/c/"Program Files"/Oracle/VirtualBox/VBoxManage convertfromraw --format VDI openwrt-22.03.3-x86-64-generic-ext4-combined.img openwrt-generic-ext4-combined.vdi
+```
+
+Add the vdi to oracle media using the oracle media manager.
+
+The resulting vdi file may have things wrong with it that would prevent it from booting, but viewing it in gparted will normalize it.
+
+Create a virtual computer, name openwrt, type linux, version Linux 2.6, 3.x, 4.x, 5.x (64 bit)  The first network adaptor in it should be internal, the second one should be NAT or bridged/
+
+Boot up  openwrt headless, and any virtual machine on the internal network should just work.  From any virtual machine on the internal network, configure the router at http://192.168.1.1
+
 ## Virtual disks
 
 The first virtual disk attached to a virtual machine is `/dev/sda`, the second
 is `/dev/sdb`, and so on and so forth.
 
-Be warned that the default debian setup, when it encounters multiple
-partitions that map to the same mount points is apt to make surprising and
-seemingly random decisions as to which partitions to mount to what.
+This does not necessarily correspond to order in which virtual drives have
+been attached to the virtual machine
+
+Be warned that the debian setup, when it encounters multiple partitions
+that have the same UUID is apt to make seemingly random decisions as to which partitions to mount to what.
+
+The problem is that virtual box clone does not change the  partition UUIDs.  To address this, attach to another linux system without mounting, change the UUIDs with `gparted`.  Which will frequently refuse to change a UUID because it knows
+better than you do.  Will not do anything that would screw up grub.
+
+`boot-repair` can fix a `grub` on the boot drive of a linux system different
+from the one it itself booted from, but to boot a cdrom on an oracle virtual
+box efi system, cannot have anything attached to SATA.  Attach the disk
+immediately after the boot-repair grub menu comes up.
+
+The resulting repaired system may nonetheless take a strangely long time
+to boot, because it is trying to resume a suspended linux, which may not
+be supported on your device.
+
+`boot-repair` and `update-initramfs` make a wild assed guess that if it sees
+what looks like a swap partition, it is probably on a laptop that supports
+suspend/resume.  If this guess is wrong, you are in trouble.
+
+If it is not supported this leads to a strangely long boot delay while grub
+waits for the resume data that was stored to the swap file:
+
+```bash
+#to fix long waits to resume a nonexistent suspend
+sudo -i
+swapoff -a
+update-initramfs -u
+shutdown -r now
+```
+
+If you have a separate boot partition in an `efi `system then the `grub.cfg` in `/boot/efi/EFI/debian` (not to be confused with all the other `grub.cfgs`)
+should look like
+
+```terminal_image
+search.fs_uuid «8943ba15-8939-4bca-ae3d-92534cc937c3» boot hd0,gpt«4» 
+set prefix=($boot)'/grub'
+configfile $prefix/grub.cfg
+```
+
+Where the «funny brackets», as always, indicate mutas mutandis.
+
+Should you dig all the way down to the efi boot menu, which boots grub,
+which then boots the real grub, the device identifier used corresponds to
+the PARTUUID in
+
+`lsblk -o name,type,size,fstype,mountpoint,UUID,PARTUUID` while linux uses the UUID.
+
+If you attach two virtual disks representing two different linux
+systems,with the same UUIDs to the same sata controller while powered
+down, big surprise is likely on powering up.  Attaching one of them to
+virtio will evade this problem.
+
+But a better solution is to change all the UUIDs, since every piece of software expects them to be unique, and edit `/etc/fstab` accordingly.  Which will probably stop grub from booting your system, because in grub.cfg it is searching for the /boot or / by UUID.
+
+However, sometimes one can add one additional virtual disk to a sata
+controller after the system has powered up, which will produce no
+surprises, for the disk will be attached but not mounted.
 
 So cheerfully attaching one linux disk to another linux system so that you
 can manipulate one system with the other may well have surprising,
@@ -224,12 +324,24 @@ unexpected, and highly undesirable results.
 
 What decisions it has in fact made are revealed by `lsblk`
 
-So when you attach a foreign linux disk to another linux system, attach
-after it has booted, and detach when you are done, to ensure predictable
-and expected behavior.
+If one wants to add a several attached disks without surprises, then while
+the virtual machines is powered down, attach the virtio-scsis controller,
+and a bunch of virtual hard disks to it.  The machine will then boot up with
+only the sata disk mounted, as one would expect, but the disks attached to
+the virtio controller will get attached as the ids /dev/sda, /dev/sdb,
+/dev/sdc/, etc, while  the sata disk gets mounted, but surprisingly gets the
+last id, rather than the first.
 
-The first partition on the first virtual disk is `/dev/sda1`, the third partition
-on the second virtual disk is `/dev/sdb3`, and so on and so forth.
+After one does what is needful, power down and detach the hard disks, for
+if a hard disk is attached to multiple systems, unpleasant suprises are
+likely to ensue.
+
+So when you attach a foreign linux disk by sata to another linux system,
+attach after it has booted, and detach before you shutdown, to ensure
+predictable and expected behavior.
+
+This however only seems to work with efi sata drives, so one can only
+attach one additional disk after it has booted.
 
 Dynamic virtual disks in virtual box can be resized, and copied to a
 different (larger size)
@@ -259,7 +371,7 @@ but not mounted, as `/dev/sdb1`.
 You can then shrink it in the host OS with
 
 ```bash
-VBoxManage modifyhd -compact thediskfile.vdi`
+VBoxManage modifyhd -compact thediskfile.vdi
 ```
 or make a copy that will be smaller than the original.
 
@@ -281,13 +393,13 @@ create a fixed size copy of it using virtual media manager in the host
 system.  This, however, is an impractically slow and inefficient process for
 any large disk.  For a one terabyte disk, takes a couple of days, a day or
 so to initialize the new virtual disk, during which the progress meter shows
-zero progress, and another day or so to do actually the copy, during which
+zero progress, and another day or so to do actually do the copy, during which
 the progress meter very slowly increases.
 
-For big disk images, it is a whole lot faster to create a new system, attach
-the old system to it, mount the old system, and copy the files that you care about.
+Cloning a fixed sized disk is quite fast, and a quite reasonable way of
+backing stuff up.
 
-To list block devices `lsblk`.
+To list block devices `lsblk -o name,type,size,fsuse%,fstype,fsver,mountpoint,UUID`.
 
 To mount an attached disk, create an empty directory, normally under
 `mnt`, and `mount /dev/sdb3 /mnt/newvm`
@@ -295,17 +407,17 @@ To mount an attached disk, create an empty directory, normally under
 For example:
 
 ```terminal_image
-root@example.com:~# lsblk
-NAME	MAJ:MIN	RM	SIZE	RO	TYPE	MOUNTPOINT
-sda		8:0		0	 24G	0	disk
-├─sda1	8:1		0	 23G	0	part	/
-├─sda2	8:2		0	  1K	0	part
-└─sda5	8:5		0	975M	0	part [SWAP]
-sdb		8:16	0	 46G	0	disk
-├─sdb1	8:17	0	 36M	0	part
-├─sdb2	8:18	0	 45G	0	part
-└─sdb3	8:19	0	  1G	0	part
-sr0		11:0	1	484M	0	rom
+root@example.com:~#lsblk -o name,type,size,fsuse%,fstype,fsver,mountpoint,UUID
+NAME   TYPE  SIZE FSTYPE MOUNTPOINT UUID
+sda    disk   20G                   
+├─sda1 part   33M vfat   /boot/efi  E470-C4BA
+├─sda2 part    3G swap   [SWAP]     764b1b37-c66f-4552-b2b6-0d48196198d7
+└─sda3 part   17G ext4   /          efd3621c-63a4-4728-b7dd-747527f107c0
+sdb    disk   20G                   
+├─sdb1 part   33M vfat              E470-C4BA
+├─sdb2 part    3G swap              764b1b37-c66f-4552-b2b6-0d48196198d7
+└─sdb3 part   17G ext4              efd3621c-63a4-4728-b7dd-747527f107c0
+sr0    rom  1024M 
 root@example.com:~# mkdir -p /mnt/sdb2
 root@example.com:~# mount /dev/sdb2 /mnt/sdb2
 root@example.com:~# ls -hal /mnt/sdb2
@@ -319,14 +431,29 @@ drwxr-xr-x   2 root root 4.0K Dec 12 06:27 mnt
 drwxr-xr-x  11 root root 4.0K Dec 12 06:27 var
 ```
 
-# Actual server
+when backing up from one virtual hard drive to another very similar one,
+mount the source disk with `mount -r`
 
-## disable password entry
+We are not worried about permissions and symlinks, so use `rsync  -rcv --inplace --append-verify`
+
+If worried about permissions and symlinks `rsync  -acv --inplace --append-verify`
+
+There is some horrid bug with `rsync  -acv --inplace --append-verify` that makes it excruciatingly slow if you are copying a lot of data.
+
+`cp -vuxr «source-dir»/«.bit*» «dest-dir»` should have similar effect,
+but perhaps considerably faster, but it checks only the times, which may
+be disastrous if you have been using your backup live any time after you
+used the master live.  After backing up, run your backup live once briefly,
+before using the backed up master, then never again till the next backup.
+
+# Actual server
 
 Setting up an actual server is similar to setting up the virtual machine
 modelling it, except you have to worry about the server getting overloaded
 and locking up.
 
+## disable password entry
+
 On an actual server, it is advisable to enable passwordless sudo for one user.
 
 issue the command `visudo` and edit the sudoers file to contain the line:
@@ -509,19 +636,53 @@ of (multi-)user utilities and applications.
 
 ## Setting up ssh
 
+When your hosing service gives you a server, you will probably initially
+have to control it by password.  And not only is this unsafe and lots of
+utilities fail to work with passwords, but your local ssh client may well fail
+to do a password login, endelessly offering public keys, when no
+`~/.ssh/authorized_keys` file yet exists on the freshly created server.
+
+To force your local client to employ passwords:
+
+```bash
+ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no -o StrictHostKeyChecking=no  root@«server»
+```
+
+And then the first thing you do on the freshly initialized server is 
+
+```bash
+apt update -qy
+apt upgrade -qy
+shutdown -r now && exit
+```
+
+And the *next* thing you do is login again and set up login by ssh key,
+because if you make changes and *then* update, things are likely to break
+(because your hosting service likely installed a very old version of linux).
+
 Login by password is second class, and there are a bunch of esoteric
 special cases where it does not quite 100% work in all situations,
 because stuff wants to auto log you in without asking for input.
 
 Putty is the windows ssh client, but you can use the Linux ssh client in
-windows in the git bash shell, and the Linux remote file copy utility
-`scp` is way better than the putty utility PSFTP.
+windows in the git bash shell, which is way better than putty, and the
+Linux remote file copy utility `scp` is way better than the putty utility
+`PSFTP`, and the Linux remote file copy utility `rsync` way better than
+either of them, though unfortunately `rsync` does not work in the windows bash shell. 
+
+The filezilla client works natively on both windows and linux, and it is very good gui file copy utility that, like scp and rsync, works by ssh (once you set up the necessary public and private keys.)  Unfortunately on windows, it insists on putty format private keys, while the git bash shell for windows wants linux format keys.
 
 Usually a command line interface is a pain and error prone, with a
 multitude of mysterious and inexplicable options and parameters, and one
-typo or out of order command causing your system to unrecoverably die,but even though Putty has a windowed interface, the command line
+typo or out of order command causing your system to unrecoverably
+die,but even though Putty has a windowed interface, the command line
 interface of bash is easier to use.
 
+(The gui interface of filezilla is the easiest to us, but I tend not to bother
+setting up the putty keys for it, and wind up using rsync linux to linux,
+which, like all comand line interfaces is more powerful, but more difficult
+and dangerous)
+
 It is easier in practice to use the bash (or, on Windows, git-bash) to manage keys than PuTTYgen.  You generate a key pair with
 
 ```bash
@@ -1287,7 +1448,8 @@ map to the old server, until the new server works.)
 ```bash
 apt-get -qy install certbot python-certbot-nginx
 certbot register --register-unsafely-without-email --agree-tos
-certbot run -a manual  --preferred-challenges dns -i nginx -d reaction.la -d blog.reaction.la
+certbot run -a manual  --preferred-challenges dns -i nginx \
+    -d reaction.la -d blog.reaction.la
 nginx -t
 ```
 
@@ -1295,13 +1457,23 @@ This does not set up automatic renewal.  To get automatic renewal going,
 you will need to renew with the `webroot` challenge rather than the `manual`
 once DNS points to this server.
 
+This, ` --preferred-challenges dns`, also allows you to set up wildcard
+certificates, but it is a pain, and does not support automatic renewal. 
+Automatic renewal requires of wildcards requires the cooperation of
+certbot and your dns server, and is different for every organization, so only
+the big boys can play.
+
 But if you are doing this, not on your test server, but on your live server, the easy way, which will also setup automatic renewal and configure your webserver to be https only, is:
 
 ```bash
-certbot --nginx  -d mail.reaction.la,blog.reaction.la,reaction.la
+certbot --nginx  -d \
+mail.reaction.la,blog.reaction.la,reaction.la,\
+www.reaction.la,www.blog.reaction.la,\
+gitea.reaction.la,git.reaction.la
 ```
 
-If instead you already have a certificate, because you copied over your `/etc/letsencrypt` directory
+If instead you already have a certificate, because you copied over your
+`/etc/letsencrypt` directory
 
 ```bash
 apt-get -qy install certbot python-certbot-nginx
diff --git a/docs/setup/wireguard.md b/docs/setup/wireguard.md
index b68c515..13ba4b7 100644
--- a/docs/setup/wireguard.md
+++ b/docs/setup/wireguard.md
@@ -247,13 +247,18 @@ Next, find the name of your server’s main network interface.
 
 ```bash
 ip addr | grep BROADCAST
+server_network_interface=$(ip addr | grep BROADCAST |sed -r "s/.*:[[:space:]]*([[:alnum:]]+)[[:space:]]*:.*/\1/")
+echo $server_network_interface
 ```
 
 As you can see, it’s named `eth0` on my Debian server.
 
 ```terminal_image
 :~# ip addr | grep BROADCAST
-2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
+2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
+:~# server_network_interface=$(ip addr | grep BROADCAST |sed -r "s/([[:alnum:]]+):[[:space:]]*(.*)[[:space:]]*:(.*)/\2/")
+:~# echo $server_network_interface
+eth0
 ```
 
 To configure IP masquerading, we have to add iptables command in a UFW configuration file.
@@ -651,6 +656,11 @@ You can also run the following command to get the current public IP address.
 curl https://icanhazip.com
 ```
 
+To get the geographic location
+```bash
+curl https://www.dnsleaktest.com |grep from
+```
+
 # Troubleshooting
 
 ## Check if UDP port «51820» is open