From 2fda0a1565f7a7a741e0f3708a03c8ff5b4033f9 Mon Sep 17 00:00:00 2001
From: Zaiming Shi <zmstone@gmail.com>
Date: Mon, 7 Dec 2020 21:30:21 +0100
Subject: [PATCH] chore(apps): Sync again all apps

---
 apps/emqx_auth_http/etc/emqx_auth_http.conf   |   6 +-
 .../emqx_auth_http/include/emqx_auth_http.hrl |   2 +-
 .../emqx_auth_http/priv/emqx_auth_http.schema |  76 +--
 apps/emqx_auth_http/rebar.config              |   8 +-
 apps/emqx_auth_http/src/emqx_acl_http.erl     |  29 +-
 .../emqx_auth_http/src/emqx_auth_http.app.src |   2 +-
 apps/emqx_auth_http/src/emqx_auth_http.erl    |  54 +-
 .../emqx_auth_http/src/emqx_auth_http_app.erl | 104 +++-
 .../emqx_auth_http/src/emqx_auth_http_cli.erl |  49 +-
 apps/emqx_auth_http/src/emqx_http_client.erl  | 256 +++++++++
 .../src/emqx_http_client_sup.erl              |  48 ++
 .../test/emqx_auth_http_SUITE.erl             |  40 +-
 apps/emqx_auth_jwt/.gitignore                 |   1 +
 apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf     |  28 +-
 apps/emqx_auth_jwt/priv/emqx_auth_jwt.schema  |  25 +-
 apps/emqx_auth_jwt/rebar.config               |   3 +-
 apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src  |   2 +-
 .../emqx_auth_jwt/src/emqx_auth_jwt.appup.src |  10 +
 apps/emqx_auth_jwt/src/emqx_auth_jwt.erl      |  81 +--
 apps/emqx_auth_jwt/src/emqx_auth_jwt_app.erl  |  53 +-
 apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl  | 222 ++++++++
 .../test/emqx_auth_jwt_SUITE.erl              |  53 +-
 apps/emqx_auth_ldap/rebar.config              |   2 +-
 apps/emqx_auth_mongo/rebar.config             |   4 +-
 apps/emqx_auth_mysql/rebar.config             |   2 +-
 .../src/emqx_auth_mysql.appup.src             |  22 +-
 apps/emqx_auth_pgsql/rebar.config             |   4 +-
 .../src/emqx_auth_pgsql.appup.src             |  22 +-
 apps/emqx_auth_redis/.gitignore               |   2 +
 apps/emqx_auth_redis/rebar.config             |   6 +-
 .../src/emqx_auth_redis.appup.src             |  38 +-
 .../src/emqx_auth_redis_sup.erl               |   2 +-
 apps/emqx_bridge_mqtt/rebar.config            |   4 +-
 .../src/emqx_bridge_mqtt.appup.src            |  28 +-
 .../emqx_bridge_mqtt/src/emqx_bridge_mqtt.erl |  18 +-
 .../src/emqx_bridge_mqtt_actions.erl          |  55 +-
 .../src/emqx_bridge_worker.erl                |  19 +-
 apps/emqx_coap/src/emqx_coap_server.erl       |   6 +
 apps/emqx_dashboard/src/emqx_dashboard.erl    |   9 +-
 .../.github/workflows/run_test_cases.yaml     |  21 +-
 apps/emqx_exhook/.gitignore                   |   4 +
 apps/emqx_exhook/README.md                    |  76 +--
 apps/emqx_exhook/docs/design.md               | 329 ++++-------
 apps/emqx_exhook/docs/introduction.md         |  84 ---
 apps/emqx_exhook/docs/sdk-specification.md    |  79 ---
 apps/emqx_exhook/etc/emqx_exhook.conf         |  15 +
 apps/emqx_exhook/etc/emqx_extension_hook.conf |  24 -
 ...mqx_extension_hook.hrl => emqx_exhook.hrl} |   6 +-
 apps/emqx_exhook/priv/emqx_exhook.schema      |  38 ++
 .../priv/emqx_extension_hook.schema           |  43 --
 apps/emqx_exhook/priv/protos/exhook.proto     | 395 +++++++++++++
 apps/emqx_exhook/rebar.config                 |  31 +-
 apps/emqx_exhook/sdk/README.md                |  12 -
 apps/emqx_exhook/src/emqx_exhook.app.src      |  12 +
 .../src/emqx_exhook.app.src.script            |  24 +
 apps/emqx_exhook/src/emqx_exhook.appup.src    |   9 +
 ...mqx_extension_hook.erl => emqx_exhook.erl} |  88 ++-
 ...nsion_hook_app.erl => emqx_exhook_app.erl} |  41 +-
 ...nsion_hook_cli.erl => emqx_exhook_cli.erl} |  36 +-
 apps/emqx_exhook/src/emqx_exhook_handler.erl  | 288 ++++++++++
 apps/emqx_exhook/src/emqx_exhook_server.erl   | 286 ++++++++++
 ...nsion_hook_sup.erl => emqx_exhook_sup.erl} |  29 +-
 .../src/emqx_extension_hook.app.src           |  14 -
 .../src/emqx_extension_hook_driver.erl        | 305 ----------
 .../src/emqx_extension_hook_handler.erl       | 249 --------
 apps/emqx_exhook/test/emqx_exhook_SUITE.erl   |  53 ++
 .../emqx_exhook/test/emqx_exhook_demo_svr.erl | 297 ++++++++++
 .../test/emqx_extension_hook_SUITE.erl        | 139 -----
 .../test/props/prop_exhook_hooks.erl          | 537 ++++++++++++++++++
 apps/emqx_exhook/test/scripts/Main.java       | 160 ------
 apps/emqx_exhook/test/scripts/main.py         | 134 -----
 apps/emqx_exproto/.gitignore                  |   7 +-
 apps/emqx_exproto/README.md                   |  48 +-
 apps/emqx_exproto/docs/design.md              | 219 +++----
 .../emqx_exproto/docs/images/exproto-arch.jpg | Bin 85466 -> 72633 bytes
 .../docs/images/exproto-grpc-arch.jpg         | Bin 0 -> 97464 bytes
 apps/emqx_exproto/docs/sdk-specification.md   |  84 ---
 apps/emqx_exproto/etc/emqx_exproto.conf       |  22 +-
 apps/emqx_exproto/example/Main.java           | 136 -----
 apps/emqx_exproto/example/main.py             |  80 ---
 apps/emqx_exproto/include/emqx_exproto.hrl    |  13 +
 apps/emqx_exproto/priv/emqx_exproto.schema    |  90 ++-
 apps/emqx_exproto/priv/protos/exproto.proto   | 259 +++++++++
 apps/emqx_exproto/rebar.config                |  39 +-
 apps/emqx_exproto/sdk/README.md               |  11 -
 apps/emqx_exproto/src/emqx_exproto.app.src    |   6 +-
 .../src/emqx_exproto.app.src.script           |  24 +
 apps/emqx_exproto/src/emqx_exproto.appup.src  |   9 +
 apps/emqx_exproto/src/emqx_exproto.erl        | 159 +++---
 apps/emqx_exproto/src/emqx_exproto_app.erl    |   3 +-
 .../emqx_exproto/src/emqx_exproto_channel.erl | 479 +++++++++++-----
 apps/emqx_exproto/src/emqx_exproto_conn.erl   |  62 +-
 .../src/emqx_exproto_driver_mngr.erl          | 302 ----------
 apps/emqx_exproto/src/emqx_exproto_gcli.erl   | 110 ++++
 apps/emqx_exproto/src/emqx_exproto_gsvr.erl   | 154 +++++
 apps/emqx_exproto/src/emqx_exproto_sup.erl    |  63 +-
 apps/emqx_exproto/src/emqx_exproto_types.erl  | 179 ------
 apps/emqx_exproto/test/emqx_exproto_SUITE.erl | 328 +++++++++--
 .../test/emqx_exproto_echo_svr.erl            | 249 ++++++++
 apps/emqx_prometheus/rebar.config             |   2 +-
 apps/emqx_retainer/rebar.config               |   2 +-
 apps/emqx_retainer/src/emqx_retainer.erl      |   5 +-
 .../emqx_rule_engine/include/rule_actions.hrl |  11 +
 apps/emqx_rule_engine/include/rule_engine.hrl |   3 +-
 apps/emqx_rule_engine/rebar.config            |   2 +-
 .../src/emqx_rule_actions.erl                 | 164 ++++--
 .../src/emqx_rule_actions_trans.erl           |  70 +++
 .../src/emqx_rule_engine.appup.src            |  50 +-
 .../emqx_rule_engine/src/emqx_rule_engine.erl |  48 +-
 .../src/emqx_rule_engine_api.erl              |  18 +-
 .../src/emqx_rule_engine_app.erl              |   1 +
 .../src/emqx_rule_engine_sup.erl              |  10 +
 apps/emqx_rule_engine/src/emqx_rule_funcs.erl |  48 +-
 .../emqx_rule_engine/src/emqx_rule_locker.erl |  34 ++
 apps/emqx_rule_engine/src/emqx_rule_maps.erl  |  16 +-
 .../src/emqx_rule_metrics.erl                 | 187 +++++-
 .../src/emqx_rule_runtime.erl                 |  57 +-
 .../src/emqx_rule_sqlparser.erl               |   9 -
 .../src/emqx_rule_sqltester.erl               |   7 +-
 apps/emqx_rule_engine/src/emqx_rule_utils.erl |  73 ++-
 .../src/emqx_rule_validator.erl               |   8 +-
 .../test/emqx_rule_engine_SUITE.erl           |  68 ++-
 .../test/emqx_rule_funcs_SUITE.erl            |   8 +-
 .../test/emqx_rule_maps_SUITE.erl             |   6 -
 .../test/emqx_rule_metrics_SUITE.erl          |  75 ++-
 .../test/emqx_rule_utils_SUITE.erl            |  40 +-
 apps/emqx_web_hook/rebar.config               |   2 +-
 .../emqx_web_hook/src/emqx_web_hook.appup.src |  41 +-
 .../src/emqx_web_hook_actions.erl             |  31 +-
 129 files changed, 5784 insertions(+), 3700 deletions(-)
 create mode 100644 apps/emqx_auth_http/src/emqx_http_client.erl
 create mode 100644 apps/emqx_auth_http/src/emqx_http_client_sup.erl
 create mode 100644 apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src
 create mode 100644 apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl
 delete mode 100644 apps/emqx_exhook/docs/introduction.md
 delete mode 100644 apps/emqx_exhook/docs/sdk-specification.md
 create mode 100644 apps/emqx_exhook/etc/emqx_exhook.conf
 delete mode 100644 apps/emqx_exhook/etc/emqx_extension_hook.conf
 rename apps/emqx_exhook/include/{emqx_extension_hook.hrl => emqx_exhook.hrl} (87%)
 create mode 100644 apps/emqx_exhook/priv/emqx_exhook.schema
 delete mode 100644 apps/emqx_exhook/priv/emqx_extension_hook.schema
 create mode 100644 apps/emqx_exhook/priv/protos/exhook.proto
 delete mode 100644 apps/emqx_exhook/sdk/README.md
 create mode 100644 apps/emqx_exhook/src/emqx_exhook.app.src
 create mode 100644 apps/emqx_exhook/src/emqx_exhook.app.src.script
 create mode 100644 apps/emqx_exhook/src/emqx_exhook.appup.src
 rename apps/emqx_exhook/src/{emqx_extension_hook.erl => emqx_exhook.erl} (55%)
 rename apps/emqx_exhook/src/{emqx_extension_hook_app.erl => emqx_exhook_app.erl} (80%)
 rename apps/emqx_exhook/src/{emqx_extension_hook_cli.erl => emqx_exhook_cli.erl} (64%)
 create mode 100644 apps/emqx_exhook/src/emqx_exhook_handler.erl
 create mode 100644 apps/emqx_exhook/src/emqx_exhook_server.erl
 rename apps/emqx_exhook/src/{emqx_extension_hook_sup.erl => emqx_exhook_sup.erl} (67%)
 delete mode 100644 apps/emqx_exhook/src/emqx_extension_hook.app.src
 delete mode 100644 apps/emqx_exhook/src/emqx_extension_hook_driver.erl
 delete mode 100644 apps/emqx_exhook/src/emqx_extension_hook_handler.erl
 create mode 100644 apps/emqx_exhook/test/emqx_exhook_SUITE.erl
 create mode 100644 apps/emqx_exhook/test/emqx_exhook_demo_svr.erl
 delete mode 100644 apps/emqx_exhook/test/emqx_extension_hook_SUITE.erl
 create mode 100644 apps/emqx_exhook/test/props/prop_exhook_hooks.erl
 delete mode 100644 apps/emqx_exhook/test/scripts/Main.java
 delete mode 100644 apps/emqx_exhook/test/scripts/main.py
 create mode 100644 apps/emqx_exproto/docs/images/exproto-grpc-arch.jpg
 delete mode 100644 apps/emqx_exproto/docs/sdk-specification.md
 delete mode 100644 apps/emqx_exproto/example/Main.java
 delete mode 100644 apps/emqx_exproto/example/main.py
 create mode 100644 apps/emqx_exproto/priv/protos/exproto.proto
 delete mode 100644 apps/emqx_exproto/sdk/README.md
 create mode 100644 apps/emqx_exproto/src/emqx_exproto.app.src.script
 create mode 100644 apps/emqx_exproto/src/emqx_exproto.appup.src
 delete mode 100644 apps/emqx_exproto/src/emqx_exproto_driver_mngr.erl
 create mode 100644 apps/emqx_exproto/src/emqx_exproto_gcli.erl
 create mode 100644 apps/emqx_exproto/src/emqx_exproto_gsvr.erl
 delete mode 100644 apps/emqx_exproto/src/emqx_exproto_types.erl
 create mode 100644 apps/emqx_exproto/test/emqx_exproto_echo_svr.erl
 create mode 100644 apps/emqx_rule_engine/include/rule_actions.hrl
 create mode 100644 apps/emqx_rule_engine/src/emqx_rule_actions_trans.erl
 create mode 100644 apps/emqx_rule_engine/src/emqx_rule_locker.erl

diff --git a/apps/emqx_auth_http/etc/emqx_auth_http.conf b/apps/emqx_auth_http/etc/emqx_auth_http.conf
index 86c4ac002..0df589169 100644
--- a/apps/emqx_auth_http/etc/emqx_auth_http.conf
+++ b/apps/emqx_auth_http/etc/emqx_auth_http.conf
@@ -101,8 +101,8 @@ auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,
 ## -m: minute, e.g. '5m' for 5 minutes
 ## -s: second, e.g. '30s' for 30 seconds
 ##
-## Default: 0
-## auth.http.request.timeout = 0
+## Default: 5s
+## auth.http.request.timeout = 5s
 
 ## Connection time-out time, used during the initial request
 ## when the client is connecting to the server
@@ -117,7 +117,7 @@ auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,
 ## Value: integer
 ##
 ## Default: 3
-auth.http.request.retry_times = 3
+auth.http.request.retry_times = 5
 
 ## The interval for re-sending the http request
 ##
diff --git a/apps/emqx_auth_http/include/emqx_auth_http.hrl b/apps/emqx_auth_http/include/emqx_auth_http.hrl
index 09e58e324..2bbe12827 100644
--- a/apps/emqx_auth_http/include/emqx_auth_http.hrl
+++ b/apps/emqx_auth_http/include/emqx_auth_http.hrl
@@ -1,7 +1,7 @@
 
 -define(APP, emqx_auth_http).
 
--record(http_request, {method = post, content_type, url, params, options = []}).
+-record(http_request, {method = post, path, headers, params, request_timeout}).
 
 -record(auth_metrics, {
         success = 'client.auth.success',
diff --git a/apps/emqx_auth_http/priv/emqx_auth_http.schema b/apps/emqx_auth_http/priv/emqx_auth_http.schema
index e6a986344..4f4289db0 100644
--- a/apps/emqx_auth_http/priv/emqx_auth_http.schema
+++ b/apps/emqx_auth_http/priv/emqx_auth_http.schema
@@ -11,7 +11,7 @@
 
 {mapping, "auth.http.auth_req.content_type", "emqx_auth_http.auth_req", [
   {default, 'x-www-form-urlencoded'},
-  {datatype, {enum, [json, 'x-www-form-urlencoded']}}
+  {datatype, {enum, ['json', 'x-www-form-urlencoded']}}
 ]}.
 
 {mapping, "auth.http.auth_req.params", "emqx_auth_http.auth_req", [
@@ -25,7 +25,7 @@
       Params = cuttlefish:conf_get("auth.http.auth_req.params", Conf),
       [{url, Url},
       {method, cuttlefish:conf_get("auth.http.auth_req.method", Conf)},
-      {content_type, cuttlefish:conf_get("auth.http.auth_req.content_type", Conf)},
+      {content_type, list_to_binary("application/" ++ atom_to_list(cuttlefish:conf_get("auth.http.auth_req.content_type", Conf)))},
       {params, [list_to_tuple(string:tokens(S, "=")) || S <- string:tokens(Params, ",")]}]
   end
 end}.
@@ -41,7 +41,7 @@ end}.
 
 {mapping, "auth.http.super_req.content_type", "emqx_auth_http.super_req", [
   {default, 'x-www-form-urlencoded'},
-  {datatype, {enum, [json, 'x-www-form-urlencoded']}}
+  {datatype, {enum, ['json', 'x-www-form-urlencoded']}}
 ]}.
 
 {mapping, "auth.http.super_req.params", "emqx_auth_http.super_req", [
@@ -53,7 +53,7 @@ end}.
     undefined -> cuttlefish:unset();
     Url -> Params = cuttlefish:conf_get("auth.http.super_req.params", Conf),
            [{url, Url}, {method, cuttlefish:conf_get("auth.http.super_req.method", Conf)},
-            {content_type, cuttlefish:conf_get("auth.http.super_req.content_type", Conf)},
+            {content_type, list_to_binary("application/" ++ atom_to_list(cuttlefish:conf_get("auth.http.super_req.content_type", Conf)))},
             {params, [list_to_tuple(string:tokens(S, "=")) || S <- string:tokens(Params, ",")]}]
   end
 end}.
@@ -70,7 +70,7 @@ end}.
 
 {mapping, "auth.http.acl_req.content_type", "emqx_auth_http.acl_req", [
   {default, 'x-www-form-urlencoded'},
-  {datatype, {enum, [json, 'x-www-form-urlencoded']}}
+  {datatype, {enum, ['json', 'x-www-form-urlencoded']}}
 ]}.
 
 {mapping, "auth.http.acl_req.params", "emqx_auth_http.acl_req", [
@@ -81,34 +81,56 @@ end}.
   case cuttlefish:conf_get("auth.http.acl_req", Conf, undefined) of
     undefined -> cuttlefish:unset();
     Url -> Params = cuttlefish:conf_get("auth.http.acl_req.params", Conf),
-           [{url, Url}, {method, cuttlefish:conf_get("auth.http.acl_req.method", Conf)},
-            {content_type, cuttlefish:conf_get("auth.http.acl_req.content_type", Conf)},
+           [{url, Url},
+            {method, cuttlefish:conf_get("auth.http.acl_req.method", Conf)},
+            {content_type, list_to_binary("application/" ++ atom_to_list(cuttlefish:conf_get("auth.http.acl_req.content_type", Conf)))},
             {params, [list_to_tuple(string:tokens(S, "=")) || S <- string:tokens(Params, ",")]}]
   end
 end}.
 
-{mapping, "auth.http.request.timeout", "emqx_auth_http.http_opts", [
-  {default, 0},
+{mapping, "auth.http.request.timeout", "emqx_auth_http.request_timeout", [
+  {default, "5s"},
   {datatype, [integer, {duration, ms}]}
 ]}.
 
-{mapping, "auth.http.request.connect_timeout", "emqx_auth_http.http_opts", [
+{mapping, "auth.http.pool_size", "emqx_auth_http.pool_opts", [
+  {default, 8},
+  {datatype, integer}
+]}.
+
+{mapping, "auth.http.request.connect_timeout", "emqx_auth_http.pool_opts", [
+  {default, "5s"},
   {datatype, [integer, {duration, ms}]}
 ]}.
 
-{mapping, "auth.http.ssl.cacertfile", "emqx_auth_http.http_opts", [
+{mapping, "auth.http.ssl.cacertfile", "emqx_auth_http.pool_opts", [
   {datatype, string}
 ]}.
 
-{mapping, "auth.http.ssl.certfile", "emqx_auth_http.http_opts", [
+{mapping, "auth.http.ssl.certfile", "emqx_auth_http.pool_opts", [
   {datatype, string}
 ]}.
 
-{mapping, "auth.http.ssl.keyfile", "emqx_auth_http.http_opts", [
+{mapping, "auth.http.ssl.keyfile", "emqx_auth_http.pool_opts", [
   {datatype, string}
 ]}.
 
-{translation, "emqx_auth_http.http_opts", fun(Conf) ->
+{mapping, "auth.http.request.retry_times", "emqx_auth_http.pool_opts", [
+  {default, 5},
+  {datatype, integer}
+]}.
+
+{mapping, "auth.http.request.retry_interval", "emqx_auth_http.pool_opts", [
+  {default, "1s"},
+  {datatype, {duration, ms}}
+]}.
+
+{mapping, "auth.http.request.retry_backoff", "emqx_auth_http.pool_opts", [
+  {default, 2.0},
+  {datatype, float}
+]}.
+
+{translation, "emqx_auth_http.pool_opts", fun(Conf) ->
   Filter = fun(L) -> [{K, V} || {K, V} <- L, V =/= undefined] end,
   InfinityFun = fun(0) -> infinity;
                    (Duration) -> Duration
@@ -116,8 +138,10 @@ end}.
   SslOpts = Filter([{cacertfile, cuttlefish:conf_get("auth.http.ssl.cacertfile", Conf, undefined)},
                     {certfile, cuttlefish:conf_get("auth.http.ssl.certfile", Conf, undefined)},
                     {keyfile, cuttlefish:conf_get("auth.http.ssl.keyfile", Conf, undefined)}]),
-  Opts = [{timeout, InfinityFun(cuttlefish:conf_get("auth.http.request.timeout", Conf))},
-          {connect_timeout, InfinityFun(cuttlefish:conf_get("auth.http.request.connect_timeout", Conf, undefined))}],
+  Opts = [{pool_size, cuttlefish:conf_get("auth.http.pool_size", Conf)},
+          {connect_timeout, InfinityFun(cuttlefish:conf_get("auth.http.request.connect_timeout", Conf))},
+          {retry, cuttlefish:conf_get("auth.http.request.retry_times", Conf)},
+          {retry_timeout, cuttlefish:conf_get("auth.http.request.retry_interval", Conf)}],
   case SslOpts of
       [] -> Filter(Opts);
       _  ->
@@ -131,26 +155,6 @@ end}.
   end
 end}.
 
-{mapping, "auth.http.request.retry_times", "emqx_auth_http.retry_opts", [
-  {default, 3},
-  {datatype, integer}
-]}.
-
-{mapping, "auth.http.request.retry_interval", "emqx_auth_http.retry_opts", [
-  {default, "1s"},
-  {datatype, {duration, ms}}
-]}.
-
-{mapping, "auth.http.request.retry_backoff", "emqx_auth_http.retry_opts", [
-  {default, 2.0},
-  {datatype, float}
-]}.
-
-{translation, "emqx_auth_http.retry_opts", fun(Conf) ->
-  [{times, cuttlefish:conf_get("auth.http.request.retry_times", Conf)},
-   {interval, cuttlefish:conf_get("auth.http.request.retry_interval", Conf)},
-   {backoff, cuttlefish:conf_get("auth.http.request.retry_backoff", Conf)}]
-end}.
 
 {mapping, "auth.http.header.$field", "emqx_auth_http.headers", [
   {datatype, string}
diff --git a/apps/emqx_auth_http/rebar.config b/apps/emqx_auth_http/rebar.config
index 026e6fc9b..0b1959427 100644
--- a/apps/emqx_auth_http/rebar.config
+++ b/apps/emqx_auth_http/rebar.config
@@ -1,4 +1,8 @@
-{deps, []}.
+{deps,
+ [{cowlib, {git, "https://github.com/ninenines/cowlib", {tag, "2.7.0"}}},
+  {gun, {git, "https://github.com/emqx/gun", {tag, "1.3.4"}}},
+  {gproc, {git, "https://github.com/uwiger/gproc", {tag, "0.8.0"}}}
+ ]}.
 
 {edoc_opts, [{preprocess, true}]}.
 {erl_opts, [warn_unused_vars,
@@ -20,7 +24,7 @@
  [{test,
    [{deps,
      [{emqx_ct_helpers, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "v1.2.2"}}}
      ]}
    ]}
  ]}.
diff --git a/apps/emqx_auth_http/src/emqx_acl_http.erl b/apps/emqx_auth_http/src/emqx_acl_http.erl
index ebe415937..a6f60b465 100644
--- a/apps/emqx_auth_http/src/emqx_acl_http.erl
+++ b/apps/emqx_auth_http/src/emqx_acl_http.erl
@@ -24,7 +24,7 @@
 -logger_header("[ACL http]").
 
 -import(emqx_auth_http_cli,
-        [ request/8
+        [ request/6
         , feedvar/2
         ]).
 
@@ -48,18 +48,16 @@ check_acl(ClientInfo, PubSub, Topic, AclResult, State) ->
 
 do_check_acl(#{username := <<$$, _/binary>>}, _PubSub, _Topic, _AclResult, _Config) ->
     ok;
-do_check_acl(ClientInfo, PubSub, Topic, _AclResult, #{acl_req    := AclReq,
-                                                      http_opts  := HttpOpts,
-                                                      retry_opts := RetryOpts,
-                                                      headers    := Headers}) ->
+do_check_acl(ClientInfo, PubSub, Topic, _AclResult, #{acl_req := AclReq,
+                                                      pool_name := PoolName}) ->
     ClientInfo1 = ClientInfo#{access => access(PubSub), topic => Topic},
-    case check_acl_request(AclReq, ClientInfo1, Headers, HttpOpts, RetryOpts) of
-        {ok, 200, "ignore"} -> ok;
+    case check_acl_request(PoolName, AclReq, ClientInfo1) of
+        {ok, 200, <<"ignore">>} -> ok;
         {ok, 200, _Body}    -> {stop, allow};
         {ok, _Code, _Body}  -> {stop, deny};
         {error, Error}      ->
-            ?LOG(error, "Request ACL url ~s, error: ~p",
-                 [AclReq#http_request.url, Error]),
+            ?LOG(error, "Request ACL path ~s, error: ~p",
+                 [AclReq#http_request.path, Error]),
             ok
     end.
 
@@ -79,13 +77,12 @@ inc_metrics({stop, deny}) ->
 return_with(Fun, Result) ->
     Fun(Result), Result.
 
-check_acl_request(#http_request{url = Url,
-                                method = Method,
-                                content_type = ContentType,
-                                params = Params,
-                                options = Options},
-                  ClientInfo, Headers, HttpOpts, RetryOpts) ->
-    request(Method, ContentType, Url, feedvar(Params, ClientInfo), Headers, HttpOpts, Options, RetryOpts).
+check_acl_request(PoolName, #http_request{path = Path,
+                                          method = Method,
+                                          headers = Headers,
+                                          params = Params,
+                                          request_timeout = RequestTimeout}, ClientInfo) ->
+    request(PoolName, Method, Path, Headers, feedvar(Params, ClientInfo), RequestTimeout).
 
 access(subscribe) -> 1;
 access(publish)   -> 2.
diff --git a/apps/emqx_auth_http/src/emqx_auth_http.app.src b/apps/emqx_auth_http/src/emqx_auth_http.app.src
index eaabdb37e..ce73e10ea 100644
--- a/apps/emqx_auth_http/src/emqx_auth_http.app.src
+++ b/apps/emqx_auth_http/src/emqx_auth_http.app.src
@@ -3,7 +3,7 @@
   {vsn, "git"},
   {modules, []},
   {registered, [emqx_auth_http_sup]},
-  {applications, [kernel,stdlib]},
+  {applications, [kernel,stdlib,gproc,gun]},
   {mod, {emqx_auth_http_app, []}},
   {env, []},
   {licenses, ["Apache-2.0"]},
diff --git a/apps/emqx_auth_http/src/emqx_auth_http.erl b/apps/emqx_auth_http/src/emqx_auth_http.erl
index 54e41c989..20026d6ee 100644
--- a/apps/emqx_auth_http/src/emqx_auth_http.erl
+++ b/apps/emqx_auth_http/src/emqx_auth_http.erl
@@ -25,7 +25,7 @@
 -logger_header("[Auth http]").
 
 -import(emqx_auth_http_cli,
-        [ request/8
+        [ request/6
         , feedvar/2
         ]).
 
@@ -41,28 +41,26 @@ register_metrics() ->
 
 check(ClientInfo, AuthResult, #{auth_req   := AuthReq,
                                 super_req  := SuperReq,
-                                http_opts  := HttpOpts,
-                                retry_opts := RetryOpts,
-                                headers    := Headers}) ->
-    case authenticate(AuthReq, ClientInfo, Headers, HttpOpts, RetryOpts) of
-        {ok, 200, "ignore"} ->
+                                pool_name  := PoolName}) ->
+    case authenticate(PoolName, AuthReq, ClientInfo) of
+        {ok, 200, <<"ignore">>} ->
             emqx_metrics:inc(?AUTH_METRICS(ignore)), ok;
         {ok, 200, Body}  ->
             emqx_metrics:inc(?AUTH_METRICS(success)),
-            IsSuperuser = is_superuser(SuperReq, ClientInfo, Headers, HttpOpts, RetryOpts),
+            IsSuperuser = is_superuser(PoolName, SuperReq, ClientInfo),
             {stop, AuthResult#{is_superuser => IsSuperuser,
                                 auth_result => success,
                                 anonymous   => false,
                                 mountpoint  => mountpoint(Body, ClientInfo)}};
         {ok, Code, _Body} ->
-            ?LOG(error, "Deny connection from url: ~s, response http code: ~p",
-                 [AuthReq#http_request.url, Code]),
+            ?LOG(error, "Deny connection from path: ~s, response http code: ~p",
+                 [AuthReq#http_request.path, Code]),
             emqx_metrics:inc(?AUTH_METRICS(failure)),
             {stop, AuthResult#{auth_result => http_to_connack_error(Code),
                                anonymous   => false}};
         {error, Error} ->
-            ?LOG(error, "Request auth url: ~s, error: ~p",
-                 [AuthReq#http_request.url, Error]),
+            ?LOG(error, "Request auth path: ~s, error: ~p",
+                 [AuthReq#http_request.path, Error]),
             emqx_metrics:inc(?AUTH_METRICS(failure)),
             %%FIXME later: server_unavailable is not right.
             {stop, AuthResult#{auth_result => server_unavailable,
@@ -75,32 +73,30 @@ description() -> "Authentication by HTTP API".
 %% Requests
 %%--------------------------------------------------------------------
 
-authenticate(#http_request{url = Url,
-                           method = Method,
-                           content_type = ContentType,
-                           params = Params,
-                           options = Options},
-             ClientInfo, HttpHeaders, HttpOpts, RetryOpts) ->
-   request(Method, ContentType, Url, feedvar(Params, ClientInfo), HttpHeaders, HttpOpts, Options, RetryOpts).
+authenticate(PoolName, #http_request{path = Path,
+                                     method = Method,
+                                     headers = Headers,
+                                     params = Params,
+                                     request_timeout = RequestTimeout}, ClientInfo) ->
+   request(PoolName, Method, Path, Headers, feedvar(Params, ClientInfo), RequestTimeout).
 
--spec(is_superuser(maybe(#http_request{}), emqx_types:client(), list(), list(), list()) -> boolean()).
-is_superuser(undefined, _ClientInfo, _HttpHeaders, _HttpOpts, _RetryOpts) ->
+-spec(is_superuser(atom(), maybe(#http_request{}), emqx_types:client()) -> boolean()).
+is_superuser(_PoolName, undefined, _ClientInfo) ->
     false;
-is_superuser(#http_request{url = Url,
-                           method = Method,
-                           content_type = ContentType,
-                           params = Params,
-                           options = Options},
-             ClientInfo, HttpHeaders, HttpOpts, RetryOpts) ->
-    case request(Method, ContentType, Url, feedvar(Params, ClientInfo), HttpHeaders, HttpOpts, Options, RetryOpts) of
+is_superuser(PoolName, #http_request{path = Path,
+                                     method = Method,
+                                     headers = Headers,
+                                     params = Params,
+                                     request_timeout = RequestTimeout}, ClientInfo) ->
+    case request(PoolName, Method, Path, Headers, feedvar(Params, ClientInfo), RequestTimeout) of
         {ok, 200, _Body}   -> true;
         {ok, _Code, _Body} -> false;
-        {error, Error}     -> ?LOG(error, "Request superuser url ~s, error: ~p", [Url, Error]),
+        {error, Error}     -> ?LOG(error, "Request superuser path ~s, error: ~p", [Path, Error]),
                               false
     end.
 
 mountpoint(Body, #{mountpoint := Mountpoint}) ->
-    case emqx_json:safe_decode(iolist_to_binary(Body), [return_maps]) of
+    case emqx_json:safe_decode(Body, [return_maps]) of
         {error, _} -> Mountpoint;
         {ok, Json} when is_map(Json) ->
             maps:get(<<"mountpoint">>, Json, Mountpoint);
diff --git a/apps/emqx_auth_http/src/emqx_auth_http_app.erl b/apps/emqx_auth_http/src/emqx_auth_http_app.erl
index 51f6762ee..1d235ca2a 100644
--- a/apps/emqx_auth_http/src/emqx_auth_http_app.erl
+++ b/apps/emqx_auth_http/src/emqx_auth_http_app.erl
@@ -17,7 +17,6 @@
 -module(emqx_auth_http_app).
 
 -behaviour(application).
--behaviour(supervisor).
 
 -emqx_plugin(auth).
 
@@ -33,37 +32,35 @@
 %%--------------------------------------------------------------------
 
 start(_StartType, _StartArgs) ->
-    with_env(auth_req, fun load_auth_hook/1),
-    with_env(acl_req,  fun load_acl_hook/1),
-    supervisor:start_link({local, ?MODULE}, ?MODULE, []).
+    case translate_env() of
+        ok ->
+            {ok, PoolOpts} = application:get_env(?APP, pool_opts),
+            {ok, Sup} = emqx_http_client_sup:start_link(?APP, ssl(inet(PoolOpts))),
+            with_env(auth_req, fun load_auth_hook/1),
+            with_env(acl_req,  fun load_acl_hook/1),
+            {ok, Sup};
+        {error, Reason} ->
+            {error, Reason}
+    end.
 
 load_auth_hook(AuthReq) ->
     ok = emqx_auth_http:register_metrics(),
     SuperReq = r(application:get_env(?APP, super_req, undefined)),
-    HttpOpts = application:get_env(?APP, http_opts, []),
-    RetryOpts = application:get_env(?APP, retry_opts, []),
-    Headers = application:get_env(?APP, headers, []),
     Params = #{auth_req   => AuthReq,
                super_req  => SuperReq,
-               http_opts  => HttpOpts,
-               retry_opts => maps:from_list(RetryOpts),
-               headers    => Headers},
+               pool_name  => ?APP},
     emqx:hook('client.authenticate', {emqx_auth_http, check, [Params]}).
 
 load_acl_hook(AclReq) ->
     ok = emqx_acl_http:register_metrics(),
-    HttpOpts = application:get_env(?APP, http_opts, []),
-    RetryOpts = application:get_env(?APP, retry_opts, []),
-    Headers = application:get_env(?APP, headers, []),
-    Params = #{acl_req    => AclReq,
-               http_opts  => HttpOpts,
-               retry_opts => maps:from_list(RetryOpts),
-               headers    => Headers},
+    Params = #{acl_req   => AclReq,
+               pool_name => ?APP},
     emqx:hook('client.check_acl', {emqx_acl_http, check_acl, [Params]}).
 
 stop(_State) ->
     emqx:unhook('client.authenticate', {emqx_auth_http, check}),
-    emqx:unhook('client.check_acl', {emqx_acl_http, check_acl}).
+    emqx:unhook('client.check_acl', {emqx_acl_http, check_acl}),
+    emqx_http_client_sup:stop_pool(?APP).
 
 %%--------------------------------------------------------------------
 %% Dummy supervisor
@@ -85,19 +82,66 @@ with_env(Par, Fun) ->
 r(undefined) ->
     undefined;
 r(Config) ->
+    Headers = application:get_env(?APP, headers, []),
     Method = proplists:get_value(method, Config, post),
-    ContentType = proplists:get_value(content_type, Config, 'x-www-form-urlencoded'),
-    Url    = proplists:get_value(url, Config),
+    Path    = proplists:get_value(path, Config),
+    NewHeaders = [{<<"content_type">>, proplists:get_value(content_type, Config, <<"application/x-www-form-urlencoded">>)} | Headers],
     Params = proplists:get_value(params, Config),
-    #http_request{method = Method, content_type = ContentType, url = Url, params = Params, options = inet(Url)}.
+    {ok, RequestTimeout} = application:get_env(?APP, request_timeout),
+    #http_request{method = Method, path = Path, headers = NewHeaders, params = Params, request_timeout = RequestTimeout}.
 
-inet(Url) ->
-    case uri_string:parse(Url) of
-        #{host := Host} ->
-            case inet:parse_address(Host) of
-                {ok, Ip} when tuple_size(Ip) =:= 8 ->
-                    [{ipv6_host_with_brackets, true}, {socket_opts, [{ipfamily, inet6}]}];
-                _ -> []
-            end;
-        _ -> []
+inet(PoolOpts) ->
+    case proplists:get_value(host, PoolOpts) of
+        Host when tuple_size(Host) =:= 8 ->
+            TransOpts = proplists:get_value(transport_opts, PoolOpts, []),
+            NewPoolOpts = proplists:delete(transport_opts, PoolOpts),
+            [{transport_opts, [inet6 | TransOpts]} | NewPoolOpts];
+        _ ->
+            PoolOpts
     end.
+
+ssl(PoolOpts) ->
+    case proplists:get_value(ssl, PoolOpts, []) of
+        [] ->
+            PoolOpts;
+        SSLOpts ->
+            TransOpts = proplists:get_value(transport_opts, PoolOpts, []),
+            NewPoolOpts = proplists:delete(transport_opts, PoolOpts),
+            [{transport_opts, SSLOpts ++ TransOpts}, {transport, ssl} | NewPoolOpts]
+    end.
+
+translate_env() ->
+    URLs = lists:foldl(fun(Name, Acc) ->
+                    case application:get_env(?APP, Name, []) of
+                        [] -> Acc;
+                        Env ->
+                            URL = proplists:get_value(url, Env),
+                            #{host := Host0,
+                              port := Port,
+                              path := Path} = uri_string:parse(list_to_binary(URL)),
+                            {ok, Host} = inet:parse_address(binary_to_list(Host0)),
+                            [{Name, {Host, Port, binary_to_list(Path)}} | Acc]
+                    end
+                end, [], [acl_req, auth_req, super_req]),
+    case same_host_and_port(URLs) of
+        true ->
+            [begin
+                 {ok, Req} = application:get_env(?APP, Name),
+                 application:set_env(?APP, Name, [{path, Path} | Req])
+             end || {Name, {_, _, Path}} <- URLs],
+            {_, {Host, Port, _}} = lists:last(URLs),
+            PoolOpts = application:get_env(?APP, pool_opts, []),
+            application:set_env(?APP, pool_opts, [{host, Host}, {port, Port} | PoolOpts]),
+            ok;
+        false ->
+            {error, different_server}
+    end.
+
+same_host_and_port([_]) ->
+    true;
+same_host_and_port([{_, {Host, Port, _}}, {_, {Host, Port, _}}]) ->
+    true;
+same_host_and_port([{_, {Host, Port, _}}, URL = {_, {Host, Port, _}} | Rest]) ->
+    same_host_and_port([URL | Rest]);
+same_host_and_port(_) ->
+    false.
\ No newline at end of file
diff --git a/apps/emqx_auth_http/src/emqx_auth_http_cli.erl b/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
index 35a20d0f0..25fac4300 100644
--- a/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
+++ b/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
@@ -16,7 +16,9 @@
 
 -module(emqx_auth_http_cli).
 
--export([ request/8
+-include("emqx_auth_http.hrl").
+
+-export([ request/6
         , feedvar/2
         , feedvar/3
         ]).
@@ -25,36 +27,25 @@
 %% HTTP Request
 %%--------------------------------------------------------------------
 
-request(get, _ContentType, Url, Params, HttpHeaders, HttpOpts, Options, RetryOpts) ->
-    Req = {Url ++ "?" ++ cow_qs:qs(bin_kw(Params)), HttpHeaders},
-    reply(request_(get, Req, [{autoredirect, true} | HttpOpts], Options, RetryOpts));
+request(PoolName, get, Path, Headers, Params, Timeout) ->
+    NewPath = Path ++ "?" ++ cow_qs:qs(bin_kw(Params)),
+    reply(emqx_http_client:request(get, PoolName, {NewPath, Headers}, Timeout));
 
-request(post, 'x-www-form-urlencoded', Url, Params, HttpHeaders, HttpOpts, Options, RetryOpts) ->
-    Req = {Url, HttpHeaders, "application/x-www-form-urlencoded", cow_qs:qs(bin_kw(Params))},
-    reply(request_(post, Req, [{autoredirect, true} | HttpOpts], Options, RetryOpts));
+request(PoolName, post, Path, Headers, Params, Timeout) ->
+    Body = case proplists:get_value(<<"content_type">>, Headers) of
+               <<"application/x-www-form-urlencoded">> ->
+                   cow_qs:qs(bin_kw(Params));
+               <<"application/json">> -> 
+                   emqx_json:encode(bin_kw(Params))
+           end,
+    reply(emqx_http_client:request(post, PoolName, {Path, Headers, Body}, Timeout)).
 
-request(post, json, Url, Params, HttpHeaders, HttpOpts, Options, RetryOpts) ->
-    Req = {Url, HttpHeaders, "application/json", emqx_json:encode(bin_kw(Params))},
-    reply(request_(post, Req, [{autoredirect, true} | HttpOpts], Options, RetryOpts)).
-
-request_(Method, Req, HTTPOpts, Opts, RetryOpts = #{times := Times,
-                                                    interval := Interval,
-                                                    backoff := BackOff}) ->
-    case httpc:request(Method, Req, HTTPOpts, Opts) of
-        {error, _Reason} when Times > 0 ->
-            timer:sleep(trunc(Interval)),
-            RetryOpts1 = RetryOpts#{times := Times - 1,
-                                    interval := Interval * BackOff},
-            request_(Method, Req, HTTPOpts, Opts, RetryOpts1);
-        Other -> Other
-    end.
-
-reply({ok, {{_, Code, _}, _Headers, Body}}) ->
-    {ok, Code, Body};
-reply({ok, Code, Body}) ->
-    {ok, Code, Body};
-reply({error, Error}) ->
-    {error, Error}.
+reply({ok, StatusCode, _Headers}) ->
+    {ok, StatusCode, <<>>};
+reply({ok, StatusCode, _Headers, Body}) ->
+    {ok, StatusCode, Body};
+reply({error, Reason}) ->
+    {error, Reason}.
 
 %% TODO: move this conversion to cuttlefish config and schema
 bin_kw(KeywordList) when is_list(KeywordList) ->
diff --git a/apps/emqx_auth_http/src/emqx_http_client.erl b/apps/emqx_auth_http/src/emqx_http_client.erl
new file mode 100644
index 000000000..e29d798de
--- /dev/null
+++ b/apps/emqx_auth_http/src/emqx_http_client.erl
@@ -0,0 +1,256 @@
+-module(emqx_http_client).
+
+-behaviour(gen_server).
+
+-include_lib("emqx/include/logger.hrl").
+
+%% APIs
+-export([ start_link/3
+        , request/3
+        , request/4
+        ]).
+
+%% gen_server callbacks
+-export([ init/1
+        , handle_call/3
+        , handle_cast/2
+        , handle_info/2
+        , terminate/2
+        , code_change/3
+        ]).
+
+-record(state, {
+          pool      :: ecpool:poo_name(),
+          id        :: pos_integer(),
+          client    :: pid() | undefined,
+          mref      :: reference() | undefined,
+          host      :: inet:hostname() | inet:ip_address(),
+          port      :: inet:port_number(),
+          gun_opts  :: proplists:proplist(),
+          gun_state :: down | up,
+          requests  :: map()
+         }).
+
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
+start_link(Pool, Id, Opts) ->
+    gen_server:start_link(?MODULE, [Pool, Id, Opts], []).
+
+request(Method, Pool, Req) ->
+    request(Method, Pool, Req, 5000).
+
+request(get, Pool, {Path, Headers}, Timeout) ->
+    call(pick(Pool), {get, {Path, Headers}, Timeout}, Timeout + 1000);
+request(Method, Pool, {Path, Headers, Body}, Timeout) ->
+    call(pick(Pool), {Method, {Path, Headers, Body}, Timeout}, Timeout + 1000).
+
+%%--------------------------------------------------------------------
+%% gen_server callbacks
+%%--------------------------------------------------------------------
+
+init([Pool, Id, Opts]) ->
+    State = #state{pool = Pool,
+                   id = Id,
+                   client = undefined,
+                   mref = undefined,
+                   host = proplists:get_value(host, Opts),
+                   port = proplists:get_value(port, Opts),
+                   gun_opts = gun_opts(Opts),
+                   gun_state = down,
+                   requests = #{}},
+    true = gproc_pool:connect_worker(Pool, {Pool, Id}),
+    {ok, State}.
+
+handle_call(Req = {_, _, _}, From, State = #state{client = undefined, gun_state = down}) ->
+    case open(State) of
+        {ok, NewState} ->
+            handle_call(Req, From, NewState);
+        {error, Reason} ->
+            {reply, {error, Reason}, State}
+    end;
+
+handle_call(Req = {_, _, Timeout}, From, State = #state{client = Client, mref = MRef, gun_state = down}) when is_pid(Client) ->
+    case gun:await_up(Client, Timeout, MRef) of
+        {ok, _} ->
+            handle_call(Req, From, State#state{gun_state = up});
+        {error, timeout} ->
+            {reply, {error, timeout}, State};
+        {error, Reason} ->
+            true = erlang:demonitor(MRef, [flush]),
+            {reply, {error, Reason}, State#state{client = undefined, mref = undefined}}
+    end;
+
+handle_call({Method, Request, Timeout}, From, State = #state{client = Client, requests = Requests, gun_state = up}) when is_pid(Client) ->
+    StreamRef = do_request(Client, Method, Request),
+    ExpirationTime = erlang:system_time(millisecond) + Timeout,
+    {noreply, State#state{requests = maps:put(StreamRef, {From, ExpirationTime, undefined}, Requests)}};
+
+handle_call(Req, _From, State) ->
+    ?LOG(error, "Unexpected call: ~p", [Req]),
+    {reply, ignored, State}.
+
+handle_cast(Msg, State) ->
+    ?LOG(error, "Unexpected cast: ~p", [Msg]),
+    {noreply, State}.
+
+handle_info({gun_response, Client, StreamRef, IsFin, StatusCode, Headers}, State = #state{client = Client, requests = Requests}) ->
+    Now = erlang:system_time(millisecond),
+    case maps:take(StreamRef, Requests) of
+        error ->
+            ?LOG(error, "Received 'gun_response' message from unknown stream ref: ~p", [StreamRef]),
+            {noreply, State};
+        {{_, ExpirationTime, _}, NRequests} when Now > ExpirationTime ->
+            gun:cancel(Client, StreamRef),
+            flush_stream(Client, StreamRef),
+            {noreply, State#state{requests = NRequests}};
+        {{From, ExpirationTime, undefined}, NRequests} ->
+            case IsFin of
+                fin ->
+                    gen_server:reply(From, {ok, StatusCode, Headers}),
+                    {noreply, State#state{requests = NRequests}};
+                nofin ->
+                    {noreply, State#state{requests = NRequests#{StreamRef => {From, ExpirationTime, {StatusCode, Headers, <<>>}}}}}
+            end;
+        _ ->
+            ?LOG(error, "Received 'gun_response' message does not match the state"),
+            {noreply, State}
+    end;
+
+handle_info({gun_data, Client, StreamRef, IsFin, Data}, State = #state{client = Client, requests = Requests}) ->
+    Now = erlang:system_time(millisecond),
+    case maps:take(StreamRef, Requests) of
+        error ->
+            ?LOG(error, "Received 'gun_data' message from unknown stream ref: ~p", [StreamRef]),
+            {noreply, State};
+        {{_, ExpirationTime, _}, NRequests} when Now > ExpirationTime ->
+            gun:cancel(Client, StreamRef),
+            flush_stream(Client, StreamRef),
+            {noreply, State#state{requests = NRequests}};
+        {{From, ExpirationTime, {StatusCode, Headers, Acc}}, NRequests} ->
+            case IsFin of
+                fin ->
+                    gen_server:reply(From, {ok, StatusCode, Headers, <<Acc/binary, Data/binary>>}),
+                    {noreply, State#state{requests = NRequests}};
+                nofin ->
+                    {noreply, State#state{requests = NRequests#{StreamRef => {From, ExpirationTime, {StatusCode, Headers, <<Acc/binary, Data/binary>>}}}}}
+            end;
+        _ ->
+            ?LOG(error, "Received 'gun_data' message does not match the state"),
+            {noreply, State}
+    end;
+
+handle_info({gun_error, Client, StreamRef, Reason}, State = #state{client = Client, requests = Requests}) ->
+    Now = erlang:system_time(millisecond),
+    case maps:take(StreamRef, Requests) of
+        error ->
+            ?LOG(error, "Received 'gun_error' message from unknown stream ref: ~p~n", [StreamRef]),
+            {noreply, State};
+        {{_, ExpirationTime, _}, NRequests} when Now > ExpirationTime ->
+            {noreply, State#state{requests = NRequests}};
+        {{From, _, _}, NRequests} ->
+            gen_server:reply(From, {error, Reason}),
+            {noreply, State#state{requests = NRequests}}
+    end;
+
+handle_info({gun_up, Client, _}, State = #state{client = Client}) ->
+    {noreply, State#state{gun_state = up}};
+
+handle_info({gun_down, Client, _, Reason, KilledStreams, _}, State = #state{client = Client, requests = Requests}) ->
+    Now = erlang:system_time(millisecond),
+    NRequests = lists:foldl(fun(StreamRef, Acc) ->
+                                case maps:take(StreamRef, Acc) of
+                                    error -> Acc;
+                                    {{_, ExpirationTime, _}, NAcc} when Now > ExpirationTime ->
+                                        NAcc;
+                                    {{From, _, _}, NAcc} ->
+                                        gen_server:reply(From, {error, Reason}),
+                                        NAcc
+                                end
+                            end, Requests, KilledStreams),
+    {noreply, State#state{gun_state = down, requests = NRequests}};
+
+handle_info({'DOWN', MRef, process, Client, Reason}, State = #state{mref = MRef, client = Client, requests = Requests}) ->
+    true = erlang:demonitor(MRef, [flush]),
+    Now = erlang:system_time(millisecond),
+    lists:foreach(fun({_, {_, ExpirationTime, _}}) when Now > ExpirationTime ->
+                      ok;
+                     ({_, {From, _, _}}) ->
+                      gen_server:reply(From, {error, Reason})
+                  end, maps:to_list(Requests)),
+    case open(State#state{requests = #{}}) of
+        {ok, NewState} ->
+            {noreply, NewState};
+        {error, Reason} ->
+            {noreply, State#state{mref = undefined, client = undefined}}
+    end;
+
+handle_info(Info, State) ->
+    ?LOG(error, "Unexpected info: ~p", [Info]),
+    {noreply, State}.
+
+terminate(_Reason, #state{pool = Pool, id = Id}) ->
+    gropc:disconnect_worker(Pool, {Pool, Id}),
+    ok.
+
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
+%%--------------------------------------------------------------------
+%% Internal functions
+%%--------------------------------------------------------------------
+
+open(State = #state{host = Host, port = Port, gun_opts = GunOpts}) ->
+    case gun:open(Host, Port, GunOpts) of
+        {ok, ConnPid} when is_pid(ConnPid) ->
+            MRef = monitor(process, ConnPid),
+            {ok, State#state{mref = MRef, client = ConnPid}};
+        {error, Reason} ->
+            {error, Reason}
+    end.
+
+gun_opts(Opts) ->
+    gun_opts(Opts, #{retry => 5,
+                     retry_timeout => 1000,
+                     connect_timeout => 5000,
+                     protocols => [http],
+                     http_opts => #{keepalive => infinity}}).
+
+gun_opts([], Acc) ->
+    Acc;
+gun_opts([{retry, Retry} | Opts], Acc) ->
+    gun_opts(Opts, Acc#{retry => Retry});
+gun_opts([{retry_timeout, RetryTimeout} | Opts], Acc) ->
+    gun_opts(Opts, Acc#{retry_timeout => RetryTimeout});
+gun_opts([{connect_timeout, ConnectTimeout} | Opts], Acc) ->
+    gun_opts(Opts, Acc#{connect_timeout => ConnectTimeout});
+gun_opts([{transport, Transport} | Opts], Acc) ->
+    gun_opts(Opts, Acc#{transport => Transport});
+gun_opts([{transport_opts, TransportOpts} | Opts], Acc) ->
+    gun_opts(Opts, Acc#{transport_opts => TransportOpts});
+gun_opts([_ | Opts], Acc) ->
+    gun_opts(Opts, Acc).
+
+call(ChannPid, Msg, Timeout) ->
+    gen_server:call(ChannPid, Msg, Timeout).
+
+pick(Pool) ->
+    gproc_pool:pick_worker(Pool).
+
+do_request(Client, get, {Path, Headers}) ->
+    gun:get(Client, Path, Headers);
+do_request(Client, post, {Path, Headers, Body}) ->
+    gun:post(Client, Path, Headers, Body).
+
+flush_stream(Client, StreamRef) ->
+    receive
+        {gun_response, Client, StreamRef, _, _, _} ->
+            flush_stream(Client, StreamRef);
+        {gun_data, Client, StreamRef, _, _} ->
+            flush_stream(Client, StreamRef);
+        {gun_error, Client, StreamRef, _} ->
+            flush_stream(Client, StreamRef)
+	after 0 ->
+		ok
+	end.
\ No newline at end of file
diff --git a/apps/emqx_auth_http/src/emqx_http_client_sup.erl b/apps/emqx_auth_http/src/emqx_http_client_sup.erl
new file mode 100644
index 000000000..dcdd2e4c4
--- /dev/null
+++ b/apps/emqx_auth_http/src/emqx_http_client_sup.erl
@@ -0,0 +1,48 @@
+-module(emqx_http_client_sup).
+
+-behaviour(supervisor).
+
+-export([ start_link/2
+        , init/1
+        , stop_pool/1
+        ]).
+
+start_link(Pool, Opts) ->
+    supervisor:start_link(?MODULE, [Pool, Opts]).
+
+init([Pool, Opts]) ->
+    PoolSize = pool_size(Opts),
+    ok = ensure_pool(Pool, random, [{size, PoolSize}]),
+    {ok, {{one_for_one, 10, 100}, [
+        begin
+            ensure_pool_worker(Pool, {Pool, I}, I),
+            #{id => {Pool, I},
+              start => {emqx_http_client, start_link, [Pool, I, Opts]},
+              restart => transient,
+              shutdown => 5000,
+              type => worker,
+              modules => [emqx_http_client]}
+        end || I <- lists:seq(1, PoolSize)]}}.
+
+
+ensure_pool(Pool, Type, Opts) ->
+    try gproc_pool:new(Pool, Type, Opts)
+    catch
+        error:exists -> ok
+    end.
+
+ensure_pool_worker(Pool, Name, Slot) ->
+    try gproc_pool:add_worker(Pool, Name, Slot)
+    catch
+        error:exists -> ok
+    end.
+
+pool_size(Opts) ->
+    Schedulers = erlang:system_info(schedulers),
+    proplists:get_value(pool_size, Opts, Schedulers).
+
+stop_pool(Name) ->
+    Workers = gproc_pool:defined_workers(Name),
+    [gproc_pool:remove_worker(Name, WokerName) || {WokerName, _, _} <- Workers],
+    gproc_pool:delete(Name),
+    ok.
\ No newline at end of file
diff --git a/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl b/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
index 25ff942c5..79c02c00c 100644
--- a/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
+++ b/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
@@ -64,32 +64,38 @@ set_special_configs(emqx, _Schmea, _Inet) ->
                         emqx_ct_helpers:deps_path(emqx, LoadedPluginPath));
 
 set_special_configs(emqx_auth_http, Schema, Inet) ->
-    AuthReq = maps:from_list(application:get_env(emqx_auth_http, auth_req, [])),
-    SuprReq = maps:from_list(application:get_env(emqx_auth_http, super_req, [])),
-    AclReq  = maps:from_list(application:get_env(emqx_auth_http, acl_req, [])),
-    SvrAddr = http_server_host(Schema, Inet),
+    ServerAddr = http_server(Schema, Inet),
 
-    AuthReq1 = AuthReq#{method := get, url := SvrAddr ++ "/mqtt/auth"},
-    SuprReq1 = SuprReq#{method := post, content_type := 'x-www-form-urlencoded', url := SvrAddr ++ "/mqtt/superuser"},
-    AclReq1  = AclReq #{method := post, content_type := json, url := SvrAddr ++ "/mqtt/acl"},
+    AuthReq = #{method => get,
+                url => ServerAddr ++ "/mqtt/auth",
+                content_type => <<"application/x-www-form-urlencoded">>,
+                params => [{"clientid", "%c"}, {"username", "%u"}, {"password", "%P"}]},
+    SuperReq = #{method => post,
+                 url => ServerAddr ++ "/mqtt/superuser",
+                 content_type => <<"application/x-www-form-urlencoded">>,
+                 params => [{"clientid", "%c"}, {"username", "%u"}]},
+    AclReq = #{method => post,
+               url => ServerAddr ++ "/mqtt/acl",
+               content_type => <<"application/json">>,
+               params => [{"access", "%A"}, {"username", "%u"}, {"clientid", "%c"}, {"ipaddr", "%a"}, {"topic", "%t"}, {"mountpoint", "%m"}]},
 
     Schema =:= https andalso set_https_client_opts(),
 
-    application:set_env(emqx_auth_http, auth_req, maps:to_list(AuthReq1)),
-    application:set_env(emqx_auth_http, super_req, maps:to_list(SuprReq1)),
-    application:set_env(emqx_auth_http, acl_req, maps:to_list(AclReq1)).
+    application:set_env(emqx_auth_http, auth_req, maps:to_list(AuthReq)),
+    application:set_env(emqx_auth_http, super_req, maps:to_list(SuperReq)),
+    application:set_env(emqx_auth_http, acl_req, maps:to_list(AclReq)).
 
 %% @private
 set_https_client_opts() ->
-    HttpOpts = maps:from_list(application:get_env(emqx_auth_http, http_opts, [])),
-    HttpOpts1 = HttpOpts#{ssl => emqx_ct_helpers:client_ssl_twoway()},
-    application:set_env(emqx_auth_http, http_opts, maps:to_list(HttpOpts1)).
+    TransportOpts = emqx_ct_helpers:client_ssl_twoway(),
+    {ok, PoolOpts} = application:get_env(emqx_auth_http, pool_opts),
+    application:set_env(emqx_auth_http, pool_opts, [{transport_opts, TransportOpts}, {transport, ssl} | PoolOpts]).
 
 %% @private
-http_server_host(http, inet) -> "http://127.0.0.1:8991";
-http_server_host(http, inet6) -> "http://[::1]:8991";
-http_server_host(https, inet) -> "https://127.0.0.1:8991";
-http_server_host(https, inet6) -> "https://[::1]:8991".
+http_server(http, inet) -> "http://127.0.0.1:8991";
+http_server(http, inet6) -> "http://[::1]:8991";
+http_server(https, inet) -> "https://127.0.0.1:8991";
+http_server(https, inet6) -> "https://[::1]:8991".
 
 %%------------------------------------------------------------------------------
 %% Testcases
diff --git a/apps/emqx_auth_jwt/.gitignore b/apps/emqx_auth_jwt/.gitignore
index d038bde4d..62e4fbb25 100644
--- a/apps/emqx_auth_jwt/.gitignore
+++ b/apps/emqx_auth_jwt/.gitignore
@@ -25,3 +25,4 @@ rebar3.crashdump
 etc/emqx_auth_jwt.conf.rendered
 .rebar3/
 *.swp
+Mnesia.nonode@nohost/
diff --git a/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf b/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
index b9a1caa04..5a599ca23 100644
--- a/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
+++ b/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
@@ -7,17 +7,28 @@
 ## Value: String
 auth.jwt.secret = emqxsecret
 
+## RSA or ECDSA public key file.
+##
+## Value: File
+#auth.jwt.pubkey = etc/certs/jwt_public_key.pem
+
+## The JWKs server address
+##
+## see: http://self-issued.info/docs/draft-ietf-jose-json-web-key.html
+##
+#auth.jwt.jwks = https://127.0.0.1:8080/jwks
+
+## The JWKs refresh interval
+##
+## Value: Duration
+#auth.jwt.jwks.refresh_interval = 5m
+
 ## From where the JWT string can be got
 ##
 ## Value: username | password
 ## Default: password
 auth.jwt.from = password
 
-## RSA or ECDSA public key file.
-##
-## Value: File
-## auth.jwt.pubkey = etc/certs/jwt_public_key.pem
-
 ## Enable to verify claims fields
 ##
 ## Value: on | off
@@ -31,9 +42,4 @@ auth.jwt.verify_claims = off
 ## Variables:
 ##  - %u: username
 ##  - %c: clientid
-# auth.jwt.verify_claims.username = %u
-
-## The Signature format
-##   - `der`: The erlang default format
-##   - `raw`: Compatible with others platform maybe
-#auth.jwt.signature_format = der
+#auth.jwt.verify_claims.username = %u
diff --git a/apps/emqx_auth_jwt/priv/emqx_auth_jwt.schema b/apps/emqx_auth_jwt/priv/emqx_auth_jwt.schema
index e8210a8cd..3d8de3678 100644
--- a/apps/emqx_auth_jwt/priv/emqx_auth_jwt.schema
+++ b/apps/emqx_auth_jwt/priv/emqx_auth_jwt.schema
@@ -4,6 +4,14 @@
   {datatype, string}
 ]}.
 
+{mapping, "auth.jwt.jwks", "emqx_auth_jwt.jwks", [
+  {datatype, string}
+]}.
+
+{mapping, "auth.jwt.jwks.refresh_interval", "emqx_auth_jwt.refresh_interval", [
+  {datatype, {duration, ms}}
+]}.
+
 {mapping, "auth.jwt.from", "emqx_auth_jwt.from", [
   {default, password},
   {datatype, atom}
@@ -13,6 +21,11 @@
   {datatype, string}
 ]}.
 
+{mapping, "auth.jwt.signature_format", "emqx_auth_jwt.jwerl_opts", [
+  {default, "der"},
+  {datatype, {enum, [raw, der]}}
+]}.
+
 {mapping, "auth.jwt.verify_claims", "emqx_auth_jwt.verify_claims", [
   {default, off},
   {datatype, flag}
@@ -34,15 +47,3 @@
               end, [], cuttlefish_variable:filter_by_prefix("auth.jwt.verify_claims", Conf))
    end
 end}.
-
-{mapping, "auth.jwt.signature_format", "emqx_auth_jwt.jwerl_opts", [
-  {default, "der"},
-  {datatype, {enum, [raw, der]}}
-]}.
-
-{translation, "emqx_auth_jwt.jwerl_opts", fun(Conf) ->
-    Filter = fun(L) -> [I || I <- L, I /= undefined] end,
-    maps:from_list(Filter(
-        [{raw, cuttlefish:conf_get("auth.jwt.signature_format", Conf) == raw}]
-    ))
-end}.
diff --git a/apps/emqx_auth_jwt/rebar.config b/apps/emqx_auth_jwt/rebar.config
index f711075ba..4164d1fed 100644
--- a/apps/emqx_auth_jwt/rebar.config
+++ b/apps/emqx_auth_jwt/rebar.config
@@ -1,5 +1,6 @@
 {deps,
- [{jwerl, {git, "https://github.com/emqx/jwerl.git", {branch, "1.1.1"}}}
+ [
+  {jose, {git, "https://github.com/potatosalad/erlang-jose", {tag, "1.10.1"}}}
  ]}.
 
 {edoc_opts, [{preprocess, true}]}.
diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src b/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src
index 5c76d9114..e5d25e11b 100644
--- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src
+++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src
@@ -3,7 +3,7 @@
   {vsn, "git"},
   {modules, []},
   {registered, [emqx_auth_jwt_sup]},
-  {applications, [kernel,stdlib,jwerl]},
+  {applications, [kernel,stdlib,jose]},
   {mod, {emqx_auth_jwt_app, []}},
   {env, []},
   {licenses, ["Apache-2.0"]},
diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src
new file mode 100644
index 000000000..0c7b8ebf3
--- /dev/null
+++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src
@@ -0,0 +1,10 @@
+%% -*-: erlang -*-
+
+{VSN,
+  [
+    {<<".*">>, []}
+  ],
+  [
+    {<<".*">>, []}
+  ]
+}.
diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl b/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl
index a00bc2577..6be726dc9 100644
--- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl
+++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl
@@ -46,77 +46,31 @@ register_metrics() ->
 %% Authentication callbacks
 %%--------------------------------------------------------------------
 
-check(ClientInfo, AuthResult, Env = #{from := From, checklists := Checklists}) ->
+check(ClientInfo, AuthResult, #{pid := Pid,
+                                from := From,
+                                checklists := Checklists}) ->
     case maps:find(From, ClientInfo) of
         error ->
-            ok = emqx_metrics:inc(?AUTH_METRICS(ignore)),
-            {ok, AuthResult#{auth_result => token_undefined, anonymous => false}};
+            ok = emqx_metrics:inc(?AUTH_METRICS(ignore));
+        {ok, undefined} ->
+            ok = emqx_metrics:inc(?AUTH_METRICS(ignore));
         {ok, Token} ->
-            try jwerl:header(Token) of
-                Headers ->
-                    case verify_token(Headers, Token, Env) of
-                        {ok, Claims} ->
-                            {stop, maps:merge(AuthResult, verify_claims(Checklists, Claims, ClientInfo))};
-                        {error, Reason} ->
-                            ok = emqx_metrics:inc(?AUTH_METRICS(failure)),
-                            {stop, AuthResult#{auth_result => Reason, anonymous => false}}
-                    end
-            catch
-                _Error:Reason ->
-                    ?LOG(error, "Check token error: ~p", [Reason]),
-                    emqx_metrics:inc(?AUTH_METRICS(ignore))
+            case emqx_auth_jwt_svr:verify(Pid, Token) of
+                {error, not_found} ->
+                    ok = emqx_metrics:inc(?AUTH_METRICS(ignore));
+                {error, not_token} ->
+                    ok = emqx_metrics:inc(?AUTH_METRICS(ignore));
+                {error, Reason} ->
+                    ok = emqx_metrics:inc(?AUTH_METRICS(failure)),
+                    {stop, AuthResult#{auth_result => Reason, anonymous => false}};
+                {ok, Claims} ->
+                    {stop, maps:merge(AuthResult, verify_claims(Checklists, Claims, ClientInfo))}
             end
     end.
 
 description() -> "Authentication with JWT".
 
-%%--------------------------------------------------------------------
-%% Verify Token
-%%--------------------------------------------------------------------
-
-verify_token(#{alg := <<"HS", _/binary>>}, _Token, #{secret := undefined}) ->
-    {error, hmac_secret_undefined};
-verify_token(#{alg := Alg = <<"HS", _/binary>>}, Token, #{secret := Secret, opts := Opts}) ->
-    verify_token2(Alg, Token, Secret, Opts);
-
-verify_token(#{alg := <<"RS", _/binary>>}, _Token, #{pubkey := undefined}) ->
-    {error, rsa_pubkey_undefined};
-verify_token(#{alg := Alg = <<"RS", _/binary>>}, Token, #{pubkey := PubKey, opts := Opts}) ->
-    verify_token2(Alg, Token, PubKey, Opts);
-
-verify_token(#{alg := <<"ES", _/binary>>}, _Token, #{pubkey := undefined}) ->
-    {error, ecdsa_pubkey_undefined};
-verify_token(#{alg := Alg = <<"ES", _/binary>>}, Token, #{pubkey := PubKey, opts := Opts}) ->
-    verify_token2(Alg, Token, PubKey, Opts);
-
-verify_token(Header, _Token, _Env) ->
-    ?LOG(error, "Unsupported token algorithm: ~p", [Header]),
-    {error, token_unsupported}.
-
-verify_token2(Alg, Token, SecretOrKey, Opts) ->
-    try jwerl:verify(Token, decode_algo(Alg), SecretOrKey, #{}, Opts) of
-        {ok, Claims}  ->
-            {ok, Claims};
-        {error, Reason} ->
-            {error, Reason}
-    catch
-        _Error:Reason ->
-            {error, Reason}
-    end.
-
-decode_algo(<<"HS256">>) -> hs256;
-decode_algo(<<"HS384">>) -> hs384;
-decode_algo(<<"HS512">>) -> hs512;
-decode_algo(<<"RS256">>) -> rs256;
-decode_algo(<<"RS384">>) -> rs384;
-decode_algo(<<"RS512">>) -> rs512;
-decode_algo(<<"ES256">>) -> es256;
-decode_algo(<<"ES384">>) -> es384;
-decode_algo(<<"ES512">>) -> es512;
-decode_algo(<<"none">>)  -> none;
-decode_algo(Alg) -> throw({error, {unsupported_algorithm, Alg}}).
-
-%%--------------------------------------------------------------------
+%%------------------------------------------------------------------------------
 %% Verify Claims
 %%--------------------------------------------------------------------
 
@@ -143,4 +97,3 @@ feedvar(Checklists, #{username := Username, clientid := ClientId}) ->
                  ({K, <<"%c">>}) -> {K, ClientId};
                  ({K, Expected}) -> {K, Expected}
               end, Checklists).
-
diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt_app.erl b/apps/emqx_auth_jwt/src/emqx_auth_jwt_app.erl
index 511f6e826..736fb28b9 100644
--- a/apps/emqx_auth_jwt/src/emqx_auth_jwt_app.erl
+++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt_app.erl
@@ -28,42 +28,55 @@
 
 -define(APP, emqx_auth_jwt).
 
--define(JWT_ACTION, {emqx_auth_jwt, check, [auth_env()]}).
-
 start(_Type, _Args) ->
-    ok = emqx_auth_jwt:register_metrics(),
-    emqx:hook('client.authenticate', ?JWT_ACTION),
-    supervisor:start_link({local, ?MODULE}, ?MODULE, []).
+    {ok, Sup} = supervisor:start_link({local, ?MODULE}, ?MODULE, []),
 
-stop(_State) ->
-    emqx:unhook('client.authenticate', ?JWT_ACTION).
+    {ok, Pid} = start_auth_server(jwks_svr_options()),
+    ok = emqx_auth_jwt:register_metrics(),
+
+    AuthEnv0 = auth_env(),
+    AuthEnv1 = AuthEnv0#{pid => Pid},
+
+    emqx:hook('client.authenticate', {emqx_auth_jwt, check, [AuthEnv1]}),
+    {ok, Sup, AuthEnv1}.
+
+stop(AuthEnv) ->
+    emqx:unhook('client.authenticate', {emqx_auth_jwt, check, [AuthEnv]}).
 
 %%--------------------------------------------------------------------
 %% Dummy supervisor
 %%--------------------------------------------------------------------
 
 init([]) ->
-    {ok, { {one_for_all, 1, 10}, []} }.
+    {ok, {{one_for_all, 1, 10}, []}}.
+
+start_auth_server(Options) ->
+    Spec = #{id => jwt_svr,
+             start => {emqx_auth_jwt_svr, start_link, [Options]},
+             restart => permanent,
+             shutdown => brutal_kill,
+             type => worker,
+             modules => [emqx_auth_jwt_svr]},
+    supervisor:start_child(?MODULE, Spec).
 
 %%--------------------------------------------------------------------
 %% Internal functions
 %%--------------------------------------------------------------------
 
 auth_env() ->
-    #{secret     => env(secret, undefined),
-      from       => env(from, password),
-      pubkey     => read_pubkey(),
-      checklists => env(verify_claims, []),
-      opts       => env(jwerl_opts, #{})
+    Checklists = [{atom_to_binary(K, utf8), V}
+                  || {K, V} <- env(verify_claims, [])],
+    #{ from => env(from, password)
+     , checklists => Checklists
      }.
 
-read_pubkey() ->
-    case env(pubkey, undefined) of
-        undefined  -> undefined;
-        Path ->
-            {ok, PubKey} = file:read_file(Path), PubKey
-    end.
+jwks_svr_options() ->
+    [{K, V} || {K, V}
+             <- [{secret, env(secret, undefined)},
+                 {pubkey, env(pubkey, undefined)},
+                 {jwks_addr, env(jwks, undefined)},
+                 {interval, env(refresh_interval, undefined)}],
+             V /= undefined].
 
 env(Key, Default) ->
     application:get_env(?APP, Key, Default).
-
diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl b/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl
new file mode 100644
index 000000000..b347d0e0b
--- /dev/null
+++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl
@@ -0,0 +1,222 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_auth_jwt_svr).
+
+-behaviour(gen_server).
+
+-include_lib("emqx/include/logger.hrl").
+-include_lib("jose/include/jose_jwk.hrl").
+
+-logger_header("[JWT-SVR]").
+
+%% APIs
+-export([start_link/1]).
+
+-export([verify/2]).
+
+%% gen_server callbacks
+-export([ init/1
+        , handle_call/3
+        , handle_cast/2
+        , handle_info/2
+        , terminate/2
+        , code_change/3
+        ]).
+
+-type options() :: [option()].
+-type option() :: {secret, list()}
+                | {pubkey, list()}
+                | {jwks_addr, list()}
+                | {interval, pos_integer()}.
+
+-define(INTERVAL, 300000).
+
+-record(state, {static, remote, addr, tref, intv}).
+
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
+-spec start_link(options()) -> gen_server:start_ret().
+start_link(Options) ->
+    gen_server:start_link(?MODULE, [Options], []).
+
+-spec verify(pid(), binary())
+    -> {error, term()}
+     | {ok, Payload :: map()}.
+verify(S, JwsCompacted) when is_binary(JwsCompacted) ->
+    case catch jose_jws:peek(JwsCompacted) of
+        {'EXIT', _} -> {error, not_token};
+        _ -> gen_server:call(S, {verify, JwsCompacted})
+    end.
+
+%%--------------------------------------------------------------------
+%% gen_server callbacks
+%%--------------------------------------------------------------------
+
+init([Options]) ->
+    ok = jose:json_module(jiffy),
+    {Static, Remote} = do_init_jwks(Options),
+    Intv = proplists:get_value(interval, Options, ?INTERVAL),
+    {ok, reset_timer(
+           #state{
+              static = Static,
+              remote = Remote,
+              addr = proplists:get_value(jwks_addr, Options),
+              intv = Intv})}.
+
+%% @private
+do_init_jwks(Options) ->
+    K2J = fun(K, F) ->
+              case proplists:get_value(K, Options) of
+                  undefined -> undefined;
+                  V ->
+                     try F(V) of
+                         {error, Reason} ->
+                             ?LOG(warning, "Build ~p JWK ~p failed: {error, ~p}~n",
+                                  [K, V, Reason]),
+                             undefined;
+                         J -> J
+                     catch T:R:_ ->
+                         ?LOG(warning, "Build ~p JWK ~p failed: {~p, ~p}~n",
+                              [K, V, T, R]),
+                         undefined
+                     end
+              end
+          end,
+    OctJwk = K2J(secret, fun(V) ->
+                             jose_jwk:from_oct(list_to_binary(V))
+                         end),
+    PemJwk = K2J(pubkey, fun jose_jwk:from_pem_file/1),
+    Remote = K2J(jwks_addr, fun request_jwks/1),
+    {[J ||J <- [OctJwk, PemJwk], J /= undefined], Remote}.
+
+handle_call({verify, JwsCompacted}, _From, State) ->
+    handle_verify(JwsCompacted, State);
+
+handle_call(_Req, _From, State) ->
+    {reply, ok, State}.
+
+handle_cast(_Msg, State) ->
+    {noreply, State}.
+
+handle_info({timeout, _TRef, refresh}, State = #state{addr = Addr}) ->
+    NState = try
+                 State#state{remote = request_jwks(Addr)}
+             catch _:_ ->
+                 State
+             end,
+    {noreply, reset_timer(NState)};
+
+handle_info(_Info, State) ->
+    {noreply, State}.
+
+terminate(_Reason, State) ->
+    _ = cancel_timer(State),
+    ok.
+
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
+%%--------------------------------------------------------------------
+%% Internal funcs
+%%--------------------------------------------------------------------
+
+handle_verify(JwsCompacted,
+              State = #state{static = Static, remote = Remote}) ->
+    try
+        Jwks = case emqx_json:decode(jose_jws:peek_protected(JwsCompacted), [return_maps]) of
+                   #{<<"kid">> := Kid} ->
+                       [J || J <- Remote, maps:get(<<"kid">>, J#jose_jwk.fields, undefined) =:= Kid];
+                   _ -> Static
+               end,
+        case Jwks of
+            [] -> {reply, {error, not_found}, State};
+            _ ->
+                {reply, do_verify(JwsCompacted, Jwks), State}
+        end
+    catch
+        _:_ ->
+            {reply, {error, invalid_signature}, State}
+    end.
+
+request_jwks(Addr) ->
+    case httpc:request(get, {Addr, []}, [], [{body_format, binary}]) of
+        {error, Reason} ->
+            error(Reason);
+        {ok, {_Code, _Headers, Body}} ->
+            try
+                JwkSet = jose_jwk:from(emqx_json:decode(Body, [return_maps])),
+                {_, Jwks} = JwkSet#jose_jwk.keys, Jwks
+            catch _:_ ->
+                ?LOG(error, "Invalid jwks server response: ~p~n", [Body]),
+                error(badarg)
+            end
+    end.
+
+reset_timer(State = #state{addr = undefined}) ->
+    State;
+reset_timer(State = #state{intv = Intv}) ->
+    State#state{tref = erlang:start_timer(Intv, self(), refresh)}.
+
+cancel_timer(State = #state{tref = undefined}) ->
+    State;
+cancel_timer(State = #state{tref = TRef}) ->
+    erlang:cancel_timer(TRef),
+    State#state{tref = undefined}.
+
+do_verify(_JwsCompated, []) ->
+    {error, invalid_signature};
+do_verify(JwsCompacted, [Jwk|More]) ->
+    case jose_jws:verify(Jwk, JwsCompacted) of
+        {true, Payload, _Jws} ->
+            Claims = emqx_json:decode(Payload, [return_maps]),
+            case check_claims(Claims) of
+                false ->
+                    {error, invalid_signature};
+                NClaims ->
+                    {ok, NClaims}
+            end;
+        {false, _, _} ->
+            do_verify(JwsCompacted, More)
+    end.
+
+check_claims(Claims) ->
+    Now = os:system_time(seconds),
+    Checker = [{<<"exp">>, fun(ExpireTime) ->
+                               Now < ExpireTime
+                           end},
+               {<<"iat">>, fun(IssueAt) ->
+                               IssueAt =< Now
+                           end},
+               {<<"nbf">>, fun(NotBefore) ->
+                               NotBefore =< Now
+                           end}
+              ],
+    do_check_claim(Checker, Claims).
+
+do_check_claim([], Claims) ->
+    Claims;
+do_check_claim([{K, F}|More], Claims) ->
+    case maps:take(K, Claims) of
+        error -> do_check_claim(More, Claims);
+        {V, NClaims} ->
+            case F(V) of
+                true -> do_check_claim(More, NClaims);
+                _ -> false
+            end
+    end.
diff --git a/apps/emqx_auth_jwt/test/emqx_auth_jwt_SUITE.erl b/apps/emqx_auth_jwt/test/emqx_auth_jwt_SUITE.erl
index 190c3db14..12f307b2a 100644
--- a/apps/emqx_auth_jwt/test/emqx_auth_jwt_SUITE.erl
+++ b/apps/emqx_auth_jwt/test/emqx_auth_jwt_SUITE.erl
@@ -16,8 +16,8 @@
 
 -module(emqx_auth_jwt_SUITE).
 
--compile(nowarn_export_all).
 -compile(export_all).
+-compile(nowarn_export_all).
 
 -include_lib("emqx/include/emqx.hrl").
 -include_lib("eunit/include/eunit.hrl").
@@ -61,28 +61,34 @@ set_special_configs(emqx_auth_jwt) ->
 set_special_configs(_) ->
     ok.
 
+sign(Payload, Alg, Key) ->
+    Jwk = jose_jwk:from_oct(Key),
+    Jwt = emqx_json:encode(Payload),
+    {_, Token} = jose_jws:compact(jose_jwt:sign(Jwk, #{<<"alg">> => Alg}, Jwt)),
+    Token.
+
 %%------------------------------------------------------------------------------
 %% Testcases
 %%------------------------------------------------------------------------------
 
 t_check_auth(_) ->
     Plain = #{clientid => <<"client1">>, username => <<"plain">>, zone => external},
-    Jwt = jwerl:sign([{clientid, <<"client1">>},
-                      {username, <<"plain">>},
-                      {exp, os:system_time(seconds) + 3}], hs256, <<"emqxsecret">>),
+    Jwt = sign([{clientid, <<"client1">>},
+                {username, <<"plain">>},
+                {exp, os:system_time(seconds) + 3}], <<"HS256">>, <<"emqxsecret">>),
     ct:pal("Jwt: ~p~n", [Jwt]),
 
     Result0 = emqx_access_control:authenticate(Plain#{password => Jwt}),
     ct:pal("Auth result: ~p~n", [Result0]),
-    ?assertMatch({ok, #{auth_result := success, jwt_claims := #{clientid := <<"client1">>}}}, Result0),
+    ?assertMatch({ok, #{auth_result := success, jwt_claims := #{<<"clientid">> := <<"client1">>}}}, Result0),
 
     ct:sleep(3100),
     Result1 = emqx_access_control:authenticate(Plain#{password => Jwt}),
     ct:pal("Auth result after 1000ms: ~p~n", [Result1]),
     ?assertMatch({error, _}, Result1),
 
-    Jwt_Error = jwerl:sign([{clientid, <<"client1">>},
-                            {username, <<"plain">>}], hs256, <<"secret">>),
+    Jwt_Error = sign([{client_id, <<"client1">>},
+                      {username, <<"plain">>}], <<"HS256">>, <<"secret">>),
     ct:pal("invalid jwt: ~p~n", [Jwt_Error]),
     Result2 = emqx_access_control:authenticate(Plain#{password => Jwt_Error}),
     ct:pal("Auth result for the invalid jwt: ~p~n", [Result2]),
@@ -92,15 +98,15 @@ t_check_auth(_) ->
 t_check_claims(_) ->
     application:set_env(emqx_auth_jwt, verify_claims, [{sub, <<"value">>}]),
     Plain = #{clientid => <<"client1">>, username => <<"plain">>, zone => external},
-    Jwt = jwerl:sign([{clientid, <<"client1">>},
-                      {username, <<"plain">>},
-                      {sub, value},
-                      {exp, os:system_time(seconds) + 3}], hs256, <<"emqxsecret">>),
+    Jwt = sign([{client_id, <<"client1">>},
+                {username, <<"plain">>},
+                {sub, value},
+                {exp, os:system_time(seconds) + 3}], <<"HS256">>, <<"emqxsecret">>),
     Result0 = emqx_access_control:authenticate(Plain#{password => Jwt}),
     ct:pal("Auth result: ~p~n", [Result0]),
     ?assertMatch({ok, #{auth_result := success, jwt_claims := _}}, Result0),
-    Jwt_Error = jwerl:sign([{clientid, <<"client1">>},
-                            {username, <<"plain">>}], hs256, <<"secret">>),
+    Jwt_Error = sign([{clientid, <<"client1">>},
+                       {username, <<"plain">>}], <<"HS256">>, <<"secret">>),
     Result2 = emqx_access_control:authenticate(Plain#{password => Jwt_Error}),
     ct:pal("Auth result for the invalid jwt: ~p~n", [Result2]),
     ?assertEqual({error, invalid_signature}, Result2).
@@ -108,14 +114,14 @@ t_check_claims(_) ->
 t_check_claims_clientid(_) ->
     application:set_env(emqx_auth_jwt, verify_claims, [{clientid, <<"%c">>}]),
     Plain = #{clientid => <<"client23">>, username => <<"plain">>, zone => external},
-    Jwt = jwerl:sign([{clientid, <<"client23">>},
-                      {username, <<"plain">>},
-                      {exp, os:system_time(seconds) + 3}], hs256, <<"emqxsecret">>),
+    Jwt = sign([{client_id, <<"client23">>},
+                {username, <<"plain">>},
+                {exp, os:system_time(seconds) + 3}], <<"HS256">>, <<"emqxsecret">>),
     Result0 = emqx_access_control:authenticate(Plain#{password => Jwt}),
     ct:pal("Auth result: ~p~n", [Result0]),
     ?assertMatch({ok, #{auth_result := success, jwt_claims := _}}, Result0),
-    Jwt_Error = jwerl:sign([{clientid, <<"client1">>},
-                            {username, <<"plain">>}], hs256, <<"secret">>),
+    Jwt_Error = sign([{clientid, <<"client1">>},
+                      {username, <<"plain">>}], <<"HS256">>, <<"secret">>),
     Result2 = emqx_access_control:authenticate(Plain#{password => Jwt_Error}),
     ct:pal("Auth result for the invalid jwt: ~p~n", [Result2]),
     ?assertEqual({error, invalid_signature}, Result2).
@@ -123,15 +129,14 @@ t_check_claims_clientid(_) ->
 t_check_claims_username(_) ->
     application:set_env(emqx_auth_jwt, verify_claims, [{username, <<"%u">>}]),
     Plain = #{clientid => <<"client23">>, username => <<"plain">>, zone => external},
-    Jwt = jwerl:sign([{clientid, <<"client23">>},
-                      {username, <<"plain">>},
-                      {exp, os:system_time(seconds) + 3}], hs256, <<"emqxsecret">>),
+    Jwt = sign([{client_id, <<"client23">>},
+                {username, <<"plain">>},
+                {exp, os:system_time(seconds) + 3}], <<"HS256">>, <<"emqxsecret">>),
     Result0 = emqx_access_control:authenticate(Plain#{password => Jwt}),
     ct:pal("Auth result: ~p~n", [Result0]),
     ?assertMatch({ok, #{auth_result := success, jwt_claims := _}}, Result0),
-    Jwt_Error = jwerl:sign([{clientid, <<"client1">>},
-                            {username, <<"plain">>}], hs256, <<"secret">>),
+    Jwt_Error = sign([{clientid, <<"client1">>},
+                      {username, <<"plain">>}], <<"HS256">>, <<"secret">>),
     Result3 = emqx_access_control:authenticate(Plain#{password => Jwt_Error}),
     ct:pal("Auth result for the invalid jwt: ~p~n", [Result3]),
     ?assertEqual({error, invalid_signature}, Result3).
-
diff --git a/apps/emqx_auth_ldap/rebar.config b/apps/emqx_auth_ldap/rebar.config
index 983d6b88c..c155efaed 100644
--- a/apps/emqx_auth_ldap/rebar.config
+++ b/apps/emqx_auth_ldap/rebar.config
@@ -1,6 +1,6 @@
 {deps,
  [{eldap2, {git, "https://github.com/emqx/eldap2", {tag, "v0.2.2"}}},
-  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
+  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.0"}}},
   {emqx_passwd, {git, "https://github.com/emqx/emqx-passwd", {tag, "v1.1.1"}}}
  ]}.
 
diff --git a/apps/emqx_auth_mongo/rebar.config b/apps/emqx_auth_mongo/rebar.config
index cebbf68f9..b946b5a95 100644
--- a/apps/emqx_auth_mongo/rebar.config
+++ b/apps/emqx_auth_mongo/rebar.config
@@ -1,6 +1,6 @@
 {deps,
  [{mongodb, {git,"https://github.com/emqx/mongodb-erlang", {tag, "v3.0.7"}}},
-  {ecpool, {git,"https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
+  {ecpool, {git,"https://github.com/emqx/ecpool", {tag, "0.5.0"}}},
   {emqx_passwd, {git, "https://github.com/emqx/emqx-passwd", {tag, "v1.1.1"}}}
  ]}.
 
@@ -28,7 +28,7 @@
  [{test,
    [{deps,
      [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helper", {tag, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
      ]},
     {erl_opts, [debug_info]}
    ]}
diff --git a/apps/emqx_auth_mysql/rebar.config b/apps/emqx_auth_mysql/rebar.config
index c77aef44c..2a0aa4138 100644
--- a/apps/emqx_auth_mysql/rebar.config
+++ b/apps/emqx_auth_mysql/rebar.config
@@ -28,7 +28,7 @@
  [{test,
    [{deps,
      [{emqx_ct_helpers, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
      ]},
     {erl_opts, [debug_info]}
    ]}
diff --git a/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src b/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src
index e4c16f92b..a4c8410af 100644
--- a/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src
+++ b/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src
@@ -1,25 +1,9 @@
 %% -*-: erlang -*-
-{"4.2.3",
+{VSN,
    [
-    {"4.2.2", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.1", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.0", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]}
+     {<<".*">>, []}
    ],
    [
-     {"4.2.2", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.1", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.0", [
-       {load_module, emqx_auth_mysql_cli, brutal_purge, soft_purge, []}
-     ]}
+     {<<".*">>, []}
    ]
 }.
diff --git a/apps/emqx_auth_pgsql/rebar.config b/apps/emqx_auth_pgsql/rebar.config
index 469412195..98b95fce7 100644
--- a/apps/emqx_auth_pgsql/rebar.config
+++ b/apps/emqx_auth_pgsql/rebar.config
@@ -1,6 +1,6 @@
 {deps,
  [{epgsql, {git, "https://github.com/epgsql/epgsql", {tag, "4.4.0"}}},
-  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
+  {ecpool, {git,"https://github.com/emqx/ecpool", {tag, "0.5.0"}}},
   {emqx_passwd, {git, "https://github.com/emqx/emqx-passwd", {tag, "v1.1.1"}}}
  ]}.
 
@@ -26,7 +26,7 @@
  [{test,
    [{deps,
      [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helper", {branch, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
      ]},
     {erl_opts, [debug_info]}
    ]}
diff --git a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src
index 657b119a1..a4c8410af 100644
--- a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src
+++ b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src
@@ -1,25 +1,9 @@
 %% -*-: erlang -*-
-{"4.2.3",
+{VSN,
    [
-     {"4.2.2", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.1", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.0", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]}
+     {<<".*">>, []}
    ],
    [
-     {"4.2.2", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.1", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]},
-     {"4.2.0", [
-       {load_module, emqx_auth_pgsql_cli, brutal_purge, soft_purge, []}
-     ]}
+     {<<".*">>, []}
    ]
 }.
diff --git a/apps/emqx_auth_redis/.gitignore b/apps/emqx_auth_redis/.gitignore
index d7472fa8f..0cfec36f4 100644
--- a/apps/emqx_auth_redis/.gitignore
+++ b/apps/emqx_auth_redis/.gitignore
@@ -22,3 +22,5 @@ erlang.mk
 .rebar3/
 *.swp
 rebar.lock
+/.idea/
+.DS_Store
diff --git a/apps/emqx_auth_redis/rebar.config b/apps/emqx_auth_redis/rebar.config
index 5fac9befb..367b74acd 100644
--- a/apps/emqx_auth_redis/rebar.config
+++ b/apps/emqx_auth_redis/rebar.config
@@ -1,6 +1,6 @@
 {deps,
- [{eredis_cluster, {git, "https://github.com/emqx/eredis_cluster", {tag, "0.6.2"}}},
-  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
+ [{eredis_cluster, {git, "https://github.com/emqx/eredis_cluster", {tag, "0.6.3"}}},
+  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.0"}}},
   {emqx_passwd, {git, "https://github.com/emqx/emqx-passwd", {tag, "v1.1.1"}}}
  ]}.
 
@@ -26,7 +26,7 @@
  [{test,
    [{deps,
      [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helper", {tag, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
      ]},
     {erl_opts, [debug_info]}
    ]}
diff --git a/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src b/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src
index 671b9274f..d05d8148f 100644
--- a/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src
+++ b/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src
@@ -1,36 +1,10 @@
-{"4.2.3",
+%% -*-: erlang -*-
+
+{VSN,
    [
-     {"4.2.2", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     },
-     {"4.2.1", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     },
-     {"4.2.0", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     }
+     {<<".*">>, []}
    ],
    [
-     {"4.2.2", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     },
-     {"4.2.1", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     },
-     {"4.2.0", [
-                    {load_module, emqx_auth_redis_cli, brutal_purge, soft_purge, []},
-                    {load_module, emqx_auth_redis_sup, brutal_purge, soft_purge, []}
-               ]
-     }
+     {<<".*">>, []}
    ]
-}.
\ No newline at end of file
+}.
diff --git a/apps/emqx_auth_redis/src/emqx_auth_redis_sup.erl b/apps/emqx_auth_redis/src/emqx_auth_redis_sup.erl
index 6066a306a..83112976d 100644
--- a/apps/emqx_auth_redis/src/emqx_auth_redis_sup.erl
+++ b/apps/emqx_auth_redis/src/emqx_auth_redis_sup.erl
@@ -35,7 +35,7 @@ pool_spec(Server) ->
     Options = application:get_env(?APP, options, []),
     case proplists:get_value(type, Server) of
         cluster ->
-            eredis_cluster:start_pool(?APP, Server ++ Options),
+            {ok, _} = eredis_cluster:start_pool(?APP, Server ++ Options),
             [];
         _ ->
             [ecpool:pool_spec(?APP, ?APP, emqx_auth_redis_cli, Server ++ Options)]
diff --git a/apps/emqx_bridge_mqtt/rebar.config b/apps/emqx_bridge_mqtt/rebar.config
index 1c9f5cbdd..8440b2e33 100644
--- a/apps/emqx_bridge_mqtt/rebar.config
+++ b/apps/emqx_bridge_mqtt/rebar.config
@@ -1,7 +1,7 @@
 {deps,
  [{replayq, {git, "https://github.com/emqx/replayq", {tag, "v0.2.0"}}},
-  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
-  {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+  {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.0"}}},
+  {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
  ]}.
 
 {edoc_opts, [{preprocess, true}]}.
diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src
index 8264abc25..f6d128b08 100644
--- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src
+++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src
@@ -1,32 +1,10 @@
 %% -*-: erlang -*-
 
-{"4.2.3",
+{VSN,
   [
-    {"4.2.2", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]},
-    {"4.2.1", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]},
-    {"4.2.0", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]}
+    {<<".*">>, []}
   ],
   [
-    {"4.2.2", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]},
-    {"4.2.1", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]},
-    {"4.2.0", [
-      {load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []},
-      {apply, {emqx_rule_engine, load_providers, []}}
-    ]}
+    {<<"*.">>, []}
   ]
 }.
diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.erl b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.erl
index c189a2ea2..19c0c5711 100644
--- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.erl
+++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.erl
@@ -31,6 +31,12 @@
         , ensure_unsubscribed/2
         ]).
 
+%% callbacks for emqtt
+-export([ handle_puback/2
+        , handle_publish/2
+        , handle_disconnected/2
+        ]).
+
 -include_lib("emqx/include/logger.hrl").
 -include_lib("emqx/include/emqx_mqtt.hrl").
 
@@ -134,23 +140,23 @@ send(#{client_pid := ClientPid} = Conn, [Msg | Rest], _PktId) ->
     end.
 
 
-handle_puback(Parent, #{packet_id := PktId, reason_code := RC})
+handle_puback(#{packet_id := PktId, reason_code := RC}, Parent)
   when RC =:= ?RC_SUCCESS;
        RC =:= ?RC_NO_MATCHING_SUBSCRIBERS ->
     Parent ! {batch_ack, PktId}, ok;
-handle_puback(_Parent, #{packet_id := PktId, reason_code := RC}) ->
+handle_puback(#{packet_id := PktId, reason_code := RC}, _Parent) ->
     ?LOG(warning, "Publish ~p to remote node falied, reason_code: ~p", [PktId, RC]).
 
 handle_publish(Msg, Mountpoint) ->
     emqx_broker:publish(emqx_bridge_msg:to_broker_msg(Msg, Mountpoint)).
 
-handle_disconnected(Parent, Reason) ->
+handle_disconnected(Reason, Parent) ->
     Parent ! {disconnected, self(), Reason}.
 
 make_hdlr(Parent, Mountpoint) ->
-    #{puback => fun(Ack) -> handle_puback(Parent, Ack) end,
-      publish => fun(Msg) -> handle_publish(Msg, Mountpoint) end,
-      disconnected => fun(Reason) -> handle_disconnected(Parent, Reason) end
+    #{puback => {fun ?MODULE:handle_puback/2, [Parent]},
+      publish => {fun ?MODULE:handle_publish/2, [Mountpoint]},
+      disconnected => {fun ?MODULE:handle_disconnected/2, [Parent]}
      }.
 
 subscribe_remote_topics(ClientPid, Subscriptions) ->
diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl
index e46c6d05b..7708521e8 100644
--- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl
+++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl
@@ -20,6 +20,7 @@
 
 -include_lib("emqx/include/emqx.hrl").
 -include_lib("emqx/include/logger.hrl").
+-include_lib("emqx_rule_engine/include/rule_actions.hrl").
 
 -import(emqx_rule_utils, [str/1]).
 
@@ -33,7 +34,9 @@
 
 -export([subscriptions/1]).
 
--export([on_action_create_data_to_mqtt_broker/2]).
+-export([ on_action_create_data_to_mqtt_broker/2
+        , on_action_data_to_mqtt_broker/2
+        ]).
 
 -define(RESOURCE_TYPE_MQTT, 'bridge_mqtt').
 -define(RESOURCE_TYPE_MQTT_SUB, 'bridge_mqtt_sub').
@@ -625,32 +628,42 @@ on_resource_destroy(ResId, #{<<"pool">> := PoolName}) ->
                 error({{?RESOURCE_TYPE_MQTT, ResId}, destroy_failed})
         end.
 
-on_action_create_data_to_mqtt_broker(_Id, #{<<"pool">> := PoolName,
-                                            <<"forward_topic">> := ForwardTopic,
-                                            <<"payload_tmpl">> := PayloadTmpl}) ->
+on_action_create_data_to_mqtt_broker(ActId, Opts = #{<<"pool">> := PoolName,
+                                                     <<"forward_topic">> := ForwardTopic,
+                                                     <<"payload_tmpl">> := PayloadTmpl}) ->
     ?LOG(info, "Initiating Action ~p.", [?FUNCTION_NAME]),
     PayloadTks = emqx_rule_utils:preproc_tmpl(PayloadTmpl),
     TopicTks = case ForwardTopic == <<"">> of
         true -> undefined;
         false -> emqx_rule_utils:preproc_tmpl(ForwardTopic)
     end,
-    fun(Msg, _Env = #{id := Id, clientid := From, flags := Flags,
-                      topic := Topic, timestamp := TimeStamp, qos := QoS}) ->
-            Topic1 = case TopicTks =:= undefined of
-                true -> Topic;
-                false -> emqx_rule_utils:proc_tmpl(TopicTks, Msg)
-            end,
-            BrokerMsg = #message{id = Id,
-                                 qos = QoS,
-                                 from = From,
-                                 flags = Flags,
-                                 topic = Topic1,
-                                 payload = format_data(PayloadTks, Msg),
-                                 timestamp = TimeStamp},
-            ecpool:with_client(PoolName, fun(BridgePid) ->
-                                             BridgePid ! {deliver, rule_engine, BrokerMsg}
-                                         end)
-    end.
+    Opts.
+
+on_action_data_to_mqtt_broker(Msg, _Env =
+                              #{id := Id, clientid := From, flags := Flags,
+                                topic := Topic, timestamp := TimeStamp, qos := QoS,
+                                ?BINDING_KEYS := #{
+                                    'ActId' := ActId,
+                                    'PoolName' := PoolName,
+                                    'TopicTks' := TopicTks,
+                                    'PayloadTks' := PayloadTks
+                                }}) ->
+    Topic1 = case TopicTks =:= undefined of
+        true -> Topic;
+        false -> emqx_rule_utils:proc_tmpl(TopicTks, Msg)
+    end,
+    BrokerMsg = #message{id = Id,
+                         qos = QoS,
+                         from = From,
+                         flags = Flags,
+                         topic = Topic1,
+                         payload = format_data(PayloadTks, Msg),
+                         timestamp = TimeStamp},
+    ecpool:with_client(PoolName,
+      fun(BridgePid) ->
+        BridgePid ! {deliver, rule_engine, BrokerMsg}
+      end),
+    emqx_rule_metrics:inc_actions_success(ActId).
 
 format_data([], Msg) ->
     emqx_json:encode(Msg);
diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_worker.erl b/apps/emqx_bridge_mqtt/src/emqx_bridge_worker.erl
index 2078fe41a..768cd3258 100644
--- a/apps/emqx_bridge_mqtt/src/emqx_bridge_worker.erl
+++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_worker.erl
@@ -16,7 +16,7 @@
 
 %% @doc Bridge works in two layers (1) batching layer (2) transport layer
 %% The `bridge' batching layer collects local messages in batches and sends over
-%% to remote MQTT node/cluster via `connetion' transport layer.
+%% to remote MQTT node/cluster via `connection' transport layer.
 %% In case `REMOTE' is also an EMQX node, `connection' is recommended to be
 %% the `gen_rpc' based implementation `emqx_bridge_rpc'. Otherwise `connection'
 %% has to be `emqx_bridge_mqtt'.
@@ -98,6 +98,9 @@
         , ensure_subscription_absent/2
         ]).
 
+%% Internal
+-export([msg_marshaller/1]).
+
 -export_type([ config/0
              , batch/0
              , ack_ref/0
@@ -232,13 +235,10 @@ init(Config) ->
     State = init_opts(Config),
     Topics = [iolist_to_binary(T) || T <- Forwards],
     Subs = check_subscriptions(Subscriptions),
-    ConnectConfig = get_conn_cfg(Config),
-    ConnectFun = fun(SubsX) ->
-        emqx_bridge_connect:start(ConnectModule, ConnectConfig#{subscriptions => SubsX})
-    end,
+    ConnectCfg = get_conn_cfg(Config),
     self() ! idle,
     {ok, idle, State#{connect_module => ConnectModule,
-                      connect_fun => ConnectFun,
+                      connect_cfg => ConnectCfg,
                       forwards => Topics,
                       subscriptions => Subs,
                       replayq => Queue
@@ -276,7 +276,7 @@ open_replayq(Config) ->
         false -> #{dir => Dir, seg_bytes => SegBytes, max_total_size => MaxTotalSize}
     end,
     replayq:open(QueueConfig#{sizer => fun emqx_bridge_msg:estimate_size/1,
-                              marshaller => fun msg_marshaller/1}).
+                              marshaller => fun ?MODULE:msg_marshaller/1}).
 
 check_subscriptions(Subscriptions) ->
     lists:map(fun({Topic, QoS}) ->
@@ -433,10 +433,11 @@ is_topic_present(Topic, Topics) ->
 
 do_connect(#{forwards := Forwards,
              subscriptions := Subs,
-             connect_fun := ConnectFun,
+             connect_module := ConnectModule,
+             connect_cfg := ConnectCfg,
              name := Name} = State) ->
     ok = subscribe_local_topics(Forwards, Name),
-    case ConnectFun(Subs) of
+    case emqx_bridge_connect:start(ConnectModule, ConnectCfg#{subscriptions => Subs}) of
         {ok, Conn} ->
             ?LOG(info, "Bridge ~p is connecting......", [Name]),
             {ok, eval_bridge_handler(State#{connection => Conn}, connected)};
diff --git a/apps/emqx_coap/src/emqx_coap_server.erl b/apps/emqx_coap/src/emqx_coap_server.erl
index d3ed1a96e..0d571fac3 100644
--- a/apps/emqx_coap/src/emqx_coap_server.erl
+++ b/apps/emqx_coap/src/emqx_coap_server.erl
@@ -22,6 +22,12 @@
         , stop/1
         ]).
 
+-export([ start_listener/1
+        , start_listener/3
+        , stop_listener/1
+        , stop_listener/2
+        ]).
+
 %%--------------------------------------------------------------------
 %% APIs
 %%--------------------------------------------------------------------
diff --git a/apps/emqx_dashboard/src/emqx_dashboard.erl b/apps/emqx_dashboard/src/emqx_dashboard.erl
index 292f2c453..cbf0d81d5 100644
--- a/apps/emqx_dashboard/src/emqx_dashboard.erl
+++ b/apps/emqx_dashboard/src/emqx_dashboard.erl
@@ -25,6 +25,11 @@
         , stop_listeners/0
         ]).
 
+%% for minirest
+-export([ filter/1
+        , is_authorized/1
+        ]).
+
 -define(APP, ?MODULE).
 
 %%--------------------------------------------------------------------
@@ -81,7 +86,9 @@ listener_name(Proto) ->
 
 http_handlers() ->
     Plugins = lists:map(fun(Plugin) -> Plugin#plugin.name end, emqx_plugins:list()),
-    [{"/api/v4/", minirest:handler(#{apps => Plugins, filter => fun filter/1}),[{authorization, fun is_authorized/1}]}].
+    [{"/api/v4/",
+      minirest:handler(#{apps => Plugins, filter => fun ?MODULE:filter/1}),
+      [{authorization, fun ?MODULE:is_authorized/1}]}].
 
 %%--------------------------------------------------------------------
 %% Basic Authorization
diff --git a/apps/emqx_exhook/.github/workflows/run_test_cases.yaml b/apps/emqx_exhook/.github/workflows/run_test_cases.yaml
index fed706984..9970ed321 100644
--- a/apps/emqx_exhook/.github/workflows/run_test_cases.yaml
+++ b/apps/emqx_exhook/.github/workflows/run_test_cases.yaml
@@ -2,7 +2,7 @@ name: Run test cases
 
 on: [push, pull_request]
 
-jobs:    
+jobs:
     run_test_cases:
         runs-on: ubuntu-latest
 
@@ -11,21 +11,18 @@ jobs:
 
         steps:
             - uses: actions/checkout@v1
-            - uses: actions/setup-java@v1
-              with:
-                java-version: '8.0.x'
-                java-package: jdk
-            - name: run test cases
+            - name: Code dialyzer
               run: |
-                make eunit  
+                make xref
+                make dialyzer
+            - name: Run test cases
+              run: |
+                make eunit
+                make proper
                 make ct
                 make cover
             - uses: actions/upload-artifact@v1
-              if: always()
+              if: failure()
               with:
                 name: logs
                 path: _build/test/logs
-            - uses: actions/upload-artifact@v1
-              with:
-                name: cover
-                path: _build/test/cover
diff --git a/apps/emqx_exhook/.gitignore b/apps/emqx_exhook/.gitignore
index 9ecba8017..da1f0db23 100644
--- a/apps/emqx_exhook/.gitignore
+++ b/apps/emqx_exhook/.gitignore
@@ -23,3 +23,7 @@ data/
 *.pyc
 .DS_Store
 *.class
+Mnesia.nonode@nohost/
+src/emqx_exhook_pb.erl
+src/emqx_exhook_v_1_hook_provider_client.erl
+src/emqx_exhook_v_1_hook_provider_bhvr.erl
diff --git a/apps/emqx_exhook/README.md b/apps/emqx_exhook/README.md
index 9d4ccd81f..216c39275 100644
--- a/apps/emqx_exhook/README.md
+++ b/apps/emqx_exhook/README.md
@@ -1,75 +1,39 @@
-# emqx_extension_hook
+# emqx_exhook
 
-The `emqx_extension_hook` extremly enhance the extensibility for EMQ X. It allow using an others programming language to mount the hooks intead of erlang.
+The `emqx_exhook` extremly enhance the extensibility for EMQ X. It allow using an others programming language to mount the hooks intead of erlang.
 
 ## Feature
 
-- [x] Support `python` and `java`.
-- [x] Support all hooks of emqx.
+- [x] Based on gRPC, it brings a very wide range of applicability
 - [x] Allows you to use the return value to extend emqx behavior.
 
-We temporarily no plans to support other languages. Plaease open a issue if you have to use other programming languages.
-
 ## Architecture
 
 ```
- EMQ X                                      Third-party Runtimes
-+========================+                 +====================+
-|    Extension           |                 |                    |
-|   +----------------+   |     Hooks       |  Python scripts /  |
-|   |    Drivers     | ------------------> |  Java Classes   /  |
-|   +----------------+   |     (pipe)      |  Others ...        |
-|                        |                 |                    |
-+========================+                 +====================+
+EMQ X                                      Third-party Runtime
++========================+                 +========+==========+
+|    ExHook              |                 |        |          |
+|   +----------------+   |      gRPC       | gRPC   |  User's  |
+|   |   gPRC Client  | ------------------> | Server |  Codes   |
+|   +----------------+   |    (HTTP/2)     |        |          |
+|                        |                 |        |          |
++========================+                 +========+==========+
 ```
 
-## Drivers
+## Usage
 
-### Python
+### gRPC service
 
-***Requirements:***
+See: `priv/protos/exhook.proto`
 
-- It requires the emqx hosted machine has Python3 Runtimes (not support python2)
-- The `python3` executable commands in your shell
+### CLI
 
-***Examples:***
+## Example
 
-See `test/scripts/main.py`
+## Recommended gRPC Framework
 
-### Java
+See: https://github.com/grpc-ecosystem/awesome-grpc
 
-***Requirements:***
+## Thanks
 
-- It requires the emqx hosted machine has Java 8+ Runtimes
-- An executable commands in your shell, i,g: `java`
-
-***Examples:***
-
-See `test/scripts/Main.java`
-
-## Configurations
-
-| Name                | Data Type | Options                               | Default          | Description                      |
-| ------------------- | --------- | ------------------------------------- | ---------------- | -------------------------------- |
-| drivers             | Enum      | `python3`<br />`java`                 | `python3`        | Drivers type                     |
-| <type>.path         | String    | -                                     | `data/extension` | The codes/library search path    |
-| <type>.call_timeout | Duration  | -                                     | `5s`             | Function call timeout            |
-| <type>.pool_size    | Integer   | -                                     | `8`              | The pool size for the driver     |
-| <type>.init_module  | String    | -                                     | main             | The module name for initial call |
-
-## SDK
-
-See `sdk/README.md`
-
-## Known Issues or TODOs
-
-**Configurable Log System**
-
-- use stderr to print logs to the emqx console instead of stdout. An alternative is to print the logs to a file.
-- The Java driver can not redirect the `stderr` stream to erlang vm on Windows platform.
-
-## Reference
-
-- [erlport](https://github.com/hdima/erlport)
-- [Eexternal Term Format](http://erlang.org/doc/apps/erts/erl_ext_dist.html)
-- [The Ports Tutorial of Erlang](http://erlang.org/doc/tutorial/c_port.html)
+- [grpcbox](https://github.com/tsloughter/grpcbox)
diff --git a/apps/emqx_exhook/docs/design.md b/apps/emqx_exhook/docs/design.md
index 1bf74723c..671e240cc 100644
--- a/apps/emqx_exhook/docs/design.md
+++ b/apps/emqx_exhook/docs/design.md
@@ -2,254 +2,115 @@
 
 ## 动机
 
-增强系统的扩展性。包含的目的有：
+在 EMQ X Broker v4.1-v4.2 中，我们发布了 2 个插件来扩展 emqx 的编程能力：
 
-- 完全支持各种钩子，能够根据其返回值修改 EMQ X 或者 Client 的行为。
-  - 例如 `auth/acl`：可以查询数据库或者执行某种算法校验操作权限。然后返回 `false` 表示 `认证/ACL` 失败。
-  - 例如 `message.publish`：可以解析 `消息/主题` 并将其存储至数据库中。
+1. `emqx-extension-hook` 提供了使用 Java, Python 向 Broker 挂载钩子的功能
+2. `emqx-exproto` 提供了使用 Java，Python 编写用户自定义协议接入插件的功能
 
-- 支持多种语言的扩展；并包含该语言的示例程序。
-  - python
-  - webhook
-  - Java
-  - Lua
-  - c，go，.....
-- 热操作
-  - 允许在插件运行过程中，添加和移除 `Driver`。
+但在后续的支持中发现许多难以处理的问题：
 
-- 需要 CLI ，甚至 API 来管理 `Driver`
+1. 有大量的编程语言需要支持，需要编写和维护如 Go, JavaScript, Lua.. 等语言的驱动。
+2. `erlport` 使用的操作系统的管道进行通信，这让用户代码只能部署在和 emqx 同一个操作系统上。部署方式受到了极大的限制。
+3. 用户程序的启动参数直接打包到 Broker 中，导致用户开发无法实时的进行调试，单步跟踪等。
+4. `erlport` 会占用 `stdin` `stdout`。
 
-注：`message` 类钩子仅包括在企业版中。
+因此，我们计划重构这部分的实现，其中主要的内容是：
+1. 使用 `gRPC` 替换 `erlport`。
+2. 将 `emqx-extension-hook` 重命名为 `emqx-exhook`
+
+
+旧版本的设计参考：[emqx-extension-hook design in v4.2.0](https://github.com/emqx/emqx-exhook/blob/v4.2.0/docs/design.md)
 
 ## 设计
 
 架构如下：
 
 ```
- EMQ X                                      Third-party Runtimes
-+========================+                 +====================+
-|    Extension           |                 |                    |
-|   +----------------+   |     Hooks       |  Python scripts /  |
-|   |    Drivers     | ------------------> |  Java Classes   /  |
-|   +----------------+   |     (pipe)      |  Others ...        |
-|                        |                 |                    |
-+========================+                 +====================+
+  EMQ X                                    
++========================+                 +========+==========+
+|    ExHook              |                 |        |          |
+|   +----------------+   |      gRPC       | gRPC   |  User's  |
+|   |   gRPC Client  | ------------------> | Server |  Codes   |
+|   +----------------+   |    (HTTP/2)     |        |          |
+|                        |                 |        |          |
++========================+                 +========+==========+
+```
+
+`emqx-exhook` 通过 gRPC 的方式向用户部署的 gRPC 服务发送钩子的请求，并处理其返回的值。
+
+
+和 emqx 原生的钩子一致，emqx-exhook 也支持链式的方式计算和返回：
+
+<img src="https://docs.emqx.net/broker/latest/cn/advanced/assets/chain_of_responsiblity.png" style="zoom:50%;" />
+
+### gRPC 服务示例
+
+用户需要实现的方法，和数据类型的定义在 `priv/protos/exhook.proto` 文件中。例如，其支持的接口有：
+
+```protobuff
+syntax = "proto3";
+
+package emqx.exhook.v1;
+
+service HookProvider {
+
+  rpc OnProviderLoaded(ProviderLoadedRequest) returns (LoadedResponse) {};
+
+  rpc OnProviderUnloaded(ProviderUnloadedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnect(ClientConnectRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnack(ClientConnackRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnected(ClientConnectedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientDisconnected(ClientDisconnectedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientAuthenticate(ClientAuthenticateRequest) returns (ValuedResponse) {};
+
+  rpc OnClientCheckAcl(ClientCheckAclRequest) returns (ValuedResponse) {};
+
+  rpc OnClientSubscribe(ClientSubscribeRequest) returns (EmptySuccess) {};
+
+  rpc OnClientUnsubscribe(ClientUnsubscribeRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionCreated(SessionCreatedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionSubscribed(SessionSubscribedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionUnsubscribed(SessionUnsubscribedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionResumed(SessionResumedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionDiscarded(SessionDiscardedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionTakeovered(SessionTakeoveredRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionTerminated(SessionTerminatedRequest) returns (EmptySuccess) {};
+
+  rpc OnMessagePublish(MessagePublishRequest) returns (ValuedResponse) {};
+
+  rpc OnMessageDelivered(MessageDeliveredRequest) returns (EmptySuccess) {};
+
+  rpc OnMessageDropped(MessageDroppedRequest) returns (EmptySuccess) {};
+
+  rpc OnMessageAcked(MessageAckedRequest) returns (EmptySuccess) {};
+}
 ```
 
 ### 配置文件示例
 
-#### 驱动 配置
-
-```properties
-## Driver type
+```
+## 配置 gRPC 服务地址 (HTTP)
 ##
-## Exmaples:
-##   - python3                   --- 仅配置 python3
-##   - python3, java, webhook    --- 配置多个 Driver
-exhook.dirvers = python3, java, webhook
+## s1 为服务器的名称
+exhook.server.s1.url = http://127.0.0.1:9001
 
-## --- 具体 driver 的配置详情
-
-## Python
-exhook.dirvers.python3.path = data/extension/python
-exhook.dirvers.python3.call_timeout = 5s
-exhook.dirvers.python3.pool_size = 8
-
-## java
-exhook.drivers.java.path = data/extension/java
-...
-```
-
-#### 钩子配置
-
-钩子支持配置在配置文件中，例如：
-
-```properties
-exhook.rule.python3.client.connected = {"module": "client", "callback": "on_client_connected"}
-exhook.rule.python3.message.publish  = {"module": "client", "callback": "on_client_connected", "topics": ["#", "t/#"]}
-```
-
-***已废弃！！（冗余）***
-
-
-###  驱动抽象
-
-#### APIs
-
-| 方法名                   | 说明     | 入参   | 返回   |
-| ------------------------ | -------- | ------ | ------ |
-| `init`                   | 初始化   | -      | 见下表 |
-| `deinit`                 | 销毁     | -      | -      |
-| `xxx `*(由init函数定义)* | 钩子回调 | 见下表 | 见下表 |
-
-
-
-##### init 函数规格
-
-```erlang
-%% init 函数
-%% HookSpec 			: 为用户在脚本中的 初始化函数指定的；他会与配置文件中的内容作为默认值，进行合并
-%%          			  该参数的目的，用于 EMQ X 判断需要执行哪些 Hook 和 如何执行 Hook
-%% State    			: 为用户自己管理的数据内容，EMQ X 不关心它，只来回透传
-init() -> {HookSpec, State}.
-
-%% 例如：
-{[{client_connect, callback_m(), callback_f(),#{}, {}}]}
-
-%%--------------------------------------------------------------
-%% Type Defines
-
--tpye hook_spec() :: [{hookname(), callback_m(), callback_f(), hook_opts()}].
-
--tpye state :: any().
-
--type hookname() :: client_connect
-                  | client_connack
-                  | client_connected
-                  | client_disconnected
-                  | client_authenticate
-                  | client_check_acl
-                  | client_subscribe
-                  | client_unsubscribe
-                  | session_created
-                  | session_subscribed
-                  | session_unsubscribed
-                  | session_resumed
-                  | session_discarded      %% TODO: Should squash to `terminated` ?
-                  | session_takeovered     %% TODO: Should squash to `terminated` ?
-                  | session_terminated
-                  | message_publish
-                  | message_delivered
-                  | message_acked
-                  | message_dropped.
-
--type callback_m() :: atom().          -- 回调的模块名称；python 为脚本文件名称；java 为类名；webhook 为 URI 地址
-
--type callback_f() :: atom().          -- 回调的方法名称；python，java 等为方法名；webhook 为资源地址
-
--tpye hook_opts() :: [{hook_key(), any()}].  -- 配置项；配置该项钩子的行为
-
--type hook_key() :: topics | ...
-```
-
-
-
-##### deinit 函数规格
-
-``` erlang
-%% deinit 函数；不关心返回的任何内容
-deinit() -> any().
-```
-
-
-
-##### 回调函数规格
-
-| 钩子                 | 入参                                                  | 返回      |
-| -------------------- | ----------------------------------------------------- | --------- |
-| client_connect       | `connifno`<br />`props`                               | -         |
-| client_connack       | `connifno`<br />`rc`<br />`props`                     | -         |
-| client_connected     | `clientinfo`<br />                                    | -         |
-| client_disconnected  | `clientinfo`<br />`reason`                            | -         |
-| client_authenticate  | `clientinfo`<br />`result`                            | `result`  |
-| client_check_acl     | `clientinfo`<br />`pubsub`<br />`topic`<br />`result` | `result`  |
-| client_subscribe     | `clientinfo`<br />`props`<br />`topicfilters`         | -         |
-| client_unsubscribe   | `clientinfo`<br />`props`<br />`topicfilters`         | -         |
-| session_created      | `clientinfo`                                          | -         |
-| session_subscribed   | `clientinfo`<br />`topic`<br />`subopts`              | -         |
-| session_unsubscribed | `clientinfo`<br />`topic`                             | -         |
-| session_resumed      | `clientinfo`                                          | -         |
-| session_discared     | `clientinfo`                                          | -         |
-| session_takeovered   | `clientinfo`                                          | -         |
-| session_terminated   | `clientinfo`<br />`reason`                            | -         |
-| message_publish      | `messsage`                                            | `message` |
-| message_delivered    | `clientinfo`<br />`message`                           | -         |
-| message_dropped      | `message`                                             | -         |
-| message_acked        | `clientinfo`<br />`message`                           | -         |
-
-
-
-上表中包含数据格式为：
-
-```erlang
--type conninfo :: [ {node, atom()}
-                  , {clientid, binary()}
-                  , {username, binary()}
-                  , {peerhost, binary()}
-							    , {sockport, integer()}
-                  , {proto_name, binary()}
-                  , {proto_ver, integer()}
-                  , {keepalive, integer()}
-								  ].
-
--type clientinfo :: [ {node, atom()}
-                    , {clientid, binary()}
-                    , {username, binary()}
-                    , {password, binary()}
-                    , {peerhost, binary()}
-							      , {sockport, integer()}
-                    , {protocol, binary()}
-                    , {mountpoint, binary()}
-                    , {is_superuser, boolean()}
-                    , {anonymous, boolean()}
-								    ].
-
--type message :: [ {node, atom()}
-                 , {id, binary()}
-                 , {qos, integer()}
-                 , {from, binary()}
-                 , {topic, binary()}
-                 , {payload, binary()}
-                 , {timestamp, integer()}
-                 ].
-
--type rc :: binary().
--type props :: [{key(), value()}]
-
--type topics :: [topic()].
--type topic :: binary().
--type pubsub :: publish | subscribe.
--type result :: true | false.
-```
-
-
-
-### 统计
-
-在驱动运行过程中，应有对每种钩子调用计数，例如：
-
-```
-exhook.python3.check_acl               10
-```
-
-
-
-### 管理
-
-**CLI 示例：**
-
-
-
-**列出所有的驱动**
-
-```
-./bin/emqx_ctl exhook dirvers list
-Drivers(xxx=yyy)
-Drivers(aaa=bbb)
-```
-
-
-
-**开关驱动**
-
-```
-./bin/emqx_ctl exhook drivers enable python3
-ok
-
-./bin/emqx_ctl exhook drivers disable python3
-ok
-
-./bin/emqx_ctl exhook drivers stats
-python3.client_connect     123
-webhook.check_acl          20
+## 配置 gRPC 服务地址 (HTTPS)
+##
+## s2 为服务器名称
+exhook.server.s2.url = https://127.0.0.1:9002
+exhook.server.s2.cacertfile = ca.pem
+exhook.server.s2.certfile = cert.pem
+exhook.server.s2.keyfile = key.pem
 ```
diff --git a/apps/emqx_exhook/docs/introduction.md b/apps/emqx_exhook/docs/introduction.md
deleted file mode 100644
index f4cdbd877..000000000
--- a/apps/emqx_exhook/docs/introduction.md
+++ /dev/null
@@ -1,84 +0,0 @@
-## 简介
-
-`emqx-extension-hook` 插件用于提供钩子（Hook）的多语言支持。它能够允许其他的语言，例如：Python，Java 等，能够直接表达如何挂载钩子，和处理相应的钩子事件。
-
-该插件给 EMQ X 带来的扩展性十分的强大，甚至于所有基于钩子的插件都可以通过其他编程语言实现。唯一不同的是在性能上肯定有一定的降低。
-
-目前，一些常见的场景有：
-
-- 通过 `client.authenticate` 钩子，使用其他编程语言查询数据库，判断该客户端是否具有接入的权限。
-- 通过 `client.check_acl` 钩子，使用其他编程语言查询数据库，实现发布/订阅的权限控制逻辑。
-- 通过 `message` 类的钩子，实现消息收发的控制和数据格式转换。
-- 获取客户端所有的事件，将其存储进三方的日志、或数据平台中。
-
-**声明：当前仅实现了 Python、Java 的支持** 
-
-**声明：message 类钩子功能仅包含在企业版当中**
-
-### 要求
-
-EMQ X 发行包中不包含其他语言的运行环境。它要求：
-
-- 宿主机需包含其他编程语言对应的执行环境。
-- 必须将源码（或编译后的代码）、资源文件等，放到 `emqx-extension-hook` 指示的路径。
-- 代码的实现，若包含三方依赖、库等，它应该包含在 `emqx-extension-hook` 对其的搜索路径中。
-
-
-### 架构
-
-`emqx-extension-hook` 是 EMQ X 的一个插件，它主要包括：
-
-1. 驱动的管理。例如：如何启动/停止某个驱动。
-2. 事件的分发。例如：根据各个驱动所注册的钩子列表的不同，向各个驱动分发事件，传递返回值等。
-3. 预置了驱动的实现。包括 Python 和 Java 驱动的实现，和方便用户集成开发的 SDK 代码包。
-
-其架构图如下：
-
-```
- EMQ X                                      Third-party Runtimes
-+========================+                 +====================+
-|    Extension           |                 |                    |
-|   +----------------+   |     Hooks       |  Python scripts /  |
-|   |    Drivers     | ------------------> |  Java Classes   /  |
-|   +----------------+   |     (pipe)      |  Others ...        |
-|                        |                 |                    |
-+========================+                 +====================+
-```
-
-图中表明，由 Client 产生的所有的事件，例如：连接、发布、订阅等，都会由 `emqx-extension-hook`插件分发给下面的各个 `驱动（Driver）`；而，驱动则负责如何与三方运行时的进行通信。
-
-广义上的驱动（Driver）可以分为两类：
-
-1. 编程语言类。
-2. 服务类。例如：HTTP 就属于此类。
-
-`emqx-extension-hook` 并不关心驱动实际的类型和实现，只要其实现了对应的接口即可。
-
-
-#### 驱动
-
-本文中，只有未经限定说明的驱动，都是指编程语言类的驱动。
-
-编程语言类驱动是基于 [Erlang - Port](http://erlang.org/doc/tutorial/c_port.html) 进行实现。它本质上是由 `emqx-extension-hook` 是启动一个其他语言的程序，并使用管道（Pipe）实现两个进程间的通信。
-
-
-此类驱动的实现包括两部分的内容：
-
-1. Erlang 侧的实现，它包含如何启动其他语言的运行时系统、和分发请求、处理结果等。
-2. 其他语言侧的实现。它包含如何和 Erlang 虚拟机通信，如何执行函数调用等。
-
-如：
-
-```
-    Erlang VM                       Third Runtimes (e.g: Java VM)
-   +===========+=========+         +=========+================+
-   | Extension | Driver  | <=====> |  Driver | User's Codes   |
-   +===========+=========+         +=========+================+
-```
-
-而，对于基于服务的驱动，原理就很简单了。以 HTTP 为例，它的实现仅需要一个 HTTP 客户端、和指定服务端返回的数据格式即可。
-
-### 集成与调试
-
-参见 SDK 规范、和对应语言的开发手册
-
diff --git a/apps/emqx_exhook/docs/sdk-specification.md b/apps/emqx_exhook/docs/sdk-specification.md
deleted file mode 100644
index 7593bc9b6..000000000
--- a/apps/emqx_exhook/docs/sdk-specification.md
+++ /dev/null
@@ -1,79 +0,0 @@
-## SDK 规范
-
-### 动机
-
-SDK 的目的在于方便用户使用 IDE 集成开发、和模拟调试。
-
-### 位置
-
-```
-    +------------------+
-    |   User's Codes   |
-    +------------------+
-    |       SDK        |    <====   The SDK Located
-    +------------------+
-    |     Raw APIs     |
-    +------------------+
-    |      Driver      |
-    +==================+
-             ||
-    +==================+
-    |   EMQ X Plugin   |
-    +------------------+
-```
-
-因此，SDK 的作用在于封装底层的比较晦涩的数据格式和方法，屏蔽底层细节。直接提供优化 API 供用户使用。
-
-
-### 实现要求
-
-**声明：** stdin, stdout 已用于和 EMQ X 通信，请不要使用。stderr 用于日志输出。
-
-#### 基础项
-
-1. 必须将原始的 `init` `deinit`函数进行封装，方便用户：
-   - 配置需要挂载的钩子列表
-   - 定义用户自己的初始化和销毁的内容
-2. 必须将回调函数的各个松散的数据类型，封装成类或某种结构化类型。
-3. 必须要有对应的开发、部署文档说明
-
-#### 高级项
-
-1. 应能方便用户能在 IDE 中进行，集成和开发
-2. 应提供集成测试用的模拟代码。
-   - 例如，生成模拟的数据，发送至用户的程序，方便直接断点调试
-
-
-### 部署结构
-
-#### 代码依赖结构
-
-从部署的角度看，代码的依赖关系为：
-
-1. 用户代码：
-    * 一定会依赖 SDK
-    * 可能会依赖 某个位置的三方/系统库
-2. SDK 代码：
-    * 只能依赖 erlport
-3. 基础通信库
-    * 无依赖
-
-#### 部署
-
-从文件存放的位置来看，一个标准的部署结构为：
-
-```
-emqx
-|
-|--- data
-|------- extension
-|---------- <some-sdk-package-name>
-|--------------- <some-classes/scripts-in-sdk>
-|---------- <user's classes/scripts>
-|
-|---------- <another-sdk-package-name>
-|--------------- <some-classes/scripts-in-sdk>
-|---------- <user's classes/scripts>
-```
-
-它表达了：在 `data/extension` 目录下安装了两个 SDK，并且用户都基于 SDK 编写了其回调的代码模块。
diff --git a/apps/emqx_exhook/etc/emqx_exhook.conf b/apps/emqx_exhook/etc/emqx_exhook.conf
new file mode 100644
index 000000000..f6f5213f7
--- /dev/null
+++ b/apps/emqx_exhook/etc/emqx_exhook.conf
@@ -0,0 +1,15 @@
+##====================================================================
+## EMQ X Hooks
+##====================================================================
+
+##--------------------------------------------------------------------
+## Server Address
+
+## The gRPC server url
+##
+## exhook.server.$name.url = url()
+exhook.server.default.url = http://127.0.0.1:9000
+
+#exhook.server.default.ssl.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
+#exhook.server.default.ssl.certfile = {{ platform_etc_dir }}/certs/cert.pem
+#exhook.server.default.ssl.keyfile = {{ platform_etc_dir }}/certs/key.pem
diff --git a/apps/emqx_exhook/etc/emqx_extension_hook.conf b/apps/emqx_exhook/etc/emqx_extension_hook.conf
deleted file mode 100644
index a4f531108..000000000
--- a/apps/emqx_exhook/etc/emqx_extension_hook.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-##====================================================================
-## EMQ X Hooks
-##====================================================================
-
-##--------------------------------------------------------------------
-## Driver confs
-
-## Setup the supported drivers
-##
-## Value: python3 | java
-exhook.drivers = python3
-
-## Search path for scripts/library
-##
-exhook.drivers.python3.path = {{ platform_data_dir }}/extension/
-
-## Call timeout
-##
-## Value: Duration
-##exhook.drivers.python3.call_timeout = 5s
-
-## Initial module name
-##
-##exhook.drivers.python3.init_module = main
diff --git a/apps/emqx_exhook/include/emqx_extension_hook.hrl b/apps/emqx_exhook/include/emqx_exhook.hrl
similarity index 87%
rename from apps/emqx_exhook/include/emqx_extension_hook.hrl
rename to apps/emqx_exhook/include/emqx_exhook.hrl
index 18260754e..8a404ca39 100644
--- a/apps/emqx_exhook/include/emqx_extension_hook.hrl
+++ b/apps/emqx_exhook/include/emqx_exhook.hrl
@@ -14,9 +14,9 @@
 %% limitations under the License.
 %%--------------------------------------------------------------------
 
--ifndef(EMQX_EXTENSION_HOOK_HRL).
--define(EMQX_EXTENSION_HOOK_HRL, true).
+-ifndef(EMQX_EXHOOK_HRL).
+-define(EMQX_EXHOOK_HRL, true).
 
--define(APP, emqx_extension_hook).
+-define(APP, emqx_exhook).
 
 -endif.
diff --git a/apps/emqx_exhook/priv/emqx_exhook.schema b/apps/emqx_exhook/priv/emqx_exhook.schema
new file mode 100644
index 000000000..2a926b968
--- /dev/null
+++ b/apps/emqx_exhook/priv/emqx_exhook.schema
@@ -0,0 +1,38 @@
+%%-*- mode: erlang -*-
+
+{mapping, "exhook.server.$name.url", "emqx_exhook.servers", [
+  {datatype, string}
+]}.
+
+{mapping, "exhook.server.$name.ssl.cacertfile", "emqx_exhook.servers", [
+  {datatype, string}
+]}.
+
+{mapping, "exhook.server.$name.ssl.certfile", "emqx_exhook.servers", [
+  {datatype, string}
+]}.
+
+{mapping, "exhook.server.$name.ssl.keyfile", "emqx_exhook.servers", [
+  {datatype, string}
+]}.
+
+{translation, "emqx_exhook.servers", fun(Conf) ->
+  Filter  = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
+  ServerOptions = fun(Prefix) ->
+                      case http_uri:parse(cuttlefish:conf_get(Prefix ++ ".url", Conf)) of
+                          {ok, {http, _, Host, Port, _, _}} ->
+                              [{scheme, http}, {host, Host}, {port, Port}];
+                          {ok, {https, _, Host, Port, _, _}} ->
+                              [{scheme, https}, {host, Host}, {port, Port},
+                               {ssl_options,
+                                 Filter([{ssl, true},
+                                         {certfile, cuttlefish:conf_get(Prefix ++ ".ssl.certfile", Conf)},
+                                         {keyfile, cuttlefish:conf_get(Prefix ++ ".ssl.keyfile", Conf)},
+                                         {cacertfile, cuttlefish:conf_get(Prefix ++ ".ssl.cacertfile", Conf)}
+                                        ])}];
+                          _ -> error(invalid_server_options)
+                      end
+                  end,
+  [{list_to_atom(Name), ServerOptions("exhook.server." ++ Name)}
+   || {["exhook", "server", Name, "url"], _} <- cuttlefish_variable:filter_by_prefix("exhook.server", Conf)]
+end}.
diff --git a/apps/emqx_exhook/priv/emqx_extension_hook.schema b/apps/emqx_exhook/priv/emqx_extension_hook.schema
deleted file mode 100644
index 677b57726..000000000
--- a/apps/emqx_exhook/priv/emqx_extension_hook.schema
+++ /dev/null
@@ -1,43 +0,0 @@
-%%-*- mode: erlang -*-
-
-{mapping, "exhook.drivers", "emqx_extension_hook.drivers", [
-  {datatype, string}
-]}.
-
-{mapping, "exhook.drivers.$name.$key", "emqx_extension_hook.drivers", [
-  {datatype, string}
-]}.
-
-{translation, "emqx_extension_hook.drivers", fun(Conf) ->
-
-    Filter  = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
-
-    Duration = fun(S) ->
-                   case cuttlefish_duration:parse(S, ms) of
-                       Ms when is_integer(Ms) -> Ms;
-                       {error, R} -> error(R)
-                   end
-               end,
-    Integer = fun(S) -> list_to_integer(S) end,
-
-    Atom = fun(S) -> list_to_atom(S) end,
-
-    Python = fun(Prefix) ->
-               [{init_module, Atom(cuttlefish:conf_get(Prefix ++ ".init_module", Conf, "main"))}, %% dirver
-                {python_path, cuttlefish:conf_get(Prefix ++ ".path", Conf, undefined)},
-                {call_timeout, Duration(cuttlefish:conf_get(Prefix ++ ".call_timeout", Conf, "5s"))}]
-            end,
-
-    Java = fun(Prefix) ->
-             [{init_module, Atom(cuttlefish:conf_get(Prefix ++ ".init_module", Conf, "Main"))}, %% dirver
-              {java_path, cuttlefish:conf_get(Prefix ++ ".path", Conf, undefined)},
-              {call_timeout, Duration(cuttlefish:conf_get(Prefix ++ ".call_timeout", Conf, "5s"))}]
-           end,
-
-    Options = fun(python) -> Filter(Python("exhook.drivers.python"));
-                 (python3) -> Filter(Python("exhook.drivers.python3"));
-                 (java) -> Filter(Java("exhook.drivers.java"));
-                 (_) -> error(not_supported_drivers_type)
-              end,
-    [{Atom(Name), Options(Atom(Name))} || Name <- string:tokens(cuttlefish:conf_get("exhook.drivers", Conf), ",")]
-end}.
diff --git a/apps/emqx_exhook/priv/protos/exhook.proto b/apps/emqx_exhook/priv/protos/exhook.proto
new file mode 100644
index 000000000..8dc9641b9
--- /dev/null
+++ b/apps/emqx_exhook/priv/protos/exhook.proto
@@ -0,0 +1,395 @@
+//------------------------------------------------------------------------------
+// Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//------------------------------------------------------------------------------
+
+syntax = "proto3";
+
+package emqx.exhook.v1;
+
+service HookProvider {
+
+  rpc OnProviderLoaded(ProviderLoadedRequest) returns (LoadedResponse) {};
+
+  rpc OnProviderUnloaded(ProviderUnloadedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnect(ClientConnectRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnack(ClientConnackRequest) returns (EmptySuccess) {};
+
+  rpc OnClientConnected(ClientConnectedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientDisconnected(ClientDisconnectedRequest) returns (EmptySuccess) {};
+
+  rpc OnClientAuthenticate(ClientAuthenticateRequest) returns (ValuedResponse) {};
+
+  rpc OnClientCheckAcl(ClientCheckAclRequest) returns (ValuedResponse) {};
+
+  rpc OnClientSubscribe(ClientSubscribeRequest) returns (EmptySuccess) {};
+
+  rpc OnClientUnsubscribe(ClientUnsubscribeRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionCreated(SessionCreatedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionSubscribed(SessionSubscribedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionUnsubscribed(SessionUnsubscribedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionResumed(SessionResumedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionDiscarded(SessionDiscardedRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionTakeovered(SessionTakeoveredRequest) returns (EmptySuccess) {};
+
+  rpc OnSessionTerminated(SessionTerminatedRequest) returns (EmptySuccess) {};
+
+  rpc OnMessagePublish(MessagePublishRequest) returns (ValuedResponse) {};
+
+  rpc OnMessageDelivered(MessageDeliveredRequest) returns (EmptySuccess) {};
+
+  rpc OnMessageDropped(MessageDroppedRequest) returns (EmptySuccess) {};
+
+  rpc OnMessageAcked(MessageAckedRequest) returns (EmptySuccess) {};
+}
+
+//------------------------------------------------------------------------------
+// Request & Response
+//------------------------------------------------------------------------------
+
+message ProviderLoadedRequest {
+
+  BrokerInfo broker = 1;
+}
+
+message LoadedResponse {
+
+  repeated HookSpec hooks = 1;
+}
+
+message ProviderUnloadedRequest { }
+
+message ClientConnectRequest {
+
+  ConnInfo conninfo = 1;
+
+  // MQTT CONNECT packet's properties (MQTT v5.0)
+  //
+  // It should be empty on MQTT v3.1.1/v3.1 or others protocol
+  repeated Property props = 2;
+}
+
+message ClientConnackRequest {
+
+  ConnInfo conninfo = 1;
+
+  string result_code = 2;
+
+  repeated Property props = 3;
+}
+
+message ClientConnectedRequest {
+
+  ClientInfo clientinfo = 1;
+}
+
+message ClientDisconnectedRequest {
+
+  ClientInfo clientinfo = 1;
+
+  string reason = 2;
+}
+
+message ClientAuthenticateRequest {
+
+  ClientInfo clientinfo = 1;
+
+  bool result = 2;
+}
+
+message ClientCheckAclRequest {
+
+  ClientInfo clientinfo = 1;
+
+  enum AclReqType {
+
+    PUBLISH = 0;
+
+    SUBSCRIBE = 1;
+  }
+
+  AclReqType type = 2;
+
+  string topic = 3;
+
+  bool result = 4;
+}
+
+message ClientSubscribeRequest {
+
+  ClientInfo clientinfo = 1;
+
+  repeated Property props = 2;
+
+  repeated TopicFilter topic_filters = 3;
+}
+
+message ClientUnsubscribeRequest {
+
+  ClientInfo clientinfo = 1;
+
+  repeated Property props = 2;
+
+  repeated TopicFilter topic_filters = 3;
+}
+
+message SessionCreatedRequest {
+
+  ClientInfo clientinfo = 1;
+}
+
+message SessionSubscribedRequest {
+
+  ClientInfo clientinfo = 1;
+
+  string topic = 2;
+
+  SubOpts subopts = 3;
+}
+
+message SessionUnsubscribedRequest {
+
+  ClientInfo clientinfo = 1;
+
+  string topic = 2;
+}
+
+message SessionResumedRequest {
+
+  ClientInfo clientinfo = 1;
+}
+
+message SessionDiscardedRequest {
+
+  ClientInfo clientinfo = 1;
+}
+
+message SessionTakeoveredRequest {
+
+  ClientInfo clientinfo = 1;
+}
+
+message SessionTerminatedRequest {
+
+  ClientInfo clientinfo = 1;
+
+  string reason = 2;
+}
+
+message MessagePublishRequest {
+
+  Message message = 1;
+}
+
+message MessageDeliveredRequest {
+
+  ClientInfo clientinfo = 1;
+
+  Message message = 2;
+}
+
+message MessageDroppedRequest {
+
+  Message message = 1;
+
+  string reason = 2;
+}
+
+message MessageAckedRequest {
+
+  ClientInfo clientinfo = 1;
+
+  Message message = 2;
+}
+
+//------------------------------------------------------------------------------
+// Basic data types
+//------------------------------------------------------------------------------
+
+message EmptySuccess { }
+
+message ValuedResponse {
+
+  // The responsed value type
+  //  - ignore: Ignore the responsed value
+  //  - contiune: Use the responsed value and execute the next hook
+  //  - stop_and_return: Use the responsed value and stop the chain executing
+  enum ResponsedType {
+
+    IGNORE = 0;
+
+    CONTINUE = 1;
+
+    STOP_AND_RETURN = 2;
+  }
+
+  ResponsedType type = 1;
+
+  oneof value {
+
+    // Boolean result, used on the 'client.authenticate', 'client.check_acl' hooks
+    bool bool_result = 3;
+
+    // Message result, used on the 'message.*' hooks
+    Message message = 4;
+  }
+}
+
+message BrokerInfo {
+
+  string version = 1;
+
+  string sysdescr = 2;
+
+  string uptime = 3;
+
+  string datetime = 4;
+}
+
+message HookSpec {
+
+  // The registered hooks name
+  //
+  // Available value:
+  //   "client.connect",      "client.connack"
+  //   "client.connected",    "client.disconnected"
+  //   "client.authenticate", "client.check_acl"
+  //   "client.subscribe",    "client.unsubscribe"
+  //
+  //   "session.created",      "session.subscribed"
+  //   "session.unsubscribed", "session.resumed"
+  //   "session.discarded",    "session.takeovered"
+  //   "session.terminated"
+  //
+  //   "message.publish", "message.delivered"
+  //   "message.acked",   "message.dropped"
+  string name = 1;
+
+  // The topic filters for message hooks
+  repeated string topics = 2;
+}
+
+message ConnInfo {
+
+  string node = 1;
+
+  string clientid = 2;
+
+  string username = 3;
+
+  string peerhost = 4;
+
+  uint32 sockport = 5;
+
+  string proto_name = 6;
+
+  string proto_ver = 7;
+
+  uint32 keepalive = 8;
+}
+
+message ClientInfo {
+
+  string node = 1;
+
+  string clientid = 2;
+
+  string username = 3;
+
+  string password = 4;
+
+  string peerhost = 5;
+
+  uint32 sockport = 6;
+
+  string protocol = 7;
+
+  string mountpoint = 8;
+
+  bool  is_superuser = 9;
+
+  bool  anonymous = 10;
+}
+
+message Message {
+
+  string node = 1;
+
+  string id = 2;
+
+  uint32 qos = 3;
+
+  string from = 4;
+
+  string topic = 5;
+
+  bytes  payload = 6;
+
+  uint64 timestamp = 7;
+}
+
+message Property {
+
+  string name = 1;
+
+  string value = 2;
+}
+
+message TopicFilter {
+
+  string name = 1;
+
+  uint32 qos = 2;
+}
+
+message SubOpts {
+
+  // The QoS level
+  uint32 qos = 1;
+
+  // The group name for shared subscription
+  string share = 2;
+
+  // The Retain Handling option (MQTT v5.0)
+  //
+  //  0 = Send retained messages at the time of the subscribe
+  //  1 = Send retained messages at subscribe only if the subscription does
+  //       not currently exist
+  //  2 = Do not send retained messages at the time of the subscribe
+  uint32 rh = 3;
+
+  // The Retain as Published option (MQTT v5.0)
+  //
+  //  If 1, Application Messages forwarded using this subscription keep the
+  //        RETAIN flag they were published with.
+  //  If 0, Application Messages forwarded using this subscription have the
+  //        RETAIN flag set to 0.
+  // Retained messages sent when the subscription is established have the RETAIN flag set to 1.
+  uint32 rap = 4;
+
+  // The No Local option (MQTT v5.0)
+  //
+  // If the value is 1, Application Messages MUST NOT be forwarded to a
+  // connection with a ClientID equal to the ClientID of the publishing
+  uint32 nl = 5;
+}
diff --git a/apps/emqx_exhook/rebar.config b/apps/emqx_exhook/rebar.config
index 756c24c68..ebeaddeab 100644
--- a/apps/emqx_exhook/rebar.config
+++ b/apps/emqx_exhook/rebar.config
@@ -1,7 +1,21 @@
 %%-*- mode: erlang -*-
+{plugins,
+ [rebar3_proper,
+  {grpc_plugin, {git, "https://github.com/HJianBo/grpcbox_plugin", {tag, "v0.9.1"}}}
+]}.
 
-{deps, [{ecpool, {git, "https://github.com/emqx/ecpool", {tag, "v0.4.2"}}},
-        {erlport, {git, "https://github.com/emqx/erlport", {tag, "v1.2.2"}}}]}.
+{deps,
+ [{grpc, {git, "https://github.com/emqx/grpc", {tag, "0.5.0"}}}
+]}.
+
+{grpc,
+ [{protos, ["priv/protos"]},
+  {gpb_opts, [{module_name_prefix, "emqx_"},
+              {module_name_suffix, "_pb"}]}
+]}.
+
+{provider_hooks,
+ [{pre, [{compile, {grpc, gen}}]}]}.
 
 {edoc_opts, [{preprocess, true}]}.
 
@@ -15,14 +29,19 @@
 {xref_checks, [undefined_function_calls, undefined_functions,
                locals_not_used, deprecated_function_calls,
                warnings_as_errors, deprecated_functions]}.
+{xref_ignores, [emqx_exhook_pb]}.
+
 {cover_enabled, true}.
 {cover_opts, [verbose]}.
 {cover_export_enabled, true}.
+{cover_excl_mods, [emqx_exhook_pb,
+                   emqx_exhook_v_1_hook_provider_bhvr,
+                   emqx_exhook_v_1_hook_provider_client]}.
 
 {profiles,
-    [{test, [
-        {deps, [ {emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "v1.2.2"}}}
-               , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}}
-               ]}
+ [{test,
+   [{deps,
+      [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "v1.3.1"}}}
+      ]}
     ]}
 ]}.
diff --git a/apps/emqx_exhook/sdk/README.md b/apps/emqx_exhook/sdk/README.md
deleted file mode 100644
index 435ca4d92..000000000
--- a/apps/emqx_exhook/sdk/README.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# SDKs
-
-A specific language SDK is a suite of codes for user-oriented friendly. 
-
-Even it does not need it for you to develop the Multiple language support plugins, but it provides more friendly APIs and Abstract for you
-
-
-Now, we provide the following SDKs:
-
-- Java: https://github.com/emqx/emqx-extension-java-sdk
-- Python: https://github.com/emqx/emqx-extension-python-sdk
-
diff --git a/apps/emqx_exhook/src/emqx_exhook.app.src b/apps/emqx_exhook/src/emqx_exhook.app.src
new file mode 100644
index 000000000..fd8bc98ae
--- /dev/null
+++ b/apps/emqx_exhook/src/emqx_exhook.app.src
@@ -0,0 +1,12 @@
+{application, emqx_exhook,
+ [{description, "EMQ X Extension for Hook"},
+  {vsn, "git"},
+  {modules, []},
+  {registered, []},
+  {mod, {emqx_exhook_app, []}},
+  {applications, [kernel,stdlib,grpc]},
+  {env,[]},
+  {licenses, ["Apache-2.0"]},
+  {maintainers, ["EMQ X Team <contact@emqx.io>"]},
+  {links, [{"Homepage", "https://emqx.io/"}]}
+ ]}.
diff --git a/apps/emqx_exhook/src/emqx_exhook.app.src.script b/apps/emqx_exhook/src/emqx_exhook.app.src.script
new file mode 100644
index 000000000..b549f9e39
--- /dev/null
+++ b/apps/emqx_exhook/src/emqx_exhook.app.src.script
@@ -0,0 +1,24 @@
+%%-*- mode: erlang -*-
+%% .app.src.script
+
+RemoveLeadingV =
+    fun(Tag) ->
+        case re:run(Tag, "^[v]?[0-9]\.[0-9]\.([0-9]|(rc|beta|alpha)\.[0-9])", [{capture, none}]) of
+            nomatch ->
+                re:replace(Tag, "/", "-", [{return ,list}]);
+            _ ->
+                %% if it is a version number prefixed by 'v' or 'e', then remove it
+                re:replace(Tag, "[v]", "", [{return ,list}])
+        end
+    end,
+
+case os:getenv("EMQX_DEPS_DEFAULT_VSN") of
+    false -> CONFIG; % env var not defined
+    []    -> CONFIG; % env var set to empty string
+    Tag ->
+       [begin
+           AppConf0 = lists:keystore(vsn, 1, AppConf, {vsn, RemoveLeadingV(Tag)}),
+           {application, App, AppConf0}
+        end || Conf = {application, App, AppConf} <- CONFIG]
+end.
+
diff --git a/apps/emqx_exhook/src/emqx_exhook.appup.src b/apps/emqx_exhook/src/emqx_exhook.appup.src
new file mode 100644
index 000000000..dcf0d8cdd
--- /dev/null
+++ b/apps/emqx_exhook/src/emqx_exhook.appup.src
@@ -0,0 +1,9 @@
+%% -*-: erlang -*-
+{VSN,
+  [
+    {<<".*">>, []}
+  ],
+  [
+    {<<".*">>, []}
+  ]
+}.
diff --git a/apps/emqx_exhook/src/emqx_extension_hook.erl b/apps/emqx_exhook/src/emqx_exhook.erl
similarity index 55%
rename from apps/emqx_exhook/src/emqx_extension_hook.erl
rename to apps/emqx_exhook/src/emqx_exhook.erl
index 295393c3b..c464f31b5 100644
--- a/apps/emqx_exhook/src/emqx_extension_hook.erl
+++ b/apps/emqx_exhook/src/emqx_exhook.erl
@@ -14,9 +14,9 @@
 %% limitations under the License.
 %%--------------------------------------------------------------------
 
--module(emqx_extension_hook).
+-module(emqx_exhook).
 
--include("emqx_extension_hook.hrl").
+-include("emqx_exhook.hrl").
 -include_lib("emqx/include/logger.hrl").
 
 -logger_header("[ExHook]").
@@ -29,42 +29,42 @@
         ]).
 
 -export([ cast/2
-        , call_fold/4
+        , call_fold/3
         ]).
 
 %%--------------------------------------------------------------------
 %% Mgmt APIs
 %%--------------------------------------------------------------------
 
--spec list() -> [emqx_extension_hook_driver:driver()].
+-spec list() -> [emqx_exhook_server:server()].
 list() ->
-    [state(Name) || Name <- running()].
+    [server(Name) || Name <- running()].
 
--spec enable(atom(), list()) -> ok | {error, term()}.
+-spec enable(atom()|string(), list()) -> ok | {error, term()}.
 enable(Name, Opts) ->
     case lists:member(Name, running()) of
         true ->
             {error, already_started};
         _ ->
-            case emqx_extension_hook_driver:load(Name, Opts) of
-                {ok, DriverState} ->
-                    save(Name, DriverState);
+            case emqx_exhook_server:load(Name, Opts) of
+                {ok, ServiceState} ->
+                    save(Name, ServiceState);
                 {error, Reason} ->
-                    ?LOG(error, "Load driver ~p failed: ~p", [Name, Reason]),
+                    ?LOG(error, "Load server ~p failed: ~p", [Name, Reason]),
                     {error, Reason}
             end
     end.
 
--spec disable(atom()) -> ok | {error, term()}.
+-spec disable(atom()|string()) -> ok | {error, term()}.
 disable(Name) ->
-    case state(Name) of
+    case server(Name) of
         undefined -> {error, not_running};
-        Driver ->
-            ok = emqx_extension_hook_driver:unload(Driver),
+        Service ->
+            ok = emqx_exhook_server:unload(Service),
             unsave(Name)
     end.
 
--spec disable_all() -> [atom()].
+-spec disable_all() -> [term()].
 disable_all() ->
     [begin disable(Name), Name end || Name <- running()].
 
@@ -72,46 +72,44 @@ disable_all() ->
 %% Dispatch APIs
 %%----------------------------------------------------------
 
--spec cast(atom(), list()) -> ok.
-cast(Name, Args) ->
-    cast(Name, Args, running()).
+-spec cast(atom(), map()) -> ok.
+cast(Hookpoint, Req) ->
+    cast(Hookpoint, Req, running()).
 
 cast(_, _, []) ->
     ok;
-cast(Name, Args, [DriverName|More]) ->
-    emqx_extension_hook_driver:run_hook(Name, Args, state(DriverName)),
-    cast(Name, Args, More).
+cast(Hookpoint, Req, [ServiceName|More]) ->
+    %% XXX: Need a real asynchronous running
+    _ = emqx_exhook_server:call(Hookpoint, Req, server(ServiceName)),
+    cast(Hookpoint, Req, More).
 
--spec call_fold(atom(), list(), term(), function()) -> ok | {stop, term()}.
-call_fold(Name, InfoArgs, AccArg, Validator) ->
-    call_fold(Name, InfoArgs, AccArg, Validator, running()).
+-spec call_fold(atom(), term(), function())
+  -> {ok, term()}
+   | {stop, term()}.
+call_fold(Hookpoint, Req, AccFun) ->
+    call_fold(Hookpoint, Req, AccFun, running()).
 
-call_fold(_, _, _, _, []) ->
-    ok;
-call_fold(Name, InfoArgs, AccArg, Validator, [NameDriver|More]) ->
-    Driver = state(NameDriver),
-    case emqx_extension_hook_driver:run_hook_fold(Name, InfoArgs, AccArg, Driver) of
-        ok         -> call_fold(Name, InfoArgs, AccArg, Validator, More);
-        {error, _} -> call_fold(Name, InfoArgs, AccArg, Validator, More);
-        {ok, NAcc} ->
-            case Validator(NAcc) of
-                true ->
-                    {stop, NAcc};
-                _ ->
-                    ?LOG(error, "Got invalid return type for calling ~p on ~p",
-                         [Name, emqx_extension_hook_driver:name(Driver)]),
-                    call_fold(Name, InfoArgs, AccArg, Validator, More)
-            end
+call_fold(_, Req, _, []) ->
+    {ok, Req};
+call_fold(Hookpoint, Req, AccFun, [ServiceName|More]) ->
+    case emqx_exhook_server:call(Hookpoint, Req, server(ServiceName)) of
+        {ok, Resp} ->
+            case AccFun(Req, Resp) of
+                {stop, NReq} -> {stop, NReq};
+                {ok, NReq} -> call_fold(Hookpoint, NReq, AccFun, More)
+            end;
+        _ ->
+            call_fold(Hookpoint, Req, AccFun, More)
     end.
 
 %%----------------------------------------------------------
 %% Storage
 
 -compile({inline, [save/2]}).
-save(Name, DriverState) ->
+save(Name, ServiceState) ->
     Saved = persistent_term:get(?APP, []),
     persistent_term:put(?APP, lists:reverse([Name | Saved])),
-    persistent_term:put({?APP, Name}, DriverState).
+    persistent_term:put({?APP, Name}, ServiceState).
 
 -compile({inline, [unsave/1]}).
 unsave(Name) ->
@@ -128,9 +126,9 @@ unsave(Name) ->
 running() ->
     persistent_term:get(?APP, []).
 
--compile({inline, [state/1]}).
-state(Name) ->
+-compile({inline, [server/1]}).
+server(Name) ->
     case catch persistent_term:get({?APP, Name}) of
         {'EXIT', {badarg,_}} -> undefined;
-        State -> State
+        Service -> Service
     end.
diff --git a/apps/emqx_exhook/src/emqx_extension_hook_app.erl b/apps/emqx_exhook/src/emqx_exhook_app.erl
similarity index 80%
rename from apps/emqx_exhook/src/emqx_extension_hook_app.erl
rename to apps/emqx_exhook/src/emqx_exhook_app.erl
index 990907913..1411b618d 100644
--- a/apps/emqx_exhook/src/emqx_extension_hook_app.erl
+++ b/apps/emqx_exhook/src/emqx_exhook_app.erl
@@ -14,40 +14,47 @@
 %% limitations under the License.
 %%--------------------------------------------------------------------
 
--module(emqx_extension_hook_app).
+-module(emqx_exhook_app).
 
 -behaviour(application).
 
--include("emqx_extension_hook.hrl").
+-include("emqx_exhook.hrl").
 
--emqx_plugin(?MODULE).
+-emqx_plugin(extension).
 
 -export([ start/2
         , stop/1
         , prep_stop/1
         ]).
 
+%% Internal export
+-export([ load_server/2
+        , unload_server/1
+        , load_exhooks/0
+        , unload_exhooks/0
+        ]).
+
 %%--------------------------------------------------------------------
 %% Application callbacks
 %%--------------------------------------------------------------------
 
 start(_StartType, _StartArgs) ->
-    {ok, Sup} = emqx_extension_hook_sup:start_link(),
+    {ok, Sup} = emqx_exhook_sup:start_link(),
 
     %% Load all dirvers
-    load_all_drivers(),
+    load_all_servers(),
 
     %% Register all hooks
     load_exhooks(),
 
     %% Register CLI
-    emqx_ctl:register_command(exhook, {emqx_extension_hook_cli, cli}, []),
+    emqx_ctl:register_command(exhook, {emqx_exhook_cli, cli}, []),
     {ok, Sup}.
 
 prep_stop(State) ->
     emqx_ctl:unregister_command(exhook),
     unload_exhooks(),
-    unload_all_drivers(),
+    unload_all_servers(),
     State.
 
 stop(_State) ->
@@ -57,17 +64,19 @@ stop(_State) ->
 %% Internal funcs
 %%--------------------------------------------------------------------
 
-load_all_drivers() ->
-    load_all_drivers(application:get_env(?APP, drivers, [])).
+load_all_servers() ->
+    lists:foreach(fun({Name, Options}) ->
+        load_server(Name, Options)
+    end, application:get_env(?APP, servers, [])).
 
-load_all_drivers([]) ->
-    ok;
-load_all_drivers([{Name, Opts}|Drivers]) ->
-    ok = emqx_extension_hook:enable(Name, Opts),
-    load_all_drivers(Drivers).
+unload_all_servers() ->
+    emqx_exhook:disable_all().
 
-unload_all_drivers() ->
-    emqx_extension_hook:disable_all().
+load_server(Name, Options) ->
+    emqx_exhook:enable(Name, Options).
+
+unload_server(Name) ->
+    emqx_exhook:disable(Name).
 
 %%--------------------------------------------------------------------
 %% Exhooks
diff --git a/apps/emqx_exhook/src/emqx_extension_hook_cli.erl b/apps/emqx_exhook/src/emqx_exhook_cli.erl
similarity index 64%
rename from apps/emqx_exhook/src/emqx_extension_hook_cli.erl
rename to apps/emqx_exhook/src/emqx_exhook_cli.erl
index daca3412f..8bab9ced5 100644
--- a/apps/emqx_exhook/src/emqx_extension_hook_cli.erl
+++ b/apps/emqx_exhook/src/emqx_exhook_cli.erl
@@ -14,44 +14,44 @@
 %% limitations under the License.
 %%--------------------------------------------------------------------
 
--module(emqx_extension_hook_cli).
+-module(emqx_exhook_cli).
 
--include("emqx_extension_hook.hrl").
+-include("emqx_exhook.hrl").
 
 -export([cli/1]).
 
-cli(["drivers", "list"]) ->
+cli(["server", "list"]) ->
     if_enabled(fun() ->
-        Drivers = emqx_extension_hook:list(),
-        [emqx_ctl:print("Driver(~s)~n", [emqx_extension_hook_driver:format(Driver)]) || Driver <- Drivers]
+        Services = emqx_exhook:list(),
+        [emqx_ctl:print("HookServer(~s)~n", [emqx_exhook_server:format(Service)]) || Service <- Services]
     end);
 
-cli(["drivers", "enable", Name0]) ->
+cli(["server", "enable", Name0]) ->
     if_enabled(fun() ->
         Name = list_to_atom(Name0),
-        case proplists:get_value(Name, application:get_env(?APP, drivers, [])) of
+        case proplists:get_value(Name, application:get_env(?APP, servers, [])) of
             undefined ->
                 emqx_ctl:print("not_found~n");
             Opts ->
-                print(emqx_extension_hook:enable(Name, Opts))
+                print(emqx_exhook:enable(Name, Opts))
         end
     end);
 
-cli(["drivers", "disable", Name]) ->
+cli(["server", "disable", Name]) ->
     if_enabled(fun() ->
-        print(emqx_extension_hook:disable(list_to_atom(Name)))
+        print(emqx_exhook:disable(list_to_atom(Name)))
     end);
 
-cli(["drivers", "stats"]) ->
+cli(["server", "stats"]) ->
     if_enabled(fun() ->
         [emqx_ctl:print("~-35s:~w~n", [Name, N]) || {Name, N} <- stats()]
     end);
 
 cli(_) ->
-    emqx_ctl:usage([{"exhook drivers list", "List all running drivers"},
-                    {"exhook drivers enable <Name>", "Enable a driver with configurations"},
-                    {"exhook drivers disable <Name>", "Disable a driver"},
-                    {"exhook drivers stats", "Print drivers statistic"}]).
+    emqx_ctl:usage([{"exhook server list", "List all running exhook server"},
+                    {"exhook server enable <Name>", "Enable a exhook server in the configuration"},
+                    {"exhook server disable <Name>", "Disable a exhook server"},
+                    {"exhook server stats", "Print exhook server statistic"}]).
 
 print(ok) ->
     emqx_ctl:print("ok~n");
@@ -69,12 +69,12 @@ if_enabled(Fun) ->
     end.
 
 hint() ->
-    emqx_ctl:print("Please './bin/emqx_ctl plugins load emqx_extension_hook' first.~n").
+    emqx_ctl:print("Please './bin/emqx_ctl plugins load emqx_exhook' first.~n").
 
 stats() ->
-    lists:foldr(fun({K, N}, Acc) ->
+    lists:usort(lists:foldr(fun({K, N}, Acc) ->
         case atom_to_list(K) of
             "exhook." ++ Key -> [{Key, N}|Acc];
             _ -> Acc
         end
-    end, [], emqx_metrics:all()).
+    end, [], emqx_metrics:all())).
diff --git a/apps/emqx_exhook/src/emqx_exhook_handler.erl b/apps/emqx_exhook/src/emqx_exhook_handler.erl
new file mode 100644
index 000000000..3a35073ca
--- /dev/null
+++ b/apps/emqx_exhook/src/emqx_exhook_handler.erl
@@ -0,0 +1,288 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_exhook_handler).
+
+-include("emqx_exhook.hrl").
+-include_lib("emqx/include/emqx.hrl").
+-include_lib("emqx/include/logger.hrl").
+
+-logger_header("[ExHook]").
+
+-export([ on_client_connect/2
+        , on_client_connack/3
+        , on_client_connected/2
+        , on_client_disconnected/3
+        , on_client_authenticate/2
+        , on_client_check_acl/4
+        , on_client_subscribe/3
+        , on_client_unsubscribe/3
+        ]).
+
+%% Session Lifecircle Hooks
+-export([ on_session_created/2
+        , on_session_subscribed/3
+        , on_session_unsubscribed/3
+        , on_session_resumed/2
+        , on_session_discarded/2
+        , on_session_takeovered/2
+        , on_session_terminated/3
+        ]).
+
+%% Utils
+-export([ message/1
+        , stringfy/1
+        , merge_responsed_bool/2
+        , merge_responsed_message/2
+        , assign_to_message/2
+        , clientinfo/1
+        ]).
+
+-import(emqx_exhook,
+        [ cast/2
+        , call_fold/3
+        ]).
+
+-exhooks([ {'client.connect',      {?MODULE, on_client_connect,       []}}
+         , {'client.connack',      {?MODULE, on_client_connack,       []}}
+         , {'client.connected',    {?MODULE, on_client_connected,     []}}
+         , {'client.disconnected', {?MODULE, on_client_disconnected,  []}}
+         , {'client.authenticate', {?MODULE, on_client_authenticate,  []}}
+         , {'client.check_acl',    {?MODULE, on_client_check_acl,     []}}
+         , {'client.subscribe',    {?MODULE, on_client_subscribe,     []}}
+         , {'client.unsubscribe',  {?MODULE, on_client_unsubscribe,   []}}
+         , {'session.created',     {?MODULE, on_session_created,      []}}
+         , {'session.subscribed',  {?MODULE, on_session_subscribed,   []}}
+         , {'session.unsubscribed',{?MODULE, on_session_unsubscribed, []}}
+         , {'session.resumed',     {?MODULE, on_session_resumed,      []}}
+         , {'session.discarded',   {?MODULE, on_session_discarded,    []}}
+         , {'session.takeovered',  {?MODULE, on_session_takeovered,   []}}
+         , {'session.terminated',  {?MODULE, on_session_terminated,   []}}
+         ]).
+
+%%--------------------------------------------------------------------
+%% Clients
+%%--------------------------------------------------------------------
+
+on_client_connect(ConnInfo, Props) ->
+    Req = #{conninfo => conninfo(ConnInfo),
+            props => properties(Props)
+           },
+    cast('client.connect', Req).
+
+on_client_connack(ConnInfo, Rc, Props) ->
+    Req = #{conninfo => conninfo(ConnInfo),
+            result_code => stringfy(Rc),
+            props => properties(Props)},
+    cast('client.connack', Req).
+
+on_client_connected(ClientInfo, _ConnInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo)},
+    cast('client.connected', Req).
+
+on_client_disconnected(ClientInfo, Reason, _ConnInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            reason => stringfy(Reason)
+           },
+    cast('client.disconnected', Req).
+
+on_client_authenticate(ClientInfo, AuthResult) ->
+    Bool = maps:get(auth_result, AuthResult, undefined) == success,
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            result => Bool
+           },
+
+    case call_fold('client.authenticate', Req,
+                   fun merge_responsed_bool/2) of
+        {StopOrOk, #{result := Bool}} when is_boolean(Bool) ->
+            Result = case Bool of true -> success; _ -> not_authorized end,
+            {StopOrOk, AuthResult#{auth_result => Result, anonymous => false}};
+        _ ->
+            {ok, AuthResult}
+    end.
+
+on_client_check_acl(ClientInfo, PubSub, Topic, Result) ->
+    Bool = Result == allow,
+    Type = case PubSub of
+               publish -> 'PUBLISH';
+               subscribe -> 'SUBSCRIBE'
+           end,
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            type => Type,
+            topic => Topic,
+            result => Bool
+           },
+    case call_fold('client.check_acl', Req,
+                   fun merge_responsed_bool/2) of
+        {StopOrOk, #{result := Bool}} when is_boolean(Bool) ->
+            NResult = case Bool of true -> allow; _ -> deny end,
+            {StopOrOk, NResult};
+        _ -> {ok, Result}
+    end.
+
+on_client_subscribe(ClientInfo, Props, TopicFilters) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            props => properties(Props),
+            topic_filters => topicfilters(TopicFilters)
+           },
+    cast('client.subscribe', Req).
+
+on_client_unsubscribe(ClientInfo, Props, TopicFilters) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            props => properties(Props),
+            topic_filters => topicfilters(TopicFilters)
+           },
+    cast('client.unsubscribe', Req).
+
+%%--------------------------------------------------------------------
+%% Session
+%%--------------------------------------------------------------------
+
+on_session_created(ClientInfo, _SessInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo)},
+    cast('session.created', Req).
+
+on_session_subscribed(ClientInfo, Topic, SubOpts) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            topic => Topic,
+            subopts => maps:with([qos, share, rh, rap, nl], SubOpts)
+           },
+    cast('session.subscribed', Req).
+
+on_session_unsubscribed(ClientInfo, Topic, _SubOpts) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            topic => Topic
+           },
+    cast('session.unsubscribed', Req).
+
+on_session_resumed(ClientInfo, _SessInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo)},
+    cast('session.resumed', Req).
+
+on_session_discarded(ClientInfo, _SessInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo)},
+    cast('session.discarded', Req).
+
+on_session_takeovered(ClientInfo, _SessInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo)},
+    cast('session.takeovered', Req).
+
+on_session_terminated(ClientInfo, Reason, _SessInfo) ->
+    Req = #{clientinfo => clientinfo(ClientInfo),
+            reason => stringfy(Reason)},
+    cast('session.terminated', Req).
+
+%%--------------------------------------------------------------------
+%% Types
+
+properties(undefined) -> [];
+properties(M) when is_map(M) ->
+    maps:fold(fun(K, V, Acc) ->
+        [#{name => stringfy(K),
+           value => stringfy(V)} | Acc]
+    end, [], M).
+
+conninfo(_ConnInfo =
+           #{clientid := ClientId, username := Username, peername := {Peerhost, _},
+             sockname := {_, SockPort}, proto_name := ProtoName, proto_ver := ProtoVer,
+             keepalive := Keepalive}) ->
+    #{node => stringfy(node()),
+      clientid => ClientId,
+      username => maybe(Username),
+      peerhost => ntoa(Peerhost),
+      sockport => SockPort,
+      proto_name => ProtoName,
+      proto_ver => stringfy(ProtoVer),
+      keepalive => Keepalive}.
+
+clientinfo(ClientInfo =
+            #{clientid := ClientId, username := Username, peerhost := PeerHost,
+              sockport := SockPort, protocol := Protocol, mountpoint := Mountpoiont}) ->
+    #{node => stringfy(node()),
+      clientid => ClientId,
+      username => maybe(Username),
+      password => maybe(maps:get(password, ClientInfo, undefined)),
+      peerhost => ntoa(PeerHost),
+      sockport => SockPort,
+      protocol => stringfy(Protocol),
+      mountpoint => maybe(Mountpoiont),
+      is_superuser => maps:get(is_superuser, ClientInfo, false),
+      anonymous => maps:get(anonymous, ClientInfo, true)}.
+
+message(#message{id = Id, qos = Qos, from = From, topic = Topic, payload = Payload, timestamp = Ts}) ->
+    #{node => stringfy(node()),
+      id => hexstr(Id),
+      qos => Qos,
+      from => stringfy(From),
+      topic => Topic,
+      payload => Payload,
+      timestamp => Ts}.
+
+assign_to_message(#{qos := Qos, topic := Topic, payload := Payload}, Message) ->
+    Message#message{qos = Qos, topic = Topic, payload = Payload}.
+
+topicfilters(Tfs) when is_list(Tfs) ->
+    [#{name => Topic, qos => Qos} || {Topic, #{qos := Qos}} <- Tfs].
+
+ntoa({0,0,0,0,0,16#ffff,AB,CD}) ->
+    list_to_binary(inet_parse:ntoa({AB bsr 8, AB rem 256, CD bsr 8, CD rem 256}));
+ntoa(IP) ->
+    list_to_binary(inet_parse:ntoa(IP)).
+
+maybe(undefined) -> <<>>;
+maybe(B) -> B.
+
+%% @private
+stringfy(Term) when is_binary(Term) ->
+    Term;
+stringfy(Term) when is_integer(Term) ->
+    integer_to_binary(Term);
+stringfy(Term) when is_atom(Term) ->
+    atom_to_binary(Term, utf8);
+stringfy(Term) ->
+    unicode:characters_to_binary((io_lib:format("~0p", [Term]))).
+
+hexstr(B) ->
+    iolist_to_binary([io_lib:format("~2.16.0B", [X]) || X <- binary_to_list(B)]).
+
+%%--------------------------------------------------------------------
+%% Acc funcs
+
+%% see exhook.proto
+merge_responsed_bool(Req, #{type := 'IGNORE'}) ->
+    {ok, Req};
+merge_responsed_bool(Req, #{type := Type, value := {bool_result, NewBool}})
+  when is_boolean(NewBool) ->
+    NReq = Req#{result => NewBool},
+    case Type of
+        'CONTINUE' -> {ok, NReq};
+        'STOP_AND_RETURN' -> {stop, NReq}
+    end;
+merge_responsed_bool(Req, Resp) ->
+    ?LOG(warning, "Unknown responsed value ~0p to merge to callback chain", [Resp]),
+    {ok, Req}.
+
+merge_responsed_message(Req, #{type := 'IGNORE'}) ->
+    {ok, Req};
+merge_responsed_message(Req, #{type := Type, value := {message, NMessage}}) ->
+    NReq = Req#{message => NMessage},
+    case Type of
+        'CONTINUE' -> {ok, NReq};
+        'STOP_AND_RETURN' -> {stop, NReq}
+    end;
+merge_responsed_message(Req, Resp) ->
+    ?LOG(warning, "Unknown responsed value ~0p to merge to callback chain", [Resp]),
+    {ok, Req}.
diff --git a/apps/emqx_exhook/src/emqx_exhook_server.erl b/apps/emqx_exhook/src/emqx_exhook_server.erl
new file mode 100644
index 000000000..451983437
--- /dev/null
+++ b/apps/emqx_exhook/src/emqx_exhook_server.erl
@@ -0,0 +1,286 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_exhook_server).
+
+-include_lib("emqx/include/logger.hrl").
+
+-logger_header("[ExHook Svr]").
+
+-define(PB_CLIENT_MOD, emqx_exhook_v_1_hook_provider_client).
+
+%% Load/Unload
+-export([ load/2
+        , unload/1
+        ]).
+
+%% APIs
+-export([call/3]).
+
+%% Infos
+-export([ name/1
+        , format/1
+        ]).
+
+-record(server, {
+          %% Server name (equal to grpc client channel name)
+          name :: server_name(),
+          %% The server started options
+          options :: list(),
+          %% gRPC channel pid
+          channel :: pid(),
+          %% Registered hook names and options
+          hookspec :: #{hookpoint() => map()},
+          %% Metrcis name prefix
+          prefix :: list()
+       }).
+
+-type server_name() :: string().
+-type server() :: #server{}.
+
+-type hookpoint() :: 'client.connect'
+                   | 'client.connack'
+                   | 'client.connected'
+                   | 'client.disconnected'
+                   | 'client.authenticate'
+                   | 'client.check_acl'
+                   | 'client.subscribe'
+                   | 'client.unsubscribe'
+                   | 'session.created'
+                   | 'session.subscribed'
+                   | 'session.unsubscribed'
+                   | 'session.resumed'
+                   | 'session.discarded'
+                   | 'session.takeovered'
+                   | 'session.terminated'
+                   | 'message.publish'
+                   | 'message.delivered'
+                   | 'message.acked'
+                   | 'message.dropped'.
+
+-export_type([server/0]).
+
+-dialyzer({nowarn_function, [inc_metrics/2]}).
+
+%%--------------------------------------------------------------------
+%% Load/Unload APIs
+%%--------------------------------------------------------------------
+
+-spec load(atom(), list()) -> {ok, server()} | {error, term()} .
+load(Name0, Opts0) ->
+    Name = prefix(Name0),
+    {SvrAddr, ClientOpts} = channel_opts(Opts0),
+    case emqx_exhook_sup:start_grpc_client_channel(Name, SvrAddr, ClientOpts) of
+        {ok, _ChannPoolPid} ->
+            case do_init(Name) of
+                {ok, HookSpecs} ->
+                    %% Reigster metrics
+                    Prefix = lists:flatten(io_lib:format("exhook.~s.", [Name])),
+                    ensure_metrics(Prefix, HookSpecs),
+                    {ok, #server{name = Name,
+                                 options = Opts0,
+                                 channel = _ChannPoolPid,
+                                 hookspec = HookSpecs,
+                                 prefix = Prefix }};
+                {error, _} = E ->
+                    emqx_exhook_sup:stop_grpc_client_channel(Name), E
+            end;
+        {error, _} = E -> E
+    end.
+
+%% @private
+prefix(Name) when is_atom(Name) ->
+    "exhook:" ++ atom_to_list(Name);
+prefix(Name) when is_binary(Name) ->
+    "exhook:" ++ binary_to_list(Name);
+prefix(Name) when is_list(Name) ->
+    "exhook:" ++ Name.
+
+%% @private
+channel_opts(Opts) ->
+    Scheme = proplists:get_value(scheme, Opts),
+    Host = proplists:get_value(host, Opts),
+    Port = proplists:get_value(port, Opts),
+    SvrAddr = lists:flatten(io_lib:format("~s://~s:~w", [Scheme, Host, Port])),
+    ClientOpts = case Scheme of
+                     https ->
+                         SslOpts = lists:keydelete(ssl, 1, proplists:get_value(ssl_options, Opts, [])),
+                         #{gun_opts =>
+                           #{transport => ssl,
+                             transport_opts => SslOpts}};
+                     _ -> #{}
+                 end,
+    {SvrAddr, ClientOpts}.
+
+-spec unload(server()) -> ok.
+unload(#server{name = Name}) ->
+    _ = do_deinit(Name),
+    _ = emqx_exhook_sup:stop_grpc_client_channel(Name),
+    ok.
+
+do_deinit(Name) ->
+    _ = do_call(Name, 'on_provider_unloaded', #{}),
+    ok.
+
+do_init(ChannName) ->
+    Req = #{broker => maps:from_list(emqx_sys:info())},
+    case do_call(ChannName, 'on_provider_loaded', Req) of
+        {ok, InitialResp} ->
+            try
+                {ok, resovle_hookspec(maps:get(hooks, InitialResp, []))}
+            catch _:Reason:Stk ->
+                ?LOG(error, "try to init ~p failed, reason: ~p, stacktrace: ~0p",
+                             [ChannName, Reason, Stk]),
+                {error, Reason}
+            end;
+        {error, Reason} ->
+            {error, Reason}
+    end.
+
+%% @private
+resovle_hookspec(HookSpecs) when is_list(HookSpecs) ->
+    MessageHooks = message_hooks(),
+    AvailableHooks = available_hooks(),
+    lists:foldr(fun(HookSpec, Acc) ->
+        case maps:get(name, HookSpec, undefined) of
+            undefined -> Acc;
+            Name0 ->
+                Name = try binary_to_existing_atom(Name0, utf8) catch T:R:_ -> {T,R} end,
+                case lists:member(Name, AvailableHooks) of
+                    true ->
+                        case lists:member(Name, MessageHooks) of
+                            true ->
+                                Acc#{Name => #{topics => maps:get(topics, HookSpec, [])}};
+                            _ ->
+                                Acc#{Name => #{}}
+                        end;
+                    _ -> error({unknown_hookpoint, Name})
+                end
+        end
+    end, #{}, HookSpecs).
+
+ensure_metrics(Prefix, HookSpecs) ->
+    Keys = [list_to_atom(Prefix ++ atom_to_list(Hookpoint))
+            || Hookpoint <- maps:keys(HookSpecs)],
+    lists:foreach(fun emqx_metrics:ensure/1, Keys).
+
+format(#server{name = Name, hookspec = Hooks}) ->
+    io_lib:format("name=~p, hooks=~0p", [Name, Hooks]).
+
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
+name(#server{name = Name}) ->
+    Name.
+
+-spec call(hookpoint(), map(), server())
+  -> ignore
+   | {ok, Resp :: term()}
+   | {error, term()}.
+call(Hookpoint, Req, #server{name = ChannName, hookspec = Hooks, prefix = Prefix}) ->
+    GrpcFunc = hk2func(Hookpoint),
+    case maps:get(Hookpoint, Hooks, undefined) of
+        undefined -> ignore;
+        Opts ->
+            NeedCall  = case lists:member(Hookpoint, message_hooks()) of
+                            false -> true;
+                            _ ->
+                                #{message := #{topic := Topic}} = Req,
+                                match_topic_filter(Topic, maps:get(topics, Opts, []))
+                        end,
+            case NeedCall of
+                false -> ignore;
+                _ ->
+                    inc_metrics(Prefix, Hookpoint),
+                    do_call(ChannName, GrpcFunc, Req)
+            end
+    end.
+
+%% @private
+inc_metrics(IncFun, Name) when is_function(IncFun) ->
+    %% BACKW: e4.2.0-e4.2.2
+    {env, [Prefix|_]} = erlang:fun_info(IncFun, env),
+    inc_metrics(Prefix, Name);
+inc_metrics(Prefix, Name) when is_list(Prefix) ->
+    emqx_metrics:inc(list_to_atom(Prefix ++ atom_to_list(Name))).
+
+-compile({inline, [match_topic_filter/2]}).
+match_topic_filter(_, []) ->
+    true;
+match_topic_filter(TopicName, TopicFilter) ->
+    lists:any(fun(F) -> emqx_topic:match(TopicName, F) end, TopicFilter).
+
+-spec do_call(string(), atom(), map()) -> {ok, map()} | {error, term()}.
+do_call(ChannName, Fun, Req) ->
+    Options = #{channel => ChannName},
+    ?LOG(debug, "Call ~0p:~0p(~0p, ~0p)", [?PB_CLIENT_MOD, Fun, Req, Options]),
+    case catch apply(?PB_CLIENT_MOD, Fun, [Req, Options]) of
+        {ok, Resp, _Metadata} ->
+            ?LOG(debug, "Response {ok, ~0p, ~0p}", [Resp, _Metadata]),
+            {ok, Resp};
+        {error, {Code, Msg}, _Metadata} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) response errcode: ~0p, errmsg: ~0p",
+                        [?PB_CLIENT_MOD, Fun, Req, Options, Code, Msg]),
+            {error, {Code, Msg}};
+        {error, Reason} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) error: ~0p",
+                        [?PB_CLIENT_MOD, Fun, Req, Options, Reason]),
+            {error, Reason};
+        {'EXIT', {Reason, Stk}} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) throw an exception: ~0p, stacktrace: ~0p",
+                        [?PB_CLIENT_MOD, Fun, Req, Options, Reason, Stk]),
+            {error, Reason}
+    end.
+
+%%--------------------------------------------------------------------
+%% Internal funcs
+%%--------------------------------------------------------------------
+
+-compile({inline, [hk2func/1]}).
+hk2func('client.connect') -> 'on_client_connect';
+hk2func('client.connack') -> 'on_client_connack';
+hk2func('client.connected') -> 'on_client_connected';
+hk2func('client.disconnected') -> 'on_client_disconnected';
+hk2func('client.authenticate') -> 'on_client_authenticate';
+hk2func('client.check_acl') -> 'on_client_check_acl';
+hk2func('client.subscribe') -> 'on_client_subscribe';
+hk2func('client.unsubscribe') -> 'on_client_unsubscribe';
+hk2func('session.created') -> 'on_session_created';
+hk2func('session.subscribed') -> 'on_session_subscribed';
+hk2func('session.unsubscribed') -> 'on_session_unsubscribed';
+hk2func('session.resumed') -> 'on_session_resumed';
+hk2func('session.discarded') -> 'on_session_discarded';
+hk2func('session.takeovered') -> 'on_session_takeovered';
+hk2func('session.terminated') -> 'on_session_terminated';
+hk2func('message.publish') -> 'on_message_publish';
+hk2func('message.delivered') ->'on_message_delivered';
+hk2func('message.acked') -> 'on_message_acked';
+hk2func('message.dropped') ->'on_message_dropped'.
+
+-compile({inline, [message_hooks/0]}).
+message_hooks() ->
+    ['message.publish', 'message.delivered',
+     'message.acked', 'message.dropped'].
+
+-compile({inline, [available_hooks/0]}).
+available_hooks() ->
+    ['client.connect', 'client.connack', 'client.connected',
+     'client.disconnected', 'client.authenticate', 'client.check_acl',
+     'client.subscribe', 'client.unsubscribe',
+     'session.created', 'session.subscribed', 'session.unsubscribed',
+     'session.resumed', 'session.discarded', 'session.takeovered',
+     'session.terminated' | message_hooks()].
diff --git a/apps/emqx_exhook/src/emqx_extension_hook_sup.erl b/apps/emqx_exhook/src/emqx_exhook_sup.erl
similarity index 67%
rename from apps/emqx_exhook/src/emqx_extension_hook_sup.erl
rename to apps/emqx_exhook/src/emqx_exhook_sup.erl
index 64b94070f..c8d2ecf35 100644
--- a/apps/emqx_exhook/src/emqx_extension_hook_sup.erl
+++ b/apps/emqx_exhook/src/emqx_exhook_sup.erl
@@ -14,7 +14,7 @@
 %% limitations under the License.
 %%--------------------------------------------------------------------
 
--module(emqx_extension_hook_sup).
+-module(emqx_exhook_sup).
 
 -behaviour(supervisor).
 
@@ -22,8 +22,8 @@
         , init/1
         ]).
 
--export([ start_driver_pool/1
-        , stop_driver_pool/1
+-export([ start_grpc_client_channel/3
+        , stop_grpc_client_channel/1
         ]).
 
 %%--------------------------------------------------------------------
@@ -40,11 +40,20 @@ init([]) ->
 %% APIs
 %%--------------------------------------------------------------------
 
--spec start_driver_pool(map()) -> {ok, pid()} | {error, term()}.
-start_driver_pool(Spec) ->
-    supervisor:start_child(?MODULE, Spec).
+-spec start_grpc_client_channel(
+        string(),
+        uri_string:uri_string(),
+        grpc_client:options()) -> {ok, pid()} | {error, term()}.
+start_grpc_client_channel(Name, SvrAddr, Options) ->
+    grpc_client_sup:create_channel_pool(Name, SvrAddr, Options).
 
--spec stop_driver_pool(atom()) -> ok.
-stop_driver_pool(Name) ->
-    ok = supervisor:terminate_child(?MODULE, Name),
-    ok = supervisor:delete_child(?MODULE, Name).
+-spec stop_grpc_client_channel(string()) -> ok.
+stop_grpc_client_channel(Name) ->
+    %% Avoid crash due to hot-upgrade had unloaded
+    %% grpc application
+    try
+        grpc_client_sup:stop_channel_pool(Name)
+    catch
+        _:_:_ ->
+            ok
+    end.
diff --git a/apps/emqx_exhook/src/emqx_extension_hook.app.src b/apps/emqx_exhook/src/emqx_extension_hook.app.src
deleted file mode 100644
index 0575ec95f..000000000
--- a/apps/emqx_exhook/src/emqx_extension_hook.app.src
+++ /dev/null
@@ -1,14 +0,0 @@
-{application, emqx_extension_hook,
- [{description, "EMQ X Extension for Hook"},
-  {vsn, "git"},
-  {modules, []},
-  {registered, []},
-  {mod, {emqx_extension_hook_app, []}},
-  {applications, [kernel, stdlib, ecpool, erlport]},
-  {env,[]},
-  {licenses, ["Apache-2.0"]},
-  {maintainers, ["EMQ X Team <contact@emqx.io>"]},
-  {links, [{"Homepage", "https://emqx.io/"},
-           {"Github", "https://github.com/emqx/emqx-extension-hook"}
-          ]}
- ]}.
diff --git a/apps/emqx_exhook/src/emqx_extension_hook_driver.erl b/apps/emqx_exhook/src/emqx_extension_hook_driver.erl
deleted file mode 100644
index 2600c6e6b..000000000
--- a/apps/emqx_exhook/src/emqx_extension_hook_driver.erl
+++ /dev/null
@@ -1,305 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_extension_hook_driver).
-
--include_lib("emqx/include/logger.hrl").
-
--logger_header("[ExHook Driver]").
-
-%% Load/Unload
--export([ load/2
-        , unload/1
-        , connect/1
-        ]).
-
-%% APIs
--export([ run_hook/3
-        , run_hook_fold/4]).
-
-%% Infos
--export([ name/1
-        , format/1
-        ]).
-
--record(driver, {
-          %% Driver name (equal to ecpool name)
-          name :: driver_name(),
-          %% Driver type
-          type :: driver_type(),
-          %% Initial Module name
-          init :: atom(),
-          %% Hook Spec
-          hookspec :: hook_spec(),
-          %% Metric fun
-          incfun :: function(),
-          %% low layer state
-          state
-       }).
-
--type driver_name() :: python | python3 | java | webhook | lua | atom().
--type driver_type() :: python | webhok | java | atom().
--type driver() :: #driver{}.
-
--type hook_spec() :: #{hookname() => [{callback_m(), callback_f(), spec()}]}.
--type hookname() :: client_connect
-                  | client_connack
-                  | client_connected
-                  | client_disconnected
-                  | client_authenticate
-                  | client_check_acl
-                  | client_subscribe
-                  | client_unsubscribe
-                  | session_created
-                  | session_subscribed
-                  | session_unsubscribed
-                  | session_resumed
-                  | session_discarded
-                  | session_takeovered
-                  | session_terminated
-                  | message_publish
-                  | message_delivered
-                  | message_acked
-                  | message_dropped.
-
--type callback_m() :: atom().
-
--type callback_f() :: atom().
-
--type spec() :: #{
-        topic => binary()   %% for `message` hook only
-       }.
-
--export_type([driver/0]).
-
-%%--------------------------------------------------------------------
-%% Load/Unload APIs
-%%--------------------------------------------------------------------
-
--spec load(atom(), list()) -> {ok, driver()} | {error, term()} .
-load(Name, Opts0) ->
-    case lists:keytake(init_module, 1, Opts0) of
-        false -> {error, not_found_initial_module};
-        {value, {_,InitM}, Opts} ->
-            Spec = pool_spec(Name, Opts),
-            {ok, _} = emqx_extension_hook_sup:start_driver_pool(Spec),
-            do_init(Name, InitM)
-    end.
-
--spec unload(driver()) -> ok.
-unload(#driver{name = Name, init = InitM}) ->
-    do_deinit(Name, InitM),
-    emqx_extension_hook_sup:stop_driver_pool(Name).
-
-do_deinit(Name, InitM) ->
-    _ = raw_call(type(Name), Name, InitM, 'deinit', []),
-    ok.
-
-do_init(Name, InitM) ->
-    Type = type(Name),
-    case raw_call(Type, Name, InitM, 'init', []) of
-        {ok, {HookSpec, State}} ->
-            NHookSpec = resovle_hook_spec(HookSpec),
-            %% Reigster metrics
-            Prefix = "exhook." ++ atom_to_list(Name) ++ ".",
-            ensure_metrics(Prefix, NHookSpec),
-            {ok, #driver{type = Type,
-                         name = Name,
-                         init = InitM,
-                         state = State,
-                         hookspec = NHookSpec,
-                         incfun = incfun(Prefix) }};
-        {error, Reason} ->
-            emqx_extension_hook_sup:stop_driver_pool(Name),
-            {error, Reason}
-    end.
-
-%% @private
-pool_spec(Name, Opts) ->
-    NOpts = lists:keystore(pool_size, 1, Opts, {pool_size, 1}),
-    ecpool:pool_spec(Name, Name, ?MODULE, [{name, Name} | NOpts]).
-
-resovle_hook_spec(HookSpec) ->
-    Atom = fun(B) -> list_to_atom(B) end,
-    HookSpec1 = lists:map(fun({Name, Module, Func}) ->
-                      {Name, Module, Func, []};
-                 (Other) -> Other
-                end, HookSpec),
-    lists:foldr(
-      fun({Name, Module, Func, Spec}, Acc) ->
-            NameAtom = Atom(Name),
-            Acc#{NameAtom => [{Atom(Module), Atom(Func), maps:from_list(Spec)} | maps:get(NameAtom, Acc, [])]}
-    end, #{}, HookSpec1).
-
-ensure_metrics(Prefix, HookSpec) ->
-    Keys = [ list_to_atom(Prefix ++ atom_to_list(K)) || K <- maps:keys(HookSpec)],
-    lists:foreach(fun emqx_metrics:ensure/1, Keys).
-
-incfun(Prefix) ->
-    fun(Name) ->
-        emqx_metrics:inc(list_to_atom(Prefix ++ atom_to_list(Name)))
-    end.
-
-format(#driver{name = Name, init = InitM, hookspec = Hooks}) ->
-    io_lib:format("name=~p, init_module=~p, hooks=~0p", [Name, InitM, maps:keys(Hooks)]).
-
-%%--------------------------------------------------------------------
-%% ecpool callback
-%%--------------------------------------------------------------------
-
--spec connect(list()) -> {ok, pid()} | {error, any()}.
-connect(Opts0) ->
-    case lists:keytake(name, 1, lists:keydelete(ecpool_worker_id, 1, Opts0)) of
-        {_,{_, Name}, Opts}
-          when Name =:= python;
-               Name =:= python3 ->
-            NOpts = resovle_search_path(python, Opts),
-            python:start_link([{python, atom_to_list(Name)} | NOpts]);
-        {_,{_, Name}, Opts}
-          when Name =:= java ->
-            NOpts = resovle_search_path(java, Opts),
-            java:start_link([{java, atom_to_list(Name)} | NOpts])
-    end.
-
-%% @private
-resovle_search_path(java, Opts) ->
-    case proplists:get_value(java_path, Opts) of
-        undefined -> Opts;
-        Path ->
-            Solved = lists:flatten(
-                       lists:join(pathsep(),
-                                  [expand_jar_packages(filename:absname(P))
-                                   || P <- re:split(Path, pathsep(), [{return, list}]), P /= ""])),
-            lists:keystore(java_path, 1, Opts, {java_path, Solved})
-    end;
-
-resovle_search_path(_, Opts) ->
-    Opts.
-
-expand_jar_packages(Path) ->
-    IsJarPkgs = fun(Name) ->
-                    Ext = filename:extension(Name),
-                    Ext == ".jar" orelse Ext == ".zip"
-                end,
-    case file:list_dir(Path) of
-        {ok, []} -> [Path];
-        {error, _} -> [Path];
-        {ok, Names} ->
-            lists:join(pathsep(),
-                       [Path] ++ [filename:join([Path, Name]) || Name <- Names, IsJarPkgs(Name)])
-    end.
-
-pathsep() ->
-    case os:type() of
-        {win32, _} ->
-            ";";
-        _ ->
-            ":"
-    end.
-
-%%--------------------------------------------------------------------
-%% APIs
-%%--------------------------------------------------------------------
-
-name(#driver{name = Name}) ->
-    Name.
-
--spec run_hook(atom(), list(), driver())
-  -> ok
-   | {ok, term()}
-   | {error, term()}.
-run_hook(Name, Args, Driver = #driver{hookspec = HookSpec, incfun = IncFun}) ->
-    case maps:get(Name, HookSpec, []) of
-        [] -> ok;
-        Cbs ->
-            lists:foldl(fun({M, F, Opts}, _) ->
-                case match_topic_filter(Name, proplists:get_value(topic, Args, null), maps:get(topics, Opts, [])) of
-                    true ->
-                        IncFun(Name),
-                        call(M, F, Args, Driver);
-                    _ -> ok
-                end
-            end, ok, Cbs)
-    end.
-
--spec run_hook_fold(atom(), list(), any(), driver())
-  -> ok
-   | {ok, term()}
-   | {error, term()}.
-run_hook_fold(Name, Args, Acc0, Driver = #driver{hookspec = HookSpec, incfun = IncFun}) ->
-    case maps:get(Name, HookSpec, []) of
-        [] -> ok;
-        Cbs ->
-            lists:foldl(fun({M, F, Opts}, Acc) ->
-                case match_topic_filter(Name, proplists:get_value(topic, Args, null), maps:get(topics, Opts, [])) of
-                    true ->
-                        IncFun(Name),
-                        call(M, F, Args ++ [Acc], Driver);
-                    _ -> ok
-                end
-            end, Acc0, Cbs)
-    end.
-
--compile({inline, [match_topic_filter/3]}).
-match_topic_filter(_Name, null, _TopicFilter) ->
-    true;
-match_topic_filter(Name, TopicName, TopicFilter)
-  when Name =:= message_publish;
-       Name =:= message_delivered;
-       Name =:= message_dropped;
-       Name =:= message_acked ->
-    lists:any(fun(F) -> emqx_topic:match(TopicName, F) end, TopicFilter);
-match_topic_filter(_, _, _) ->
-    true.
-
--spec call(atom(), atom(), list(), driver()) -> ok | {ok, term()} | {error, term()}.
-call(Mod, Fun, Args, #driver{name = Name, type = Type, state = State}) ->
-    with_pool(Name, fun(C) ->
-        do_call(Type, C, Mod, Fun, Args ++ [State])
-    end).
-
-raw_call(Type, Name, Mod, Fun, Args) when is_list(Args) ->
-     with_pool(Name, fun(C) ->
-        do_call(Type, C, Mod, Fun, Args)
-    end).
-
-do_call(Type, C, M, F, A) ->
-    case catch apply(Type, call, [C, M, F, A]) of
-        ok -> ok;
-        undefined -> ok;
-        {_Ok = 0, Return} -> {ok, Return};
-        {_Err = 1, Reason} -> {error, Reason};
-        {'EXIT', Reason, Stk} ->
-            ?LOG(error, "CALL ~p ~p:~p(~p), exception: ~p, stacktrace ~0p",
-                        [Type, M, F, A, Reason, Stk]),
-            {error, Reason};
-        _X ->
-            ?LOG(error, "CALL ~p ~p:~p(~p), unknown return: ~0p",
-                        [Type, M, F, A, _X]),
-            {error, unknown_return_format}
-    end.
-
-%%--------------------------------------------------------------------
-%% Internal funcs
-%%--------------------------------------------------------------------
-
-with_pool(Name, Fun) ->
-    ecpool:with_client(Name, Fun).
-
-type(python3) -> python;
-type(python) -> python;
-type(Name) -> Name.
-
diff --git a/apps/emqx_exhook/src/emqx_extension_hook_handler.erl b/apps/emqx_exhook/src/emqx_extension_hook_handler.erl
deleted file mode 100644
index 3ce9e4e90..000000000
--- a/apps/emqx_exhook/src/emqx_extension_hook_handler.erl
+++ /dev/null
@@ -1,249 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_extension_hook_handler).
-
--include("emqx_extension_hook.hrl").
--include_lib("emqx/include/emqx.hrl").
--include_lib("emqx/include/logger.hrl").
-
--logger_header("[ExHook]").
-
--export([ on_client_connect/2
-        , on_client_connack/3
-        , on_client_connected/2
-        , on_client_disconnected/3
-        , on_client_authenticate/2
-        , on_client_check_acl/4
-        , on_client_subscribe/3
-        , on_client_unsubscribe/3
-        ]).
-
-%% Session Lifecircle Hooks
--export([ on_session_created/2
-        , on_session_subscribed/3
-        , on_session_unsubscribed/3
-        , on_session_resumed/2
-        , on_session_discarded/2
-        , on_session_takeovered/2
-        , on_session_terminated/3
-        ]).
-
-%% Utils
--export([ message/1
-        , validator/1
-        , assign_to_message/2
-        , clientinfo/1
-        , stringfy/1
-        ]).
-
--import(emqx_extension_hook,
-        [ cast/2
-        , call_fold/4
-        ]).
-
--exhooks([ {'client.connect',      {?MODULE, on_client_connect,       []}}
-         , {'client.connack',      {?MODULE, on_client_connack,       []}}
-         , {'client.connected',    {?MODULE, on_client_connected,     []}}
-         , {'client.disconnected', {?MODULE, on_client_disconnected,  []}}
-         , {'client.authenticate', {?MODULE, on_client_authenticate,  []}}
-         , {'client.check_acl',    {?MODULE, on_client_check_acl,     []}}
-         , {'client.subscribe',    {?MODULE, on_client_subscribe,     []}}
-         , {'client.unsubscribe',  {?MODULE, on_client_unsubscribe,   []}}
-         , {'session.created',     {?MODULE, on_session_created,      []}}
-         , {'session.subscribed',  {?MODULE, on_session_subscribed,   []}}
-         , {'session.unsubscribed',{?MODULE, on_session_unsubscribed, []}}
-         , {'session.resumed',     {?MODULE, on_session_resumed,      []}}
-         , {'session.discarded',   {?MODULE, on_session_discarded,    []}}
-         , {'session.takeovered',  {?MODULE, on_session_takeovered,   []}}
-         , {'session.terminated',  {?MODULE, on_session_terminated,   []}}
-         ]).
-
-%%--------------------------------------------------------------------
-%% Clients
-%%--------------------------------------------------------------------
-
-on_client_connect(ConnInfo, _Props) ->
-    cast('client_connect', [conninfo(ConnInfo), props(_Props)]).
-
-on_client_connack(ConnInfo, Rc, _Props) ->
-    cast('client_connack', [conninfo(ConnInfo), Rc, props(_Props)]).
-
-on_client_connected(ClientInfo, _ConnInfo) ->
-    cast('client_connected', [clientinfo(ClientInfo)]).
-
-on_client_disconnected(ClientInfo, {shutdown, Reason}, ConnInfo) when is_atom(Reason) ->
-    on_client_disconnected(ClientInfo, Reason, ConnInfo);
-on_client_disconnected(ClientInfo, Reason, _ConnInfo) ->
-    cast('client_disconnected', [clientinfo(ClientInfo), stringfy(Reason)]).
-
-on_client_authenticate(ClientInfo, AuthResult) ->
-    AccArg = maps:get(auth_result, AuthResult, undefined) == success,
-    Name   = 'client_authenticate',
-    case call_fold(Name, [clientinfo(ClientInfo)], AccArg, validator(Name)) of
-        {stop, Bool} when is_boolean(Bool) ->
-            Result = case Bool of true -> success; _ -> not_authorized end,
-            {stop, AuthResult#{auth_result => Result, anonymous => false}};
-        _ ->
-            {ok, AuthResult}
-    end.
-
-on_client_check_acl(ClientInfo, PubSub, Topic, Result) ->
-    AccArg = Result == allow,
-    Name   = 'client_check_acl',
-    case call_fold(Name, [clientinfo(ClientInfo), PubSub, Topic], AccArg, validator(Name)) of
-        {stop, Bool} when is_boolean(Bool) ->
-            NResult = case Bool of true -> allow; _ -> deny end,
-            {stop, NResult};
-        _ -> {ok, Result}
-    end.
-
-on_client_subscribe(ClientInfo, Props, TopicFilters) ->
-    cast('client_subscribe', [clientinfo(ClientInfo), props(Props), topicfilters(TopicFilters)]).
-
-on_client_unsubscribe(Clientinfo, Props, TopicFilters) ->
-    cast('client_unsubscribe', [clientinfo(Clientinfo), props(Props), topicfilters(TopicFilters)]).
-
-%%--------------------------------------------------------------------
-%% Session
-%%--------------------------------------------------------------------
-
-on_session_created(ClientInfo, _SessInfo) ->
-    cast('session_created', [clientinfo(ClientInfo)]).
-
-on_session_subscribed(Clientinfo, Topic, SubOpts) ->
-    cast('session_subscribed', [clientinfo(Clientinfo), Topic, props(SubOpts)]).
-
-on_session_unsubscribed(ClientInfo, Topic, _SubOpts) ->
-    cast('session_unsubscribed', [clientinfo(ClientInfo), Topic]).
-
-on_session_resumed(ClientInfo, _SessInfo) ->
-    cast('session_resumed', [clientinfo(ClientInfo)]).
-
-on_session_discarded(ClientInfo, _SessInfo) ->
-    cast('session_discarded', [clientinfo(ClientInfo)]).
-
-on_session_takeovered(ClientInfo, _SessInfo) ->
-    cast('session_takeovered', [clientinfo(ClientInfo)]).
-
-on_session_terminated(ClientInfo, Reason, _SessInfo) ->
-    cast('session_terminated', [clientinfo(ClientInfo), stringfy(Reason)]).
-
-%%--------------------------------------------------------------------
-%% Types
-
-props(undefined) -> [];
-props(M) when is_map(M) -> maps:to_list(M).
-
-conninfo(_ConnInfo =
-         #{clientid := ClientId, username := Username, peername := {Peerhost, _},
-           sockname := {_, SockPort}, proto_name := ProtoName, proto_ver := ProtoVer,
-           keepalive := Keepalive}) ->
-    [{node, node()},
-     {clientid, ClientId},
-     {username, maybe(Username)},
-     {peerhost, ntoa(Peerhost)},
-     {sockport, SockPort},
-     {proto_name, ProtoName},
-     {proto_ver, ProtoVer},
-     {keepalive, Keepalive}].
-
-clientinfo(ClientInfo =
-           #{clientid := ClientId, username := Username, peerhost := PeerHost,
-             sockport := SockPort, protocol := Protocol, mountpoint := Mountpoiont}) ->
-    [{node, node()},
-     {clientid, ClientId},
-     {username, maybe(Username)},
-     {password, maybe(maps:get(password, ClientInfo, undefined))},
-     {peerhost, ntoa(PeerHost)},
-     {sockport, SockPort},
-     {protocol, Protocol},
-     {mountpoint, maybe(Mountpoiont)},
-     {is_superuser, maps:get(is_superuser, ClientInfo, false)},
-     {anonymous, maps:get(anonymous, ClientInfo, true)}].
-
-message(#message{id = Id, qos = Qos, from = From, topic = Topic, payload = Payload, timestamp = Ts}) ->
-    [{node, node()},
-     {id, hexstr(Id)},
-     {qos, Qos},
-     {from, From},
-     {topic, Topic},
-     {payload, Payload},
-     {timestamp, Ts}].
-
-topicfilters(Tfs = [{_, _}|_]) ->
-    [{Topic, Qos} || {Topic, #{qos := Qos}} <- Tfs];
-topicfilters(Tfs) ->
-    Tfs.
-
-ntoa({0,0,0,0,0,16#ffff,AB,CD}) ->
-    list_to_binary(inet_parse:ntoa({AB bsr 8, AB rem 256, CD bsr 8, CD rem 256}));
-ntoa(IP) ->
-    list_to_binary(inet_parse:ntoa(IP)).
-
-maybe(undefined) -> <<"">>;
-maybe(B) -> B.
-
-%% @private
-stringfy(Term) when is_binary(Term) ->
-    Term;
-stringfy(Term) when is_atom(Term) ->
-    atom_to_binary(Term, utf8);
-stringfy(Term) when is_tuple(Term) ->
-    iolist_to_binary(io_lib:format("~p", [Term])).
-
-hexstr(B) ->
-    iolist_to_binary([io_lib:format("~2.16.0B", [X]) || X <- binary_to_list(B)]).
-
-%%--------------------------------------------------------------------
-%% Validator funcs
-
-validator(Name) ->
-    fun(V) -> validate_acc_arg(Name, V) end.
-
-validate_acc_arg('client_authenticate', V) when is_boolean(V) -> true;
-validate_acc_arg('client_check_acl',    V) when is_boolean(V) -> true;
-validate_acc_arg('message_publish',     V) when is_list(V) -> validate_msg(V, true);
-validate_acc_arg(_,                     _) -> false.
-
-validate_msg([], Bool) ->
-    Bool;
-validate_msg(_, false) ->
-    false;
-validate_msg([{topic, T} | More], _) ->
-    validate_msg(More, is_binary(T));
-validate_msg([{payload, P} | More], _) ->
-    validate_msg(More, is_binary(P));
-validate_msg([{qos, Q} | More], _) ->
-    validate_msg(More, Q =< 2 andalso Q >= 0);
-validate_msg([{timestamp, T} | More], _) ->
-    validate_msg(More, is_integer(T));
-validate_msg([_ | More], _) ->
-    validate_msg(More, true).
-
-%%--------------------------------------------------------------------
-%% Misc
-
-assign_to_message([], Message) ->
-    Message;
-assign_to_message([{topic, Topic}|More], Message) ->
-    assign_to_message(More, Message#message{topic = Topic});
-assign_to_message([{qos, Qos}|More], Message) ->
-    assign_to_message(More, Message#message{qos = Qos});
-assign_to_message([{payload, Payload}|More], Message) ->
-    assign_to_message(More, Message#message{payload = Payload});
-assign_to_message([_|More], Message) ->
-    assign_to_message(More, Message).
diff --git a/apps/emqx_exhook/test/emqx_exhook_SUITE.erl b/apps/emqx_exhook/test/emqx_exhook_SUITE.erl
new file mode 100644
index 000000000..b66950215
--- /dev/null
+++ b/apps/emqx_exhook/test/emqx_exhook_SUITE.erl
@@ -0,0 +1,53 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_exhook_SUITE).
+
+-compile(export_all).
+-compile(nowarn_export_all).
+
+-include_lib("eunit/include/eunit.hrl").
+-include_lib("common_test/include/ct.hrl").
+
+%%--------------------------------------------------------------------
+%% Setups
+%%--------------------------------------------------------------------
+
+all() -> emqx_ct:all(?MODULE).
+
+init_per_suite(Cfg) ->
+    _ = emqx_exhook_demo_svr:start(),
+    emqx_ct_helpers:start_apps([emqx_exhook], fun set_special_cfgs/1),
+    Cfg.
+
+end_per_suite(_Cfg) ->
+    emqx_ct_helpers:stop_apps([emqx_exhook]),
+    emqx_exhook_demo_svr:stop().
+
+set_special_cfgs(emqx) ->
+    application:set_env(emqx, allow_anonymous, false),
+    application:set_env(emqx, enable_acl_cache, false),
+    application:set_env(emqx, plugins_loaded_file,
+                        emqx_ct_helpers:deps_path(emqx, "test/emqx_SUITE_data/loaded_plugins"));
+set_special_cfgs(emqx_exhook) ->
+    ok.
+
+%%--------------------------------------------------------------------
+%% Test cases
+%%--------------------------------------------------------------------
+
+t_hooks(_Cfg) ->
+    ok.
diff --git a/apps/emqx_exhook/test/emqx_exhook_demo_svr.erl b/apps/emqx_exhook/test/emqx_exhook_demo_svr.erl
new file mode 100644
index 000000000..05fa07465
--- /dev/null
+++ b/apps/emqx_exhook/test/emqx_exhook_demo_svr.erl
@@ -0,0 +1,297 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_exhook_demo_svr).
+
+-behavior(emqx_exhook_v_1_hook_provider_bhvr).
+
+%%
+-export([ start/0
+        , stop/0
+        , take/0
+        , in/1
+        ]).
+
+%% gRPC server HookProvider callbacks
+-export([ on_provider_loaded/2
+        , on_provider_unloaded/2
+        , on_client_connect/2
+        , on_client_connack/2
+        , on_client_connected/2
+        , on_client_disconnected/2
+        , on_client_authenticate/2
+        , on_client_check_acl/2
+        , on_client_subscribe/2
+        , on_client_unsubscribe/2
+        , on_session_created/2
+        , on_session_subscribed/2
+        , on_session_unsubscribed/2
+        , on_session_resumed/2
+        , on_session_discarded/2
+        , on_session_takeovered/2
+        , on_session_terminated/2
+        , on_message_publish/2
+        , on_message_delivered/2
+        , on_message_dropped/2
+        , on_message_acked/2
+        ]).
+
+-define(PORT, 9000).
+-define(NAME, ?MODULE).
+
+%%--------------------------------------------------------------------
+%% Server APIs
+%%--------------------------------------------------------------------
+
+start() ->
+    Pid = spawn(fun mngr_main/0),
+    register(?MODULE, Pid),
+    {ok, Pid}.
+
+stop() ->
+    grpc:stop_server(?NAME),
+    ?MODULE ! stop.
+
+take() ->
+    ?MODULE ! {take, self()},
+    receive {value, V} -> V
+    after 5000 -> error(timeout) end.
+
+in({FunName, Req}) ->
+    ?MODULE ! {in, FunName, Req}.
+
+mngr_main() ->
+    application:ensure_all_started(grpc),
+    Services = #{protos => [emqx_exhook_pb],
+                 services => #{'emqx.exhook.v1.HookProvider' => emqx_exhook_demo_svr}
+                },
+    Options = [],
+    Svr = grpc:start_server(?NAME, ?PORT, Services, Options),
+    mngr_loop([Svr, queue:new(), queue:new()]).
+
+mngr_loop([Svr, Q, Takes]) ->
+    receive
+        {in, FunName, Req} ->
+            {NQ1, NQ2} = reply(queue:in({FunName, Req}, Q), Takes),
+            mngr_loop([Svr, NQ1, NQ2]);
+        {take, From} ->
+            {NQ1, NQ2} = reply(Q, queue:in(From, Takes)),
+            mngr_loop([Svr, NQ1, NQ2]);
+        stop ->
+            exit(normal)
+    end.
+
+reply(Q1, Q2) ->
+    case queue:len(Q1) =:= 0 orelse
+         queue:len(Q2) =:= 0 of
+        true -> {Q1, Q2};
+        _ ->
+            {{value, {Name, V}}, NQ1} = queue:out(Q1),
+            {{value, From}, NQ2} = queue:out(Q2),
+            From ! {value, {Name, V}},
+            {NQ1, NQ2}
+    end.
+
+%%--------------------------------------------------------------------
+%% callbacks
+%%--------------------------------------------------------------------
+
+-spec on_provider_loaded(emqx_exhook_pb:provider_loaded_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:loaded_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+
+on_provider_loaded(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{hooks => [
+                     #{name => <<"client.connect">>},
+                     #{name => <<"client.connack">>},
+                     #{name => <<"client.connected">>},
+                     #{name => <<"client.disconnected">>},
+                     #{name => <<"client.authenticate">>},
+                     #{name => <<"client.check_acl">>},
+                     #{name => <<"client.subscribe">>},
+                     #{name => <<"client.unsubscribe">>},
+                     #{name => <<"session.created">>},
+                     #{name => <<"session.subscribed">>},
+                     #{name => <<"session.unsubscribed">>},
+                     #{name => <<"session.resumed">>},
+                     #{name => <<"session.discarded">>},
+                     #{name => <<"session.takeovered">>},
+                     #{name => <<"session.terminated">>},
+                     #{name => <<"message.publish">>},
+                     #{name => <<"message.delivered">>},
+                     #{name => <<"message.acked">>},
+                     #{name => <<"message.dropped">>}]}, Md}.
+-spec on_provider_unloaded(emqx_exhook_pb:provider_unloaded_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_provider_unloaded(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_connect(emqx_exhook_pb:client_connect_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_connect(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_connack(emqx_exhook_pb:client_connack_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_connack(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_connected(emqx_exhook_pb:client_connected_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_connected(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_disconnected(emqx_exhook_pb:client_disconnected_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_disconnected(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_authenticate(emqx_exhook_pb:client_authenticate_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:valued_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_authenticate(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{type => 'IGNORE'}, Md}.
+
+-spec on_client_check_acl(emqx_exhook_pb:client_check_acl_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:valued_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_check_acl(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{type => 'STOP_AND_RETURN', value => {bool_result, true}}, Md}.
+
+-spec on_client_subscribe(emqx_exhook_pb:client_subscribe_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_subscribe(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_client_unsubscribe(emqx_exhook_pb:client_unsubscribe_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_client_unsubscribe(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_created(emqx_exhook_pb:session_created_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_created(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_subscribed(emqx_exhook_pb:session_subscribed_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_subscribed(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_unsubscribed(emqx_exhook_pb:session_unsubscribed_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_unsubscribed(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_resumed(emqx_exhook_pb:session_resumed_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_resumed(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_discarded(emqx_exhook_pb:session_discarded_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_discarded(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_takeovered(emqx_exhook_pb:session_takeovered_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_takeovered(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_session_terminated(emqx_exhook_pb:session_terminated_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_session_terminated(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_message_publish(emqx_exhook_pb:message_publish_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:valued_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_message_publish(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_message_delivered(emqx_exhook_pb:message_delivered_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_message_delivered(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_message_dropped(emqx_exhook_pb:message_dropped_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_message_dropped(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_message_acked(emqx_exhook_pb:message_acked_request(), grpc:metadata())
+    -> {ok, emqx_exhook_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_message_acked(Req, Md) ->
+    ?MODULE:in({?FUNCTION_NAME, Req}),
+    %io:format("fun: ~p, req: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
diff --git a/apps/emqx_exhook/test/emqx_extension_hook_SUITE.erl b/apps/emqx_exhook/test/emqx_extension_hook_SUITE.erl
deleted file mode 100644
index 11237b7fd..000000000
--- a/apps/emqx_exhook/test/emqx_extension_hook_SUITE.erl
+++ /dev/null
@@ -1,139 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_extension_hook_SUITE).
-
--compile(export_all).
--compile(nowarn_export_all).
-
--include_lib("eunit/include/eunit.hrl").
--include_lib("common_test/include/ct.hrl").
-
-%%--------------------------------------------------------------------
-%% Setups
-%%--------------------------------------------------------------------
-
-all() -> emqx_ct:all(?MODULE).
-
-init_per_suite(Cfg) ->
-    emqx_ct_helpers:start_apps([emqx_extension_hook], fun set_special_cfgs/1),
-    emqx_logger:set_log_level(warning),
-    Cfg.
-
-end_per_suite(_) ->
-    emqx_ct_helpers:stop_apps([emqx_extension_hook]).
-
-set_special_cfgs(emqx) ->
-    application:set_env(emqx, allow_anonymous, false),
-    application:set_env(emqx, enable_acl_cache, false),
-    application:set_env(emqx, plugins_loaded_file,
-                        emqx_ct_helpers:deps_path(emqx, "test/emqx_SUITE_data/loaded_plugins"));
-set_special_cfgs(emqx_extension_hook) ->
-    application:set_env(emqx_extension_hook, drivers, []),
-    ok.
-
-reload_plugin_with(_DriverName = python3) ->
-    application:stop(emqx_extension_hook),
-    Path = emqx_ct_helpers:deps_path(emqx_extension_hook, "test/scripts"),
-    Drivers = [{python3, [{init_module, main},
-                          {python_path, Path},
-                          {call_timeout, 5000}]}],
-    application:set_env(emqx_extension_hook, drivers, Drivers),
-    application:ensure_all_started(emqx_extension_hook);
-
-reload_plugin_with(_DriverName = java) ->
-    application:stop(emqx_extension_hook),
-
-    ErlPortJar = emqx_ct_helpers:deps_path(erlport, "priv/java/_pkgs/erlport.jar"),
-    Path = emqx_ct_helpers:deps_path(emqx_extension_hook, "test/scripts"),
-    Drivers = [{java, [{init_module, 'Main'},
-                       {java_path, Path},
-                       {call_timeout, 5000}]}],
-
-    %% Compile it
-    ct:pal(os:cmd(lists:concat(["cd ", Path, " && ",
-                                "rm -rf Main.class State.class && ",
-                                "javac -cp ", ErlPortJar, " Main.java"]))),
-
-    application:set_env(emqx_extension_hook, drivers, Drivers),
-    application:ensure_all_started(emqx_extension_hook).
-
-%%--------------------------------------------------------------------
-%% Test cases
-%%--------------------------------------------------------------------
-
-t_python3(_) ->
-    reload_plugin_with(python3),
-    schedule_all_hooks().
-
-t_java(_) ->
-    reload_plugin_with(java),
-    schedule_all_hooks().
-
-schedule_all_hooks() ->
-    ok = emqx_extension_hook_handler:on_client_connect(conninfo(), #{}),
-    ok = emqx_extension_hook_handler:on_client_connack(conninfo(), success,#{}),
-    ok = emqx_extension_hook_handler:on_client_connected(clientinfo(), conninfo()),
-    ok = emqx_extension_hook_handler:on_client_disconnected(clientinfo(), takeovered, conninfo()),
-    {stop, #{auth_result := success,
-             anonymous := false}} = emqx_extension_hook_handler:on_client_authenticate(clientinfo(), #{auth_result => not_authorised, anonymous => true}),
-    {stop, allow} = emqx_extension_hook_handler:on_client_check_acl(clientinfo(), publish, <<"t/a">>, deny),
-    ok = emqx_extension_hook_handler:on_client_subscribe(clientinfo(), #{}, sub_topicfilters()),
-    ok = emqx_extension_hook_handler:on_client_unsubscribe(clientinfo(), #{}, unsub_topicfilters()),
-
-    ok = emqx_extension_hook_handler:on_session_created(clientinfo(), sessinfo()),
-    ok = emqx_extension_hook_handler:on_session_subscribed(clientinfo(), <<"t/a">>, subopts()),
-    ok = emqx_extension_hook_handler:on_session_unsubscribed(clientinfo(), <<"t/a">>, subopts()),
-    ok = emqx_extension_hook_handler:on_session_resumed(clientinfo(), sessinfo()),
-    ok = emqx_extension_hook_handler:on_session_discarded(clientinfo(), sessinfo()),
-    ok = emqx_extension_hook_handler:on_session_takeovered(clientinfo(), sessinfo()),
-    ok = emqx_extension_hook_handler:on_session_terminated(clientinfo(), sockerr, sessinfo()).
-
-%%--------------------------------------------------------------------
-%% Generator
-%%--------------------------------------------------------------------
-
-conninfo() ->
-    #{clientid => <<"123">>,
-      username => <<"abc">>,
-      peername => {{127,0,0,1}, 2341},
-      sockname => {{0,0,0,0}, 1883},
-      proto_name => <<"MQTT">>,
-      proto_ver => 4,
-      keepalive => 60
-     }.
-
-clientinfo() ->
-    #{clientid => <<"123">>,
-      username => <<"abc">>,
-      peerhost => {127,0,0,1},
-      sockport => 1883,
-      protocol => 'mqtt',
-      mountpoint => undefined
-     }.
-
-sub_topicfilters() ->
-    [{<<"t/a">>, #{qos => 1}}].
-
-unsub_topicfilters() ->
-    [<<"t/a">>].
-
-sessinfo() ->
-    {session,xxx,yyy}.
-
-subopts() ->
-    #{qos => 1, rh => 0, rap => 0, nl => 0}.
-
diff --git a/apps/emqx_exhook/test/props/prop_exhook_hooks.erl b/apps/emqx_exhook/test/props/prop_exhook_hooks.erl
new file mode 100644
index 000000000..e4c11dd3d
--- /dev/null
+++ b/apps/emqx_exhook/test/props/prop_exhook_hooks.erl
@@ -0,0 +1,537 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(prop_exhook_hooks).
+
+-include_lib("proper/include/proper.hrl").
+-include_lib("eunit/include/eunit.hrl").
+
+-import(emqx_ct_proper_types,
+        [ conninfo/0
+        , clientinfo/0
+        , sessioninfo/0
+        , message/0
+        , connack_return_code/0
+        , topictab/0
+        , topic/0
+        , subopts/0
+        ]).
+
+-define(ALL(Vars, Types, Exprs),
+        ?SETUP(fun() ->
+            State = do_setup(),
+            fun() -> do_teardown(State) end
+         end, ?FORALL(Vars, Types, Exprs))).
+
+%%--------------------------------------------------------------------
+%% Properties
+%%--------------------------------------------------------------------
+
+prop_client_connect() ->
+    ?ALL({ConnInfo, ConnProps},
+         {conninfo(), conn_properties()},
+       begin
+           _OutConnProps = emqx_hooks:run_fold('client.connect', [ConnInfo], ConnProps),
+           {'on_client_connect', Resp} = emqx_exhook_demo_svr:take(),
+           Expected =
+               #{props => properties(ConnProps),
+                 conninfo =>
+                   #{node => nodestr(),
+                     clientid => maps:get(clientid, ConnInfo),
+                     username => maybe(maps:get(username, ConnInfo, <<>>)),
+                     peerhost => peerhost(ConnInfo),
+                     sockport => sockport(ConnInfo),
+                     proto_name => maps:get(proto_name, ConnInfo),
+                     proto_ver => stringfy(maps:get(proto_ver, ConnInfo)),
+                     keepalive => maps:get(keepalive, ConnInfo)
+                    }
+                },
+           ?assertEqual(Expected, Resp),
+           true
+       end).
+
+prop_client_connack() ->
+    ?ALL({ConnInfo, Rc, AckProps},
+         {conninfo(), connack_return_code(), ack_properties()},
+        begin
+            _OutAckProps = emqx_hooks:run_fold('client.connack', [ConnInfo, Rc], AckProps),
+            {'on_client_connack', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{props => properties(AckProps),
+                  result_code => atom_to_binary(Rc, utf8),
+                  conninfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ConnInfo),
+                      username => maybe(maps:get(username, ConnInfo, <<>>)),
+                      peerhost => peerhost(ConnInfo),
+                      sockport => sockport(ConnInfo),
+                      proto_name => maps:get(proto_name, ConnInfo),
+                      proto_ver => stringfy(maps:get(proto_ver, ConnInfo)),
+                      keepalive => maps:get(keepalive, ConnInfo)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_client_authenticate() ->
+    ?ALL({ClientInfo, AuthResult}, {clientinfo(), authresult()},
+        begin
+            _OutAuthResult = emqx_hooks:run_fold('client.authenticate', [ClientInfo], AuthResult),
+            {'on_client_authenticate', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{result => authresult_to_bool(AuthResult),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_client_check_acl() ->
+    ?ALL({ClientInfo, PubSub, Topic, Result},
+         {clientinfo(), oneof([publish, subscribe]), topic(), oneof([allow, deny])},
+        begin
+            _OutResult = emqx_hooks:run_fold('client.check_acl', [ClientInfo, PubSub, Topic], Result),
+            {'on_client_check_acl', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{result => aclresult_to_bool(Result),
+                  type => pubsub_to_enum(PubSub),
+                  topic => Topic,
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+
+prop_client_connected() ->
+    ?ALL({ClientInfo, ConnInfo},
+         {clientinfo(), conninfo()},
+        begin
+            ok = emqx_hooks:run('client.connected', [ClientInfo, ConnInfo]),
+            {'on_client_connected', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_client_disconnected() ->
+    ?ALL({ClientInfo, Reason, ConnInfo},
+         {clientinfo(), shutdown_reason(), conninfo()},
+        begin
+            ok = emqx_hooks:run('client.disconnected', [ClientInfo, Reason, ConnInfo]),
+            {'on_client_disconnected', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{reason => stringfy(Reason),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_client_subscribe() ->
+    ?ALL({ClientInfo, SubProps, TopicTab},
+         {clientinfo(), sub_properties(), topictab()},
+        begin
+            _OutTopicTab = emqx_hooks:run_fold('client.subscribe', [ClientInfo, SubProps], TopicTab),
+            {'on_client_subscribe', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{props => properties(SubProps),
+                  topic_filters => topicfilters(TopicTab),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_client_unsubscribe() ->
+    ?ALL({ClientInfo, UnSubProps, TopicTab},
+         {clientinfo(), unsub_properties(), topictab()},
+        begin
+            _OutTopicTab = emqx_hooks:run_fold('client.unsubscribe', [ClientInfo, UnSubProps], TopicTab),
+            {'on_client_unsubscribe', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{props => properties(UnSubProps),
+                  topic_filters => topicfilters(TopicTab),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_created() ->
+    ?ALL({ClientInfo, SessInfo}, {clientinfo(), sessioninfo()},
+        begin
+            ok = emqx_hooks:run('session.created', [ClientInfo, SessInfo]),
+            {'on_session_created', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+             ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_subscribed() ->
+    ?ALL({ClientInfo, Topic, SubOpts},
+         {clientinfo(), topic(), subopts()},
+        begin
+            ok = emqx_hooks:run('session.subscribed', [ClientInfo, Topic, SubOpts]),
+            {'on_session_subscribed', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{topic => Topic,
+                  subopts => subopts(SubOpts),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_unsubscribed() ->
+    ?ALL({ClientInfo, Topic, SubOpts},
+         {clientinfo(), topic(), subopts()},
+        begin
+            ok = emqx_hooks:run('session.unsubscribed', [ClientInfo, Topic, SubOpts]),
+            {'on_session_unsubscribed', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{topic => Topic,
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_resumed() ->
+    ?ALL({ClientInfo, SessInfo}, {clientinfo(), sessioninfo()},
+        begin
+            ok = emqx_hooks:run('session.resumed', [ClientInfo, SessInfo]),
+            {'on_session_resumed', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_discared() ->
+    ?ALL({ClientInfo, SessInfo}, {clientinfo(), sessioninfo()},
+        begin
+            ok = emqx_hooks:run('session.discarded', [ClientInfo, SessInfo]),
+            {'on_session_discarded', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_takeovered() ->
+    ?ALL({ClientInfo, SessInfo}, {clientinfo(), sessioninfo()},
+        begin
+            ok = emqx_hooks:run('session.takeovered', [ClientInfo, SessInfo]),
+            {'on_session_takeovered', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+            true
+        end).
+
+prop_session_terminated() ->
+    ?ALL({ClientInfo, Reason, SessInfo},
+         {clientinfo(), shutdown_reason(), sessioninfo()},
+        begin
+            ok = emqx_hooks:run('session.terminated', [ClientInfo, Reason, SessInfo]),
+            {'on_session_terminated', Resp} = emqx_exhook_demo_svr:take(),
+            Expected =
+                #{reason => stringfy(Reason),
+                  clientinfo =>
+                    #{node => nodestr(),
+                      clientid => maps:get(clientid, ClientInfo),
+                      username => maybe(maps:get(username, ClientInfo, <<>>)),
+                      password => maybe(maps:get(password, ClientInfo, <<>>)),
+                      peerhost => ntoa(maps:get(peerhost, ClientInfo)),
+                      sockport => maps:get(sockport, ClientInfo),
+                      protocol => stringfy(maps:get(protocol, ClientInfo)),
+                      mountpoint => maybe(maps:get(mountpoint, ClientInfo, <<>>)),
+                      is_superuser => maps:get(is_superuser, ClientInfo, false),
+                      anonymous => maps:get(anonymous, ClientInfo, true)
+                     }
+                 },
+            ?assertEqual(Expected, Resp),
+
+            true
+        end).
+
+nodestr() ->
+    stringfy(node()).
+
+peerhost(#{peername := {Host, _}}) ->
+    ntoa(Host).
+
+sockport(#{sockname := {_, Port}}) ->
+    Port.
+
+%% copied from emqx_exhook
+
+ntoa({0,0,0,0,0,16#ffff,AB,CD}) ->
+    list_to_binary(inet_parse:ntoa({AB bsr 8, AB rem 256, CD bsr 8, CD rem 256}));
+ntoa(IP) ->
+    list_to_binary(inet_parse:ntoa(IP)).
+
+maybe(undefined) -> <<>>;
+maybe(B) -> B.
+
+properties(undefined) -> [];
+properties(M) when is_map(M) ->
+    maps:fold(fun(K, V, Acc) ->
+        [#{name => stringfy(K),
+           value => stringfy(V)} | Acc]
+    end, [], M).
+
+topicfilters(Tfs) when is_list(Tfs) ->
+    [#{name => Topic, qos => Qos} || {Topic, #{qos := Qos}} <- Tfs].
+
+%% @private
+stringfy(Term) when is_binary(Term) ->
+    Term;
+stringfy(Term) when is_integer(Term) ->
+    integer_to_binary(Term);
+stringfy(Term) when is_atom(Term) ->
+    atom_to_binary(Term, utf8);
+stringfy(Term) ->
+    unicode:characters_to_binary((io_lib:format("~0p", [Term]))).
+
+subopts(SubOpts) ->
+    #{qos => maps:get(qos, SubOpts, 0),
+      rh => maps:get(rh, SubOpts, 0),
+      rap => maps:get(rap, SubOpts, 0),
+      nl => maps:get(nl, SubOpts, 0),
+      share => maps:get(share, SubOpts, <<>>)
+     }.
+
+authresult_to_bool(AuthResult) ->
+    maps:get(auth_result, AuthResult, undefined) == success.
+
+aclresult_to_bool(Result) ->
+    Result == allow.
+
+pubsub_to_enum(publish) -> 'PUBLISH';
+pubsub_to_enum(subscribe) -> 'SUBSCRIBE'.
+
+%prop_message_publish() ->
+%    ?ALL({Msg, Env, Encode}, {message(), topic_filter_env()},
+%        begin
+%            true
+%        end).
+%
+%prop_message_delivered() ->
+%    ?ALL({ClientInfo, Msg, Env, Encode}, {clientinfo(), message(), topic_filter_env()},
+%        begin
+%            true
+%        end).
+%
+%prop_message_acked() ->
+%    ?ALL({ClientInfo, Msg, Env, Encode}, {clientinfo(), message()},
+%        begin
+%            true
+%        end).
+
+%%--------------------------------------------------------------------
+%% Helper
+%%--------------------------------------------------------------------
+
+do_setup() ->
+    _ = emqx_exhook_demo_svr:start(),
+    emqx_ct_helpers:start_apps([emqx_exhook], fun set_special_cfgs/1),
+    emqx_logger:set_log_level(warning),
+    %% waiting first loaded event
+    {'on_provider_loaded', _} = emqx_exhook_demo_svr:take(),
+    ok.
+
+do_teardown(_) ->
+    emqx_ct_helpers:stop_apps([emqx_exhook]),
+    %% waiting last unloaded event
+    {'on_provider_unloaded', _} = emqx_exhook_demo_svr:take(),
+    _ = emqx_exhook_demo_svr:stop(),
+    timer:sleep(2000),
+    ok.
+
+set_special_cfgs(emqx) ->
+    application:set_env(emqx, allow_anonymous, false),
+    application:set_env(emqx, enable_acl_cache, false),
+    application:set_env(emqx, plugins_loaded_file,
+                        emqx_ct_helpers:deps_path(emqx, "test/emqx_SUITE_data/loaded_plugins"));
+set_special_cfgs(emqx_exhook) ->
+    ok.
+
+%%--------------------------------------------------------------------
+%% Generators
+%%--------------------------------------------------------------------
+
+conn_properties() ->
+    #{}.
+
+ack_properties() ->
+    #{}.
+
+sub_properties() ->
+    #{}.
+
+unsub_properties() ->
+    #{}.
+
+shutdown_reason() ->
+    oneof([utf8(), {shutdown, atom()}]).
+
+authresult() ->
+    #{auth_result => connack_return_code()}.
+
+%topic_filter_env() ->
+%    oneof([{<<"#">>}, {undefined}, {topic()}]).
diff --git a/apps/emqx_exhook/test/scripts/Main.java b/apps/emqx_exhook/test/scripts/Main.java
deleted file mode 100644
index 996b729f6..000000000
--- a/apps/emqx_exhook/test/scripts/Main.java
+++ /dev/null
@@ -1,160 +0,0 @@
-import java.io.*;
-import java.util.*;
-import com.erlport.erlang.term.*;
-
-class State implements Serializable {
-
-    Integer times;
-
-    public State() {
-        times = 0;
-    }
-
-    public Integer incr() {
-        times += 1;
-        return times;
-    }
-
-    @Override
-    public String toString() {
-        return String.format("State(times: %d)", times);
-    }
-}
-
-public class Main {
-
-    public static Object init() {
-        System.err.printf("Initiate driver...\n");
-
-        // [{"topics", ["t/#", "t/a"]}]
-        List<Object> topics = new ArrayList<Object>();
-        topics.add(new Binary("t/#"));
-        topics.add(new Binary("test/#"));
-
-        List<Object> actionOpts  = new ArrayList<Object>();
-        actionOpts.add(Tuple.two(new Atom("topics"), topics));
-
-        Object[] actions0 = new Object[] {
-            Tuple.three("client_connect", "Main", "on_client_connect"),
-            Tuple.three("client_connack", "Main", "on_client_connack"),
-            Tuple.three("client_connected", "Main", "on_client_connected"),
-            Tuple.three("client_disconnected", "Main", "on_client_disconnected"),
-            Tuple.three("client_authenticate", "Main", "on_client_authenticate"),
-            Tuple.three("client_check_acl", "Main", "on_client_check_acl"),
-            Tuple.three("client_subscribe", "Main", "on_client_subscribe"),
-            Tuple.three("client_unsubscribe", "Main", "on_client_unsubscribe"),
-
-            Tuple.three("session_created", "Main", "on_session_created"),
-            Tuple.three("session_subscribed", "Main", "on_session_subscribed"),
-            Tuple.three("session_unsubscribed", "Main", "on_session_unsubscribed"),
-            Tuple.three("session_resumed", "Main", "on_session_resumed"),
-            Tuple.three("session_discarded", "Main", "on_session_discarded"),
-            Tuple.three("session_takeovered", "Main", "on_session_takeovered"),
-            Tuple.three("session_terminated", "Main", "on_session_terminated"),
-
-            Tuple.four("message_publish", "Main", "on_message_publish", actionOpts),
-            Tuple.four("message_delivered", "Main", "on_message_delivered", actionOpts),
-            Tuple.four("message_acked", "Main", "on_message_acked", actionOpts),
-            Tuple.four("message_dropped", "Main", "on_message_dropped", actionOpts)
-        };
-
-        List<Object> actions = new ArrayList<Object>(Arrays.asList(actions0));
-
-        State state = new State();
-        //Tuple state = new Tuple(0);
-
-        // {0 | 1, [{HookName, CallModule, CallFunction, Opts}]}
-        return Tuple.two(0, Tuple.two(actions, state));
-    }
-
-    public static void deinit() {
-
-    }
-
-    // Callbacks
-
-    public static void on_client_connect(Object connInfo, Object props, Object state) {
-        System.err.printf("[Java] on_client_connect: connInfo: %s, props: %s, state: %s\n", connInfo, props, state);
-    }
-
-    public static void on_client_connack(Object connInfo, Object rc, Object props, Object state) {
-        System.err.printf("[Java] on_client_connack: connInfo: %s, rc: %s, props: %s, state: %s\n", connInfo, rc, props, state);
-    }
-
-    public static void on_client_connected(Object clientInfo, Object state) {
-        System.err.printf("[Java] on_client_connected: clientinfo: %s, state: %s\n", clientInfo, state);
-    }
-
-    public static void on_client_disconnected(Object clientInfo, Object reason, Object state) {
-        System.err.printf("[Java] on_client_disconnected: clientinfo: %s, reason: %s, state: %s\n", clientInfo, reason, state);
-    }
-
-    public static Object on_client_authenticate(Object clientInfo, Object authresult, Object state) {
-        System.err.printf("[Java] on_client_authenticate: clientinfo: %s, authresult: %s, state: %s\n", clientInfo, authresult, state);
-
-        return Tuple.two(0, true);
-    }
-
-    public static Object on_client_check_acl(Object clientInfo, Object pubsub, Object topic, Object result, Object state) {
-        System.err.printf("[Java] on_client_check_acl: clientinfo: %s, pubsub: %s, topic: %s, result: %s, state: %s\n", clientInfo, pubsub, topic, result, state);
-
-        return Tuple.two(0, true);
-    }
-
-    public static void on_client_subscribe(Object clientInfo, Object props, Object topic, Object state) {
-        System.err.printf("[Java] on_client_subscribe: clientinfo: %s, props: %s, topic: %s, state: %s\n", clientInfo, props, topic, state);
-    }
-
-    public static void on_client_unsubscribe(Object clientInfo, Object props, Object topic, Object state) {
-        System.err.printf("[Java] on_client_unsubscribe: clientinfo: %s, props: %s, topic: %s, state: %s\n", clientInfo, props, topic, state);
-    }
-
-    // Sessions
-
-    public static void on_session_created(Object clientInfo, Object state) {
-        System.err.printf("[Java] on_session_created: clientinfo: %s, state: %s\n", clientInfo, state);
-    }
-
-    public static void on_session_subscribed(Object clientInfo, Object topic, Object opts, Object state) {
-        System.err.printf("[Java] on_session_subscribed: clientinfo: %s, topic: %s, subopts: %s, state: %s\n", clientInfo, topic, opts, state);
-    }
-
-    public static void on_session_unsubscribed(Object clientInfo, Object topic, Object state) {
-        System.err.printf("[Java] on_session_unsubscribed: clientinfo: %s, topic: %s, state: %s\n", clientInfo, topic, state);
-    }
-
-    public static void on_session_resumed(Object clientInfo, Object state) {
-        System.err.printf("[Java] on_session_resumed: clientinfo: %s, state: %s\n", clientInfo, state);
-    }
-
-    public static void on_session_discarded(Object clientInfo, Object state) {
-        System.err.printf("[Java] on_session_discarded: clientinfo: %s, state: %s\n", clientInfo, state);
-    }
-
-    public static void on_session_takeovered(Object clientInfo, Object state) {
-        System.err.printf("[Java] on_session_takeovered: clientinfo: %s, state: %s\n", clientInfo, state);
-    }
-
-    public static void on_session_terminated(Object clientInfo, Object reason, Object state) {
-        System.err.printf("[Java] on_session_terminated: clientinfo: %s, reason: %s, state: %s\n", clientInfo, reason, state);
-    }
-
-    // Messages
-
-    public static Object on_message_publish(Object message, Object state) {
-        System.err.printf("[Java] on_message_publish: message: %s, state: %s\n", message, state);
-        return Tuple.two(0, message);
-    }
-
-    public static void on_message_dropped(Object message, Object reason, Object state) {
-        System.err.printf("[Java] on_message_dropped: message: %s, reason: %s, state: %s\n", message, reason, state);
-    }
-
-    public static void on_message_delivered(Object clientInfo, Object message, Object state) {
-        System.err.printf("[Java] on_message_delivered: clientinfo: %s, message: %s, state: %s\n", clientInfo, message, state);
-    }
-
-    public static void on_message_acked(Object clientInfo, Object message, Object state) {
-        System.err.printf("[Java] on_message_acked: clientinfo: %s, message: %s, state: %s\n", clientInfo, message, state);
-    }
-}
diff --git a/apps/emqx_exhook/test/scripts/main.py b/apps/emqx_exhook/test/scripts/main.py
deleted file mode 100644
index dcfa1d7e4..000000000
--- a/apps/emqx_exhook/test/scripts/main.py
+++ /dev/null
@@ -1,134 +0,0 @@
-#!/usr/bin/python
-# -*- coding: UTF-8 -*-
-
-OK = 0
-ERROR = 1
-
-## Return :: (HookSpec, State)
-##
-## HookSpec :: [(HookName, CallbackModule, CallbackFunction, Opts)]
-## State  :: Any
-##
-## HookName :: "client_connect" | "client_connack" | "client_connected" | ...
-## CallbackModule :: ...
-## CallbackFunctiin :: ...
-## Opts :: [(Key, Value)]
-def init():
-    ## Maybe a connection object?
-    state = ()
-    hookspec = [("client_connect",      "main", "on_client_connect", []),
-                ("client_connack",      "main", "on_client_connack", []),
-                ("client_connected",    "main", "on_client_connected", []),
-                ("client_disconnected", "main", "on_client_disconnected", []),
-                ("client_authenticate", "main", "on_client_authenticate", []),
-                ("client_check_acl",    "main", "on_client_check_acl", []),
-                ("client_subscribe",    "main", "on_client_subscribe", []),
-                ("client_unsubscribe",  "main", "on_client_unsubscribe", []),
-                ("session_created",     "main", "on_session_created", []),
-                ("session_subscribed",  "main", "on_session_subscribed", []),
-                ("session_unsubscribed","main", "on_session_unsubscribed", []),
-                ("session_resumed",     "main", "on_session_resumed", []),
-                ("session_discarded",   "main", "on_session_discarded", []),
-                ("session_takeovered",  "main", "on_session_takeovered", []),
-                ("session_terminated",  "main", "on_session_terminated", []),
-                ("message_publish",     "main", "on_message_publish", [("topics", ["t/#"])]),
-                ("message_delivered",   "main", "on_message_delivered", [("topics", ["t/#"])]),
-                ("message_acked",       "main", "on_message_acked", [("topics", ["t/#"])]),
-                ("message_dropped",     "main", "on_message_dropped", [("topics", ["t/#"])])
-               ]
-    return (OK, (hookspec, state))
-
-def deinit():
-    return
-
-##--------------------------------------------------------------------
-## Callback functions
-##--------------------------------------------------------------------
-
-
-##--------------------------------------------------------------------
-## Clients
-
-def on_client_connect(conninfo, props, state):
-    print("on_client_connect: conninfo: {0}, props: {1}, state: {2}".format(conninfo, props, state))
-    return
-
-def on_client_connack(conninfo, rc, props, state):
-    print("on_client_connack: conninfo: {0}, rc{1}, props: {2}, state: {3}".format(conninfo, rc, props, state))
-    return
-
-def on_client_connected(clientinfo, state):
-    print("on_client_connected: clientinfo: {0}, state: {1}".format(clientinfo, state))
-    return
-
-def on_client_disconnected(clientinfo, reason, state):
-    print("on_client_disconnected: clientinfo: {0}, reason: {1}, state: {2}".format(clientinfo, reason, state))
-    return
-
-def on_client_authenticate(clientinfo, authresult, state):
-    print("on_client_authenticate: clientinfo: {0}, authresult: {1}, state: {2}".format(clientinfo, authresult, state))
-    ## True / False
-    return (OK, True)
-
-def on_client_check_acl(clientinfo, pubsub, topic, result, state):
-    print("on_client_check_acl: clientinfo: {0}, pubsub: {1}, topic: {2}, result: {3}, state: {4}".format(clientinfo, pubsub, topic, result, state))
-    ## True / False
-    return (OK, True)
-
-def on_client_subscribe(clientinfo, props, topics, state):
-    print("on_client_subscribe: clientinfo: {0}, props: {1}, topics: {2}, state: {3}".format(clientinfo, props, topics, state))
-    return
-
-def on_client_unsubscribe(clientinfo, props, topics, state):
-    print("on_client_unsubscribe: clientinfo: {0}, props: {1}, topics: {2}, state: {3}".format(clientinfo, props, topics, state))
-    return
-
-##--------------------------------------------------------------------
-## Sessions
-
-def on_session_created(clientinfo, state):
-    print("on_session_created: clientinfo: {0}, state: {1}".format(clientinfo, state))
-    return
-
-def on_session_subscribed(clientinfo, topic, opts, state):
-    print("on_session_subscribed: clientinfo: {0}, topic: {1}, opts: {2}, state: {3}".format(clientinfo, topic, opts, state))
-    return
-
-def on_session_unsubscribed(clientinfo, topic, state):
-    print("on_session_unsubscribed: clientinfo: {0}, topic: {1}, state: {2}".format(clientinfo, topic, state))
-    return
-
-def on_session_resumed(clientinfo, state):
-    print("on_session_resumed: clientinfo: {0}, state: {1}".format(clientinfo, state))
-    return
-
-def on_session_discarded(clientinfo, state):
-    print("on_session_discared: clientinfo: {0}, state: {1}".format(clientinfo, state))
-    return
-
-def on_session_takeovered(clientinfo, state):
-    print("on_session_takeovered: clientinfo: {0}, state: {1}".format(clientinfo, state))
-    return
-
-def on_session_terminated(clientinfo, reason, state):
-    print("on_session_terminated: clientinfo: {0}, reason: {1}, state: {2}".format(clientinfo, reason, state))
-    return
-
-##--------------------------------------------------------------------
-## Messages
-
-def on_message_publish(message, state):
-    print("on_message_publish: message: {0}, state: {1}".format(message, state))
-    return message
-
-def on_message_dropped(message, reason, state):
-    print("on_message_dropped: message: {0}, reason: {1}, state: {2}".format(message, reason, state))
-    return
-
-def on_message_delivered(clientinfo, message, state):
-    print("on_message_delivered: clientinfo: {0}, message: {1}, state: {2}".format(clientinfo, message, state))
-    return
-
-def on_message_acked(clientinfo, message, state):
-    print("on_message_acked: clientinfo: {0}, message: {1}, state: {2}".format(clientinfo, message, state))
-    return
diff --git a/apps/emqx_exproto/.gitignore b/apps/emqx_exproto/.gitignore
index b193aa17d..384f2255a 100644
--- a/apps/emqx_exproto/.gitignore
+++ b/apps/emqx_exproto/.gitignore
@@ -41,5 +41,8 @@ erlang.mk
 *.coverdata
 etc/emqx_exproto.conf.rendered
 Mnesia.*/
-__pycache__
-example/*.class
+src/emqx_exproto_pb.erl
+src/emqx_exproto_v_1_connection_adapter_bhvr.erl
+src/emqx_exproto_v_1_connection_adapter_client.erl
+src/emqx_exproto_v_1_connection_handler_bhvr.erl
+src/emqx_exproto_v_1_connection_handler_client.erl
diff --git a/apps/emqx_exproto/README.md b/apps/emqx_exproto/README.md
index 7fa88a9dc..4b59dcae3 100644
--- a/apps/emqx_exproto/README.md
+++ b/apps/emqx_exproto/README.md
@@ -4,53 +4,25 @@ The `emqx_exproto` extremly enhance the extensibility for EMQ X. It allow using
 
 ## Feature
 
-- [x] Support Python, Java.
-- [x] Support the `tcp`, `ssl`, `udp`, `dtls` socket.
-- [x] Provide the `PUB/SUB` interface to others language.
-
-We temporarily no plans to support other languages. Plaease open a issue if you have to use other programming languages.
+- [x] Based on gRPC, it brings a very wide range of applicability
+- [x] Allows you to use the return value to extend emqx behavior.
 
 ## Architecture
 
 ![EMQ X ExProto Arch](./docs/images/exproto-arch.jpg)
 
-## Drivers
+## Usage
 
-### Python
+### gRPC service
 
-***Requirements:***
+See: `priv/protos/exproto.proto`
 
-- It requires the emqx hosted machine has Python3 Runtimes
-- An executable commands in your shell, i,g: `python3` or `python`
+## Example
 
-***Examples:***
+## Recommended gRPC Framework
 
-See [example/main.python](https://github.com/emqx/emqx-exproto/blob/master/example/main.py)
+See: https://github.com/grpc-ecosystem/awesome-grpc
 
-### Java
+## Thanks
 
-See [example/Main.java](https://github.com/emqx/emqx-exproto/blob/master/example/Main.java)
-
-
-## SDK
-
-The SDK encloses the underlying obscure data types and function interfaces. It only provides a convenience for development, it is not required.
-
-See [sdk/README.md](https://github.com/emqx/emqx-exproto/blob/master/sdk/README.md)
-
-
-## Benchmark
-
-***Work in progress...***
-
-
-## Known Issues or TODOs
-
-- Configurable Log System.
-    * The Java driver can not redirect the `stderr` stream to erlang vm on Windows platform
-
-## Reference
-
-- [erlport](https://github.com/hdima/erlport)
-- [External Term Format](http://erlang.org/doc/apps/erts/erl_ext_dist.html)
-- [The Ports Tutorial of Erlang](http://erlang.org/doc/tutorial/c_port.html)
+- [grpcbox](https://github.com/tsloughter/grpcbox)
diff --git a/apps/emqx_exproto/docs/design.md b/apps/emqx_exproto/docs/design.md
index b5cc4e49d..0a6a082e2 100644
--- a/apps/emqx_exproto/docs/design.md
+++ b/apps/emqx_exproto/docs/design.md
@@ -4,173 +4,124 @@
 
 该插件给 EMQ X 带来的扩展性十分的强大，它能以你熟悉语言处理任何的私有协议，并享受由 EMQ X 系统带来的高连接，和高并发的优点。
 
-**声明：当前仅实现了 Python、Java 的支持**
-
 ## 特性
 
-- 多语言支持。快速将接入层的协议实现迁移到 EMQ X 中进行管理
+- 极强的扩展能力。使用 gRPC 作为 RPC 通信框架，支持各个主流编程语言
 - 高吞吐。连接层以完全的异步非阻塞式 I/O 的方式实现
-- 完善的连接层。完全的支持 TCP\TLS UDP\DTLS 类型的连接
+- 连接层透明。完全的支持 TCP\TLS UDP\DTLS 类型的连接管理，并对上层提供统一个 API
 - 连接层的管理能力。例如，最大连接数，连接和吞吐的速率限制，IP 黑名单 等
 
-##  架构
+## 架构
 
 ![Extension-Protocol Arch](images/exproto-arch.jpg)
 
-该插件需要完成的工作包括三部分：
+该插件主要需要处理的内容包括：
 
-**初始化：** (TODO)
-- loaded:
-- unload:
+1.  **连接层：** 该部分主要**维持 Socket 的生命周期，和数据的收发**。它的功能要求包括：
+    - 监听某个端口。当有新的 TCP/UDP 连接到达后，启动一个连接进程，来维持连接的状态。
+    - 调用 `OnSocketCreated` 回调。用于通知外部模块**已新建立了一个连接**。
+    - 调用 `OnScoektClosed` 回调。用于通知外部模块连接**已关闭**。
+    - 调用 `OnReceivedBytes` 回调。用于通知外部模块**该连接新收到的数据包**。
+    - 提供 `Send` 接口。供外部模块调用，**用于发送数据包**。
+    - 提供 `Close` 接口。供外部模块调用，**用于主动关闭连接**。
 
-**连接层：** 该部分主要**维持 Socket 的生命周期，和数据的收发**。它的功能要求包括：
+2. **协议/会话层：**该部分主要**提供 PUB/SUB 接口**，以实现与 EMQ X Broker 系统的消息互通。包括：
 
-- 监听某个端口。当有新的 TCP/UDP 连接到达后，启动一个连接进程，来维持连接的状态。
-- 调用 `init` 回调。用于通知外部模块**已新建立了一个连接**。
-- 调用 `terminated` 回调。用于通知外部模块连接**已关闭**。
-- 调用 `received` 回调。用于通知外部模块**该连接新收到的数据包**。
-- 提供 `send` 接口。供外部模块调用，**用于发送数据包**。
-- 提供 `close` 接口。供外部模块调用，**用于主动关闭连接**。
-
-
-**协议/会话层：**该部分主要**提供 PUB/SUB 接口**，以实现与 EMQ X Broker 系统的消息互通。包括：
-
-- 提供 `register` 接口。供外部模块调用，用于向集群注册客户端。
-- 提供 `publish` 接口。供外部模块调用，用于发布消息 EMQ X Broker 中。
-- 提供 `subscribe` 接口。供外部模块调用，用于订阅某主题，以实现从 EMQ X Broker 中接收某些下行消息。
-- 提供 `unsubscribe` 接口。供外部模块调用，用于取消订阅某主题。
-- 调用 `deliver` 回调。用于接收下行消息（在订阅主题成功后，如果主题上有消息，便会回调该方法）
-
-
-**管理&统计相关：** 该部分主要提供其他**管理&统计相关的接口**。包括：
-
-- 提供 `Hooks` 类的接口。用于与系统的钩子系统进行交互。
-- 提供 `Metrics` 类的接口。用于统计。
-- 提供 `HTTP or CLI` 管理类接口。
+    - 提供 `Authenticate` 接口。供外部模块调用，用于向集群注册客户端。
+    - 提供 `StartTimer` 接口。供外部模块调用，用于为该连接进程启动心跳等定时器。
+    - 提供 `Publish` 接口。供外部模块调用，用于发布消息 EMQ X Broker 中。
+    - 提供 `Subscribe` 接口。供外部模块调用，用于订阅某主题，以实现从 EMQ X Broker 中接收某些下行消息。
+    - 提供 `Unsubscribe` 接口。供外部模块调用，用于取消订阅某主题。
+    - 调用 `OnTimerTimeout` 回调。用于处理定时器超时的事件。
+    - 调用 `OnReceivedMessages` 回调。用于接收下行消息（在订阅主题成功后，如果主题上有消息，便会回调该方法）
 
 ## 接口设计
 
-### 连接层接口
+从 gRPC 上的逻辑来说，emqx-exproto 会作为客户端向用户的 `ProtocolHandler` 服务发送回调请求。同时，它也会作为服务端向用户提供 `ConnectionAdapter` 服务，以提供 emqx-exproto 各个接口的访问。如图：
 
-多语言组件需要向 EMQ X 注册的回调函数：
+![Extension Protocol gRPC Arch](images/exproto-grpc-arch.jpg)
 
-```erlang
-%% Got a new Connection
-init(conn(), conninfo()) -> state().
 
-%% Incoming a data
-recevied(conn(), data(), state()) -> state().
+详情参见：`priv/protos/exproto.proto`，例如接口的定义有：
 
-%% Socket & Connection process terminated
-terminated(conn(), reason(), state()) -> ok.
+```protobuff
+syntax = "proto3";
 
--opaue conn() :: pid().
+package emqx.exproto.v1;
 
--type conninfo() :: [ {socktype, tcp | tls | udp | dtls},
-                    , {peername, {inet:ip_address(), inet:port_number()}},
-                    , {sockname, {inet:ip_address(), inet:port_number()}},
-                    , {peercert, nossl | [{cn, string()}, {dn, string()}]}
-                    ]).
+// The Broker side serivce. It provides a set of APIs to
+// handle a protcol access
+service ConnectionAdapter {
 
--type reason() :: string().
+  // -- socket layer
 
--type state() :: any().
+  rpc Send(SendBytesRequest) returns (CodeResponse) {};
+
+  rpc Close(CloseSocketRequest) returns (CodeResponse) {};
+
+  // -- protocol layer
+
+  rpc Authenticate(AuthenticateRequest) returns (CodeResponse) {};
+
+  rpc StartTimer(TimerRequest) returns (CodeResponse) {};
+
+  // -- pub/sub layer
+
+  rpc Publish(PublishRequest) returns (CodeResponse) {};
+
+  rpc Subscribe(SubscribeRequest) returns (CodeResponse) {};
+
+  rpc Unsubscribe(UnsubscribeRequest) returns (CodeResponse) {};
+}
+
+service ConnectionHandler {
+
+  // -- socket layer
+
+  rpc OnSocketCreated(SocketCreatedRequest) returns (EmptySuccess) {};
+
+  rpc OnSocketClosed(SocketClosedRequest) returns (EmptySuccess) {};
+
+  rpc OnReceivedBytes(ReceivedBytesRequest) returns (EmptySuccess) {};
+
+  // -- pub/sub layer
+
+  rpc OnTimerTimeout(TimerTimeoutRequest) returns (EmptySuccess) {};
+
+  rpc OnReceivedMessages(ReceivedMessagesRequest) returns (EmptySuccess) {};
+}
 ```
 
-
-`emqx-exproto` 需要向多语言插件提供的接口：
-
-``` erlang
-%% Send a data to socket
-send(conn(), data()) -> ok.
-
-%% Close the socket
-close(conn() ) -> ok.
-```
-
-
-### 协议/会话层接口
-
-多语言组件需要向 EMQ X 注册的回调函数：
-
-```erlang
-%% Received a message from a Topic
-deliver(conn(), [message()], state()) -> state().
-
--type message() :: [ {id, binary()}
-                   , {qos, integer()}
-                   , {from, binary()}
-                   , {topic, binary()}
-                   , {payload, binary()}
-                   , {timestamp, integer()}
-                   ].
-```
-
-
-`emqx-exproto` 需要向多语言插件提供的接口：
-
-``` erlang
-%% Reigster the client to Broker
-register(conn(), clientinfo()) -> ok | {error, Reason}.
-
-%% Publish a message to Broker
-publish(conn(), message()) -> ok.
-
-%% Subscribe a topic
-subscribe(conn(), topic(), qos()) -> ok.
-
-%% Unsubscribe a topic
-unsubscribe(conn(), topic()) -> ok.
-
--type clientinfo() :: [ {proto_name, binary()}
-                      , {proto_ver, integer() | string()}
-                      , {clientid, binary()}
-                      , {username, binary()}
-                      , {mountpoint, binary()}}
-                      , {keepalive, non_neg_integer()}
-                      ].
-```
-
-### 管理&统计相关接口
-
-*TODO..*
-
 ## 配置项设计
 
 1. 以 **监听器( Listener)** 为基础，提供 TCP/UDP 的监听。
    - Listener 目前仅支持：TCP、TLS、UDP、DTLS。(ws、wss、quic 暂不支持)
-2. 每个监听器，会指定一个多语言的驱动，用于调用外部模块的接口
-   - Driver 目前仅支持：python，java
+2. 每个监听器，会指定一个 `ProtocolHandler` 的服务地址，用于调用外部模块的接口。
+3. emqx-exproto 还会监听一个 gRPC 端口用于提供对 `ConnectionAdapter` 服务的访问。
 
 例如：
 
 ``` properties
-## A JT/T 808 TCP based example:
-exproto.listener.jtt808 = 6799
-exproto.listener.jtt808.type = tcp
-exproto.listener.jtt808.driver = python
-# acceptors, max_connections, max_conn_rate, ...
-# proxy_protocol, ...
-# sndbuff, recbuff, ...
-# ssl, cipher, certfile, psk, ...
+## gRPC 服务监听地址 (HTTP)
+##
+exproto.server.http.url = http://127.0.0.1:9002
 
-exproto.listener.jtt808.<key> = <value>
+## gRPC 服务监听地址 (HTTPS)
+##
+exproto.server.https.url = https://127.0.0.1:9002
+exproto.server.https.cacertfile = ca.pem
+exproto.server.https.certfile = cert.pem
+exproto.server.https.keyfile = key.pem
+
+## Listener 配置
+## 例如，名称为 protoname 协议的 TCP 监听器配置
+exproto.listener.protoname = tcp://0.0.0.0:7993
+
+## ProtocolHandler 服务地址及 https 的证书配置
+exproto.listener.protoname.proto_handler_url = http://127.0.0.1:9001
+#exproto.listener.protoname.proto_handler_certfile =
+#exproto.listener.protoname.proto_handler_cacertfile =
+#exproto.listener.protoname.proto_handler_keyfile =
 
-## A CoAP UDP based example
-exproto.listener.coap = 6799
-exproto.listener.coap.type = udp
-exproto.listener.coap.driver = java
 # ...
 ```
-
-## 集成与调试
-
-参见 SDK 规范、和对应语言的开发手册
-
-## SDK 实现要求
-
-参见 SDK 规范、和对应语言的开发手册
-
-## TODOs:
-
-- 认证 和 发布 订阅鉴权等钩子接入
diff --git a/apps/emqx_exproto/docs/images/exproto-arch.jpg b/apps/emqx_exproto/docs/images/exproto-arch.jpg
index 54cd63f613403e86409e6cc95fdea5855482d5e5..dddf7996b98c61bf55f911a35e0f51e76c8e8728 100644
GIT binary patch
literal 72633
zcmeFZ2|Sc-+c18Ov1H$gV#*SQRMwCo*;0v$$}-7LD7zYSNufweMXM1?h$(v|V^>i^
z_H{@qWQL4kw*RT_`+lD8=Xu`$^M2p`{(kTGeeYG*T!-^Im*Y6j<2=t}n_>5|M<J2j
z7S<LJ0s%o+z(0shf<nzBeZ3%P?_OvV1VO7HPJ}GP1t3rbGDfWV1GYe@LdYNG91xV?
z3vvEdXCHX3T%flfZGJvEGC6*)f&7?>{2k_KU8%~Rf%NzL1ce5L_ynC?r?q(tq`%X8
zFXu{+;Q9e8{{Tfk$X)77fr>f5#PHsnrtQSB$3#|Ho0(zu+uK@L?=k;Dh%n9V<jE5p
zA`lc17#eJExpUp&BS+Wqe1!NQUPug#tmNh%a?*7F{yi&w{{H;Y{~sUJ?jN{Aof<2B
z{Zahy0b(AWA?|>9XHfmPM~Hg>fNLO#^RD~J;7|zSUMW|M2tBz1#{gI&7$6AX>npJL
zPx#RaeEcU|^`p)~doxhyJ(v;!H@9GK2of3u<?F)Ty+J=h3;=Hl^zaRYAYpX?8@v0s
zc>s6?clCgPpcVKgfK@^LlK`#(u>SGC>(l%1U^lnpfAsI>=KTl!lP=H_AhF9g<m3sr
zs2_j)l^+2o!T|4nTpPfrfKRZMJ$On09`^bN*{r|<0G<v!zRwoGVgRQ30_uLk9DF`u
zR)+u#>T|4h4>1FLg`@zy#lvlv4S?4I*dp-6zCFK{ANTULum&)Y7LG{YQ0s#LUJc+2
zo+0K3eyfui9Ay97SRCbE!DgnvmA`Te2GGy3hQs_1t(33yKj-6V{agP?q0>GG9YHxC
z1R<5eeH~U-hY)}_hxi{@!3W@mG&=2Lwo?A1PH>q03jRu<+}<<LawmWREy!@MV2c&n
zSL!DQgaGIV?Z`|YU+a~&fDg#xP@jWV00#U)Hn_X}z#q_peD4`(`WsJ>;hrIfS8xOM
zIm$gecbNki(2o4<8F*-g-j#l6Cqs9xj0M_q@|`^KW1WC<P6f{smMi570M-r(Kk!>y
zPKVIogDd3#Pfo9sq5D^O2=L@Q?dP_8KY#%~oL8VdkQuZKS_g%J`#2N?`9Z$#rYokw
zUq9biKyFYl<PCX38o!nN-oo+6n?Ue+06GoLK!Ko6$RF)?{&?#Ng@bbDAEiIrYCv8;
z-iH5Z;SYTRBLqM;&<XH&7=S%No8L!sfIfl}-#`BTeRMa_r#ry+1h`k;|MT+SOaE5W
z6wtfpx3*!wkGM|w_x9Z8+`G7~xGlIha>{ZVa~g8)0iPz|-o~lVx&3!K{#Kvs6IVOe
z7*`k9C|4iGH#YcBJlYG50*Zd}&=c_Y?|8wv0raWExs!7T=pFRTDa9!ZX>e+TaZEYU
zU}POoYW5q2D_r?~M*g0rKPZ6yHXFay<K4o`!7I&c!mIk{mO`6^bbhDz2e1F0lRt4i
z{s+H*$KW5w|Jxg1$OGVM^T%xbh5_;dvIN<TtVO;?Rv{~(bx0zz64{D;xdQ(-zQvE(
z_5Nct`ycrDgL(1&qt5U2uFUw#m@D!TvZY|lmo1E+y@Yy3h5~tp%z{ov1^asYgsw9M
zr-SD@>p=I->g%>`*|r6OR?eE0IuJB3_2UddNWJ-6*{K=`+MWpZtd(tk-AXM8a#Mt$
zXP+QQocgyi#W}ESu0YVs_wHfA;Xmtft~|KFE+Gt7nhYclDMG4%o^6mWWC)o+=Fo1)
z7CHzWfn0&S`T#i(h9V#=bQX$-lE7(v1G)|2p={_8R0tJA6;Ksa3pGJ4(0iy08UWHW
z0Zl<<hzijW2m}v85Fw6`L7))I2sOkugg(L;VUE~?utyw097A{`0uf;dEaDs@36YAp
zjku4<Lp()1L)0Q(Bia#t2omB8Vh*v)f#eY2kl>Kx*ubI5q0eE;VZ(8d!-d0};}pkf
zj`JLsIc{=faXjWI=cwgq;ppNR<(T4FKtf1<q!e;JQUj@vG(*}Vk0QO0!AKl35t)X}
zLKY#PgL&>mjv}X#OPt)C;+*R^HGl+LaUSAy=RC!U<GjRqoAVK8IcEcBCnt%M%*o;s
z<XX$6#$~`|&2^Z|n=67Vo-2*(Ay*k!BUnolTvTpuZYgdRZauITk8t~OpW(j5eUF>K
zUBlhZJ<h$r!^0!PqsFs?$Ck&9CzL0i=N8Xn9wJW%&jb%`75^&Ks%@(*RvldxxGHv4
z+N%6j)vG#IO|GKzitsA)8t~fkdhkZ^rts$QKId)Yo#3VOiSnuN?ch7e=f`)J?<QXn
zUnAcj-#kA*zXJbuemj0&{uut7{7?8_@ss$M1jGb33782u3xo+=7RVK-5$F?`7ZeoS
zAZQ|ZR4`QVvS6NIz2LAQO-Nj5vyiorhY&1uN2pw=L+G0@uduSPsj#c?Y2h^C65%%C
zX%SwL4I*YDZX!65J0j0SdPEjP#YMM@+KL8<UJ}h0eJ%P~j7MyPn7NpT*m<#Rv3jv_
zaiqASxS6=S_&M<$@ka3p32q4$32O;Ii6n_aiFXoYNij)nNe9VD$vcuSB}b)@QX8bK
zrA|ntNEJ(UOD#*wNt;T0N?(*NlJ1aRT)k$s$!gEliK_{#yH+pDtdlX9@t3(OQz0`X
z%PG4_)=oA;Hbb^ic6yD(8pAd2YZBKKujyaQv3Ap1`?Y7*X0L5syC5eoXDN45?v`A=
z+_b!uyotP@{B`+i`7bDOlrhQ|bsa@SeO)KH&UD?0bvM^FtRt^qyWVPj*!uhH->s)B
zs3;s#h*cmc3@P#{>MMFFURSJBBrBnm_9|hO3Y7Yld6o5*eU#Ico0S(gsBCcDkg%a*
z!)KM%D%L8eRSHxFRRvYis;5-5R6lIw-l)IPf8)K4?>BL5(%Iy*>CUD$H4ZghHD9%R
zYVGP=>f6-=)w9%lGz2tEHNrItG)SAJHt*RSySZZXH%%qYqncMWn>ATmbhez>lCx!C
ztJv1vTVuCA-#WK#(>C{QceZ`d64bKLg0(8ODB5b;p4u7Oy*lDLdvy|Y>U5a8db+{7
zMY><~l=P12-PP;Sm(bs@e@Xw<cCPI^x5L}3wl5jz8iX1Y8_XJN82TIL8-6xYG4eFZ
zF&f{Yu)}S~{T-vm>x_>XXBv;9*Q4FgS?DnnMH3H`hbEJz8%_O8ADe#Lxn*bY&a$10
zW(H=_W;MHzyDWDl?s{h~W`4;0w)wDyf`zw5fd$!8$MTG2jTM)bjn!4F9&0&kck4WB
z@@~D|(YqUL1Z)o2+_o9pvuRK8p67cx_U_($ZSUYd<$ZzsDr_NJYujtKL;F?spW6Sz
zj@xd(-5tA6_FL_-_RR;x4`2@DAD|xGc`)VRz#-K`VTbA*gdLn6@*EZ&cR8jyjvm%L
z9DTUui0l#HBb7&ajyfEDcyz(Z-06nXgtLxwymPmUic6%+Ygbv<6Rs~Y!WcJ9$uX{D
zj>qzkG2Cq3vfLJqTOYrBoa}Dqp6)*7Vd8P!<BR7G&s5JzuN_{gUZ1^pcwh7W;)C`{
z^O^QF^S$j$@w4*7`z`w0`sezyPdJ_+1gr`;7Vs=kEYLr&AxJ(bGN}Ee+R6Bnqo)i`
z-8e-Kwh4Y1f(UU5sSK3>N_}gXYFJztDcm^xPB<;XA)+KwG%_%<HEL7T#i+^C7N;Ma
z;XLDhrVhIvdlpNIHjTcIL*S0%>R?6qJUkI&8T05Y-&y~&Z)3N_rpA6h=Xmb<dAaj3
z=f~qL;|k)1;)COR5)2dY7dS8YUU+v=>*B48tVEB*H%VKP(vldL+%LUJ-kN+fnSI&o
z^1Bq>l#DCfR|2neUqxSilq#BfI(7Wo-fQL8*IiG%{{05##_KfgG<-T=dRY4C%{@0O
zZz<ina*J`>=XTefop%U#*WSH&ck!Oby^ai%j3T@oJ_)~^>6_Vm-|~KW)`qOKZ0_vv
z>`yrkIn59BALKoheVFu+nH!ip`pEuKL!Mq<UjEwrlmd=|u!1j-ogcq1+*Mdvq)~LA
zAVo-e0zC<P^7ZMlr`^Ri#dRh6B}JvmrFYB3%M!~G<x%D23ZIJ6$|IHS&vrkndv5r=
z?8W96xmD|{?!1(InNrPHeZHDaJWX7vIaxDZ>s>ouhp8K=KV1Kz!LH$5qfO(hCX1%}
zX47Wks~xYZUK_lA_D26rMT>4rd8<xq*;}2rW$$#~mAC1&RleW;{&~Amdvyo8qqcKb
zXVVAk4=r8$y4t%Bb@%o-_l)*>^nUI;(MRbI@23yM3~~)74v7q<4X+)}8re8P7}Xtp
zN!mqf9Xl{KFz!A+^)cilW8(ZL!B1(EsL8y~+dfx)vH0@-tJBwssgqOm>G&DZnY-Uq
zzm?9K%(jvblP4&_6!zSud71g#@7mw%7WOX;Qv;~<#YCD6?a`9{QuDIo@+3Wi!Na)8
z+{k>+vSAIf1K8}7ZozIpbO9vz<nRJk`dlsq2_6Bu!+T&pIQ_H*f7C$yv|j;?`0ZXP
z{uBJuUR-$rbO<Qd1cDC5K+v8V2+9DrGJplZb47(eXaaF)Y5j47l9emOOKaN?03i?z
zR1+GTJue4AJkKGB8O&zW@3Gm;9AHoMK~T-9pEl@9ZEg_=%2Zi_-VVyFJbt-;+NYrC
zcN+iv1e9xOX|J^T<;kvrL|1XNB0nM#3J`}V0x61MH$W&rGZ#>3!1enm2o5AC7dOu;
zUOs+Mp-cqgKp>GEoJcON6^8>N8oY-%MY+V*Z#Cr>w{zoBI3=;|?A80L6n8$Ym9%ds
zD`_1Mj^*W(l3pz%tGq!)b>k*&9bG;B?FMGM%q=Xftal$cc*wyKsB-Qeo?hNQzJ4L0
zVc`*xQK!$HkBd*Za4|9U+VvZ0={IlP&dSbt@G$pLUVd>&X<2zi<+JB?^$m?p&97d+
z>FE5>)!ozE*H0Q7|2Xk!^7EIkl)3ru3)Ds0(((#j2nhL;tUoCG6J4T!E)GskBqz@b
zT?mc{a3e)Ixz=yx7BjWuaXTfhu<h(BiJe#PKdt3e)Uqc_9uIEklTy+qDN|NR`$5^i
zM_BCt5@ml7_BXl)fZF|&Dh>p|mV*OK6%t%P(_6W?d4RG8E})eCxK{nRcvmi<L;ZHK
zK_`fnmPjNQ_|LzJd)4o+{{1I=2)K#R?0!f9i2%Zc6ot?bi=~>C2>ri$v)})9^sCLW
zAr?PB-J4cH6=B9znN#XXrQKv&kxh%BmbsqY#Vq>X);G?@@@oQ~@2NTci12}r<p__G
zUchp!4=5DuZA(+Jt+Pq;=rMB4ADk-Te}A-Jb0an>>fs^B4cfM4C5+q&d&uZLPbp2W
zc7z;ExWrihAhHg10nMi_?obj-2`HK=5*rgW;1PXOko!ErnG{<Bnbs=aUI<ELLnt;h
znmzJFk0DMNo1GD)2SyU=4A@X|DJg*GJR2g(Rlvn&8UqiW%Qzg?XifRlQuVOozT(tt
zWHPD*W~@EQ%`?MKUSva@ui4O>H%lWd{?ZW%MiluR6~l&N!y{Xq_Ifv?#j!RIn+aca
zuRh**O6Rt@zfqme!Na68N%fnOGZ85Ih8W{-ptb~Sgbhg%M>C1V<;3xk6lsTaV>L1x
zx-i+f!CzmhPqsZX*2n2MnO9R`vbukoI9d#o54dQucx&l;uz%#<nQzsKk%bv;_2CDS
zr)2g-^`t(uI9}nf8r7_*!0c$i9fNDP8!KZstsn;1nxX^R&aokpz%26YIU{2?%45+C
zvF=)z9A2@o<F6k%HOmU5t(OS4fK>sDGS7|W&S=r~zY@vznklETPb1UE2^Z9j){|e<
zr-p2}K}w2}pC}SRE%^phl+MKK@#dVmersn8yc<;vGbBnH@WSxuHCYTpLYl=VTu>7f
z7G70ZTK=T`a=-tB`H%7Mx`#zfqP#?95Gsh(B_fFpk>~`R0$f`|ET2q}9=EJrRV7N6
zu9MBzc$e@n@~r%#V@6ku&v0-+;Ei1|3tM;Agzj-mX(g5?)ZOD=Wbv)13&XYQ*j?{i
zMpHOHho62qRB+5ZTIW)5)<v_EW2O&_k6o&`J6_=U-JQOV)sHSAOoy?dRaa<is0el=
zB!@+ox@h#PM80h}&(Tr2Mj>%aO;zf)nC+ip&}!(>yJ)gKy1$|UE*A#!GkOP4w$l*b
z(^;+jSvMum_j&oX^Q9jO+uft@BQ~{C(D*f(don#kE%%^C-ms3Ny{t9h6KI-##8|@2
zno(&R;wr{k^4G`{Uqu;|w|O?GzCO`}wcB5;IlEo-^p@uDvnHsvW`;yIi%*iij}6rt
zql0YEOB*Y_EWR@;obupu%R#Xtxp>c$$rH{`D^XhxcN{J{D4sT;aGC40BSXTU#dm;W
zR>Ov*wNbq)EM7|PKxD;u#l??_)~$&fo|2gt>q{5mI+^UH*r#<C5l;-W9hVGQLb9}{
z<oWTov!R-_4Hb1k!p>MzTF;o=?oP)}ZRVEvYZf*qTRY#K+<B|8^@8H@%H&H$hYsnz
zU<oF67$f}QVq&7PicfgQAofVQQ$}->LE8QG8O!Evcl<=}Oj^lmy;4fQrKG;Eix0sR
z#mc|ODMxyf(vq{V$9u9U=*0CEn3)~B`8`VF&zx(yd4Hdnj*1_LO#t*%Md!;wI}<L6
z|DHFB-ToJDm`l~n65@(r9ca6VCLai6649PPQjt8CteTGX?N$2K>(l0(lFoz#QU;~t
zPHeb%<UwWSK)J<|vpnxQ*h+gp&pauJ9KjN@_rK6RJJwt$ap8&3YyZ$zX`?GbX$bw#
z+qAx_ea0k?kZs{)v<!N*2qgpuYOem;uT2zU$$l1gcYC<hDYx6jykmTER=Tf&k24)n
zT;jcGJ+~l9mo$f9J-B>?A=1_em)kNV`rD|P-Bo6}hq3D2>Y=^ZBM&W4osutjRDLJr
z`zcxTk2jU)G|n0BlL=2dG<XqTKn!T3sh}EB{kha8<~=NY-^EAPyDliU!rlH^hpTl~
zRod8gg;f2~ipxWpTUE=>LQx0!oVl8`=o;n_P8+U0gdR<I)nt}0v~jZDqf79YEMst*
z4E^-*<b0b-r@f+AtQ2o$TV53i<ZpUYMARx!<axsiVs#M7`-rs7=`&O0JQg>u+t`p6
zBpqM6WIV9u3pL*6MazI^(E9e|9NfOKMwxa}-Bzx{V!6u|SutpNu*Ty?N+vH8y+&v%
zx$z7hic^hZjr^w6x#cPQ*qsl*E<Lz@v#1F2^0-o8jMjLyNfEUvRsxrZYj0<@OQU#n
z3N-r;(0Pr*LWHk99E`l|d%tt$9!(2<m8<@hJ8E0=6E$7r7MZq6I}_A3n7qf9w!yPv
zdT;g=MvA39#XC+&9yYxC4Qn@+;C*L<#c)8O>mf&x_<Ai#iyJZO`S}+z*3*^Y+HE*A
zt7(LMVD=(hnow7WsUIJ$XrO5K^sjMtZq6GRYGGX=tmQuu@G9}kL#yVD`^Roo4szg!
z3{;`4#Q(N8lHKuFt*U3XvNYlzvR=YNicntKVe+GMvsN?hmObBPv=LqH82t0*85Bi~
z6%n9AdU^?e!+y(0;b3|(j5rLFiN<Pd=>2|p<N{1fgqZSKM17cq!#c8|%uF^!6k$UY
z$z|nS8|5ZE=iJ?rrpLC=IAS*2VT>6#N?W3lXzrI1n%Cs?+fzzO>w8nKWV+8Hr~0ei
z*-+dP1;dIx$6}bVp@#iDpBE&T>e&$g{1}nR#lxf}fP+7qB|X^)FY^i0DZ*?>)C86N
z!SMz|ma@5Itc}C8(0@K^QBx_gt;})#;j?uy24@`F8ixGs$%|)oH2kfuy?It~NjoT}
z*D&U@DG%Y4iQLe?H^QVaL$eK>ZQmtOi(@F3LiITsk|N&7()*yJYGfNhy-{&l_fnM4
zP4#`auPM8s<-kO>`4@JyS;{`aoskM3Y7Sn#F08N_QbE<4pt7_b|J+>)4TG0tL!VXA
zvkhnlSk)<Z7$NL7S~Equ!Pu}f)Wv=Od|{E2nnKjpB8!gGah$=1vh>R_d}`yEOCwT7
z(Im87Th?dkVe?|kHJo$Vfk%R)JXID5V3z*ZIC^M@!I90{G?nWU89K+KUrCbCsH%{$
z6i(me6D*l$bS-CVg;(K<A5~Y=YnG{*!kLc<?@+&zfcm$Dgz8vJ5SubqCo9Qz6ZP=H
zb5@V(hk_+9tW`zkmO-Z<NY-KZc9&@iM~d5bmtHg~xD#1#K@&VzDRf@s^r9qr^4Cd;
zL0kS?h*W$0N0YZ42>ALhChs8ePhu{CSl(fdJIRLX7&HPKGBssGxb<vkOzj2Dlaex~
zc>x>o@bmMg`;$)2Rt~%7+?|ti7Wh_u4A(|1%1Jmj5oM~?Bk6TGL%jKW&8j4i%euT1
z7K6nf=ib;(nV>xFFhH~VWwD|E-SNNM>`SvrHs+n!?wx!XAIt?gXH`ejnB#bfNJZOD
zZ}Qu=zT0EgQf5z4>rI-6d3wsQ&3{^GnZoT~)#ej^U2c~DgyU*7oiP{h#thDLM|(ca
ze{;2##QPQPe2R>NLaBxLi_g0skY+jjj&@&Fxe*ey+GhmuBm(h1R@ikc#_;*SHNc-`
zE1HMQGp3Tn2zunVKQd!>MlEP<!0Ng7Er;(iyX3DUz7I(_PKIYwM#k>So+q2<#pEff
z%I|W9_Mu~A(7Sy89Z{`b`yWrA&Y~Rj|1*8AU^o0_<N9~`nSVO8*x8qCyRpT{uYrC=
ztqzBdoNSa|)%m@Tp%p^)s!TP%GHv;4|JKE`3o|At)Bg=2nI@cbRqn<f8MV?W#042o
ze7t&un*UKvM1Mbztsk_oTkSmUPNAQxJbA-|LSL~cM_o#MGI<TpNx4<)7QU&G+J0T~
zKX$EuOJK3D|APs<@x6V$sh2)7FOw_lX{fEJPljTmZ>iz+=T^#FURVSpi+E*bdmfFI
zKl*3qG?Lx<*PM@P^*CMZb_%+|DZrr3<o2rUa$osF_ihC@sM_lmgsypM(DTgk4#Sj&
z&&2A{Rj3~iv{2i$yi@ag=ctq0Jz3;N$ew0P{)B>PUWRHk;O6e@kIG&uNez!_K*m&#
zBk%U)O=C=*XU}8p+{V$uPPFtrmY4bO(H-_91uyNN<h-2S{d_kR*!W%It7<0aI{9qv
zJJRnDJj&z-tt@_&0teXH-6lq|s()YhLi)XZ95S;}LjpPwu9=x@XCl~J9h;o=dE<xu
z$eoWSIqsQDKye4>%s2e(1Jt*B8qH;p2yI-&^XM&THk9;P6*ReL4(T0V=GzaA+P9k^
zAhIv0`Rni;XWt)BOH@Vtt&0_Gx$NHk=#4M$W8%?2zx?k^N)=(;&ycaD>*#iQ-Gdfy
z#J1@bnKtjY<aEsMNoV-5p;XLcxJMbNJ>4-zDC(i-H(jQ5k1+eJFsK=hy6RViBsS!U
zS>l^QExghE)J2VhB<#%p;fC2C{vz=lXG8rjSjSM*1vXS#FwF-Hb!rhCy2-<Q3D0bT
zsKPP$IqOn9J%|luXS|H9f=5*tsR1gi0ib0}5{_kZB&z=RyQ_%fmW))UJL{PyE57Wj
zWCPaneGtQTG}+9wqwY@9&ANx<XRp-E!F<rt9qJ)AbfxGi8ysw`0F000J2VGNCK6vG
z-JjfiL26ya)~39P>Td^ALuwWX+5cj%==v|3jCsrjnEyNaBHEqRe>)P_`02#l?n_H|
zLhk0VJ~u)h3{D_Udvn;(0L)ywFfI8u5?x0%79h_M<4b#@)|Zcz<*a);-1zP!^fg-T
z!GAbS!rN&Tln@f322MDNZzLowH&&k|y_6BN8K7tF+F$Uz>A@4;iN1r!#H=OBDh%Um
zEM8wWWS$Gulviws;YTz=kA4<Teo9lJt|c$lO!=3VRnn5joP50Jc?YP1+G{QzDUY?X
zX0`4^Fery{0?b_WXfGS$jYRJzKc<cd>8Nz7kCytsAaYezNOMc9^0+auPyHKhu(cu8
zTIrez>IJ4GWd^3};Cc+a@*cC^4sR}@ggs1BKRMjup)??n8v82eIYDWok@s+QDxrzk
zA2OaBOB}@$pCFh|h@*GG35wM`L$dkwq(}4d_bJr0Rgv}!T9-Y|l5^{eZQl}%J&s+t
zc--XZJS+~^`e?8=`;G9ifb~&}u2Ku4XpNy8Ty%SmemLRv+$WR`3Hr{j+g6@^O7@wx
zLP*&aff%jD4CO1x1%K*AW<DG8hWj+ZG-xritB!b*G_>rW(<L7-J}7T7Zn}2-yu<eX
zobNTwm4qAGFikyzAqE7GxL3Dj924JRErh7NH#5#~J$Mk6#K!<b#S$a&wP-owXdb4x
zc{+;He4u>>t4Ep$lBDGkCN2wZ+CS}b|K^}>O{(&_rbjcWC2=306g9K>3jBfFRG$XZ
zC1_tYIX`3gCn)9jAGG<CDvcC{?&{d(wY~_Lz&t^0YL+-}y*^kZ|Hk%L_6VlI=l*vo
zV;UO<Fl6SS9#!wDdiSF4ocfa%@k<5Sd7IwUd=#-#C@ol0qD9kThBLs=fYrc;ic_YE
z<HFp|kuMrq`mxmcgB`tZ!ZeKQ<`^~soVufdXRgV$UBB|w*;;g;A?`Y33ut$f)lL*L
zmS*f>=AcI(;Q6y?YNJ5{X6`Bp0ddU(VJ`OmZF)=@3o=2!H)ivzCm4-5hhqr3r#Y;h
zfd<W=!nF?CsB_}1ep$WgW;aiA@Gv6J-M*`tI`AdXqUB-SY9p(I3EL~8^CRZYMJ=`s
zShD!eQo_-+4PF=NA*`khz7!YoY+`7^tulY61&d#gJcnLZ4Tv}C5q~hgx^5>*Jwg9f
zrtsifv{QSTf6|M+o4>8ObwYV=v;9WNewpxuzIB{80v;EZj*gyt-+d3(7$KX^O5@&R
ziXEpN;W0x0omvNZZrWC6dc^p3%FE$gfyL7~i*39+yPv+A%hY|tF>5j>X_A@Nc={P2
zrVy^(V~oZce<1n>_2Q|4=j>^Fb1zPo5h?OnSNv`l7CyxG1r&-MbW6@rwbkFswf_Y+
z6S-`VRShIG_7rZYnh!h^aV`DcGomCpgT1oh&+hE)3Vp34zGlbH-i@hS*C9_!hF)Er
zpL%&4;uYaO?2AfTj+kcBjUz|K(+Wy!NrIpU$4x_P`)cO$&!l_u@dTeTK`BNSu=wae
zjylM;i8`9xk-6jC3Ep{Mqz@c%HEBBDZX5V%yU2}8v4^f-=3RTrb(W6C4HAoaW)3|X
z^dXkCHMj^jo{r1Gg?5KKZVF6QACEd)-tt7AKcGg*V@_=;0N|`4OjF88psyZ`T%?k_
zs#i~;MT`y*{En8riLCPNIsKrpQjO2Te&Xmsp?0IMnb_e#lkJjU@Wq%~{8?gY1w(4y
zl9>yS-mR8Qs$)Z3)v`XRjgS3LAG&@!{A$7160=kM=Dza1Jxb0Nm-EkBogGZM#Sg)*
z2OTFO7~)`!NRG7)5XKgpW;ld}j{4$+XzpX0(}Ji&@!n}Jc4^jKA3fJ?g05Q7I4P>%
zA2L=0eB)`k<G{~8IR;OoNkpN(6khC>cG8P#ig3m!@9G-?#CAs2iT$#^5~(5dv`pbH
z1GS~=OgubV%7!XzXG&Q+I*7+pVx(~DL4sciLEZ%}U-LX4DyPrx*{ijWA`__0civ1~
zb-#_)vBYI9st_2k0M|h*ub3X91RZ>DELMZthE=ah*=xKeaVg;OY*DWFA&kM7_G4R1
z?JpjB5GW$j@MJ%NerrQTw%KEI(w9Jz)6!Vfc=<NfTVt2<U*vnAI;5WYWHo2Z=|r-v
z7^?>^!JJ3?xQJ8jD5y*70XT)o#G#_^Oo252i^t6)UT=CJawGXoL2(I}p($ZPn8hnf
zNubi1S@38UN(>!{7RIV~E)1cXZVwUSs;nQ|6x2MS1vl{|T9e8gu3Lu{OP){Jc*Ob;
zx)GBHmsmEzeT&qqfTTPuj#dkk+bl|+(|CQfqp*>kZ5mUrMbda3U%OKysY-fQ9_I5#
zWqeM)3NdK-Ght$2RFfffjm2k5cf)d0Y@0Ouys06bWj3&Y>mdI<i$w>~Bm9vHN3f5w
zBjTNs3Uf*xpOECPo!5#ng!`sg{M+e)tRW24mPmACLw$2QA{tN2q-u%|`aREac&=Q<
zDBaRm@>-(D{<VCc9B<0&SDfV&eh};WBSI70%fsSZ8b$TPRB4L$Ofuc%3z=b@K$=)+
z!jFk4`39V;Uu&OjTFJ8kvt98p&R2k_I`k}Lt~?tE<558BJ?vhZ<s)1#s>E`7$WyPj
zW%XvAHD{8~9I^^4G}~Jy;PLEo|8|6FoEM*%OAR)DA1}nZ;zPJjJg(W_Rtr~1PZLSD
z{UJ5ssb9KrO0j0j*Qe#3obLF#@{W1Au2z3q-d!_%#|f#Aa(It0m)QTmcS}x=Nb1-y
zrAgG>eBa<wJ&`6p1G4EL7j#-sa;{=}Y8)*QnQPajK;fEB_ZK*IU2N@)(%rG@ynm`x
z2(!EYB85ohU{C2@ac}C|kGdIw;ZYr%0tYUQD|yRE7GhAWu90~NtSkcafeGqp??~_0
z@Pg=vt?44w;jh<lA2@d|cALJUWZ-{FV-^0W$KuPS^iV@62@GlRQDWU}|Ft8XU;)RE
z@P$Tnh2duoGw284)2Yrmno>PN%5#s;+UH2B7&(5nVwS+8L-RGyXfAB%{4|=8fXN#X
zK_5@)?Hp@MA{ej39;8{162<-d<Lkrn{GM|q&wOOrtNVW1tF56pV}8)3^<*ZZM)EaK
ztZNN`?h>BP8|F_|BTd^k)V6ol%lZ`;&#h7zS$FRJd!ESzhD1H}{hUT2@SvxSJVhrw
z#$qT=V;ipb@44-Lo!Ez4+rHUt?qkLR$Mhw2!J8z{x`%StQ#6!mDy&tgtX@_frd+dW
zmbSsRiC>MA^0t)xb=mcqgt7DUvh#L?Z}k<e?xNOmt#%$WBf3!sFrD~wI1Vg7Eo|Jy
zeax|bmg}>D^aaMwBV{g*`#K9}f`XFDse0l~NlH1y)`+JqA>GMlqbfBooyH#IHoG|1
zo)&CN{!Xj9gAr-Tb*e7lbULDI8NR<Y>FLnPBJOU*``QRb8LkagJX?dOsi7H?bSj=!
zLbviUYs}yw3#3&`cWNB{G}bQ~c4EZqh~3P@#a^!BdrvC~vvZbeDMN59o@|YxsqjqC
zkF{Xrup4PM*+-_NHY=CEcrjllv+l~;giFKL#?AJ|4$j-C3e~S^{$$(Hw%QvXu8o3;
z3dQhkE;$*vfXF^<dVF({P>A~QPL-Ps{H@~Xsm@2prMqP12ZWg@HpHVqBQ!2PE&P-K
z&dr?~#&3HAlf%^FkgGq-xl*S%=VV1JO)tYNq5VV`1Gukfb}X)Ho}o}dsl_)TBy%q0
zcnutX{^+$=ncjWq;~dWhVs;8QR+?r=9&ePLy=*K`v$c31Mv!RTtW#*V?@4U;l-;c(
zH+Ot^s!;V!W-$KB)0VB@{DYc_!dNcKfx3tcB<)_-;m8!T4-y*P_`Ctj2>)$)0?5Wq
z#k#9FJx-eJ@Ifwt$a(BTAWXJ6h;fjarb%?4?LFZ7g!X`f8e{O23iWoA$N9S|N?xwn
ztaK}zIe7Sd@unAQ8v~|w701VeXljJ|x0ciu6=OYPE%SU%^}%P|VbO+ryJxrSzG+|T
zPwpG!-p$|f_^wCR<RikD@zLDrB)SIf?P7#%N(~4x%aNmp`fpA?>j?d<5vaT~;zX1k
zve^5|gT%{qFIC1I>w@C&G7N333?-r7z%fZX{Hmv}!Q1P4)F$&+f)o3S?!>6@$jD?0
ze;Q!%Cy&YTG+@ZPQ2fN{vyYNt(%b6X`(H|izkIxj+STdcAF6V8PUEBQ)R#)3uJ6K)
zZ8UY^={00wDrYAM&dxUU2VJbP4IvE#h}UL_bwoIiG>0jvaaBb~wVzWmwyw7-KH;ra
z7Cfy*PtU<_qPdY~6OzbDrsUytcanDb8RhnX>9M4JQXL-J3VjE6DIVK*Ah7e=)whvt
zb@<+MRDGKCSQBNkmJpXANp31{yg=*>z2onHv;NYyW(5mb9mUv3JMp_A+B|DjHhpzu
zJ#`H;)(A~*9&_H%*?4qfsO^HzoxQcyEg`2x?ZqtDWXGze?Xwc&hOQ<qO|gWGX<Z@Y
zdKNDsKN4x-#ri-?DfAtdtGK+`(_=VrqMt`;o70jv>p5c3an>a&r2&qGxp7;|(?D3d
zN->L;S89_|_NDpolUQ26vjC1NydBko<7vHVB;<pfM~_Z2MD<v_BP2qsyc8MTfIr_a
zL@4U@DR($sbYCfenpE&=bXSJE!WP4vD_UYX!I6!)y+E9Vu%2UZEU}m{b9M}s5Fwo|
zzlJQ8S71vD*z7AG5=fQm3E|px9Onzg=yD%PSJ^-;+BDae0E}v0tbD+cYOzQ|GxF1(
zhxC09Lz9j9QRQ#jW>x0wjCz*te8Ohf=4A>`c(YakO@Rx+jAui~gJ>Is9^^B2QSN2a
z#wMM*!UD|duT<PAbRDXGRX83iOjNlevGus^f?sPyG3n_i_=#=f%McQ<NyUY!Z&p?S
ztqfN?hEBX){Xj4&ZO}a}y4`8@0CH3M?Q82Gfh8AiF4!I?%shuaj!9sx`+#*EC7jO?
z>C};P-8lN9vZB4vZX*7RK!}A^%7qCF&#T;$wd>EmjhLZp;@%3A@8LLz^+W+YQYj;t
z7Wzes*r#B-rKRd<6wYFHOZvOkZ%fbTO;G7zgF^E}o}tPDe6(r)V~&Y4-6P%!I>Pc_
zXJe8#Ip?H5dfRO0^CZ`ZWZ6M9K#yKOO-Lkq3)2+fX3c>X2ghrTt_JB1)k?7w2jinO
z#{Hc_zDfp3d8<4*e#UV@FP~vRizY;h*~UHp6qoB7dE9?%?&};||Fvm?KGMfx28wT9
zGBt6D3m?C9ynq%#il|5P(74fY@?zv~w;s@ru8GocZ=canIA?oU`5mqCx#|VQz<@W>
zJSvL7@NSD>h&YbTPS2AKS-dj&wA}jV3lDP(A`M0yDM6PCk11Jut3}O<*<9K3*4HN{
zj9z`S?Ni0{z}QQFY6u%TcN%Aa>(1Di&e}vwF&NGclB`|wxThnNz85S1%s$AI$GDO(
zHCsn4u9&VL#qjvULJV>8c-=BOfw6~gO4jpoif@qjBM!c+Ap)n=LpX9$hSg4<I^d5f
zW<%4RW0-hZxE3YKFe1OZKl*lq`R!(tXB`@z9WyyDG@rtwS^_7Gnrjbo1_m84K_xr9
z2cbYtkOXutGQ-?7cS@=n8fFB9c4PO(Xbs&qOsX-ycsVwuH+U61dJjW3Ic%)nn&e&3
zI67n5#PzDbW8~}C`NKdS{l%Qj+l=^_uV@#^=_E|!>?(BqNRqrvN0nWsRr?Fy+b^%{
zm7i!|dw)wSK}OZ$;LPav>_!Z4wIpqdG{sP)RK$lCde^0z3BK^D=-xl*`&RIo!$rZ;
z3+)ogSNS#%ZrpFNMHNXiq4kj+o6(%a(Sg~x#c&bldN&HP`Sln^;$>w^bSi1HLg_Z|
ze1lrQ(F~)v=PKJeVQH)iAg`NticByi6YGTgd&Ywr)rew+4^y%uRqEtb6Tf|pEQ*QK
z=<gj+KdErP*X{cHCJ_~V!t_H-+=xJtv7Bb@5@Y)V;`!9q+Fk9k9g4a9svi^vl8#q9
zrat1hK%L>+!mZYf6UH^7i-o7@V;iw<WHVAqywS#jH*!bmdpc%jigu!h&2NYp-2axi
zlfIuvi;iTysTO1=5j|0SxV8-L6uZPWo5VBedtH4tYo?xA%J_8nQ(B*5T)*D+CISBn
zze`f|=4pe!z@7MK_um8?l0|<^2QJmu@OPa|Vf>$5tXK?v6L4fX9tKHDcCap?^q+?9
zk?fwoNUQxX^SM?F(nbp4TALu_jTm2IiS9M>TuYtqNv8{%Mn{bAYYa_)d+@;1W*w*1
z`3qEirJ3Q?@%{KH$H|K6d5YN>Pa+&d=vN`(FX$Zk_8rC7OcKxO+b)0Te)W@7YsS+{
zDO+p2UV~h~FuD;Ns;?)K^eTZ`41$$$D;ZuRy*YDek{GL#9x<Tz@GToU!5q0!(mIrK
zCw%bK?Ri^yxPA~O>2;$?hvB;WK=BHixdx_z4f(+*m@lT!v|Xd7s4e0GTZ8)MzP-~Y
zwCAfLC)(mr<bERgkr7zC{4FdIJk6Ha0Y4!=sUBgbu<qm9sKinn8)D*S^;+0aTI9gI
zS2gfTC3nGHz_0dZ2A2&oKQ?2{0iIm|Pr3VW-2*VR3QNjyS(6G{17-UO8|u>Q$F+Q9
zL%@?-I4}`~ue~=oR*fSkFm}*cVsABB;<K~^BfS{^b975On(jXXdkh=RDz+{e4c#dZ
zT8eNta{Qt!fuQuvNU|Ye1Q?*Wg(aiLlANVV_wn?DOvlZv4mzfPu^dZ$%E)kddvj<$
zaA-i%j2g{`5)whoH%x`0<H%4;p;_QwtE2;N=2Gzk)jiL2y=U+*=E`RQ7Y$D}`OoZD
zMa~zDNi%j7u*3^7EJ;hoCNyZ%qe;b3E2wP))vqg;V4pcS;?qnM6TkWNDc1=y%v$5f
zk_@^4BEDcGao}{VnEgRD2}OsgnB}V<nS>d1H5+od$HFj5nvDIHFDF6_;F$V@jnS6l
zL|OobW@n(sP}8LCgh^f?8UQv!*e{w$=l`aMr^0GXmD!m&pmPdEge3mxp_@!(7>l#S
z0t{K=7}^1R?}%T*3^>tQ19aQIiWI%q^TxJXUg3d17+A_`$CF1e<kVicUJ0%vvYP3d
z%Rvlf5S>8#()Z1?3Z`L|^pc?Ar3&wIwP`+8<XBJ)noJ?mY=s#*nhZ6VW?}qx1DYfW
zBoOWouEsE;SyL@dGb4?6-Cv#p9t+YmOwRBdAwPmi_HdmhHJ#PU>SguP;l7f&D3<NF
zs@CWkz%s|raT18R$y#`YU`JraGqf!k>(S&i);wLDCE8Z8;^56^j`UY|(nl7EXIfZ7
zcY9j!l;?!yEX<M%;e+3b+yZY=y&qurxeg);^ONoTmW!x<Og}1!RWmyoC68HlTnrCd
ze2e`;nx$beRAvf8874m@7K6m50pr)q3TjHpH+k<H#EFp#!-!LNy%U+6vto?Rnb|Pu
zCA#AKEX^Z`W&#(p-i?6J%y}Z+at7ryG`EC4z7!tN6cK{=`^4e^SiB;V(6%%`VVVPx
zoD?Mna$(Oq(GSqg+QwU&foO)66n$fE#RP$Ml7SZ|lBS4cJV-=+2$K%LbsCcuRBvhz
zwV9f5b)any9Y!n)KjqpEQ~@ATBFSf1vbHO0(%Lv^8Uw^|go;}54(hM&qPH#FY)faz
zFD%GOAeMk0uqK}k<%7Ar(Z75R_>0N?cye1m%vg^np9jqOzyy*zKxIQTOBQ7wOVDJh
zeH-`sw$vuMAPL&v$^vA3gv$faBt@`@wV3!xODdrR4vZS!M<TWi&CL$ndp5o!l7M3Z
znFP7b<=SmD4-CzO4V5s`S?>YG^>nj$^A&;_w!PIZcS2sk+rKnM`<p}9?PL{}ydBtE
z_)s)oBFzCNCq`{sB9bq`ey~qeFLQXLj5XzjqeeCFo;2PB*LM*~Zhk~^4oo@-*KM4H
z8!G4_bPV0>bqyQBP~oA#A^fwZt(eRY`*~W32qLKr$YT#o$|aI`S%c&BH7rrMf_d$m
zF0PA8#Lt4o;K<lMo46Fj(gQ)LgEnkPt!z0N;Pnhd;8x_P-lz}oM+<BSwhWDwA+S&}
zE0Z0;belJNiT{H6N~wsTER0qAb)rf0sD1|!2||+}u$n*R;=y(n7**|HF>|MK=+d~6
zcOmXBm}3=I2Z}rh7S&Nl#x@jV9o}PZg4OYpL#^}Msxeoon{~&-XBd;KXPwbCBeW=(
zp>Bhr`3BJ(FyxC-!OU!yD1HVrgVOSyD~~Q%bcz_qMGf2y!Gwa|@gq`1(pMDuX_zg|
z4o%J{lEmhv>4x+(fJc@sy)UZ3jIgG{nZ12YgAoK*CLVAIep1#(^TUHprIckm4b#kx
zM?OY(k5KXD*pV|{Bbw#Y^FOzfUpJ(@-x#zV?BMS3%C^QI^l_ds3zlcyc2?!Lz6z!$
z(_$-r$+u^M@aS`<aH|@ch6RL=tq4S%8Z~<AQxrUKhw2SvNB>KP7RDOafhG^4{5#O3
zD=>+BPIoU848of*usHiB3gb<eUfsl`FTDeZ=Y#IfSFZvXyd{#{``~&jxDK2m=gm%x
zfUwJXf4U>xCL(RvF`Y^na&H|VMvy1hjy=L21DicKVd|Pc04X(v>k3wygu;Cz<SQ^}
z=NmBB1K*<t4SBZ?Rd|!fjXqT~z=C&X-h%;`N*0JTe_QZ79X)jXbP8=3Ze-#+tT%%`
zF-b@-X_<MkqhO+qHsr{((_|F&eANM4*hCvcm%z{ph26n8;KT!~aFI!5i4tkFNw7Tu
zVM__T1rE)T>7G_mxc&>aYaZaW`^2lE3VMY8Y|3foPB8otCP0}~j(xj^1sZ`xf3uPW
zj?(kZGfQpX7%3&pBvyaa9pG4PK0S|)C6edcXh)7lFtjm@O|vvJiXNCA(ppwGtE25Y
z%kdhO0A#PQ4{#)~S)Wk#2u#aJ3cl2PCW5R;%_pN1bPQ2E!whxG>_zpe9mkH-eJGr^
zr?|f;-At3pRL`FXFYweo7i%NjxoIhgngrz5dxvEsEck#n8}iZ5VR%DDdR;xX<&*z<
z)Emr@z}lj3N=rNZzwZ8r@0zH+HQs8vqpg1LQT|Y0xh&^Rm#)ogy1AxXnJDsHH9^U<
zT4e*X-SYirqJxyyXC=uWmu%DMRH&|h7<Y)C$rtty;rNvhJ^WXFu|utfrH|c45pD>Y
zCQeJo88=VP&L1W$zrERnV0|HAvtsm7@$xbsjO0fBQ9^zXWXA^H4!Up0WLUVxnoL{z
z%|6PC;Zyw=_fiNcsAhyKat-x1EssLj)l)t4m^P!W^P#l030I^2!Yf{0VpcwQD|}bz
z?kS92&qUjF85`QD#mq-frJn_9ivt=EP^v)g$A9sSSULq<06?EgEd*b{=-b;#{C==(
zIR&G^YKKeZFOto`v{xAxe1->v#|h$2pQYxO67lY7q2c1Bs}%tQmpF1W$`+LWVWK2o
z(<U2&X*P8c)rzrO)%r7!CD&|U2OphMYhh`_uQj{TQ>h@a!QW)<WF0EWaYQUgv#@AJ
zv0UoWB|fo`%BzEP$7el_AmT}2#D%3SPe{-E(Rcn+cBB8Qv~{%!V*i1L;q~NMswP$N
zV|PYGf5g&0$M6wNndXOkqpg2+gv$?+oeq4^!N=bYe30L|C@mH>kaOjm`$cDgYo8&>
zuZPCj5CZ-2nlG9POkv9%XSn`>MZc$;NX|{xjY#0y`g3P=C<p4%!lkn%k&C<c3ebvY
zUwhDZx1D(FMz6Dqz7oF{QE{K}Xlh=M>iK@*1&X$jXJ$v?a9^9?4TdWpU8laOMPk_D
zo<eoAqF^bxSB0k#!rl5W7M~UIL@co(`U!?2Etz6ChN>BIuet5?Rd-m5GLcr8|J*>e
zyd-fua`!;57(y}b_2dIwjAI?X9Nmn%Fv7!#CS!JzmHVBXB3qiMr#Ivi#CCg@+}<v8
z)rMn#YW62*)M<LrKTi7`(3w$lHVY}sABoGdJ&zp!obY1|GjG5j)j$G}D)EkEza#~o
z2B*M!7m%o8&gidx|1Y8`e^IKo8kqcFa($L8srTB;qA_$~`lfCtyylEyRgPwbv8&eE
z5edYXkzWNR%Cd%T_!3wV>Aun8^_!yTS3eX8w0`uEKkZoXuLDpRC9DE7yNq}dRTc!+
zP2Z=*y|Mi*q~gfv!lL%xmJnu%-=grRjU;SwrE{2^|I}$3JQ`60Uy$cuma+`6!4%Gu
zo6n7ZW^8$GlXL%p`-3A!;<Nkm65J|wSc247E*wzuYR?$$9YcZRxK^39+22*F8o#e<
zF7ym+JZ!c$<IuZ8Pl1AGR{D`cR};dH8^|(ogeDA4-;ia;O9^3(qLxoT0ZwLj@C_a|
z#QhnZ=@GbBuA<BWH0cyvrv?-NM{tCVIRX`IaiA*Y$#9!Di%8!oNM|Iop|3q_%I7cP
zOW-k4c)1eI0AV8f6s8124oYEUiIY%FkP7>K0mhUZL@+!-BDw+_S~v+Wfy|l3?iAX2
z468_(4QZfR%RN+IaDd3blvPBgGm3Q-W-es2)=RUYf^%%B#g+|KmoaYx1*-|e*r^G$
zMjmi(11Cnb56ELT2Y8IKp}9^rG+PLJUEj|`Ne5p&O9EzXEgPE1WkVxJ(Z3+r_dw!*
z@cAG9{NE)%g5V37u-D30MrwC}py-$jKXrSDkqi35iSNBZ8ncA#m@kyCqAroaF4j^u
zZrb&tR$pQ~PL#S;8VS#)5ib#!26`AEDKj0@_u!W!Q4*j3#X<HHe)EldiwzYw-P)gv
z-tCU_@b8~Ui2r_Z;jLZbz(CRDI*-vS1~_d*I;o8_5>sd2qL)x8)|U%ycO4BaDyl^D
zV6Di+%bzkv>N^a}o);KTfFD8-o^YA?WvJgzUih!dJyy-CG8{)Y$~ln;)F7%$)d6P3
zyP;2$DVkne&#~Gwg->Nw2E`9=d_l>Lovzv&Eo-jPcI(*zLyOlk+*;FW&;IFY^dsMs
zxP$18Peg%i9eOmb9WB5x&2Njyq&c8h-P`c`)m)+A!ueF&iAx?)myx>GpNKpCfhUiM
z#7d3^_4|+IHoX*grQ=G*OW*g{cWTMdp^ll`t0NCoMZIcdoisSr2t`|BE)mHmBfus)
zHp#3(e_sGUL~@AM0)ntS@SF9<o8dtu8?tqffZ*C{^xOs8^Y9{y4Rv-gac>>RH5qHb
zL8p42X32(t63N_w>6z~Or;Prc;eW*w?B4Sg1fX)<-%Kpo&DzF>CWA1*qT1;K_T*o*
z<v(i$FL(apuP#M^R==tR|Jj^iLI&)U(qB&vVO}%Z;SJK!v>LmO#h!fd^wIEq>BXE*
zL>$XcY(2T^H4>?)Ls?`Pm#}!<K{{u)88~SI(X_Wf$8X1^qsYr`H02bgRI)H@3HW-)
zwc+|H^k^FT`%!H){S#pFrT08vcSx?N>cWpfZ0j%^YWD%=_3WJ#mX_uJbo+lA6EH_u
z@8ELj=@z=P@AJ#R@S?q`Z+zmr`Rec*g}%6)*Di0qK1K%U>(_!My7BK*j()L0FvlE$
z-cuIAs6o$60l&t6o+nt&UlWyq==`c&{>$YlxfDXzfZyx^aROj&jlxXb7R;lr|CDKx
zDg0=PlFkwW33b<ZVx8GgB@Zj(u^QEnC<Bj<&MxgzX>6m%z+b-B#R${%nt@_SPGJEI
zmroN3efcYj+c_*eA%X`Q<~KAO$}L!C-u~BH<6o2xFFdZv3SVGD=<muvIm7_PZ)S=G
zf3_h^cl>I1{DaM*Gma8cNy6$xkX|co)#%{b%xzW6v%H_@4gMFSwJL%H*EzxQ6^;>G
zT*}(|+a=;5cVCs|o~QpblZ=P`TaG(R4<7xt!7T@iG>O!Tym|Gzi!Rap`v^_9fW;df
zmg_Xwk`tK_dNq5kzgXBh)VH2VJ%$_*hjoM)c%i2OXtR3>)0RMIy`q!LJe2~z=_Y}o
zZ3OyiJ2<#E1Jhe{48>S$4U}b2@Q;N(vkRa;@}Ir>pZb7l|5xyb!El9Zfh|S0=~bV&
zy+g6V@TyD#W1rGj9(vi*HDIQdd~v8o(H1GdTI&xd1$d-wv3MLDZhk7b;M!n}K@Zg}
z4}N7Z&U!|i(_x$ha`gl=7d%qxNT(8)4~3YZ`dt40rw*_%-4Sj@vWAJ&8_{Q-SuaSo
zLXr44z{eT;PK~G-k^V_w26)h?&YH->WO0_YF2EoF*mWU2PaJUR4}ANT&!2X^#y2p~
zc<*XvU2?;<lsu*Gxc^{7yF=gh`Sef<L*g7YqkHzmWc(YJCRg-r(zs`0klMbh82793
z{gEfc&vg^`6nsoMk0}kWpeRxcX+*lw@Ruh}N3goK!ewRshBAR5CgMtBG#Y89Ir3l5
zE`*|k{_FK7yDpu*hPyg9hZVYdl$VxXoV<NR=)-0GS}(61F;J>M*=#fk*NZ1ROhsE#
z6BEYbUw~x0<i?4vg!7?9UiI+jp9sGGTD$t=x;|1~n0>mgpg-;m2|om3E3}`cKx9(W
zNQqtphC9*>rj`>($*yl&-mJmTNK2*WoUsgf8P8LQ1=*FHM=0rWSYSqT*3wM%;^enI
z_e#`$QTd+H?%HQX*;gdI>65v->2%HIRhhy(FUS!yuR+ym+RM>s%bnnR<2W<}MF}hm
z$eg;3dl{&M68X$MKapZ@^Ww1CTYnkU7k&jO>5@S81k;W-Pq$)lGt(KXjn}c><J3E`
z%Gp&}tG?;ToOeBuBVMdCk%Q$32S34e_n1S_j3j+8R+*VrrIr&}F*Y>VO`ckQo1XB!
zH^9w5DXGwM|M4egYkl~&ba|=JZAJk(Jr2Z|O@VlZ8Y}8GB^@sFVF^d7nPYekyXLoW
z3Kxv|zv#_AW_cI2=<2o<vo72j!rjEZC6+f&XVWoGu7kL@8HOE<qszesL$$u^oo-6L
zlgx=VNzF>#vO1HKa=Vt6PKQ~IKxaNiQ5q3vDfv9#NKXEK)T>agftEHr7uou>b|S{*
zqfgge1#UxAoh5MOahZ|{3C2RWZcOpWj19TELqo5*pV07Duhwz?s6w;ugZuv0n}(WC
z#Ta#6P*uek9|^V)R=f^0zi@^e?F<N7)gA<af8k_V>K(4x3)(><Uu47Ygc$Jn>lX#^
zzjJFF^xbVCmteSGVDxSbt{UWgmZ7I-=|>`W2FbDBxoUP+xjb~T`RHuzzQL8(>Xo(o
zv0{scU}S#k_O*^}8QNf+JTQbI3l)jBq|7E6YkZdK$6OGox4pW-H)GW4&3mgBiQOG1
ztnIEm+kgN1C9?l`(79o0GKjh0X`1*3m=~y|N!FcMZ*ppL!|k%N{0sN-2P(Rxy1YG{
z!P%o;?j)mpGvn|z@NI(H=WGbcTI~aq_YDMHc=DNA;%}_owSb>-%F8;Ud|S=`b-?)f
z5)SN*!*h!C7xxBaj$843)2kOwgauhTk<zxbJLGH5#S~P+!ePe1UNhTU-m!;xcm#4T
z<#8R^$M<AijHx8098kjr#5wkq4_+Ka5-Omi)SsMc-xuI<X$VJB5q#3rvo8AHVLeV6
z1kd&_n6{KeY`_?y&-;h3iVH#3tFd1;zC$8h6hG{{<)~az?vbf${Z1}Q$p4SMHxGw8
zZu|bHkUdedo61(%lC82#8$wcAY%!JH#8k32W<>Tagd#>{DIxos$zDmaWEnALD2ZXF
z7++@T_vwC~`*^Od<$kXFKCb(Cp5Jji|HL6<zTfYBmh<yI-{<S(*yndBaPucV`h36?
zwSp$sAZntcaBiXc42J>2Ri?o*Oio!<q6#hf&0XeA)&Xg+L%o(7nC=IuUp`PL8uLV^
zjF6quBGD_V_#LRx5r%`?V_`p|&p*^|m<VWmO_{wWe(r*6<*rSA7zG-MBTxw@*LSFy
zu1q4sJNo0BwmhK-zRj2-PJHmpptv8hBWIYLDhx2(Ur_1tntPNCPhv?hk3l#Ne;-o=
z+X=5dgc8>7LQ34O;9V%)S%AiBv>3>}A9Aoa>U)}MdaG2{g<Eu1=q_o4i~aH!%vEIE
zY^Gwd;2A~;8WqOhYY{GT?9w?BndUf;A49pnn>VT%+#NU3I}sj09kWQO0ok10xVE!E
z5qQ?h#ZFk&<YDR1knt-9ni3?a<7h2iJaOZZM-^>y#$eKk=go!o{bAIGy)HlIxC229
zt3nkg_Y(yf0W@5f$hZjO-T(*g73i!xRKuW)O%$?Q^KX6M@aEsbo!WRw7BitICLUYy
z7%^SZDoMLQ0#S<lq~)1hxTqTNV`BJyo8GrtbrKVwZQrEOCms3Vbi=I++}CG?t~HS$
z_14&eAROZcbiUYA@BX-Ba(t`URq+;-v}>R8nNKj+kGu<`UC4O6knt8sdX3`It&Z*K
zFoq9>>FaMK^m2<X9Xe|t!}IXIxT)p#F#d|1-zEiUFM83MX&01%<Kgrp#dL6D3wqyv
z)ZRO&V{0YrAvC|^UDCG}xBKF-xkI|^Or|3gcoO;r14A+ml42UMT<WbX+l*ytQDrj*
z>ifT`j+0QaTJ<LsT}4$LP4h1Z-!E3YVYd_47Stj|Mr^{q*@>@Rj!@q<gjHnirEiHW
z335DNpXk#3)3r5fl6vB9BRO@SWR1$+i7jS;br4L~X7sQ#T7?#fb5X{s&`&cO2zH}Z
zzWMu{kzqzgmMt#1ikc|+&WN2lzDvs8B~05M=&Do#QyDw94-0f2x%phRObdb007m&+
zKLM@Rfl(LDk8gh+nr%KUJNm^vmKH$<;m|U4$hyl}mCniBT8M}=mY5HTdL%v=>r($J
zb>ZFi$iv8khsHn2<TSsPolfd!B+}}mTV-)=x4_?*3EKZbUEc<ZAd@8L9atmZ_vnvo
z_+(8URh~#b@buxXx-;Ttv~rj+$ccqlVLu|aw{B<ge8g_U_8*C#$8YCoLdj=n(NX1B
zzgn6#-Pi4#GEm&6>WiD!C;~ZGZalP3M^Mmh=<O^KcD}B;E;^RLYiL;#WZfx|Mpysd
zu{-s{Px$BDEoaMEZc@#oUwgWfi677sxHdNp?Cv&NPY-@a%WkIOw`vG?2FdNE`n-@3
zr|WO}D$7NYwr5AZGRae^z9@)GSEN0eIEDMIjl13Mk2}xOqA$0T_&6UObP18G=Vn58
z>ohE3tO}!1{7*dRa-4Eu>fx!9+H?1B!4M$?&t)Q$;m%IEEn_W)9dy<i!YH6hv<vfI
z-CrLSmgHfToYkrF;r1PimXZR12f-OLYH}Xy8v7N<$j6h$ag^O77~UDdW!Z`EbkF)_
zhRoW_p<Sta%PFP;%UrFi=9#zMs$d_y5UvE_ZwMLO^h;9Ba+gT_&J^#EwGO@(O)^Q)
zEFgaOV9mmWxvx?X7guGuBF|dF0iljV*HrJatFYTxM`*Szkl1FJLD^)>pcnqhJ8|t-
znrhC%;tj^;gW|{oH;UZtPy6g%&rvW@ya$6}OF4tM`oP7z%w3o5$2fz=h`|>1;1ZQ=
zACDVU_0N^F$yz>Sd*yxiP1)JE_&x-cuQ9M}prCv76HD90f_^dr=mFUj>VAIAqr#!D
zTR-+DEM{m&C&tY3UR1nwsN!ufN0D`85G*!%aB)LNrWi(em~#+wu}1F*E&*d+;!X1k
zIg_TQ#S_;(@|9+B>1bT*?SPM~0(Ple4T~8nbcrq?=ubD`#8!U6V&Nj--^hB-UdYkw
z#rG!V^wORe$NU3PC0*S5sl7XPzESp^_22KJ#@pAhoF_6wkOm*J4PiQ$AYv$&AGFp*
z+Id^XNwYKDeMr$h%cIdUIG1R9s^C&uuX#bx_&ci53+=WFpH_AS&RyMLT9o~)+|chS
zJo<{Mb&NuTy_#9}{?~bLvR_W2)ZDChC-H3|$b(D!oE(l9G(<2r_0V0cD(f2Q@VM0+
zXQMMePKup*Nt`qny7c6s*vm+H&jh*VFYeuTqkc?DNV^>`fSWFb*YpFEuiTL-L^Lt!
z5qWv1W&YDs*VX**ym_778!vPAvyjDWAxr^im9Xg(xD_qJ^b5QY?z-UQ9r9WyPR3Jn
zrgT{nm4THRxPC0kGEuAx(;KXC+^+STOX~5(@k2(i&8<`HC!jhFQK_<6NNF(SXCA|t
z53qF0KJT$mQ%)&tw3}rnE8Zxr@f>^OA@J1ivF&RT?F30E$eT3n(WM?jvZzBXSjTZR
zllU(wial2=*{m?L|G+7(T~|iIFP=gqAZo|hc>iRgLK~_23Y1Af#5Qp%o-J@R(>gbt
z@qTv@MA!JmZkd$1F5w2NSkZQWx3kh=h$1VlnYlKkI7=>#5kVuw=}cO-Z5!)<W?YLp
z(&t`R_q<Oh>ZIbe1BosEHhjB8<JQ5kW*V3-Ugkl`WX*dwSXKi|hUPORi$w!!K9gTl
z=XH0LdHYEp?3pVqHC5VccR(RrmEQB3AV~16hy=yS;B+!+)=d!hY26Nqbmwjv*6l-d
z=xvPPpDQJm>y*Y+$cerExvhDV(ys2(^!AmCX7F~2gsSM*geW-88h?+YHpn`B)xRPr
z{^U^03EcC~6HiC0CO>yqbz|mirX8Q1BE#-V@9N%a4rAl~4&aLGw@jP!3fIr(_h)C>
z{?0`ig#3cxH^dg0I)BP01sQgE3BB6f7r)z03#7L6%xE9P9QZW8l`l3JzFY<iQF^tS
zKE7wf^+APGf($&}p&|hoMq}O5E{+&>tH<Pj_nRzTeD^orj^A9-f3H8|=z*JCLag&(
zz-C<Ds={&b!CgC|$+}yHSV+Ka@Kww-bGCxG_rC3G#Kr;z_oZl*p#bb=Z={Df4M4TX
zi-QgQ#XWMZm$DN%qMTt|Ju;^C2(;|XE@<5qbR5oyv8N*<btd&q8tQhY*p2BNJPyl}
zxL)$Oh|9%0X}#hGbeC@MJL4Yi2+BsL^w{~v3dxBGE{u8U__rf<1<$-*&To*S++SV0
zKdF-uC-!x?j=Shsi`eEcYa<*>RDol%O!VV?;OfS02<O-XK`N{^^vE123!!M<d%6EJ
z6i?Y&o98JHuaeSs^42Vw`0z}u-0o$PgkgwF>t3!^_)IZXgl52Sr=7r<L2OEnL3_xa
zH!tJMOs|Tyl%*;pgwD%`ow~sDlD~UX1%jPT@F9#N7_CtZ>+$NIEM&avP`Yb#ea-!{
z_k42#gU5E6Uo@8#Ix9raVi|*ofr3xu>;|_sDlB6Gfr}HYY!zo2RyTdT9be|qYZ3Kf
z?(8Guq33xmJo49$M(jV>z<uR;)(Rr7Nrc)#M>B>%v|(z-G@M|mjbOAWI+Y`<b9CqA
zKy_f3s^$5CR(Fk4NwN%&!;EFFCA=uUw&V?C_XBGYfvnlnzx6WIJpGm6MUgx5juEOy
zxnufyPjlTaOTq9>wx<){9aY%V>ccMN7zU|!5%@R<SX$6Ay5kv|St5qNAl5(h>U}4X
ztuiqQ16H^0i8~Fbihg?F7WR%pFa%{PGaYc+nPh11GL?r$=sAyb2R9p=XGxDf<=1)B
z$*xqnUV3GVt?C?gMl^r)14tBeB%$0P4qq_y1m_cBJC#)-#R?r@S<RH01*(getsD#u
z=P|_2t25q8_PkS4D1>2GS+exn=({*KxFF^@)HO39vTec+@_olVPro<il$ib_n2(CN
zb=*ugZ$0Av0aSM@nA>e<2>@$Q!`o@c*^b!*l|5OI-_zhH_v(K7^qow2$EHW39%z%8
z%0q{~p?(O?wBk{8+v$GR_GX4Xefnn$*G$QZV;L4mWy4508MC_Fk&&CMo0baqT@b2Q
zJnr+c!`Mv(SHk%DndQYbiO5!jw^oqgF<RkdMqv?@^o}xNfj^!*a^c6*`o<h-NqsSe
zUFCx^ur0)+yaNO|geUGUIK79<P!K)KJLadh59~C#=j5%;m;U8?imc1>soBlP^VGx6
z91so$364po4+k8}YghEEz(Lk<kmacSxKwHK)ze7dD`tl-rSfmKcz){jwJ?u_QHlta
z7x2lj+F+24%ix4qYRJTwtb@=UuTXNI@{Dcekow}+;kgsWrBcoEms8VXHl0hKPPl3n
z!rSG<%OFGbOfQxYyFh`R>%-ZJGM1!E+bx9rgeuIMGkz;b;p_StRVLeel-f*;uUj&^
zFP*Op)P><r-u?^jip?-#R_-Q1HIUY&Ifro5W18!S(L_}?6UpA+Sh0A=2CO0eJ#0VR
zEDACPm#K#B!_mf^k3e0tY9@*!N`g#RpZOzeL$j&azzJ7R%&S~igMeVE$;RqtNy)b`
z&d*!>^eaj#+LxhQAk&hc4zy}CXR#2>0X0qbjsox}ahyc}B=`k8h*%c+kk)ta)@7_e
z<OclKcFCMLb1*W1HXQ)2qa$O_GF=g@d-z|l=Dl2Nn*CuoY0m9Z9kq#zZN_1v<YLz0
zYg>Q8#AHCI4`+`$&ogzws}DS3=NjvJ5+pObdu)#&h`52RISiaOb(=ZwMt_ZYVypXd
zlV3t$A1p|P3O)!P5DtVVW8cDgYSGCgDS|tD^Jqtw0<p(msXj54au%(jP!}&+j!%1}
zbTpLLsFbRCmn01~XJZWrUj*T12(Q_KZBycptr(Ne{aw$VTl?Cmcrqr`ADdeJxOd`b
z;*)s41ltdI8WO*50`IKY*q|)~(H^y$+%p>TCHk&^>9UZ@qh}pg{gm=?A^wR8F7)eX
zdA}m!z<obK$QrA$9O?RPfQC8RUIV4T!<S|UYk$GSQAhFyZp#?iD8#Do_7kd_vXo%e
ziSmfj-wN@6=kQ^tkUKJGIO)v2Sm2Bn?(Yzh4$7LM%ysD3IfQ!?<(t%o4e7^jJ(KCW
zDed-NEYDy|Am*J6*p$L|&QD2Kfv<L$y{$B|m|h_&G&mGtuiTo!n4t<Q+_LWsD>whJ
zW9z34ar${{h*!CutnN5t;d$a*?TCW4P~Qv5oo=6sOfNVpXA3hjkG5UX%*i~&?H-2E
z^@l@yMW{J5c%mPr__fG*{B%^xj36R1D>4ax=b5+sKBs+O?ku=99N&#Ptkrhq26c!e
zPQqw`Yl&bX2N9k~LC*VMu)5+lW^!amf6@rqQ2V+4!ZsAqw7}0Z%G`$-R1iu1I{r>E
zCU9e=e{QW!BoSXL(T@JT?x9gkBg~E_s1j&7EaSE6iG_`T1hpKUF1|=~&gtAMieC;&
zpp8sIt-$Y3#4{$?&yB@dj$pZ!_X4UDhMyLFwqdkvrF$fARM*GxLdMQ0p;!4ayP{+>
zt~fnP<~sZihAjd#fIhPI_{4N_ys<$LnK5rHHdtP3nete>tj4Vqg`c?}7GqGknV@B;
z%RGbeXD8sUX@=(-vY+^r8+y&)<8n0zR{Gq~zQoV-RZw}bGGADavRJ#G-KA~fXZl-?
z<j!ye6mjG{fHD0&V6k@CjsEVeewLE6W&-A&p*A_wGAi!uVgBF{pS<%VA)}t(lcJc%
zSR5nP<hv(g#yWg9rFjqk7b%sOZ)HF7E~aA-L-9cJDEWq{BvHAT7e%;w)bLy^zvqyi
zkv{X}^Y4~LP7V`-5t{c;D{%&zd-;_o8$SD`Fr|=hBsyV84&OR6#7RZVnqJ*?(3G9C
z^;uCu#AjD|PcDWAoVdUd$S$52g$gdR(`%^bt%FW}HG=o(r8)<@1-k9Y9TfLVijmba
z+!|C73i*Kxg+VU#Y=$|VKsBQETfcJbhuM4g*wdyeWxO^r@Xx*UsD^d=o+lnYm4v<A
z+HhEER~%FSHLwaP&BIr}pusXTLcpWNOni#4BM92rNzL~CrA1b>3A5%;qQ)1jY^<c$
zyaWzSDk8LVpC$p_{3J_;4P>$DVuUP+E&XP2VL12D&1*;Lra9>6V{<*{ju~c*?o~Wp
zI{yo%Ag&PgEo5|zR2faJF5--AgF4!s_tMIr(AGd)wH2K|)N-DjV{>XQqucQzYfLeT
zqVT03eQ=AG#pWe}GkR2a77*dWLph(|w6oU2*bW>&Mw|ANVf%`%m+VHi+Ak=41?n}e
zieqrsA5B|7csNVRzvH^AMq`^)#d8oPii}OnEEV{JP<p1HYPW%o#@u8c>p)%ANGo`U
zrq&qgpQ%iJHz0jYVf%-jm%J><l3^DT?!youda0>dUWbx7O!$l$BLnCt2vK05a$%w9
z5**q3V%&fUkpFp3fOKXFSew=7Nh{}EfA7k_V6)F*V7cZ|2IF4`Bg`(Sk-~}wWz1NG
zTWyw7syDSSb4{b_!>W&y3)GHs1x$`{Wv%NoKpjnZm@{TCJCCyq695$#)Kv%4<&C5b
zeqQNCGyDpUGQJITzm7Vnu=#aUScgKyT?&}Y$i+t9#T+{P3{6OS0tLcVE2|UzC|tD<
zNv(2`sF-%>$Ir(}uMSmY-1ZT1pvxD?CzBTrFE4#Plq48Lw3prBIcv`1f#K{30)U4O
zud45QBG>we;#m_vuEmKjO|Cq}|4qN~$3v!C0*V3@l%13*P`u2fyMG@v$=D~+v6yu4
zU{#KH2e)Y376Jmh1Kj>Wf;T=k*J<imp$YkpO54xcV8drxq;0!`k1_nuEju7+7k<IU
z!qMX>4!=4b>C{NCD=j}&`K^TLiB>Ro(W`Kc%=%ote0#D{=0*qXCNa!-?e8UBe;fDy
zCO`W(@xSU1!7dW*G$|e~WUK}y&q%Pg_s;N)wtb~X_I`I*j#^r2sGZ!rb~dHnsPl&P
z9^I#@_|-)IInZ?P8Ug8<C-M##L86_pjyaOtV<f`JW;Yw}yUcQ-Bkx(hC71FHT^-bs
zllD3)Y<TIWPOi_Jo?gS`^l9qnlHPB)TJ)ma3ziGilgIgltgcTg2g{*7jU7MF<q-AG
z$fEz;;8V2Li{%%yo+F+etbsb33pzVh0{yKFSXJF<@f?089eIiUWCczvWz0a?Ad)ug
z1n6&9THPa;!lLAS&p{`Rx5cNp({$E^8U)o61nz!JKi*1b>S22bw0@9-*I|KG;a)rw
z$=S)NbSVvuU&MQGJ}`G|5z&1A)AeWlTmUs?rbxtrc_|JCJ?~%`F(p_#G?<JZzh4zN
zf!UJF$LU}y>n*lQ5WJbz*&l9Jzx!dfR?jE^k~0%5pdEai-Vn`2a6adkU@0NT)*K@H
z8Oh_u9bZFRzdPo%T4x(i=DL4gj}Fkj`&gtFJk1aAC_L>9VpGs95h8B~X@{-}Jutcz
zfyz8m%gG(VyD@j@pW{nVRmt9$GAc88r84~r-`S(OKa0T3;|8-gJS@nOT*7|TvYl!D
z)`#}N;C$hP<xO&fGF`VkJz346C{N{r#%?z8^TU&|Z5O$Pu)_mK;W^j?;FVW7ee#Oz
z=-bI-`lq7SOlkd5Bm65)rh{j74TLR-Ck`TeG(LwuDe?&BJ1g_vAGYuHdNUX|XK)i9
z;F$iZ{xt!_0E`%Gag3IjW6q@xGuo_!adCN@?>mZMb8SQBJ2N+VbZXd}g9o*dH8p2>
z0kghm@!}KgC=OQBA8|y!QRVJ3OZ)kJ)?Bnd%D}ae^PVv1sJB$NbW!f2rE>f0E2|X>
z&^U7o<_fzI;l9j;kp+-n2P1SRN0c6wLutl~cI274XD$@=D^^Yj?kx{L@xVXfjUukO
z`RWJW`K}$CXg$;?%x&|CT1@T^@TBgstnbj6fX=bdsEN^}ygH)Tko9(Hha%mIJJN<i
zbd_<7d~{+{!t_gYwi*GHIM?WR1Chyj2OZDaAvhz16kQSF@)rHRVI5f$DrU6(boTi=
zL_>4y9<Qm{Vx_AF=j?JVGA^-0KuO4c8e#Fy?}|?<osv8e%@NZy;D}lCk3&eN#9}rE
zUu8W90(`HZXQ-sW-XFGdf%56dnZU(Bf4U!|6FSDcYzL*^Zscrtfa0c%v=*(}Nyg2d
z>Jd^W>5`p_=>4Ls{^kb@NMG<lZo|IDRYuk?9;00XWh9fp?3&$etU%w|{46M~Q+`+K
zu)T3%$@haxUZ;((Pv~`vYJJtS$e20A|9fj>$G-p-Q0Th>U>Z>|$2lVOE%AVzu=}Io
zG4Ya?G^^p;^MQ(`{Hb!Y-LA><*Jc8iZbq!}fSGug{*%EC;VJNBa5|{tU3^AY#OOjf
zeuXCrpeS>ln&BEBEb%jTfvShzuXD>ZD9J57=PdV}RE0LEcNANo_&#GIF?#F<4gzxp
z-;F&?Q)`Orm-Z5LDYkS8c4vGfIvkUG>v%EpONK{!%esnthmU|3Qv#rxk2>Mnj6va9
z1Obl0(OnqIP{-BjNkK|d3Gr+5lZB?u3!-h$Et=h%Y9CxaI{h}`A?XWmqa;@a`w?RL
zQ5v=%QRiFC^hV)DYc-{z_|9ArW4Y1ni**;Xm}l?2S#nr)K78^L?Zr70AMwX$xf8d^
zElyN#JTZacRFO1O^mrQMQ45$gm>?V_c`<_SjEG*#RUEFZpuW<#9hA5{RPL+3JQr@z
zAX*ejEw&R?2z@c|PQmJp<W5BWFIXjF(Yy%zhT*)Q?h(tf4hE7+3}G93$cAnkSIcKJ
zg<5}NbH7JcG{a7P`uL^2Ck~u`EPF-dIaV5@252lE?b|R2$UJW>2z8=1*frXENPTdG
zsQ>7Fs(8|Y9TEX*om<TnNADbkKO$B0E=tkQGtNTm6oNSBF!bUFMwK2wcn)RFydITS
z6rz2XF6n((tF`yhHS^6?Jzqp4yKmViKf*&QXsR4-J4Ga}#RRM@pwzGfO=EV*>kWSy
z@z)eYh3p6!!K0oz;VK$lUeytSVK!e`FZg`qZX~<{%<V60?Kns|Adxo5z(QTqn%jZ~
z*Sg@M#z)4G6HrArF|vx^qoKJrV?;sxv2U#0tEzY1GX7~{7Ry||q$+|NDI7=Z!&ifo
zz6XhlpjJS~YYgNhs2uC@)*;5;OPc!cNGh2G-+<-o9#TfA$!~wEWdGAp^j|jw{fmka
z{%7&~zgkkGkzV6zmY{Gkei|8Xyqom<xKg{rS?FWyE~w)YJz>KIlJ2$f)L8Yfd2Q_%
z^nOBA;WYK4LEv@n6lXTglEa^d2AQ734J1{UX^*iOZPgE2?f^mV)ypWYE|(&&t*@gq
zhR)P(=6+P&TSqy-w<+xEMmm^nL7Wl%%iJ=0Gi5Z2;0+HmKGXmq=^pKMsq+CFvwG*g
z>(vu4Q(rAslqtGyHzBA?iS0{#`10*U@*xNbMi3Kfqu_`t9f(>@>JS~Yep%q~fI~QW
z=b%pCKAlhri`@C+mbb2n^(l3=o!xAhusMJ`Qgx#gys-nW?F?c1p|K>GZK<BlLe<T5
zr=D<sYkuVAv=X9YXpv)%=GpkSuc}^W$%T_I8sECS*GAxg3-U5{0A3xHNN;AGrF$$s
zBTv-O0ESF+>*b(ZBNPK%jZ%X4(JRMaE++>i-n=)}$R#C*nm+>S#j`0u|H*EHgZFd6
zM}yL(wV0L@!Nm(WA$1*h+FbnYH(jq*qssCfpB|X%lF<&6EO!>06+bj3shZ41hqJa9
zFzVS);iqW4)Cu|^sRtpvlD&Xp5=6eW%Eh1b39!_+zbbvN*RbcU*j|q)C4o+^`)#M#
z>7cuVAr56dW_b~spnG&6Yk6Ob$X>>1K-FYR^V`j#w`BIN$~aOr+@~0}BdG`Z^GO*A
zu{*lo+qqJE9%D4Yvk7Hgp(Ci<$#`NWV;*{p7hC-W+YEGZTD+IE`-3dw_(JR3Pm~(9
z_}x<}(<PhaO*a{AKAz6L_-EzYK5yiYtw2#JN3#-fvIyFB3D)C!syK&T!AZY7$}sv*
zIECO`xHfBqTXGDd4!>wcSst$^`+Uv0T8{eZW#icY{H@}pI5mGkRHJ^4*6Hbo<SPvc
zUt)N<6hnWS1QR;panigU=qjA=iJO`en7-WOr7pb_kCy=8xm)`vJblA<5ywPxy5#lg
z>OHLOLl<ee%`{Tik;LwLmGBnVQN3t$LUZWP#Dhy8^e4Dq+}iy}&n)@DY^Bk1d&Rf}
zqZoS2Gz~&Cz?mfc?gAE`I`jHCnWZqj%r6){_(EeTtv7Y!JLQ{VrvCAR=OlXVD9qlU
ze#jyaYMA0@tbaqJEzK3e=dhn1z-C-_9EPO~hpd#Rh8c6QGjML`7$i5s8%N}wiH=*=
zSx8i&)Kxz9mOgzc)naX1*HsTjFweV|Q*mAEXOnlS4o7r_uK%vR@?-7{LUrOK5Z;7D
zTwQ(AZDzJ&%di4X;+{)OY<`N4h)CL;wd4(v^iZ5)RYKAwU4<mVX%3N8l^lih(HtLj
zgoHs~oY1YPk?>`!Pi3a_D^$}DCRxNUTfTgDNins(wPa&zdds*B3^cfnCZus&UKYOf
zC}g5bi+>}3z-#ru7vA2voI{R_OjF~~aBCGDJTUGJ1P*W9HKW%F(`i$x;922Va&(^7
zLQ4PkiV023i3*(z`giHFt`*x%TkUnr8}o##7cScF;^EG9Ah?5I_6^F1mm?T|C+`HA
zuL3I&bWO2-XUF*(4)K#lzCiPd9-)DW&ddHXy&56U#OHCsi0Rz>ENOPC@qW;Zr^Q4w
zj<XwMUpb;Y%DPy#Nhm9+@)@y3P%&OWKg~z#ib5n;OxmH(=Kb^jJ2w5)U%X0l>4H}m
zFQ(H-)B1_!>b|wfyilO^pr(7J#~m+~nn;&`*r%sHKiNf9i@P~2u;KncdW~?+0#`N(
z;88`0Tok9|PEy>+sKWzdXq=siyUKxy9e}3m$JhSG@u2A1>({a&vz&ggA^?Mo^<9K4
zb`La4&L|Kg#O4p=<Bv!5ih8MD<;uT)QE8NF@czYR;l6$&)S@@5k)1*KqKvCGW8b17
zIN5G_BE#PQW|NH|0Gq4?VrkQFm#hFg>u)QqxH!TfRs}X(1z^Jk^~AXq3;)B1OM(L*
zZaadR{0lb!okMW{yP#zNYX4#wID->lY17VB(q($|Q|5^p5pKp$aQ^$+PxxGqGM9Um
zejy9?{aZzE|Je2pkZH;DckGAu&UG_`U(}-E_UeR)n#0Mxc|m6hk9-ULY9^6n-*VU4
z=^n}UBGr|h{gnE4>WQu)Xmdwr)`gAL=NZ{nNk4WrC)yrX=X2R}HzM`I?YylUaV)SH
z0p#kK{4VxGg3H2kA_ClVwf`^Jj_*xLkMbdRskaSP&BMB?4b)H8soyT|my!{fdC(OM
z6#Qu1bVI<-ROfl;eUMhk=aYr0L?0FVyGpxm6qz(%Yg{GXJPI${VN2F41!3$JD2E~f
zDT!B5v!@AyWAlXVx{2;^{&}KOuh9rzuWsZ1%PR><Npx|0rL&TviOtzE$#vgDBv=wM
z7B92U4Y15<F1C%4QU%r779;8z*LeBA#@CHm9|eH8pgfV0cd9?&WL}ndW}ETv1kN1@
z%@}|x$rCyHPNS>*7$YyT&%VenUyCbD{FU+@#x~pbX&btYB5vxt<}@CBRl(ZXL%EcM
zxmko{9e}(PpA=Wq`o0u0s&B-N@8elz`I+sczYeUsS03Wgz`KwmPO}ClaYhRrNA;&=
zB3qye^0yY%nSL0Qc9w>VyFFoldL;I_SF_-&>QwtDDT=0-Q;)q{y21tbVS`BCD;b9E
z!ByAC;k-0sOLdwMk<^pRJPlh=v2OlRd@i4llGHw=JX3@@s@w%a)d2Fo%{+nTh>Xb+
zg(9AUz0Mf^*_yAhidNPa$ta;OJN5EVp$x6B`*u6!MSC8exPN%#1c!f==@gXAc*oAX
z-m1ki`B*@!k5#LvSn;{luCI<3W@Kxd?2CPv_C=3NxHJ8&Q(s~y*Ah`R40wZZk%Vm(
zzBS-pGA%|mu5Z=2HnhCEG00l>NcW;`$wJ)dCk%S}72i}M+P12i(|7N()B2id4<pF&
zX{ztlN)h+#0<iCU%MoqB*WAKI7Z|8uag}>*%<`4=DdYX*-tpWQyZ3NBOlXtBsO<UL
zUoc6}jng5Kk+omayz4F<M24o`d2lc0zO3P+x2Nibqy+Bo<too_^=7AHE`nX5XIeQK
zs7A!ro}+^;E}?V%H__xq;>?+(@ux26I@@6V%4n|uTUW(d*&9YD+HsP`Vi425i8gl^
zbN(sHAu^_~uPky!U;Fr$ElvsnZnH^w{&^xM`HgTX)=`>7N1_Vz4n@BHYTnq=1S8S(
ztASm82s%C84;mSXFZ<T2I7l8fGzjKlr@vc{q7Z-UM@1Kh(-l5T!-n%)dN~rvwkLo!
zc*&!yNt2}*SqDsNts?clD?jwtA2BA7xdfU+$}?b!pq*Kk#GIwgc279a#Fr8&i3hKo
z8uu^!zVk=YW7gYOi0KQPHY!Y9gK)O-okxU|2%9AbH>Ol0FMZFyD70x!sx0JhWTJm>
zKlx{+PWtb4?86jcj&rYx)AuI^s$7EN9$yj^|GFtDzHslI_?Y(mw1oR0)U;SC$rE|R
z*~BuSo84Vr-N!n?7wfB#cwYE%x(eb$>%)K0?DF4v0UQ_H^z1S~2|i?3u;4Vj9s6;M
zmLDaPR`{VRE3)?C<PpKu>K_kPYzPgQ+|MDSo#0$rOJK>)qkJ<4FxvR*-a9;wJBPV2
zSJ_42(A?F-(p>|Y#b2<KgJ{;a3gA66`<tI2iAJCX^fImkiEHbJuUIJq5l`S3jDGuX
ze&WwA_<w)&|MW9;uwnvn;KNYoM?!}=qhUXea`Kf3Yildmxg-2=*Q|*>3{Sd8S4Awo
zW-hY4W&hMZM@ee_t8=nL7O7T>FSeJQYw;r)e`22=__NJlFuIcvnHAVcsKj|Xnfov_
zwb2=yCcpZ8@SCrDW%10}J0u{dp8B(A3yb<wQsd^RRGtumC&*!<%~`6B*7vkbCt!lM
z1XH<_NnI^3%ByRvZ;A9(SG0GzPJS>edvo~0${&Sqe_8Wy+lv>(oMR%q@in7e)<P`f
zq1L{c$$dK7lwN{T8dcS(S~q%`e>dZ}<c%#;QLP0P?@8mCCq@==(@)_wjQTqshI+R2
zAl1cD5gE1f!49|Mn6e3aLmgKh%hzn$aQpAK!T&B96kp#Cw&?s}P5=J!_;y6~s}~h$
ziEdmBR)VHJoRV5zmlZjhb4cijZ`|Yq{8FmH=t3>l15C6F##>n@pd6Y(Tk9dn^66(3
zM-c*izYcjFkja+7j3UQJuN_XYO`uE#Ursied3=@^#Hu`pq3js~AEZsjEhf`cFQm0Q
z^mOBPI0T*Yt~(SLs%n~~m$Bh!V?4XCnUAsy)BHo=<#{C7)!WYEu93#>FpR(k?+aD;
z;Q3kNg+XRrxsp*60B5yr?D+Oh;ZkeEn`YV5!k;?c+r_3&c62-5cs(;O0_`&`X6|Fz
zL$yHpI19~FLXqUmgmF^0Ge7-RO&uek&LJs-q8I6_p-B9B(AZ&1LctT>8$Pw`Y&vTC
zRXx>@c^(621IA?UGwjDKLS&1X2W45(JIww>zNfTts#NM^S<M)wRwCrVmp#I}v&b%&
zy5Eei!Mr(xcrIfNPkkUP*|N4H89|}aBHM$u4q*JS#92S9qAq`Ow(BYPhNSUSGy4i<
z{3bgLG$&5PwH@au<Jz2X9{BMBTL@sByX3j8qc8m+jzRfo7;(xDN|H0M$x)kJbRBm1
z&htR$9oO}(jqmQ8k~ik_KrVY6(4=uO2w&klop7SWk?4CqhVa69r0b9F953;<rW_!U
z>9!0RcIt7TqjE|4)+|p9F)Yy&evIqG1dkNTCUW60dZl;d70S9^S!bc4yrn+kLqy2i
zFFuGC$q&KZd%1q7Fy<gF3S0<d&rSpFPJzp-F6~J-hCk46W=suZqT3mA`zCaAGtn|w
zspi(1KK0I@T37D1e6BlqimBNt&jmii0haT}@>Y4Mx$_rHpjFnZ>4lGve_4>Ty5q%9
zW#s$Y`n)s4i9DIS0!xnQb8o~~&)j7y;ygH$oL%e&-Q{gK&&%KCMQdoFawRmaSK9xn
z?UwHWKUpI`PygIDCTdnA<kmDg4sZobmIlO2>m?Id;wUojq8oW{T#z;c;F&@xPFslN
z2uqF17vAuzx!=!he)CoR!{xn#s;PPIggY23iW65`uI#YkRZ8!h8mgv6UB-_e-vjt}
z?4<1rRtzxYG2u=P*@WE88N<IcEnpsJ+0crqsx(ATJxPG03hD7*S8F-u<(-uvA$@(e
zdVF%+VqTVxRvO+ZW0&@JqW&F;!@tfnXJMHdkxU#0g_93DGG+HQyWLrCAfLv_erBj9
zWm>SmSGViEVpuniXMx(56I=Ikt;CbzodlqMNO5Gn;1bxKmt{yIQ0k=SqHh+_@x)Cb
z!Y!o6?WCi!w+bKl+DN)?L(PGZss9)|1K~L-N4SC}O0Oz4LXV0sTcZjU3<J-16jhxb
z>e%z_!kyrqhj&ymUt?Yz6d47}W%0Z;M*2(|cR*cT<%<Iy0{4;*eS|%K4ik6|jE!Nc
zKbZ_7JJP>`=+}+qf#zv}J%LCejtWaJW4^{JMDWxqpY+uF@ym{viErLio9rn!rcI=^
zeE_sO>o|l6VY-k&v$DSDFxs_z55A+!SRZqUrkA5paEDBgo8Z%JxZS+t;Ax*#luuEx
zjgp!nM33BkF<St$o$-oY4*aOT7!+hl+fH7-%W|X;BAbfCZ<AuN+O)N3`6*#Do4OGR
zHrJWvR8;dtM>mAgpkm_JFSe30(GwtHzI}$##m=YphXYaFnz)H&IV~6=Ic%s(wi1xr
ztZt=nWy<N(w+vK)(8JD3(}5`N#P(MTGxdx7bg?-`%pd|KGS<_RK@e(jav_hgRB&#=
zPnDk)e0Q*F$#rW%!!jl*sXNK8W-8a7!?xVov`!)MtQz?-${{Jb4C4$t-Jf*VHdlgv
zP%~!riPuxFfIxYfTz-Y7`UWe#AEu8pe!L5gnYeN4Fr^;h1|R1l!&y7vj28A2P>YgG
z+~3O)tKhFs0OH(s8Yd!Pk$7Q&Y-dtD;dW0h?Mv=4K1_Z_dR@kT+Z6%>$BqM7Q)bTw
zkcj9%dqDpZsJg_f?CChjSKYpJ1e@q;j@#2=9s91cd{$>^uqMq1R+SJjPk1@HSbCKy
zj(smL&3;VP&7jK?Re)&!>1o8`AkxYCv!$O-AN-NVVE;atlniWB7K{}MouJ^tKwxWy
zfc7G&j)8$FG#L$ZfVQ{G?+fql+iWI##P#49U)jvGM25R)e)21YyThaRu^-_gt(utM
zi}@|qId%c|z(gp1hD3EM@p6_<>UyhU@p5F&(otR7FzlWBqJ!xJm{gIPjM53)?{KOh
z&^{VzDpUpLogjV20DUy3i1Uutnu02xgwFX?`#kS2cCrfgQ16`b6qePtsF;0dXK?b-
zbywSuq#Dv9NJk25(h+2l1pge|qO@i^32c7twi;;+YXhdm#uRVT`}HYrKJ14dI*)$L
zk{)ATd2&s|ld;0lGjOUk4OE!RkQaK(G|AETS_E?U(-U@{H+s=jp6<5CD+`<99-BTW
zrD(IZ_o<WuY_kDVqzkla8C`UoCdA`}u(}x8>W`o}3Qt}tA-*F-FXmO@?FOm4Zw9+5
z-qbNY88jxPq^hugR$dYqj?VzIzz)M;=4nrSUEpFRT|hIMAga?RU@b(7XRG`BXkQw1
zK-Va0cYJ;QZQy-i?76qo8Zhx;j37J4A1A^(GfePA6HB|*>E|gs3ku&pId+?|uV~)E
zIbGW~gV^0Ae>V4KPmWHixmwt!^vlm+tfTA<<6S6RZC`gK^Ezh)S*;S^s^33j*&Id7
zvP3;adP-|X54^wOIPO3q<!v`^AKm^?d=~rIwSE|0Ewb3hv~y%_Vn5?Zu{P7Xi)kvS
z>9vEGS^9(ikMd({o-Hl5lh%<gSzpv$Qg2`gdpQd?+@vJs>9h(CKY{7R>Bnw{S9>fn
znWngQBii$kI}t@Dh^V|4`qpf>n+m5!?vo5D%54GT1{0abO+UdlIXBZm4*t$`;(5kR
zD3s>NxJ8%i?_i_I9x>`I=krj5ubUoMeg7D1I9|&)>)AErB;{13^dQ6Vs%iTsh$;dO
zJ7ewrWDh{g)||M*@c#t1TFHe`qI>#Nmg&Hgs$rfFjWPwMbQE1}NU3Y$$-2f4){F5g
zwl~<o01*Dx(r>0>9N&Sgw2oE|#+cB1yQC43K6Q`#<R0jYPI*gQFG!Qsqv>ZIeZAGl
z#CM$22CoV1#>W|Ng`$~(Ec+UIUE;LxC3Tz`jS#(}RWRRI>JYxGsVN|r;`LrJ<J6Dm
zl55=0s0a`12>dpVE@$XSJ#~_4GOsVK)SWFp8jXbq0snsA({Ek$o1r%z?MC}6AMFb1
z@)bL1t{x^b81IO>qw2Xx-Db99zo@9`=I048-aK)mf81H)-#|P6%iLV?N6Ge|f%Xl=
z4&Bfb$7ov%OXqJ%mhVb9cxW+jlhbN2t~+^MX`_dI3&|Gt<mv^b1|<2Q;_f3+#Ue4j
ziS2E&ZU?o(JLlGIhyPhv)W4`(_TRvwpnp|kxYkpU3DXRP6GM2D;(=<`x0KCOo7v$?
zV>&t&RA$UE-9IhC-=A+^ce~N>{mAIZ>UuTVO5r5?A>ukR5my6Tzhd8vx6=rn6_Dwb
zkL9{n7J?@Xv#ioOZah8xHvB~gOzafsCU0K)cWVAu0LQF$bn(fI6Lz#cR~W*R)sYuk
zZ;IFEWYl`xys4cVm-6(*`_M3D!al+@8JB?IR|9^hM{sfDZO%c(r{cRZz4Cgu#H@WR
zFW4{a{O<VM>&U(<qV{hEOh2jQ>1_H&_#5)mzfnuJfM*A=C8EDzpK*X&V!O)J{d0Ky
zMLn{-8{KlcqOCv4K`aP4V|#A}Eis>h$jZq2lpsM<eAxZPd|+7b&>N{zyl|@+3$#on
zgJkB()@?x^7PO-DmbVNe`FAohp|dc@-pF%)VOwtIs($qRyBWpJ|4CHAe?0^F2;-Jy
zj+OGJcNRYEY=F7qb3D1``p0cK$D6>&k6*71eS(zX^k!sUA{LeVDg?E~srlL%)R%>(
z{N2X{|5x>{{+ltrzC6>@ffr*P<@~Py_E$hx1#{fj1Uc32TKF|9*lqlu)QVt`ec9@b
z6{CqqN3VvJ`k}ur3j~S)5M%$xxRw3?P;yfJfK>qXvS#$SZjvR`NcK_a(i`!03zxgr
zE%S{MAgLCA@Q{recY>_#Z+x{O<iRjuKQI)pAVQ^W1R+DEr{6O`caxT?f$P+z-8Wh0
zdrnGOH|!eyqREm~r`;hd&9SztP>Q>l{eoU%P~CuzWZuYB_s-#KCrZanFKSo>KNrwe
z=5j%ae#~M||2IhVf2wBr|Mec||A|tPtZ%9N%wbnTBHk3+s?Q)r@qCcO&(3QIgT)dV
z_nVLJBg$a6Q`)!{AD%mJbVJK#G>)|osw0V&FRN$0cVMT8RyPL(iXjT`T>QIr`~N~9
zQ>!bxz|e()1|AiFtu+W@;60gUkE-E%{hCs5j1GEo%{QsOZ{3QL2GS?#%%|GeEXr4;
z0VZ*nnm!zI8z!(q{D;Hpx1y;!yF8J}I73^b_AvKD%?t<nnNs6e4@!woCY3>tbq#m4
zd{~|znsDKe*zxAfTT7P{BKksIfC=RPYW7^k2LzFq!)HrIhT&_JqF+yt5=g{th%w;S
z^w)&USoq4&XN~MpM#S>CsJ-#V+@YB=T)yt=YSAM%y~2`HFWY<*)slJyN+J~TSGJ(m
z#p%n@EELmn5=79?$|6D|%n4BxS2v}W?D2%N`S=Yt=@Q?DbA2%2VqzWF`VVn?Hn_^<
zE*x~3RBaY%=y6jsJERWf7G&NVS~RqFrf-RPf-Pw~tn>e9dtjgc{}qkU`8$s0WtEgz
z^x1m@Pu;q^t|s<thAFLR^PbJ`tyxwfFl}cerXjAa%2|qCXuNZrWlO8*@zNR7_>v`2
zo!PM`cvq0@6QP;&M=fEpn1W4V72i8J0_Jpp><?TlE<fR=nHfqkwUQ?BrfM8?XBnp7
z_ZW_YY&m?BbjRLiI<if5Jt*b8ef9A><-76pUF|m)J-L4T6%n!q_XkfBK*vDi5D-BA
z3510I1yT~QgW_Pn^BsRlgEae-D2Za~fQ)(q;V<cw10XH+#|H>9BYD50fj<b9|JCd9
z0Xi6g=1YnuT&W<I9%n!E$Hfgn?|ydNm{L!?7jj@o;V0Usur@HI@5{gyg-5g}wqM&m
zY!O+>{3{6Ye?M03ALMcVJ(Kjm`}#N0#=k70{s)1aNEBka03i;9kBiuMAxwwfFQlLd
z-$b7e{LD)j5-Y3<d#FO4eGi;D<kYb3gOFKg<@Gd*_^ZiJ1F9Kz<wNhnlAl_nYCiE*
zowJ7aGa~8r6nsL9?le3aD>kZ|qjIV?^~arfVdFb7(qF&SMUtcsW+ZMm3i>G=EQo6}
zBluWH)i)v9OG(jL&MBCW6BF}9x9;?k6Ml-W>jz$(GkO#FxwkSPB0~}sR@CC!6kE{G
zgKUxXQPA0^;EVHopgL}c;*YB1?Zj_bp*?IAgF?tg+_h$2u;)yKpsBo+{wU&9ihO-Z
za7dMd=US!1Q`@-R8OIfEuWT~*bL)T4Ki`Ej|C7A;mkEf!|NSw4e;*f=5_Kl#Nu*_S
z<?D;*Qq5O3hao@#^V1Mu@9#+_7QaSR^+y*PTn%a+KF_i5D><^{4qti4EwU&%!rM*N
z=wKWMXWir=TZ(+VWF_ruYsS>I3Q;qmQieg~+W1|qwLOjaF%kvYksL#+TTZ}v;p3fm
z59t^L84qY==~_0F*=K!wc$NQa)zXi$^z_QdZhi@IYa-Bok5~>j>k6b*2xY!*)%xh~
zgYL+jE_;<*fHqwA3D|5QD%z_j=i(A}BQN*C?@qaxPfR!l_+}#q0LSfokF8j6eX4y~
zEm`HOz8<0RKHlnmc2Bjy#-%@TV*dyn{^PIE#+RIH3%oeH2EPu}Uihg#C*$OokT3@*
zV{dSOP{tYv0xSfrBK&I>ZtKLl@QuxlZx0I&Rg5(MEtCEC^!azl*#B-S{qO!?brw&|
zc=zKcQ*bfGuo?R)C+>{)mk`^L;j_G{7=dsUIx^&fKA(&K&mS)in7W6oHtqe-pO6S3
zU+RlqH_vQaW`ZK;l?5a0cMzda`v5QfAOsY;TfpCv<B=yaY4ML9>OcDVECx5dU>$?y
z{nWx+;&j>GaX~M2+{&n6|CyBcg^~qFnxcrOxSw_TgWI7HKv9H}8R*ZoJpBt6$JyoC
z)E`sW^0DR)_4uSpL!D=qqn*6T)}5csZ7#TO;g#d7$i`i%7*hqmOf{$BY(QZ$m(7UU
zvf65F&5D(=r$S7Z?6y<<V#oGPK5|sKA<31D{EQ^VbF8u{n(TOK0w>iH32wYi4ivnM
z*OHi0OSqNP!7$@-b~etve+#E~N~npZa#vT*g46z;T5<E4`Hn={q~{6SdUhP$$H&ht
zAH0k_@fU@a{}FmqJhKcXjf-AstWCVgY7W{m=i4CFvsz~H=UDu>WjPYNE6BDxwNE74
z7sCKY-tYr5#mK?{|9=v%{jX|P+SPghbD;(DVCOI_Pc|{pIXO$V=*;Sm^3A106tG19
zFZOl`*Ed2mc7JyF)YfXcQRg1s#-G~KIj^q=oN2)Y>JmqjS=@gB6aVwL{l7C3D<&;i
zs_aH!-9qvbmVk+M=*7w==Ci-#IR2C0^G0Hakw31JL~)CDpTN*hb@&~-EdPQj_W=gf
zSic`=rIeArW=jQLYvn#rIn|X2-p*X9A`&;91nSSO6PMWuYlsbVucPqNm49|LeEFk`
zSH;;1O$bCLiUd30?z9Bl)iM|c@VEE>(a1{`IA8wI8UBHw@PB=0uYa(`Z~kvwg}~}$
zsLIIy1xs^>K=^m98(2x6rjE7~XlA%|J)b~M_Z>W2v8JMl;H|l?hmIjI)Vu*T(_9^+
z3Nj6Wzh5_sTl8rB1sk-qfU%MPtP)V}*xf2?tU;@ti{6P;oZRIEeK>Gz9<n`e<$l5G
z!%;2(sFHxr(NZ|llT(*pO*b(e_DpMh_EG!=b6`AAI{YLv=CPj9R_}kX!+iV~^>E9i
ztAw*O!SGVyh*|13GmV!uZ(gm(YJW^>5FfS`ozaZJ?xexT31p>5PncjE*7Vk%>+KHN
zYD~-9nrt#~n;_y<`E5gO&lFK^Lc!*gOsvar+FQku!mALv(*YT`V&~5mf1d#W^IA4f
z7q1mZ^q)oD`scRlzuZ;+dcv<VpE--q;Kz%n@tqa1S%_{;>2Cxdy8K-R?xhpED2P>2
z^=_z(*)VH2aXrED>-opivp0{*FZ`41!e6$a{y(!ud__vRrfNnxw4`WV64l^4ga}0q
zq5i71hrBRTee&{W@2rMg(;Iu@WnzscMq1zgvyA2c>*e*oUMUFsu=?0xL@lyQgt%tM
zj>TPj$TG-BLIx()BQ57B=p81yvjH<UDvKi{0XGay&FwEVw<K-bs`c1o)tj&vtH*hd
zgAu^QCPsJ4YeSpp+V+qSokV_>o{?Gh-C5>_qNC-CzTS=RdYM`^5;v+M6kR5GTF=6G
z;f2^Cc)i(TI>_-OAT#C-T)XxRf`@f>7#v98gNF9xZ2OgocscKrnmn(lF9t0lH3HHT
zDc7TT17TbnjWfs?f=H|MeCZ38$>?qB=Dvw*{m-1tP*UilgH_?7)yR~MXsQa+pVRi+
zG$~5PPq;61{DN)A$_9-(*U(-O5_Jqr2UeXB=Z5(m-G|i#Up1dl5R#~O`?0RLz0&am
z&b9w80jO|jO<<mi21hX_Xd+{Lq=}}PQ~?r2DAUnAODf{j;L5`%%696?B7CXz*`M+@
zg|Wy7C5mTxm+Depc**Y?+C5SuQ-Xf6WQ#dJ(bT&m?oR2xUCB34adh5p&3jlex;i18
zb&*mAKRtpLh*8s6eiHT7W~}>7PDkA>tuR02y)5@KP!2uAuHqQ8gxT3XEy<gcBW!Uy
zYnHbb&8ywcxz!y^ol>=nzb3iFh?Q1qPd)JD!Y1b&Cb;r8U4#oh3IEdip7Ad1$5xRc
z>@KK>QXc6;u@(&~u#fazeY9K~baKgt-j)SdJf&a~n_}yJ!(1^e6qu}exY<uzl{p{u
z5nOv9lv0gL&o9_cjKMV9k-9B5&?_tT@}qmf3a<A$o00XpYq|9l<klefz3z1RCqBi6
z?@PI@{PuS$rZ?@$P*A&Z19Y>_B0+nV(^MAkFn3_z9XSGJo`c>Kwzld*es5Z;5><v*
z_r5r96Xc_CGG)YkVDrST$&CHl5m^lMnD8vS7J&k+6c=_gwP=WQkfloap`#fsLB@8F
zt@OTJoF>$6dZg*m$c=90?1b&lUk6x(+lD@LO>%#S<ta2rAt=I%#*)zd(xqG&D4u_c
zCH&mYjr+$T`PyfJV0q@B=g7-z5I(8z8hmuFYcVZ<BK>|?@p~0_$@`o773s)cd|SVy
z7ox_DYDWJ#6G#;Wr={c>HYahW&#}!xm7QrZtdl5WK45V&<391bZ3<txtD1X*fBaVs
zK3|8{H|%hNN2sF{J-Qnm1{de>f6v{?&TTQ>aIPj31cJKMmZ;Y&+SEh2w{`gWOFP!g
zi@!fNtA=hUk;)Sx5Uy%YM6@I7`rDrw?;h`P%SYxoUV52qZn@Ij@Iz-Jv)(>QTt@7k
zNc+{mO=-jI0c1Fwc8oCIJS`H9b3aBW9HaRrd(4PHr&`Vx0jooYmozdo$;iTU1b#>Z
z^c6WLetZtLSFUue^*`P>RLMAKA0ZZ4Iw~NQ`flV-NdH{ppudwryF*S_A@xB&Pp8;Z
zwTm+;e6DVWQ8s)PvA=<6kg{fEt0K04iWf?Ij`4(gJYFnt<cD<kEvXx#vCSG9)PnSJ
z@!k@dhtu0k4}pZ-jlC7KqcaGqHq#oiWyk^V%lS^^wpyn^2S}H0-NBI>!nkmE_u9M~
z@~u$6e8Nw?(duXSi-9wr(Y(UBerz{@rN;7Ll%Z1k@!vqt`o*;=#ZSsO0q>2)5C!vK
zRXN=~gF-QNPwSU96F%e{<>@PAMKHiIB|InyJwsZ&N$Z*MNaAR)9HqfIsYSc!dwmrV
zBH6_9^bHFtRH-~Xp4hX?FAm0Ll?zgmyF`FjhzBeG9Y8}`_j}*}mMizshq%Pqm@&S5
zp!kx(F_p(Km|`l7JBtMtop2Xuf%1jW1$voP!{aeNIJ$m2T%eYHu%jb)@25h`98+Yy
zJv)D?`|Fp@v9p!;pKHG)HO3r*?Wf|}jsZl$ZtP)<EIaHvBJ?UH(UG%VQ_|GfO<tDP
z`*cC5m)+a@6U~QMtc78p&5tsg%JEyCU9&vlC*3RMw%4M8+s$qZFYgmr(&{aO0K%sq
z?u0o5t|%o4!B7RIS2C9%TUzxwnrqhT(=5}x+x8gC^3a#BuRET#k+PA5rM*cU_*{RO
zN407caTS>iTKjgAHnZ&6!2C_A5dBtB?qDC((}q<Tov;}yzikkHaxJ5*#Ii}I6cg=~
z>V9SmAJ1hjMn)X#Av??P&P)!9BQV4~6C`LiQn9q6E@48ukcG|BeV^*!0AQYF+9w3H
zPQAak`3p?V^b9a{htCB4>_G_q&afi3VZ3N02Lg>#?d6yELSn<`eMY7hzd!2GXT{2c
zO-rV3*G1D6<%MC`>H%aFiFQ^*AShzSjJ2bhfnn!pU_g@tLCB>uL?mvhRuZH2;`6s3
z*6Im2-tq_3`%l(3xytj)E%Xx5*5f!3iUE|)`=&Lj2h$ki4<!}_6}PMV+`L*0C3jXY
zgj_1qexDM*??w4q?CG|+yyKGk3QzJxzIn&B(aJcL&x2g7hFK;khVb#PBT~L))y;1o
zeUv!8M(j*rURwRT$)kUBivIQ4rJR=%l~RJ5+B95~xL;enlOB0e?!&Yv*Z;@fdxtf>
zt?QzpNe3y?B~(!nktT{rP^ltS=_M*6&47qV3kibsCNc#@1r-pG66sPyM@2-sfRq5z
z0|{dMNs4E<&ffc3bIrNVTxUP)-1|KDo_`b)%`an&Z;bJk_j}*Pncqb#NL5CE4hz{n
zx`x-nU%*MyBj?x%r_4g}@#ToMRjxm+1pObYjcy?mkz8eree}5gW?w`_=<A8w-$NTC
zy47kUWg&1KDLgU-{n8)+IKK8t`5s9%MxJCGgF>qbFA`9}bEg|kr`PG~VSYVMYhIv_
z=U*!l;`$I1Cny}`o@5LH2jHZNG?UkmHCb-SBF$t}NeAuJl2zuYA1LVN_>LTX2zl%H
zK*vk+n=VWysGHuCK>R|jr9xd~<937q0&rs|&C``y8}cP6X#`hp!?ZJl_!`uWi}eiw
zhlX4pBz#V<Iv6XpAaZ`3c8-1ra|Cq5+$O`pc_lzQ8%OA_nU4oalRJ6FBbxU|HBlCe
zBL>%}N>BTSs%+S*?;UuPmD2mTg02f1<eBMN*h^-r(K<^hjDxg5vMye@MUG~gdIGt7
zEtnGE<XoG}Txsa;do^Zodc-<)`FnkOi>Fego;N9&Ce%UcgV<)@f+O}<<VuM~@}iH-
zsIT10#>KghXg%Q@y>)1m65PG0n0}!u)Liq>01s0m3iB3V^dJ1KiRThpH+t5;)gNG4
z32yb;aofn-Eyo6E-a?-z=?xKfu9}~92i{Fzkvo3)OMR%@MKR?o9B*X!jp#+#OB85?
zT+#~Yf7&*MvF**!qgn5!m{FTvB55^DH~-=G<Ya(WeKxz&4Y;P}IkSCY3lU_{&*})x
zQ+OfbtZK@%Dzrl7LEF?p!K$6d?|toT5WzivQB~lwdNvACH(8WDZ5AGD{qXvSjHBFq
z$`e?3%TM)Kk2Rbq%?PkLtLn+p&O!;nY)c7Emf@_oVizW4Q>Qspp6@#m?zQ_>>XG+G
z^O^Eq$k)q&RbuAT7)22fT<;B;>};^OP2TT|<ks>fp1&|iQ`Acl)|T*CEWUZzA;t8n
zs;2d#p~Hm0lOHNuvy6nlNH$<1fL~>g{UU*v!mgW-V7JZeyRlW;G$Cbca@_g|iP|ZO
z1(>7~<p|3T9rIpqik@O!ZB5M8nv|xZTMh|=3Ll1<&D-?FwWx41lHeH$lpM9j^me1I
zUonPBK-BWf&^JlTqb9m*-oqt@4?*+a-GJXbE`1u^j7G~7Hsct(2b<UllGsXb9mU5Y
zB3Az1x+URP1iBwRuBsijQh)C-uaKb+zk?v1hkxoJq^(zhKs%O<i^N|ga?LtISi8X{
z$726`X1(;&W+<Zx-^s>@3x~E$zbKo^SF}IB2z$yzEtuVmm*#|`XHkeb&!}%^C^P*L
zl;F-FL!9N5N_A5672YAgX^XJn@-*wAYP!2+uF1%3>gwR?(O9pmR^+#mQKhA&93B@<
zWRe9&@rQztkQ^}DwDZjkTWHaU!WH|irZJ~|xj3K9Faw;d!r}+X{1|%$TKvlg$0h;k
z2$tgBTn$B2RT<ORYIrP?C@n!QjMsIiCxtxyVP89e$-Jn&yUsXa;q#t2*5bV-dGtuc
z>^=A^`!0}IGA1B8RpF53`Nol^GX#~xTMP%9S=nTMhKqCF364v66DvUr0RgL<Fh1q)
z%wx0m?R!tmcFt6_BoV0Q+HD#u8Ouv1uPiH_%kIC^ywMpY7^7WM>&S8K-uP4>Cfpg@
zwj1y$)H>bpqO`CK=T)V!n)&IT$Ne~cM6J$~k~;NzUJM|(yYRD*J1pr>u&AG~Bm~Ja
z?e@-)FYq#TMW1_zEk5C?RD7QUAFkn)vMhWQ!?fTC`x^DmaY*cgnGg~Aik)@^L1Y1x
zO*<`gMlKHMEJs5+=fA4b<fp}h6CI!V|5yqw((1eeG;z1>GN>Z7V-OovEu?N%dtEEv
z8_Ba-L)2U4He0?Fs{3d%KG`%#BU8g%K|d<ybM9|EbIm0bKS+|`Kb|`)8qI)(9AbF^
z8JpG)$z}KrY3N7lmLl-V8|fgBbJvH<fJ#C-RUK$I)#N+_Ml??^Mzg$Four*)PuM>2
ztut|s*L?4^_~?Kui*bP8g?sKdsOlXs3EEE>9f#p?0-Ho0twO*}z$yF4<#o@!%jV2g
zO&$?43yaNOdNmB|B(L$@bvSivQ>A%OS=@FmgUM>);${40(8o9Psh{FSuh`~A0LQ7?
zKIS5sc}4Ky_S!Rr+PYes+Ciu3)v5U$m97h~jG1avT4(KJ&?4Z<KF{ccGcyz%(3eRw
zG37zId%O`_{3E(&Ub?NFcifQ-0E9zAd>;~}!alNpK<)}M*Ct?TBAfG`F=%)7Pg7`1
zl4q<|1k8Mk`^|Px=I9qWrMR2!^>_ESojTU4phOdmvmFZB{N#%F4Cl<W6sFmbwc~E?
z-PNY&oAl^*v9pWbo1XXY(mTzhqh$m+#p!JH7g%@XcpjzWW2q*5LaDuW2O3n=Sowb1
z6s20aaIDvP%30T5z)v=q^{z5X@^&ju7Gejp+(l1Dc*5h;(HBYZm_<A}sL7nSr3UAt
zo!$4P33b<iKU}k2D9ZlkDTiX2dz?@CZv)o|tPT@K6f>Ahvc-+#2-@8z#J{QR`reUq
zB-2Y})9;#sXVm_^9NB{oS6z;<M$Ssd$tU*GYq7IgGq3RL%~ZV*ph66p2Ncncl6yK*
zj&3@WHt<KABZ@eJlpP+<CcPcrIQ%T5|1L)@>-6NSrgUTxqIz?kovH-1(Pck2IZ_Qm
zd?I{pNbl`;duJWpdGYLpDQmFdxtF{teJw<)=!vT2faGivk{{b92EJ@IW-s|<S~7pf
zv2Wp1TE80ACbP>6OWTt{N$fl}I6z>j;`Dx&HQYFS4w<5-@e5_e3tV!eDra77m$dj`
zjjPd==;eaGFV#2R?6EkT^4{e9yHtL;me_pT3s&(**kOFb)&I1m$lCBaXpe0^(~-kA
z9MpUu%Eh@`Tr4@#jA@Acly5chN8YSbCvs27;!l`Obm#ff5`U>{k^5alluqj1-){a>
z*X`ei`#E^PPbOMAFsA?9;|n!pP<nCw2|L114Fj9;0@Jtk8wy1V$+71@rW)!sVP}<S
z_fSfVNuY(ZguD1J)us5~V<BbH?tW>SCjG%>=sf8x#S9*g7p+NBWeK_JwKp$&ddW7T
z%B4h>U#zZH5TBhN>R-KZ-52BmqU_N6Pz+&`KOy(kW)Clh+S#H8DbAT*%Nx;h%nm1l
z+aWNtV5(34-uq2SUC(>MM!S6HXHs)y>BV>-1f(n!5>2rrfv#q>bw1;L7?KiRn4rbE
zekd-!$&_1j%Ybz1c&3Sp?d5~|Tc0!Tn(XO=(z@Wa{_DWOVN-)Vs24G#dg3HpOp^v#
zXMc;xnmXiuz8;^j;pb%bL_It`z#nGhIQCBP%ADM(?p^vi_!xXu*(UKJ_}?&k(aqch
zq>!HM@<ecy7Ljkrq=K}WsCu)}M6PjY)D#x0^htd!2ey#wv_Uf`AQJH;3;#*&S^pS4
zX__q=o7yBq4tHoGEtU~*;;Y8anN!c}Gz>%C1NI9Uym}?=v*B?tbX9F0&WgA)WlYHc
zQ<cgX-H8EkA2{upgk?MpA)eHhoiBk7cJq5s7}T0MI@`GKvn<<n&b4eh0s@`htV578
z$$p*}N93GK6NK<{*wmZ7-YCsJ-yVrZpQ@FQA2{x#tZl?(zcO{G_cXFb>R)ALY5NJg
zh)=28@dqtPOI=6_-SYu}YiTnIBkv=rG~zdHhEg>L%C+_mv~Fdd{n|%I+EXo*u_oZ_
zeZ;&G9rO;{XnX+;bxd=Q9hR#bYVs}(@uBo~1n;}WEmXE1&)g%cTx+_=%JYyuYg$?h
zb75-&O_GWpXAF&<ccAGtK(|Yr*T#;L`wqQwH1}ZjmpdfTyKiCY^&X=MBa>Dw-?^SU
z2;baKUnz%y-ovvwOE$*fOw|lfitw$kMu@B=6|UZcFyqz)6Tj!`<5TJeMQ?^CV<Ym!
z(N|b@;H(1aZ?t}}fwj9&#&%k=q4`L9#g}kv(jrixc8X>rGQI&HmtztnX~}2V41oQ}
zrdXB(DOc|y9xKC`*lvSKwVvna2d#5J&kzn-Os#L11)i-MKJ@fHtN)(n_sR-hZ;si#
zY~8bNq)hImWDS-fuH`}pwbIrV$!kvaLkzJHaK}S6x@v5_j=03lFO4A&T$--oPL{pg
zXZ~9LF!#|57hxB{)pkrNwHHv1q!V(-mAfW3lkuLssvVgFrr{+%_7dH>qDfu-{UTZ6
zH@7rjm6e}cJg}Gb&K3GQ`U)7|$1yS}gRx1E=!S#!$3uuYB&3uU^{p9k9>gv0I1iyk
zvR^z+cY}`O4(B;TN?#@4XPBv(DxXpN3A^yaUMbUm?F<2Xry2_bG8LP*bx$1ZFI;Z$
zD2OR7Nx|_}n@JpLlV`gi5M>BM%Yx^~&<k2rX|f;D>?AnFGdvudFeCPDo3xP-5xP5P
z#;ndjeR`E&T*j2*W%T9DU56;!$b;zT{Ez~B%$1Kr=STIlX-<vg!OlX4U@mmF{NByi
zVhRPd=9L}zbWS5Cj7v_<2W;E<8Zit9=HpD260vQrz=IUrf!yQcWFPO>&~wRm?$N2s
zS%G{}`>$}<@01ggGmx*&bmfTnbEip`7kb@1kD?3|g}$Ynzh;kpw7BG%Rkb+t<n_|A
zr~FHgC?s+kv1E1zl1uAy=AX!P)ZB!J7`qN`Cm{t^DtoR4^&M65w=|0|7nwMX>U(ct
zXOh~@Bf0-&tNpT4BDibH5S8{(LEoemEQOq*Q#foDo^V`;ZHXp__5O-}%zM6f%Tc#K
z>w`=CbrUqR?^lqTKml1hd~GmIz<GYGD}`PE(K!+-H$jsKKRuj{)u7&L?{OLWxVpPI
zLHD&sMp!rJjaz~yE68$qbzwZ#(-!Qo>rlU&hIbDkIfuECs%%`hj(YL-irv)Zy?P$|
zEB1?jzOWy3YL(Lqv3~rK*vg2wI4t3kE7GR{pL`{x>EtsA^Uf7?={YI#%huM_@q8#s
z7Jqy<Qs9FLJ3Galj@M&l3{Pv0>Ip-aXIx15lxoQ<EiI(}#OnI(2)h&7sHE$%51163
z88!n|sLL$wH<q?EW_#LBo|vm^%N>_IT@O9OlBy_Kq@|AUcvAEGZ0}+DhCzj>V;eH{
zQC|#%P;tFe@SF^p&#mt1->~i2B)p`aB(U~VO|m3*%4bqxRMVOHv^|jTdA&X0ii%Om
zuWO?6J#Ke?WcKN>?pxHz*F_eoZV@yrKckw3684W}hQIxO@c4_w>3uo3IO4fA)LLOd
z3KZr@-61PzoD^&dm0bdDt7MD&sCieL0o?lbfx~mIMsp+D8<{6=OuHND*7dT<FZiFa
z$LvQtK}eEu+ZcQ|LoFoEf>ayrL+&}6_wsX(H%jts+iuN!dw|@D73acZ`>ou0I4{&c
zuLQiwcqGXUx$BhHXfr_-KIyB+pKybR!Az>puxLyO{4Pj2aJcX>|Bpou-LVx<n#g>2
z3*WE0CTj&4EC>;baJq={)oH<DRJpVCh1y_y%3$7Oa!uaFP@+CO#2Zesv4oUrn~RJK
zyb)4pPOZ+KYXNDy9ilq7Su}VuKJodkq)E^&K%S&YqgQ0nPX68AJ1Vio!Ty&#1H%KQ
z1YBHQAD<Gwwy-PIlH=*UsVZbHLa50aJl;o-Z8&QV^}YSL=6M!+fkK30@4lhCi4Si;
z)aPn=MDSyK!f1m3TnQGE?`dNyQCtsWp<N%yZBHoLq@IO>YP`+k{WX>*zby3R{_w1W
zAKuSG<$R7mg!jTvno$yvlgu-eJ@izxGJ$T^eFQ?GZD0CKtKzeJ&(&7m3-n9x+EabQ
z#pSGnM`C3B5l)3CEpMqZfN2V#`DTOxcf@z1BWV^=>dN5>H<Czw@YNLxcdBhVy`~Z~
zTw!EpWc2pgwMxPKoU=vjQ(9a0ovNTC_7G$a2(ft3=b%Eu6Yj3VZ&F@NuUd8K`tLh>
z=-DFy4Q8$cu6rCnwP4MOaYO-1oAuJQrRoDqJb;m0mX?B2K-NA5b97|kBRU`;*q@#S
zr*s-Qj#7wQ#G)1C)(7tE>staf7t$WHQ1$HWtlr(=mq~Q`!4I@K3ft3S0-<mUOEp=u
zVKY^4FQjUcxozgJ-c)<!`FKx|LczHciy?2fI$xX`P7Xx6S+OV3eCY)U&;Id7lW13n
zK93S=tE~&~s`3^6I3fN%<g=Wkm}blk_1%IR7Z|$$=%Ff$s8#UU7hbiLs)-b9yL!O|
zkj=Uo-yn%lpI<Oil@9l3(faYL{9Oy3BvC0JhnhfAjO`fxS#^n}SV(Tq4yDAOfG3)C
zO|`@k=;|v(m9o;gM>h=2+BX%7UVd<XEZEgD4B^2Ce1ouasuSFVzu|QF%v56;+N9K%
zX)mW&Y7dr_FW-o&a|)U;AeH>cJ&@?F+rfSKbWSVW9kh(Fcc@CBPl23QF4vmf*t8tU
zvC{QM`@Vg?LPds4lc9NH($~&}&E_Z%D*qUSJjjUorC4y9mLqGvcVNdKwP#Apk}Y0O
zvo`ql-C8x<D{5X{J;2<QrQRVtq?@|+yo1$x1N$UN?wQi&%=j2(3VIe!F6;yxLUF|V
zgcGXlG$Ybt0*HrC<~QsaT9q)Wdmg*B@Ve4l@c78wZ^9u8=5&rXA7F@c`*CeEu~?E7
z5;~ww6e1}C)e6gTAPyB>;~#sEyY~sA<GaLEZ%8@gL$|5GI}VkF>eNu(s!C?p+p-w<
zlo^ot;M9{T>`IGaNJ9^@?Vdfu`g>Ep_n41d^aW_CCoB*A<gRm>i7UE<MJK0vv3y+q
zC*V!x-xr77p1C2(c??qwI22p}s_Tps><8$30*C+I@?S4KXP}T?zmgHZL%IEFeFgDz
z_}>IInE!j|P{}$MC{|L+f5INH)0?rxgD?tzWbT$}buQKaCoC_gIqJU`LP!B-P6SOB
z;#N)cge>z8XDFovt@R7}TI|aVZXEG{qw&5^quzDWNd9!iQ!zv9u2WQf#)lbpgby+{
z7{Sgs;nm?nq7PHPTly(wj~eFuq6(JJo-lcll0Llq&8o?p<2I)#FZZ)_>+Qw#V>vKF
zXnk^4mnzJAUymDfJJ2^2Hzk>{sGZ^1wQzb;F@5l41?_c;mG=3JzHrci#~vM`O1T6H
zkm$5qXf?toYrTCl{l!p@a)M%GoOOMD{FwtGOQ8a`^Gr^fw#jLPg|W_BEXfe?zn2ws
z-og>g&n}&copm)P^ganc|LBaPZ5<1Rz2V3ncCnP-dRip|x-i89`n#Q-ogJNxJv}A5
zcmSFbW@~F536p}c!?=EUQl8S|@mEzRrF+eyDN&?$pYKk>DTf~xozfiz+G8!+p`v#E
z!f(Wi4n3n(u*l5XkJS7)MYY2W&PeJ>Fh1jX!BwN|L=}zG0?G&2x`~KvPTiRrAHg=&
zO@)+v*MTDB{aCg1=ssB3SUZ68Wv$DTe0n>Ngao(R?G%h99YUIqs@6;<rCg?L4O*S)
z9GdRcc&>->NPeooY@{#0rW%E3V@LxAP@bE)(O6ER-y!sgXJ;tk+`f+{A5o%qn>vj8
z)?a;ed5NRojUm$oHW>f;=aFi<W`tb6kp7PEErR5Tn3m!KAFJl(sVAS!G=(~3Cf+Le
zaaF!LCKJVh>jm~6rGRZaI^T>`ZXNT@PcT?I!}vVHcXzAAk7xAidb^SFXXP*HBfj6l
z5@DpYM9>4<nwC7nl26a3VF`_)G_Dno-2+4kGwzW2p%;naSJKwYgpATnc|2^z?YXO?
z@}sxPzS9KFD7!{<y>gBWHwh_rH3j!vFy}M3p;xmtd-KFv7f7a6@Kn6DR027J%XkyO
z#`Xa3jr}waM6Sze+Al(U=lkRAZO!@I0}G~{`?XStcS>O@{(;xX<|4DOi{*P>X|vpR
zL9DNUqZI=DWgat<(`XyW`}x#VNG)S*U1P0bx*)jJXWy7?({I^Zj!wtk!tSSeT|WMS
zEdsDM{uxYh&kx|^vqeB{^PnPC@dU6V_s1|j>c)$FGgFOgk)BLXnhL45n2bA6IqrFV
zru`i+<{2nUBuVcEvw0HAYQwUt=rJ#2tK&M8{5dC9;!GtjD4981R;r6l%cNZHac4fo
z^WGv<;VUT1i3Snv+h#~-;fY9+C4b`iC&sQ28(C7HwEF0&_@?d&?8`F&1)p_tj`p&s
zvvo7eB{F)!1f_3dKe15wNt9>OIB<_dVVEl#?`)*{VtH4{Ci%fUub2@mNFi|X`U=R=
za~UE%Vq7I;&$g#btuWVY`d!cmzzuGOr+`E)ItV)v4a&A)yrQHV(CPLWK&jk@6=M4~
zl3{jZqc`A6U8c9tgc(!kZG|U!L8vYxeIGo@Y%@h#j%-h~Br6j{+Ys?Po85@WiCt-z
z0$zkX>O4GF<+yh5jll$3BB@8x%|KTA($&N6?d74M<+463GwX%#QU5|;kpb7qw;hJ+
zoB}N`TcgiAjytZ57P}X=-#sJNZY&XFD-Bq&^x;P^pD{vE-F*M2r8#UAgT+k2O>G3N
zQS7v`OLVKi_u<7L+mx+F1vJt4^U(_4^h6rZ5W>e2lDGdANIcS$1{{5AK7tUtJqa*<
zNJ3#MI;)diI*5cadGXh^266AT@m`<XFW!3FC@7_&f;}IUJ#jR3CwtA`o3q()f88#v
zucvdK>S<rx0nh}%H7lP5uvIP6^is4JcJ>)}saLLe%Yo%=4am-N_k>~`r7o`8!AbVZ
zbCcDqPR7pGc-n*f4HijII|9WC>`8njo+vbng%oW2<AJIBPwG#Fn6=gJFbZEnEL~ep
zy@%6^R&*XO&aYRRGry5(tjn|)Jak()ieugziyg+!K5ghHJ|Wk&Awi%$o83@4(UMTO
zX5}M&l3aa@tvXyqdU7$#GRn8;+>PmJ4_n=*-CDh#o5J+uhML;uy6_X9M!gDb%2QdC
z53F+N3Y@E~s2oDMzZ!aG79uBUb8J{{|2FI*nDGyF9hMXG1mrrfd$ve=+2IzwbLf)<
zgkbNi?@h8MxsDQ1MlX*~*<1Gho!Dv5RO1jQ^P+PW+I}){8_1WeGxRq#q-?Nh95KD4
zxH%*Yy$^IpKRZ)KqukP&i3bX+QST-~<vY_2CDPQb#H~MFKV>u1Xn%BcEOXO4RH9e-
zrR_kghsViN>`}Zb%{9$W8k{DKDhwrJ4D|Qd8tcPm!IyknHUoGB6zJe7^uT$~ShRaN
z=54N|-HC*nejX^?rn$1IZZso!N4LQ-1?6v>51Ui=5G>)juavfYg24&suvq4Mx-36+
z5c)e26E|8{T69LLL&~)r+~8Hm?`Cq!cf@Q>J4Bf*?>Swy8^*%2T9U>eg86zr$+@wj
zE|Ve<zag#YZH28|xPsYL`_BuWxFgU9PUuo8)7!1Tc^un2SJI8u#a>vghDE9K!qDDS
z<-GEeQa@JA>S4ScuIgoz$gRx$M_%{T!-!TIKWr2Kybk;ydfk5omH(^vm6s48O~_BP
z1*)65kP)h@XB@z6H4Yc2Fx>RW;va?vTap1#bcvuE_YKL7)*IU1>!-G7SlVx!M^ZBX
zmQ<ASY2|^U-;=U({XInSpZ)wN&_!enwoaRt-#h!A-U|xNK{=6#puhV5fA&5J_m_zF
zmQ{KYeqp>t4%D40N&qRPLJbK=6PN)&c#ylT$XNn-W)&c<h56Gs_)ppi>TzOFDuM&@
z+3dX0dDYpL$4W}*9y_wT!Ra62?7<!UNtvKGwVe30(id5IQ0)+*>UH|3aQjzd|Dxmh
z?*g<h_D_iRxPcrd#h4~9dUcG5@cMc^ak4fv9J7`4@TBsJ&X0adIw@rlPjHS1v^+1r
zVzIue^TUSeHG}Px-Z*H8$8rQsId|guwu$~Ozx4+p9yPz=ep1<xD$MkeX|Q=;3p3<N
zo?B}T;~;(cmNqGqGXC5nBKdZz$?_?21<IP+eNZ1bUx@uEZAslhv`6YyJ#YF>z@<Hf
zQl9pfpSm{s{J;cn@?^rnm*f5L>GG0Joyuhi-i_DGS46Ix9@oF_+-vix9|)jbPW++4
zkSGMWn5VkA-?y<baMFlQFr8`PCk&rQ0|f~k<%NF8=gA31<Q8^jfU##emsd}70&P6D
zZ{XsqaJxhny~XRTk?&r2BPO2m`#(?o5$8%TxTb0D_th}spegU;Eq#ZxyEau4mkQBV
z>_fx$Z*zb50HADIJcM87SEAG51bw*U08$-@y=J@`t65Xw)hw3R&gg*!%E+Ee7CqK;
zZEWZ!%-U@)S$W>Iu;WSCNxpFQ26g?aO?$3giyqx-jK0uKnwAAPcJ)IMo6CR%3bym%
zug9l+dPLOa<NCM!GZNFMqzI;Ot>t37K}jI46CZyBeQZE>w6NCqndTht%gKQISNj<!
z^raIF(IC(Mck`e2cT*(H^zF%>EzjS7lkf1@7QN`XqtS=!*{Yo4ft0O=pTf%$PhD(S
z<Vmi?9x`8P!>;J?avgED$AT7CQX*T!wHlj=KQex|IIsxMKWuco36}8k=H?E|+n+G3
zF=W4>N(>^~fYZGW-@z~0bM@nkNA#ozNm0&khdnaNk9`QxhYz6k%)$TZGUEI}W#xad
zjCS_FAKITx^0j}yh9B97ZvHRV5Eh>DhuK5?{RpktM{oXv87Z$2xi7c|o~as5=kX0?
z4UADzG)R;br}V*m2Hb+ls&hPWK24LLVq*5P`LSr9+Rq-2AWTjji^q0c06I1784N}m
z=_!BdGA`qHj{-@kzgy)0k8HBN-~YP##4VS43Nv_1;(M#5l$Upbsdy8KQTVrwm^pYj
zAaxvf1UStne!|{X`Qj-WpTQ-dSOCM|2L6A(Isful_<wWT1%3I)E};yBH-EfNW=<i2
z-o#bmc1CLOoQ0|D(ifIG<+pF=B9GubkUzNA;NRY<E{;%Q&^=U*kh5P+KKjwjF)@74
ztuOH$ITx_BxTB^Up@FmjAk;td0kQx5H?<EP;9$MDtqBAt?)$>o^dx+P&BKFUl-|HA
zv=haY=p(Y&v)$k-3Hv2Lpm*;lYz8<X5|q{bESaRV=xR8tH!dFvJDSL;pnmtg!-fpY
zTMBdSH*=jKhao@BN8eP~hW&*jr3A}4bW<NoG#kP~(r6lE?LT2ZwzC*O=jvB870)*k
zo)Mu4uEl<a77?@;f(WGJ<S#n@TvP1kSCE$taua|YXJ=Se)qPs_-k!@gd4JByD4_ao
z82q~O0C0Pn!fl{Eq<OnxKP~4;M+x6zX-AIxk%tyCdWOed4d_eD|NbGG*x!GAI3Pct
z-$AzG<8<^2{7W31-c(Jzsq8*is((c$m2)ZGtqpL?FS#9tfU2eBs%c3`EPH0iya02h
zddky#$D|j=RDS>Ye?AB}P)h=#?b0BU3J@*xZc~OZo1vRjS0#(O!P46fs63NA)`b{-
z*wV5xch@w}N8Nxz<ARXHqnTn0f<<=wgJH(j>)j0?o7IUW<g|$Xg!Sj+zk@tscN*mR
zON008iYlFfCFA^nV{FV2UjtZ_9W!uo<<fiy(DJiH_BILM6+P*c=TW9S`5Gc8;$d46
zk>xKEVR<jTN3**h1?0~ZdmYXT$%oC}zkX`r=Ij`7!T&f>bBN!M1DTAhMRxRaL*Wdr
zy`;kSFqcD__A{T{Ze%IsYM*~7nepa_A@)=dWKRvmzB|{#kNpf1&4rH3ER-|t2yR`;
z*$5+Z`;J$-=S{^El1x4vy~lrMgDp%Eq~FqfkjyPoJ`*Y3CE>pE=0WnkvVyPJ9^VVu
z$u9U;Cfse1!A3hi@J%_wsU0K-M-4O8Jub7zvR=2;O{8$`hv9U{!R`26Au~4S&Yeee
zt9r!Z_oV-ZVoh)TzOPv%5k`jpZesI(Kc|yLPx%G@xH0x>Th<KTT#GpPW>4&dX5tYG
zlM66DOjP-Rz7#I0N&IQZyhYksvM}n9+8afyQmYMEYTkHC=*;go#aNy7zhtz%A;xVJ
z{85@?gXoizfZ|fz<m#c|-AoHqCg-phPrOUL>m<x~GNV?t6ZQEx?OCObEqLAjU>#n6
z90b_i|7c_lI1bt&lK<^*;#x?)R<gOm)qN`R$0kfp^1t4*{F@b%+sR@y7Zgz9qb*TJ
zEKSiGPCInxY^%r()A?23ParMy$Eia6-in(W08+1nk_L&AmW=5+y5awGA3}k)e_J-i
z>N~&I?Z?=Ex8*bM|L)(EUkBYk?qB0SF}+{{JSK;iq?fm^gz!oFKz?#(SH7pDDf_eU
z%*}#{`&oKwRBt2sv`|L#w#_x^FB;On+)Z#`{$Q#bVQ%v;Srg71%gm5k-nrjWcF9++
z-&d|zT)l$nZqzZQ9K&!nVVJ#ADJ0pBksWz9`mI-Nqg=*Ph3BCM_hb5JqHfMy!@K=V
zdu)Z}c$ivQYE=GsHU7FT+5eO1{Le!1|0iCX*ZP%7<JVO~-^2^9P275NLs&Z_Fi6-2
zb&_xF;`MMTdqO|4aNd&L7eTVlz0)E$@Xhx`v)&Muy}u#$<~^~dW{az+jZ)iN#jFdY
z<GS{zK*}o}vaa>#LZd2@V)^sjj_vKf8vPUI%in5$iu9eqd5R=Ir+r(~AHJM(c+~tw
zjR)I0@(^px6P8GfMcy&Jxk!Y|EYv}|w|cXthHR0pP<iBnVauH=wOJU;!o4uAZ6AgQ
z!eeH9rrimsv#GVfq0@7y^BvQ>TC%syk|GNhbON|ICz$X0)!yz=UPBJK{%L;t&vMrP
z^EE4%DQCylG5dRmtYvyn+<nPjuge9_*uPGS^wJAK-=1&ocom=tX({woxEJDUXKVYA
z^D^oR492f8)-gjeL19l1;;;7k&0J`XnlK`(^s;3do<3DmE#4-d3Nj|6iTy+0P|9{j
z8D{l~U#tkp7E&ymQNE}Dw21aEWs3eIgM|3`Z|cqb@7m-KXUZ4^qABhS$`zm&iJJea
zdZ}8Qa*?NQ0_3#AUbbuq_iXz>q7*55F^VQnWeveujqI~)fo|4u`jrRP`)yGom#QrK
z#J0JS)mNC0`2OIg7oe5ra)E#|I)WtGu})f%D5F`Z+`VFc4M`M9+I(fg4(|j_G1b^M
z8H`xJI{@N!&PWD5b=&OJe*S?|;Y;$-ac?PU>X#e*O+i#~H#O=Bv})XJPb;{z(dsFu
z-xfF+WJ!ieX8l;Y#MmzFA>%y%CBWf-Q3uxZ$LsM7GUOmpM-pGHhIg5xrH87xtmo-F
zX#tPZ!q%3b@_&I-tm&!S*tA@cCTo&=kJG}m^k|b#rGS*xq3KI?S#O_MES?j-{JO`=
zvLKwF2(}UHcM@W~f|N`%0R0v%OXr(kH^sgi93a{#rZ4oW9a6Z=+?^a2)Vk?5Mg|lc
zYW55+Ur^pivc~2uw;T$&TJM)0)39rFO|QU0NpHa}jwbxb77r1rHV`|-fwW$D%~GKL
zz=yXr?64~S9S>&q9kr+Yud%b)SS|#?0rM_fi}=~i^?SmTZwXt+$Mr;{BX|y`d~-)e
zjAGIY9K4)t%M<cDWoxPuWMZ|J)4Q2prd@>XdG@Eg0&IWB>-bkc|Jz6n|GU<!{56nr
zm;M`;;Ds4S@aQQUq87a=EuNG{rmeK~AxaWzy2ZWXOiqW?*vj7jeLf06x5M-U_`qz}
zf9()XY^x+Z!OnW4f%IgnI(e5#byKJ1Pgpvu@h29fJhn|;6DdRsr5Dv~PQZJ%BqyJ6
zb&2+08r}G!*AGXU$lt}-Qp?Detxo=3s<9KB9Z#H@dHuS>k6zYz^)AM?r{VFD?||ct
zCgeYh$pgvDpj3pQvn0yXx#e|Jqp{dcj_Gq=5w$%{*cLCA&7FUifBxTi9r1JM-&5-U
zSJzG%Isj4=ztMQ07-|S8;I-`lEE+s{1AW}L_>8;%rJJkYtv>bax-I>bAS2k7t`PsD
z1NWX<zl?46VW<cB|8RaWxthBZZ^eR`6Sho1ZeQ;OA9n!z;}T#4OCT#VQpG{_97KJG
zl&Qx-88F!&iV>Q#r%S1Wl2Rg);Q*F!_jB}FfH#Om(geV=_Hr>k0M~L}k|ApVfvl}D
z4<3>O)r?GGZ0G)5LHsfS{K5)6lC5@pRW=|h1A%P3wVon&phK0x0b+<RF>o@M5)gVn
z<^jedjHkWAtuF$$GBy1F{f7T{4*!>SNHarx{VxMXj`sm!8}~n0UD`ibustOZ6kEk+
z{=w(~$KLPlcMttBXszqk{)c_B{}1Mi_0+UtC!GOSz5#KQxhbqbnk7mXL6y-?IgB>;
zzqEH)bj&($;!OCS4+)B^C9NL6UDo#Kc5J!Aqc%yM#?9~BWY~?zts=gOXwe`2X`1QJ
zQcr*X8vDNsaP+UALT^X#U;G~Vzr?P}BFAg6;yQJ-vLVzrOS%C-As+pGmnUrl>I3Kh
zRdCYWVDwLGy@rCw&T}7<E|ra2pvp^$w6ztLMPyS(MCNgWbA_>d_TICzAK8~v_I$za
zVjM?H)1T3J{mH7c{s}iX_jqX=ymVWsDkaB>DN1_3(^>E{V#<2GXZ5!~c854-_&S|z
zDccnt5X^;i>E7z_8{D61GB0!DpwR1=nXa8YJjvhoEM>>_SVo6gc60NOQ_qw29<ir<
zGh-hnYHGhWY{~wh{%$beU}HZQ;@FbAKzl9hq|@KZe#(-a7+H|fA*_Kmap)carAbtu
zc5W=5+34aq==ynHiR)>GzNDr-I|*R_BQcsGEN7uYQr(3(ClaL&R$tK)t>;1()c5$z
z)O~7IS+WNqr6)wwB;#T*Kn&WYZb++N^0TG)GsoV>_bu7utoQOmSUoO8-7pqrTCM)C
zMn<F($PEQxdXc1Zh8)cSxJ<=Z0vs|gaa+bHH&XYGYEtRPieASTX0#v=HPAkm#*hCn
zU5wOw_54+n>YS@kH%5G@=@Q`~W8}r^=&Na`b9*x0N8RL?L|qi~v*F`l4Tg;p{}5kb
z#kH|pweJz&A}FfBtxw>SAK`yEUxgR_gbh24QBeOacL@IPqJR58V8AR}j~Lu4<c>Mx
zHvFf``Hr73cK=6b$;i%>z;h&{hv?*9mD23t*y9Sx#XJhTOCO1w9PB)DoVlf%4w|4q
zuh>_LK4eyimV>kjlP8p&&4Lm)h|laAhZSW)GhE)C3UxF3@hCthVuVSbWl<GU{=WW|
ztU<X$PsZU1rV~G5ULixR4J}XRRRrH02ySc`$p6Z-UvyDj*XWd(R29M4CG{)iCfHa{
zF<sbdM28u2uTu!sfHeI)9oso}W=xeZ^iAdPA|lhvPv*7P0#aqGk+Ocx!&Dg7AA@+M
z8m9-tOf&$X=}D5LO?3OT2stOd)=iES^rSG$Be>+uVW?(5#iXL+NSazhse#_&<zO|f
zuiLqGmP9Po5^YCLi^9%6k={ibEg@jzc7Ds=S3I{VzA7rx5V28$iVpC-wCC}SUYYpa
zJbiZ#b+Gtx-<qic{KRvclS-7ak){(=bu-_WG)~gKyCh#XB?s=Vmm&8&rCrPJe2ENs
zdS~;VfgRiH52Hr@nSeZOModqP@jjOq9RM1Qv16sW2gv+{rKF%@KVnVN1ERw4HPsi|
zM|^f`78neeq<qi1&&3TBzrjS|U!MeL4~&fH?1vn4*%>+^$3i3l&bU2E1V3_9_U7Sr
z+_i-ifOxNX&E#YjdMk3=YCwa{&m5ggJq9=$u(JiZbxP|~d5n)UmAG~U$0zSi;pbnP
z&X>5f(F=q8<?}1N)7ykFM6P%m^`ZRv{XyI{K%=B>`p8Fw&n9%hzsG-~a5kcSHJ87M
zpA?IX8(O<n7?fI2`u6(w4VkR_kDa@D{FY7F{W$GxW-bE<h|gMx!D&YFwt^ulH`1hE
zP-b)Ae`J3E5)}5_C25c%@)vOFX^RBOtD3AGwGo?M8iKTb5;fsdfo$^#U^y4h%_hVt
z9K+7a%=D%d$b!`YsswyTF54A)6>TpG*<nLFR5=9Hj`j`se@lv|IUl}Tr0AO`aT+D#
zucZECm+2M5*_75Yj0sJj2|JsVTj!+8g_jCyWxt51sZM0%;=N3s!(ZW3Wx1I7nSFfg
zq}-``7Hay^oa7z`m-Q?XhUr7{GBnW&pp1f=L!`hjMz>B&#2VDT#y1Sh3GIJ4Bgb*k
zhPN|c01o@s7m}NdK;b6)DW}bq=YolwBx<`FT7B4`SgNJs-xgLd@}9AmdM$}ZeWoLn
z=d_7IX|cjx?cT?c7JKkwXw<A$9X$m<n+y7~Q=5!&A!k4=cn5{MiQNq)b=1j?emBzD
z7C7U3YoA*07XyVm`GdkT@~GKY{Ug{q_IAXlu@3ky72Un_hzaevrEVkWcDQH0H-={b
zjVxTPa~jT4FYmicfAB1UgKtocgTwmC`=^nZTE-`M9eWB!kmf>)TYo}55@G>|qn*jk
zr4t3s_oqHp4rw;;o2q?_#UA0ClN&b~5w1=yWtyr%zM<`*UT2JAfpg%U%ZllP0{}D|
z<Zp&d=nFs*aKa(#JBw@QP)6ft9w|S-$)!3hq?>Hb9J|^IOL?EG2Q}J}3fIAr%a%dP
z>P$<ONTb+CF=WvDliDOy<Fy>EQF9~Py`4|WJYUPorxYaEb{ze<b%aZ2elsmTmt^H1
ztK&&j14>@DklNndPD`PX!MV^H#laemDb2n6Mzr5X+;lgMWWAei)U6>ewM*&>3%Rfd
zqYaLgyFK8UxWR8Hm0B^JS=|9>mF8&6iVUZEXYres#H(_1rZM$5>%Sh+eHwG?YXjb*
z1|L5y2q<HhI<T=AO(^K;+xbTz8Ce%r1r=*3($nsrFjV}F?}A@sm1*p;YZ^?E@A+eB
zfl$mWJQ_iA#j`+P=QipKA*8{G9v^ZgGi#^p{jFPr)5b4<^l`maKDa4xcQWv?y%|~B
zp%8q#?=-cXU3_VzBs&j}<E)ZjqxcJ8VOd=>lNppa@+MJjj(?p07n*CfPqIr-hGf{>
zG<}FHny~3n_3`FIoM=QdZb#iz_dDOys)H~gvEwIdw{xqsiCtu02YMcWSzpFY8n@ND
zu|rw(2NTmNf%$HdQ$lV-c^B_B=T{!Okza8%xJ_<zqF~4VExy9Iv!9vq25hWN;sNRj
z%z#cAE>;UPtCfZ<b!az~_M&!Gyzmhqs!jIEUI?xU+M3YaSeQLxCpVUYkprSU;9805
zqlx;DPg+L<7P!_3?#_m|q@c2+hB@yJXi+_?YbrFJsWr7_y;mz%IN-P1rVl4^Gq}{K
zVT_4Py`zJm837S9EmqS=Qcb8a=b{4o_rgH`{5RL~xp|JRpm?hKZjc#U*M0;TNFW|2
zT?~us;GcBv!q%j%$5Br~qVw=OJ+~Q(Xw{*bGXBm6U3<7st>DRI9B)_CC&_0|&Io@n
znS6Zr!ef3&_J$lle+xV6v$d#%R6h>ZyXpRei^Lz>s!Fs6wsOF57JE4)Wd1XR`HFY~
zGX`F94Hz1T^V;<Ec(LFQVVWxRjO=VMfIjtnIl(`|{rZMtl-0)BR~$yyjl;g+z56HK
zDHrHv*x9_93Q8^@Wtul9qbJ}A-`=VYwmnSdK6#I$*Uy&PB?&)E#W6U(k$MQf5c;fd
zA&ufyKty!7{3?ltQmAq=*jRdxaeT<BwCdaW>(HF$Az@<>v(IxYZsv#%UfUkc1y&&_
z=^!XbxaQtXOw>qzd^J)p2I`^$qG60Cy&wn>apY2DAkTu&h0#Q!$7mCB{$csL=9!ao
zn`Yr!wFw3F9>|tu6FW8&F`g;=^$4mr+6~GeZ+2rVdWfzBNq!ER1<50(yc+j>s(B-$
z#9JHnrEH|+UBW@u42~6<sf=$dv&}4X{vb(>%AFLN$9CY-;CpLwqo<`I>oQ=0UeiLP
z=@RxhTsbi>EpRp1-r~igL*W~>_;CSI_T(>3W(>}eP}0ja26y;;NDEg;4;bifU2PQU
zA(7Z*IES*Ccl7<9WMAv(^loc@pR>sqe!=Q1U5ojRrVAh0M`mF7**th1j#%tIk5Z+a
zhg=Cs&Uj|%(S?t=8l3QI@X?)fvG4R>b@*j|?A0Apg>UZb&k{bB_v1k=`v|rIWT^Kc
zQ?Ps(B}?kLWdZb2a$1}6WD-KcF(Qv>cZ+<A+oJAnU$tM9N&0x$U14B9xop4|MCDZ1
ziDbjyV9s-6Nv1u4OGb#hxb!iCB~VYIg@S*OjfO*EDf{Z?_DXgfy|w$<#MSz&GY#V+
zmMneOWD!Iw_D@)LJW3ThfFP<8Ks@H1dmFinrU7pU@IalT4{?AO0LpWGb)MQ7Z+A?w
zD)Rl)>VSS3cKM}=Gr4d5W2bcnG5fJ?`|-0+5rWlXeyGx>Q)H#C?E6jH>0*c7Q<ojz
zlpON>E&a@;VfrYm{W{PB5SpQE(K8MMBg)NT9zz?>qeMGwLf{=D5{UR~K<c^d@Xf})
zed8({a+#dsS6p;GFDhrbT$CD{%W4O+fi?w$GQrFs1h#v{w|kKSXallcvA=ha&?(I$
z(*=(QO4Dn_rIb_N>9>LUfNzs0)!Pm89$RJEniiAGt*g$^1&W5s21D0$RSBOqL`D>k
zj;fgk1_f$(zN@KCTTG9-cLN6V^LW!pufd~`<G$St;W!2t?<|tbDMY?ItXe`!Pl;qv
z5E#UlUgTCgd0|+#IaXA_WZdX=@^41n#xnMcb;SFm?-m~!s+ewkHGh}Cct{*!siVG0
zO!q*<9G>5;Joj))k?XjzVsR#6KK*jy@}km>#?!^0FYtx&PpZx$*TWiu@8~f@g_PS+
zBRSU=N-1~v<eeil*yMbvxK~*@A#=;2uh@i0e8(waH|s7RX#%4rQ9!mR>H*^;f*;T+
zo7+>k=ua48lh908owQWt$hN6sqp$PLd!b@3W>{It%QbZ=f%i`=q~FtOyOuVH8_#m0
z=htlB83oy;n$)B`FFmcVg=QtL%!G|=x&=4nLZ)5t?;j{gpThO=$Be$xriu2>MNAf{
z_mHxT4R7dO#G$$QJB#`U@xDcW&q>4ry>0vnyI*^0Cyj2Hg1tIIyD|k7d?t_3jTz6o
z@l`&5in#r&sN?6q36}X+&-u^ym7#w<JjeakvY*kOTjAf`FO(}mbAhZ02mxPJnM^Y(
zU2eknp#u+Q%PtKaz4viC5orf1=u3CddkOG3hGZ4VKXSX|q>%B@ynxfEPx_goAB}Vl
z1sLrSFn%7X+|zOt^A=kPVhi~I?{G4e@I9`{J>X)aO5w=%^5Ml8ZNE?VOkzej7m7|;
z1|Uyc>q{Bm0a9qkNTN}4kmoFxf2Bb?mN*w4Qe7hHP_};WfJU<j$A~-E_=!jtsmI?+
zazNwr?G`b}rneQ#d(#)r?-k}FMg(E_#0fJKfd>^1gaq5&A_{k(-Z0&Cbq#c~Po}}k
z*LDhHG*3Ex_<G^vd*!0>HXYM|tA3*B(;>r|$!~Ji{aJ2osqbg$FGqN)j<0UEg?;Y`
z$1_2<kbKaK9rN=}gEMBezA8pL_NLNvt1R#=-S^}?&3nqnuh>}V_Z0c)@WquZ2SV<4
zl~HTw8g7?et<Kg8QMf&vXEgBY;G1`6@5{3WB-_;pGqtVEaO;UJgUX~3K_r9FcX+Hl
zVB*o9flE~hngpNLXpUN20gg8c!jpCE1tFWjRn4U!Ahx;sreKmKAufh?pzPdUb4pgh
z<izKLrr*;Q40z(F229ScAT7Z(!aH+ga(P<Rp|e;fv?~zCoJ-+bE-^1$9j$P4J|X)q
zL-^&JvpJ`_Pc7Ipk<L&Y=#LOrOTrud$EmH^qS1y7z2OPN<fE0AbsGtLg*9$}Qj@ub
z3kQIOjJcjx_-(j!Y1z%0R1DWgv^VPVd&+=s1FGfu-KzNj!`H@K7Q0NkuPZ;p#?0_6
zkh^j_S9DLj&`!9ywr>cf<?b!e67}}OVqI!P%jMI~84|B-Lc4-5Sh1&|z35Lc%$R`&
zDLo13$84Wyx82dwet(e)k3F-uKg0S2?mKjM@`#+~J25)eo)!g25iqPFwrF0GW&4i(
zoobJ}y%ZJc56b&_l3|B!6s=q$)jLIwEsPZaW3|7Hk)R!iTnk;jK;dhfSG%J&Yb+4?
zx$T8hm$%edFsry{P{IYx%H7=cY!ANet0K1WqZO(~n#^#Hkh4i5wL3w|O{U&V%+A$O
zHn~G$`k46`ll;{bgM!G@7p@1mB^km3rFlq}(SUo@tryhR_-`huup17!?;c;-2?Biy
zlikNBrL5TuTr%1tl@XnI9)?s%f2WgD673R!u5CBcq;)7`MYJw6-7>JSS3M@3m>;Cd
ztrJ-~a9@E(TDcBTiXov6su1Q4qFOXbhCI{5AL}MTcB{EoB7yYDz9y>iU}z)n#4}IB
z^|JfY_t$hp+xqXgiI5HJQfL|kSGdJ!>306dvTxkZVwW0{&Zf|Yt4ys~$|~P}jXxz2
zyKp!Z2e#@l95W5Db&?t_8U`5R%M$)^DAn>se0}t}n#955<r^I8AJznmysyZJ-r!bS
zHJ4!TK*s3_k=^R&@!Vb#evisS9zKn5x2~y4lx#j#X4S)4|4>-BTS3uXUE`XKerx$?
zBJ4+S7qUWh-G4qe!F^sSnXw15v?U`S>_gdYn$%<yzle3F$s3t9%%X1f9zG`5e9$ry
z&*DM)9#4~3joRKfh;|RsqTsLGTnqGnIpu;9><g9d%MvuL32u7!@Rhm+TUeJcQ@1ac
zPft1|tF;oXN|uf;^pO_N9KV)pT3?gsEK;k_+<DPM?LjMyb+Q_E3?~DrQl%IGQCyW%
z6*Py41UOilHi6gZo8!L5!Rk*ce$q#e@4sTeU!}Xw?q3t`_iP@)z9PMEs7dtY>gcV8
z53e%bUb=K>IZNBrNBI56P6yp6nRhNlvS)ba<r<t|b7dGwv`z(?IM(H?!eSoRB|4gL
zDX>(r)C{YYkE)jqk8JTZD0}zp^3$zdzBT{Qp2|@712qxU15Dmem^DZrf!ylv6K?;l
zYB}QH1yuacE9S5M{@=NR{v%t=GS@%3M0q}f1xl_ItSBViriGJ)5*b4sZo3B`ld<Ki
zX<wYWL&Xh#ytsSi>akDEe7u&_V>C$!OXb3RsMA27B`Y@0oan<rLtWXW#eQ16PHVhD
zp}M#lYwb&NHu|ZG278qka1&2K@&|;qQPqq-I9Cud_bjP4eJ)pAm-l_3TfUm(L_K^u
z^36tEh0h|whZkW&e+k^a5<u090O^@TudEy<l6{mPMsaF+46gN}>Se@hZ%X=Sqt9nE
zb9D)PRuvslfaIbSEf0br5dB1jL7RqT_V^}MvVX_eQH)5PbF+=nYqd}j;z9j=orwi=
z>b+8!%e!1R@{Y?jNiw)N$-(oCI;tU!gPw};*p#%KJ&BxCnXY)brZZA-zh-;1K`+e<
zDQ)}thK!K8+{?!-^#OO)`9I{6993C>-%KT!P%hHbCMHI)B5RD3HN#h86_M431k}+3
zSBI^LUoK_!CcjLt$d*ce04<`8NhR}fL||!bfl$eO|82a`215+jhTvIl;f}MZ8eIQ|
ztnMob%})93ll79EXN0a!9|<Oj9{ZqwLUrORp`RvfPtl-11_Hx2Ub!`>4-IJki#z$*
zmhnw$`HHDeD+H3<6$E+?`K!rk?w?G0Wo2~Z1acynl0q+PQ4J}fxB!oj9ZH@5<@z7_
z^cl+P9J3p}j<hUraPTe(IJ8Uo&6Lqv!X2Npv7a9(+~9wYul8(3PJpx@NIxQIy7X6!
zgHsrwi_4G+N%Y-CS}Z8+c;4fS_28c<+mu#0*26nz(3_b^5Em^MdyGTQS;ir%(}=gh
zXoI0*vJeFYWuZuu4B^69O@G!G&jO!z;d%m(;_x;NCUe;#BFE)V2%0jfB&(kL$d01A
z(f}Sj>K>*WQB??1a6XpYnBffQF(m!A#&H`d0J)zvQ#rk#Lxm}G;@FFneE7lNE;`1$
zln3+Y=_xU$0Gp4kXovs!CdHLRjOhnb@eJ`AvfeZ4(qEB#h^1MMqPpu$sQdf7Ki*%e
zi`?TaCD^6kVGB^2QU2%vXf3#K1zwligE}*p8@;{u+W%4e#H|=l;5jhDgZahqyLG?1
zw3j|>$~gG!BIinU54P?2CQ8?n8p;@BoFJ?9C#=&P3%odm^8}rjCn9nVQTURCJKxO1
z(J4LIFl;C8(<Xz<gMel6feW=rV}^HHn&-<7j+(vJ?499Txw{;^b-J;uxHeW*UG0E0
z@_|CA=<$U_x&S?$aX4gi9=|>W#Cmgub+rQt{DQvOSI)0ypZu)u-0K~po}rX=L{Kiv
z=8cr!C!@g8r*x3E@xjKzEBzzaX(+Oo>vVs~s$I5TdcJph{!V6bk=vV!E`ML{rpu;$
z!BPz|R;KcMwy#+X8dU0t^}^29s^?RVDO?E`+|TkA$ZGLZ9iXoibOjVj%9^cQS(%?n
znpQ~a&{5ea7hBo6^-Wdlb5X&$7mBT^yWd?&k9-S@-U{yNA3ww3@+4&u_~S7;XuzXG
zGoDB6g>Jo@w@uQ2O`<%$*@s+z>2cI*e6sV3@q+`YCsW@$6p1Oxul6U0`L6>6HXARL
z02)p;=8bM2ZZ4*2NLZAG?VIsI6$}$XRSGNXV-0^ZNx1vv*6k;S*N@>MTaH6!lzgy~
zRz7Y_<fS%TQo|BZB+ro}-?|SFRV>idkPTkm_HK9XctgBl{mgFmD+=mF@e{SPk(gJL
zm{AN9grXh}IYWt~m;0}`h`ufN+Cfd{d6t<`jH-rJRR$feQOs)39I|la2@j?f%1673
zuCGupGTvirY9C@>GCt^O4WXT-e|wWv>?!-TEcxO1VmslA{-m?F2W)o!8LmT>2~c@e
z(F;H_051yGM>TGSk9LwQe-1J)cR}lrYH;zo`V%f;QWIgF-@otHKjar}86<yzYGgaY
zl<Z+FT}DVj&TGej9L8n>0uc13>}W@!rGXDB;v?aou${&mk`h#Q+I#-qNu!T5-72UY
z!H-=^zkO&NKOLiJ0b^f5cK+gmSl>%}bnf*?i!ANJN6k0HAm?U2gYYL`BU;+-AHM8x
zS2OvNr?vdS`=^aeaQS*7G%v`WT-jka%n<giZCIBODGqqPs^T-*(pTh!`dYTY%3Nt&
zAADfpiv1T$nm{8+;`owEC>o@mE>OP><ITa5+2<l2koB5h`iQKY?8W-3H6*gB?^5ed
zf7h62!}MFDKz$0}4jiN0C$q0#nwyzeo5i)4XpLYLp{hC3|7h<@gPKb6coYyhG=xhG
zmk4r87LY?kgCmHFY!F6HM@Hq8L5zTagai=*5sV;*f<qKg@Zi1{1%f2NIN^|pTu}(g
z2pWzgE@s~Nk~qCnHC4OihuzwBr*^CS^j_8L4_*Db```b6{|-Hckt@h4JJN<Jcjs8A
zGP%x2d&kwRd(sc8Iw&F}6iGSuBsD{XmFY5nNw9*7L0wuI%Ip^An)3rjsZ7f_&!a!1
zSX-H?yYYs%-U;Z|s|w~Lm&v`kO2G2`W*kP1I5mTctL8VeETX<SLH8@)YBLRcO~^E#
z&M}SDQf=sK?|0Lc=VCw<oAjZ9(pQ&0kuf9i)YW|3Qsc+L(*4Cg+?{)mG*8Wo(7HJP
z_Un}EH}1YmD>AxoUgxN>QnmP^0(fLQh}FqlTt7Km(EBiepfbADfn?V>y|Ju+TfAC>
z;@#=bGPg1*C^wo|-%#7V@6D<Y@~|V3MQS81#ZBd4n@Cqys2VRLwH#W<8a3L_`?GCn
zoA$3(>rQ#RpS!)*ol6p{hl|jXQt_!>+JtC`a{CQhFcDf`Lb8dFrNj+2WWL+2wTaRE
z?S*IA5D0u0+?dH>Q9O1dH3oYDoqmE#rXgkeXIT@LH)PM!=(hc$jWHGPe#k$ZR}^uf
z>wuLacTERh6e4g~YJ)YU3=DhFon1#`bXqUYk9GubJQMom^!>`%+uDjB<utx^+jnLF
zSF(6dZv*~N2|_Z|0X-Hx_%jp=Fnd*ALgO1TY{2cjTOn!N`f`7jB;RFY7`*$Keo=Rt
z_SyAr1Ymq3RrG_`5=TBFP==7Fz=uQ3t%a_{=hZA4=5dPHu1eUvx%&#O)s}?D8S`t;
z)Pk=PRV8TzyiiH1P$#GmSundcLFO|YhYY)MDDO_<*{IhqR(AUB_1w!#j@Ys<dl-NB
zPwkiE7}~~c_3*S^R|R$S$u5j^lA=Tnqd=xrPm*zpVh_PU0?|~UNu3=GsEbQ3uJ>xw
z^T!!Ss2d~mPS@r(hs%e#><p4B2E}61NRh}%6V7rr{y`7{7rYMBNzVGt%HXlQR7O?*
zU~018!XOb#AYug|{s;~Srw7Y6>#yV*vQsYpOeT147C+UHR-l@gTPIcml1jLdKlRym
zFTgUNT<+@kdCrJynvkO;o@Eql|9QX+pUJ4@pB+(u|NieBRRJMJlqR_;HGnEaY)Aw4
zCOBkl+$u)fNwn$r-(^*%SopT+`Iuq}w0Kqfks&Rq{`bMHfF^>O@adzpNGk+<5uY3g
znQ>w=Pfsz}!C7eEs-&uy3%*Y2JC=*4cuYjKLBTJcN*(D9$FDQ8r57VN9{$U*GBNBW
z|5qWrMmnU2fLdU@J_|E@^kNN5Y%kb#5nq{@K-V)%ehNyr3xO3FmfarvTb@4^H3XTn
zzG5!<Tzj2*>-+~U>?r+l21yF@7}n#JDRqp-Tg+rln{^3K)x_R=s@^DRgf?F<w{}wr
zN-SJWPq#H4@}KJ}28n1SNJK3OSZG{WHB0V~QJd!3KkDzf%z~FT?{L2qJ(qG|W|3L*
z<5Tq<M$_^y(b{X~jjxIDlEN-M=|FMW&KJ%blB#)rR8)sg3g=beyidMaC>$zqvvxh6
zy{T1bE_Z2d*rA&ZgDDs{gvKxJ@E&kuU?bHeL_)7jmbMG{z0>9pPN>Nnw2XOAT{E+#
z^yF!`Hb&5!kZk{D*<)Xu83ZZb%GYp_7=o_K|E9qxgm8ic&Oxk>IF_TYO7Ia%Ds6%$
z6Epij$#7}|nqZ4C@-RKLxwQqEW9z1JHEs791$jO|cOZf1tl!^OEuTBww?LYT?JnCU
z^y{H!HN0K8b0mt0>huVsHhp!#ElIh-Lx-2SoG)|wRz3>9;fX$E9MdzLK~Zl8>`RI!
z;RNR+B1g|=q{N*WkJRRoVlodTxvU?v&#Ux(W-Y_dVq6)pSjosni0Qw{k<kQw?ZVPt
ztoAMi!Xe>sPt-?*p7R-~<atlqm~fJ()^}$Y)3Cjj^0eI|l}Yz=9CA>_B~^oQvIm;s
zAejxpXb}5KbjR8%-;_B<nvB1%#>jpURm9`XJ@9yZQoN4zyXT9OhEAy0`PJ%j{WB|G
zYmR1?M-tH^mg4QVds;<-1QaWXe$x`~di#)jy%(Y`n_vf`3m-5+?BKY>%Th)4yqTkk
zFx_5dLZiLNp`i&C)O#|lHOsa3+J0FJ?Z^9o1Kzi{_n?B~f!>K7L>2`CEi39&6^+y~
z)}B=D$w4YaBs|i*5fVa%ozzE-!2WDfI48MXD4X2zs?>3^ENTvb5(S>fbpThR+u;W9
zA)ugAE-wAUe6Fhu{VH^vHxY31OprmYN#d!cS`Dk!x?RUljGy8RkURk3IGbPwx(iEg
zIAdU^#0pW!Bj&028l`@0#5H<b$(_;Sz`G6c@njp`vM{S~{s*}usQT&&b%eznbv<yQ
zbXFCiap${i2|>^$p-J~Sh17sVcRIS#<Ur95?;7QV2hlOI#h27J7w*4Vg|Mlw8v`^j
zHh(Hvq#z(IA%%uCtWJj+_~R;KJ0U;)Vbya>yJ6))<uf}kK2aWP>cy*%c&t6v`E@ld
zwuD2}A=2zAO?nj^%2Y6|q&REWHgQ<{$d>1EOSnF#f}`ODS`6I+Il~MkkMPoU2KyK%
zjKY^G%yXtP+?a_r(Kj6+>5{(}g;i;h1&VWZI@90B_MH<PNon)Wb3yf%c{5*F%RMB>
z=EkNDOv1*WYVQA+>fC=Y4F8jzTQgYT9XyExuyDX;R5E!Wod!{Tp0-e@YC#LNBB#hv
zS<z3>uIHkA80h-YWAK2?l>t!jg+0ruIV31L28eS?FM&DqL<UHJ@UXKjRQ4S8gAqtt
zWWgmxf3*zk_@(8SQTj4N{=?O=YWyEDgxO@sBzW;2NUfbA02h!WKO=!EC<{6JekRjb
zYx(XAepQ>MFWainn6kQ8+dAwxq26WqtfPkH!Lz@|!Tzi7@}J8p<@Y1x|J(DAW-a`$
JjnBu)Ujb2>s0RQ5

literal 85466
zcmeFZ2|Sc-_c(r!8OA>Lov{-k`<fxyl4wB^l06~&(l97wFN#tTl1d1n1!Gq!OLmGG
zLJOIZn9TOS^(^o6KJWJY{-5vrf8PK1_uh5S9OpjwbzSFN=Q`Ip=en+;Ptb7y*FFnt
z3jhKEfQ#TifQ|>k&7=K&0KnE3Pyzse8Gu1V07ei3NdRMr=&!H^L=k}gz%u|qsy_hx
zndSiay?ueD{dni6Z-!e8zfdq4+=BiBGf=ik=_`Pqy<c#6aF}248A(mmU4Y&mYg^cM
ziQx4Emiqy6jfiJX<^XlDj|nVSmq~l#>2rt&)@Ekz_J`~&toNJ$U<7f)<II`U3|s&Z
z7!)3Q$a0V5QRicl@b>@%zzO~XFAvYKGp6?T`?uj=zPI7OTpMFQ+71k>Y?t*H{2zk2
zy}ZLbLFVm2>XTk!o`E3z2moM7o@YYC0f0#l#LGm5pV@|wgD_tx*gz0Ivkm+H1fSoA
zPyPg7{Xui&kQqqx0PGTW506k^0N{KK;w2+JeZg`#CqQ^tke7cD03et_*x1w0!wZD1
zKzL_hVDL5!(gBJme^ZX{Z(t9PlfRbf;o<u${1Y$Wn_$Iz{lm_j_K5lM$N%I<;OPiZ
zUOz5*@RQvy)anrU%?HYDA|Tji8)gUL<)D)X>_C_Ygh~D&M?b*~tbP$z4j>HDGl+SH
znSrtd1VDI~m&aZk5EcVri=fj7w)=Y<f6~X_!Wx7@4Pl7(54S!7!rSj&@D4LS48maf
z3^zi95B*#h!wsKMGt-~nt@a27p`YlxA_5$?@!RE3_<39ZQvQ0Z-w`Je&k6ug)<}QH
z?GXX$9h5ID;P7^Pz&1doWBtsw@jqxnBMxo1Ulzpcc?VhU0b#H`(BnR#7TdgU)1L_p
z1EC*ngQocTTW`M$wi9|a-0#SCAA|CN-uLwQ(S9KiZuAZ^{aGf^<KAIMx7+rEFE8)C
z<{%964(<02a`>5F=**e$J==9{ze_lC`p4J+>0!*?r!BYf(jY7n7J2yRcVR~1p+~my
zU^`*^&xG4=%MffQ?8GULecO5uwg(mo><7$%y?`VT0p2HpVBi$s-@n|n4F2`g6AQot
z2nBorZ$RZ|%r9>^{df`tejWy5ffXPKqzU`=y*)pkdIOOlp86~Hr*~BVpC3;nf4mU@
zEP^!z0ye;D@b3r^_6Fbir8Y<4J&5uD_3vM5_XOK|8oalk{VmQE<Z3@y>o!%yFXc)i
zexYPCXWGkT#bm*>11179h8e>4gP$hgtpU@6>HpH&ztA%-G7d4$F^)3g7$@ERlR|$d
z30nXM*7B32yg@1chGUpKSf(~?4{SGBI#@DH044&cz_h@6OkpUnW^E8__A@Wry#FHi
z-}3Y;2f$xs{xcoRE*1tBK^7Ah#oxclsl=)M3%@@k`ja$%lG#sfJ^8Cte`&$r*8i6$
z{(u+QPMe?G`YR>$0<<353vGwKfHp&$07)no`WX5O+OiG*T))MSKJ@*ywnIPK69D#$
z|F1N^@aq9$w(H#1g0NkcyFTus{9FnU?j0Qt>MdXvd?qH;-`6i((iF7(-jdcqo~k<~
zHFjz20)Xv#WSa&6z6$)9A0PrR|AGr?0|5PW&^B$GaLH{daHf#~fG3Lpz`OAmoXi?H
zJT3x2%b;gOXyi|Hu<b8K&>A4X5hV;r05X6g$dLx10~i7(fH|-aumg?&&VU=Jb$*~e
zhXPRm8b}0EfDCY^y#f>h#XuQw7pMa2fF__BXa{<LK41_S1*Sp$SpYr*1YiRoLm&`1
zgag705r!Zkau8*R21E~H3^9l7ha7@9Lry?^AwiG`2pVz@k^#wu6hcZM_aL>9Cy;i?
z3&;>;5`u?(gseff7@!R7415gY4Dt+W40;Tv3^oi$7+e{A8A2Fh8O}3gGhAgTWq82Q
z$k5Kv$1uu(WBAPQ4GKWnpaM`Ss0vgMY6i7~9)tQoL!t4|bZ9=b6j}{^3ik9c6bD^~
zeupu^cwv$-6;Ow*U=A=(SO_d0mI*6_-Gw#6x?saFJd6ONF>)}9F)A|}Fj_MnW%Ol?
zVoYJoXS~DMz}O9rrUk|gCMG5UCIu#4a5OqIonku6l*x3HsfMYIX^3f_=^Gpl7ltdt
zcf;-A9`JB@3j7-U0UQf|17CoXnAw<-%o@xV%*U96n3I_EneQ{VGQVM7VkWb2vB<F)
zu-LJ9vBa?Cu-s;O$}+&Rz(Qu_W>sL_&3c6O6l)^uRn}_OZq~P~U)k8$q}lY@4zl^P
zC9qv(d&u^j4bS$SorhhC-HiP>djxwndj)$N`y~5U4h{}^4ik=J9N`?<9QQanIc7LW
zoV=W>oYtIPoEXmQoQ<4sIKLoR5ON4pgc~9jk&mcH3?P=dSh(c5%(y(b;<>JKJ>eSX
z`o_)6t<G)79mt)@eV_XU_Xi$0k35e#j~CB*o-&?Jo_Ss<uMDpluP5(0-rKz0ybF9x
zd<uNle5d#__^SB&`3U?x{962u{L%c^`CIsL0#E^Y0c(NN0yzS80%HPOg5rXvg5H8@
zg4Kd=1UH35g-nFJh0=v;ghqw7ge8T|g#&~y2{#G96M=~+i5wJ(5-Aet7FibM6Ezg|
z6ipYc6P*%c5K|I6Bz9J;Ozf4|H*pDZOYt+}*Tg%;mn8%wOe9W8T$X5+_=x018YBIY
zmyuZHCrN%uQ_0hkS0%e72~uKGR#FjCB~txTWN8Iy2k9i~8tHd3tTK8sJ~EeOI%Ej4
zNLgE1v}~p9lpKqko}8atfn2ZLro4i@lYFXtll%t-Aq8uNScOW3w~8E!D8&%PQpJ%S
zOgr>;1njuEV^E1fNn6QJ>AKQ@GJ~>?vcK|8<)NL7JN0)4?JV6nuEMTjsuHPEse)G(
zP~ESZq}rtVMNL-inA#<^UNzb-?OmsL-QG2=&ZE9hJxTqk`kIE4hNs4LjS)=_O$$wo
z=3`Bwma>+&R*}|(Hm|m=cB*!VHdRMgCse0e=cBHy?g`x+y5o9$diHvmde8M4_4nvw
z^qcj+8|WB>8`K%B8mbru7~VJhV5DH=ZFJjcez){)kKHA^amJFyCyZ|y<4{s44^$~?
z&P2w<%jAy9lIaf9Q>G70zwFtyCv;E4o=r0YvpBQ1z0kdud(-#!oAa1Em=~JQSV&v=
zT2xvPEVV7qTDDm+TG?1#vKqG*xAwHYXHD3ryDx5EmkqnkVVgpmx&2D}L-#+mWw706
zn`is>fZTzg15I{-owZ$_-8*{)`w;tQ2bm7qAH05W@sRo<^r7CvyocQn-#@%@WY3YD
zBhwCw4iOF=jtIx&j`tilo%TBAI^mA09gREM=Pcsv@BH`}{FvjhJIB7cn7dqYSvanJ
zJmvV9tAcB^>kBs#x6^Jd?g)1e_xclzC!9{)KSA-Z^C<QBcGCLfjgtgVGtUCg&t4{8
zm%ToE@Al61Uh>)Plk4-rceihz??*qBU%ub6znOobKk<~+sp3<c0d@fu0rb;Or)vV4
z15X4#3E~L~2<i%!2#yXOI-`6h<qR&wAmmC2A=D=HP8cN2HSBRXALy{ZicpM5j=)D6
zM_!L4ML9;*M{`F9MZbzsib;!EinWL>KMOnSdA0*Bg-%4{<4og9;vw-T<2x`inDdy0
z1j~fGiL8kMiLaA(CFLfqpL06*^t|}_g!A*smdTYVoGGCx<Ee(J#TQ@~{4eyUX{KFE
zqosSLzs%T`k)J`y^vryjrJi*)i=OS1-JheAQ*@E(V$j90OQ=hCbGdV4bLaDH^BONp
zUQWNfe#QODi+rv8;sVx!hyvWz{Z}7flf8EF8l}*$aP<0~>oqsTZlvAVyy<oGO_51a
zb+LGHM)B4y|63C!mL-j)@}>D@Ol6T}i?<zb_m=CG-@7AnC*uyaBB%m)_t4$0d%E}T
z-50x`Q^`;nQTg$~@dtxdd#fH-t5lcN2-IXe1Rh2_{8W3QcC5~(uA^SBzWR~eqZ<vp
z4e5=L#+XJzlV20=vGe1hC;OgsJT-jU@J#htMYB}%^%nk?oL1J>^R0AjEcRR5nYQJ2
z-}d<q_m1h#qn#sN2fO;aZMvWLSoC!En)YI!?|$C=!r;Y|mwGRo`gHmlUunN;c&+`q
zp<k!JaX@$A@u2?T(;=gw);Fj(?ZbPAdq%8B`bH0o4vjgCO^hEO$4z)me3(2vNt}wD
zB2Op0Wqh0dj_Y0ijMz-+?2g$QoDQx9zZd^%?(p37yyyJq_hIiT3+ER(7W0>oOZPr#
zd}#h?@p15z%cq6UXFijcQ&zZFZhTSv@@Um$^%dbLVSyM*q_1Uu75-YWuC?Cr&HmfW
zM&Jf{Go2(%y8B)4d+(Oh))G020;gQ1?w~%U+0fq71L^cL9-$sTd;uu<$>0M<;A<5C
zz~Kz~4ufEr;PO+P_k#lRQ)~*tke}~u^zY!GV!`bPpbr65m;iu70s!o91Arp%mIGmS
z@O#@;KVkwfXlnj?gP83r%tuq>2LNFY1zi&oo&HrE0N_snfEr4tlW)@L)Z1XJFbM!{
zAwR{J+tf^40B}oT8+!d#c>C+GE_xfl&CEbyGJry)0S0aelp8|t0+3+a89~PcyndmE
zFhF69OmJovRyL5JfeT=OK%opUC?n%`QUDSMJ_lgjj6726rcAsCJ>b$Id>V<DN|<H#
z)VA{<8Y0MQo(xT5VHFS*5*Cq@S5Vxcq@}H+tEX>Zw%6Rk(#m?@;Uf-?PM}NX>E-R?
z>*s$eEIcAIDmo_i-1+2`)C+0pxp|kb<QH7MR#;kgyZlbY-Fx@z>K`>UHa&jww4<}D
zyQla0i<fVPM@GlSCnl%xbMx;P7MDJJ{6t*)y8dlrlk|OSn=c3e{fVt#Ir|-7+#p{J
zFc=gD-{uR#5Cz^)ZWyDKIunoSLAXZ<ue3%YGvA&|CAIA=GMa}7{3k<)SOsLY@N&d$
z)_!pI#~4fcf5q9ajQxeLY0!cGi7N&O*jfe#u&bcp1$u1T7ZV(Gy1)x`u6|t1KQ5N-
z3-pD4zUW{fknK02P)6`S8#5F0FOUBCH~k%$MDn6f0qjr+s7z3900q!!ilynmfA9Ys
z8PEs++b92N`bZ!8bNfV@5YUSvgv?TS598@TRznWt(^k#}g=a%*)jJh(r)@O$thrbX
z)mzX`ygh$UX+l_R{8RBt2JtC!vT5TmDUCR1c_go+RboV&E$*GjCq<X%2hKJ><2zeO
zGsEICiwTZulWZGI)Qd=bMK^+-H0(e;&{8$?IrhrTwcEWBK`XngPO@memC@tgbDnaG
z$)_jwB4QRZ89-yZPG+Y~6pL%wP0r%VNJ&dwv2<X{_*IjEe+s{gpIeOZ`>)LQJUUBa
zH#qOKY<6G?N7N=!J($K7IzZvwG#yd9O-in4CR(M8WXR`_&8}#a4m``Z>huaEzwB%{
zPR+vNO6dTE4g}hzxG9l(2}_pa&AUsY4a~&9^<Fq#R;S=)5yS2wS8yiVNKirOc~1Z-
ziF%P@MueJyZUP4#Xg`E@m6@JIA0>5GeGCi!$nKPNI`_pha^};_kBNgOad)9qN#(D-
z_*4o%e8Y}3Kt37Z{*VrIa_k{H6AMzi$EO#Y8dNIwo=*Bczasi@f9S3Y_>e{Pt<4%X
zI*`;zo0{2862=9>Hyo)2e4mhF@fruhgE?GGW}6=-+2zKW4p8ckUcMyS2%LT%TB}#H
zgrPAPR7BfsC=hyA0?4tS3S``eX+jfy_!bH3<-~jaaxpIABgbv{i}Yn#VvM{JFpkJZ
zCko%Q4Q=W<m8vpoX|pSTb|w1R%A>Pd0k8KR(f>}lQ1?Q(oxxg1N(PcP*J?s7!s2iU
zl7jCF8*xuBj@npNNisV&svt0C*3~Hel4Sw&xHZ&zr=J&2q434yiv|}F*_d{2jAs_A
z8^tb2WAz{(Y)59as#A^^1^P$WT4-NepJwvOey3u}=<!wBesX_cTCP;`A%rj;fTKuo
zykj{XfYItnS#tqw!K8g!H9SX;eQ28IJAUs8k8p_-xkoomcoNd?H(I;4n1H$+`(1gX
zpZds{E4~BCJWrY>_KVv#8;uh_uG!u>My)Ezk2sknopR{zzQA|GAqPj&zttqD%q^0*
zad$|GvUvf$ro#uyWy?-y#cV`V<~r+zb$NCNq)=<)foRc<a%urOjKDT$RD0~BvFsb)
z#4n3&HrDnr7vJWdfln^%z0BKlxJVH?*vv~T!xwiU&K>hzf!sPZh+zISwg1@rW0_y1
zl6QJvuw8uq$|O@staVQ3#FCKq*NWv3GKRuJeKtoFs3jY=KXCVR6MLqk@!2U-C7|MM
zKg;*P+ZR(VuXNs!oO<xAF(04<A}E5b%fM70jn$U$)e6)UQ-r|O2P7*68gaHVy3Aqt
zi=)korKO;fXI+!NvDY5_L>b@-8EoC_mqVRF3zIYneH&*<?qz5ZlHqOBlIUQQCYJzZ
z!;s{?V!75Yq9WyPPUJ_*UCp(=g|I74R|Nhqy`l6sf38`kMPhJ^v)RRj2PoW4C_XuJ
zTFqEGV8g&uQqR-h$9B1D9l>seneE;8Rc&&U#>o$Af-{AY#ETn9GT2E|&}ro!+Nl*i
z8J+-TQ{+*Z{Ty5C+Erw&uT9k-GC?Mwnu;lWeRx!l9Z7n&YhWrBXLCwm%QtOhiI877
zm5KB&@~>HN(Vx<O`&Kq|znQOoR_z<?E>tjf(((`qK?j(=qFF}6{cMX`2z21^5ZWP3
z5!sv)7uKKa;Q6UQFhq?4a9*JnfmOY%X){Eo8;ej2TXit)F_?ho=EYqYev;cdN%TOT
z{BF2auBJrM#gqk+MW-Bgrg`Dn%{vzzqn1O!u}=qx<6Su<ov+79$~b1$=+3z-Ed%NJ
z1dX0?&F&b!u}i_Bd~u~SFJXOLOf)O8@o!P)07e>HTTBsj-#A4r!gz|SZ5UG@u44r#
zDB@~DxDTP3I5B~Iq%oy1IhW7V&92Lu;I;3*fVo1L4|X>SS7;F2Jxfv?SUHSCP7G|+
z60^(02xPo?f64r7<N+f8v-StkN&3FoR);X^w`VG1E-zXtv%S3V>b3#q>{M#%BaUNV
z*r<nkW){yL+OJ{5^Q_0t^>&gIp+*NYNe6Hbu%f*y3c4w$Wr=eiGs^BX5}BT5cZ<K>
zn;rI$S0+day35d72>>LTU)?Q#n{dl3uZ;nF6)}~!kxHtk1B`{#TMeM~%~>|P-*=lL
zN?5;-<uQs0coh|rA~`XMeHR{DZo$I)P=UHfJ#Q<qGy#=`m_CQYBw}%?Sc3gPBC-*+
z{H?q-htTBkD5s-UwjnkA+R-ECA+i;fecJUZ9ZLm8?{0jnS<bT?*%=YQtZl36^|<j#
zmUqh02@Pw}%t~cWX2~RGTzZo^z<2Qf-Wx+7{&OwEf0_gPpU@uq$e-6IN}_4_hQu$`
zLb4(Ed^`sg-xn4>p#uV{H)#AL!%k7zgH!tzqG?;b55Fk4zh|F6_ZmP8&JA3k8Inro
zJnxWVz6h|0RW;m(-BU7bG`JCJjf+z%A#oE=9bVMAY#kKpn~JI&Z=vuH$McxZy|_cz
z{cdG+ZmQMsgQ7!DD1!xeOh4T1{P@Ua$agFqVC9_~pfX_Aj8GKUI6DHOy-1GWcrMO+
zE+DwxM!PNC^}~19TfT}`pWVKi176WdV`o>GwqA}#*=RT4&A8!x%?hfJ-S8cBp?_OY
z{KbPN$m?`~P-4834h$;L0hvxZ&^`2bsE}wblFK}nIeMDx-sOn&Z6X_`VP9v_e0rGp
z(^fvZpBOR+&{9M=ZlJ3wtY@mIru<`TU`uyrbMVsMCx-`dk7bDby_k;k+Xm01n34ld
zHG=N9`Rw6~pjWSGmw{Smp##ssIfocg14b)}vwROCK8sFQshzfeyZ6fsT7mTeiyorr
z$`-FVz`xepJCG`&MXYY|Jd3}s_NbfViDj^cR%eicP$axO&dwZ&52gcuU76+YYS}XV
zdsOaG6yrBF>nPaALW_IID<Q!_Y0_RgLJ`8Sb0m>vzgq}N(kwnOs+-0_drnwJ`aLG^
z4XzKZc=_Z-AD7|Qc<=1*L^=MEk?(K%5Bc|qaI*kKc+Q>CPj}2szLBg|e;jT;lXGQ?
zDfE1H!?K%XLlN1uwXVVS&Ff$#=_O&GL%@sqssL~v{$u_3w^ZXblz-KwCXD~8OE=^G
zAba0e{zb3yLH>EKM(h5e4*YxF95Rb|R7pj&8~9whZ@F;XWxCYr8b^w_g{dTs=?OB6
zCNPe6#}zN<aJFw`<UFz<>nfouZ``PbVyj}Qf0Vud4$=P((f{p3G#b;p%J-SZO$cl)
z!}sL{XceUK8YEcn$+mhgfwPA{KIq0zHYVjACt98hYCv!uZyD)}C8oxg><zgQr(t`x
z>QC`5G4#<t&x26TA*Ip*X(rHZI6*F^3XD!TA&CguUXCzY`zC5j<t}ud4ose<S&|3H
z@E3HTOuD978TU7+|IA>$2Aoq)A-{8huEVkvl9rL*dhu^i2?&t8y=((yW@|c7I#+XB
z8JzEbhx${vgVM+TlhnfTKufv&vyzz)q54_DlDP~xue+D_ElEt?LZo55SHB}yQOigL
zT4s7Hp@x?fOgPqw?|Gv7Bmg5fYy&l|9aMx|bJ2%W3pZZ=i&dFsr;SS_Y(@M4wtgv#
zrvK^LehIF@29D#E>yh<|3r99pU-EIjpG(+%Kb_`)@<OJ8zF~;qN;!GAAM#O6r@I(M
z>rFV4hb^W4oO4~iXkGsB3rM8Z={qJ5hHC9@ES!mc9e+E%cM3t_55o_1aoBZZ2?u8{
zpb#}^mf$-EZAD1SBnNEFN$%!10|BQix$JhGP?wvGzJ(YwP-d9zb`yL`_(+VaE)S5;
zmG*!AX@AP>%l%(4yTq?sa2`0L?!J>YifmkMx0?*x2qLPj2;Vz372gzC^6~4;F=rR|
zJ;;NF(%c@&iRk=GSJ)T>uf2c^-9ps*)ntH!&u;4e(nb&UDq5X5;NCPGelx(mA#l&U
z#qcU4{$W#*v+>KirkB$*jE*OtUpqNr&lm?$>j4ulgy=!EZgKaPbadMF6K|&N6WsFq
z)!zqy)htqPssdt@`OnRv_@h1Bx1u(BGa{5-m4?sQ8LxRI?S4HN6v}i!Pq=!|=Dd4*
zi(!w>Eax|bz=wy?Nt^yn!?M`KV7b|(XHu%Nfs;ZVH{RRB?+iJ|&O9k41z0~GZ?=qK
zD)#hCvHlX|b+j}K?ih8F-{hMDe<#J5G)xGa8-82Sffe{LBOhQCGjEMeTJO%wDSi<(
z{k&K27Gi%XR+VNDJ+MIsMzFXNI>6Z~N?{l=()1>zjJ*h^xNqEBDIfI-T#LDw5$PG4
z(7PbyCd<~6c4;H4VM}2?_(Cy)CgP7ITtr)rhtmPXgm3Uvg!0`Lse$9cSFXgK9fW(D
zhqVe2G3O}}rQLIOuuu7gJvWWf&nkuA%)xs%-85cepvPy*iK%$`tUI3!`fKKHN{<a#
z=Doxg1$;PU=*%K>`c*$H@QO!@Bq2@_I&`->pu<>`fXP``L?6cOJ~rSotg5--cJx5O
zE@Mv4NtvA$@M@0mN5DaIzW?#tslWKqTi&<PoI@%@H<Ky8tQsK;FWk*Rx7r~7)kV8t
zoZ+L#78bf|V!PUV3&i6D{|!y}18hO)<A0v9+EM+HM_5+M!NS@IU^IA42QFaNBm;^!
z5a6UX6lfwY*IMQgxoGG-e<h)x`<z%je`qU$T7Z3zX{G}Y(ZyRDO5~0NR>jhPd{cPo
zz`2}O?c)@6aLk=PRg75o@w|_=9DB6NIo&I$Q5UQmx&qA=R-u5wqpSK`r&aHGZcO`0
zEbb;9X!Ko~Cc^Ow7wCXbRai&tfnvg&wK$JbqU`2ARc(P>rVCeZJ$h`Jt$j|&M|h@F
zXfeS!oFqkN$FyTw87WePrFJ@y;x5*T^m__VJuOvNTN|k2<0qXJ?Re?Ym}(n!ai@*g
zjT_^i-8<bAFv4hOGJkXiE{DQb*<EOt)qvtUcFJ*Tro5tEJS+29_$LRQ_(k9jpM-DW
zb5^W=$2s>KpareK;udPQl(29R7WqsEt~h+eJgQkf45t26sP)F8l-<<p#=2-z!dNQK
zsVUtqEw&)F{IRXO%T=D$0DqSHbml7f%Y;XX#j8)bT3r$_1{lJAD(^gU<=xpZFqs;f
zHy3yt1*1SKKRx|Y7FYhPH*QWvTKVy)N}vs<ufD%${-VzJ>8t8{k5RV;eF5b)Fj>|y
z3-0SgOOUkjY;mZbt;Q$*xLKC+=1uNS|8j=c8gg}g@1M228VtTN?|<}(+>7owJh7g}
z!at8noo%#hTb*j6u?!k%;~pD}Ijg2s`)y^83tXK2s9x)OchKeSHHCcP3TxTx>@Izw
z&WY8%G}aohou8<cbRfVkdlruJM@(9FyNSJtSUumQIpg9SUE)g?eiGwxMgA~M7uM)u
z|I$8gRH{x9`n86}8dZYU1NB0m)*mal3~B&ufUsDCuaTf&ur_R;sj30*EFB7`ZOpS?
z-_7+GS1mtVZj~?o7$M(=3{YEA>$OY7)TPvr<=#?sNi1YZO2k7_Z6HVUn6cKVmgtbt
zRA#7*&F=obYfikt_ahh1?_^CdIYrCF;BJHKF*#Fa8!d$1c1)H#tC8nzKde|Qr%f=1
ze`O?8J})kYmLt2wnyYn6Ri(3wedmMQWeJ>?YIwDY0UB#L*#T`!7)V3mN|8M4DE4S%
z$7TSA4lvhrrUk2rI^7h6fVqWi^9-Z92f0j)3Ea8DCMb0*?k+Dnl6nv8i<(HKv3#6=
zcKx~<l5)US`7lvtwpU?l#XISZvghu%c4<c4Wb>|inG>sNiS1$`#ROLrNj_&ejVvGk
z8Z`M4sL8LEBk=BG9#YS^ZN||jBh}U4#2w00d<&gl)oBQ`)2!d7mpdmM-yw~SXjmmF
zZ1x}}z#*k&M^c1mH>mJaSa3D0jT!iN20JPOtyLGY&12-ww>?zy`83a7uNi_wzH^^G
zw*evblHKCp71wX}+|yPOL8cTlt9g$FKM0b)aZ1-9?UJ0GDt}^0bf?R7lAE`r;P==d
zfC75FNq961wF>P`%)`y5Yhxh+vm&jq=zTr<=!5tg&bNL1qhIc4N#^^{H!=Af7QE~k
zVb;V`{h{fLkuQZ;6F)%V>73tO`CLW`rKY_ns<r1xL?di(MqpB7GgVk;dfIVCmi}_Z
zXAWz?v%Fw@mg<#W<KuLI593)(QqF0snYQVjeU!SaJD<Z&D(;x&YOMbtq4%`aZ~Y19
zSg^DrHj>{x#KQ7$ZDXAdRAP9;5Nxj>ZN#0uRTphT#bW#i1pVA(N#EvOIRlmVW!Plf
z#35{r56K$d=#q=~NM>WUwi?Bb)%zqE8-s5~Q1*aHtu8f^B6g($9PqltO08Bgg6!ew
z_?`tO!d86#gJCVRJLoI}!Cu(+*2Ow3?mD)1CJQ7@c=K(Qv;#rmE1U`z>YTGZ@TIT4
zRU}|??#-i{IzyBSb#wL$q27)c7~(xet?)ND5ks>ic`Suz^C0yK3RgtiLCuLr%^v-<
z)zl^2aEB;9le4p~Q#SU2^e}gyk^OV4Ci545Jz|ZTBNSz_0j&)~IBqx5gl||~P9<wo
zEJ;xcowZR>s(Ce^9=hsOR+vUeMXlZ9YPON`@kcj(9W)fPVg#atDZBwk2|3HkV0-zg
zb;d}vK+EGioO>q<@iw5|d3Wbqm&s2$%6wU@&+0wq8NRUBY8Z5sr0qD~OW{V*So8@t
z8!gnrhTv(o4P5;bVh&}eN)U|>9C+j1{Pa<6#>@Pp3eDk3N1FzAww|g~m*O^cJ37C9
z9kiTD`q8PlO$x8>oZ9j^vTAfvpFQac(Hx)GRisLk&2!-}or*Y{MB5*ANGZnnbckij
zqJ_`NS6$T4IQL1<IYhe}Nxr*c`5fWY*8@$&lq)#j!JRcrxmFJ>YE<rJeYy5V;j%@L
zYx$f;S0qycN(_UW7+|%$P1#NQI;Y0)_P8}+>vPXyUuW&Bg*F?#$!qPqU2%mIhEY?y
zmA6uB`in_&PRkBev^G?&QwrACUFhA>SyK9&v(qbXtG2#povW*tqL_5@^=>4mzRcN~
zexU!#mWl}@-@*U+JEovJ_yR9QkFad8&{FqKt4W!uCoqA@@$?d$-0-pCD`v$Ej87Sh
zspn<D**tU*UP9SHN<?*GIA2#EcTuS{4;?)1IK%AV*nbAq;&$C#m)1ACCh3Nm*keZ(
z<d2j3pKtLWkOK10-0k%LO-NrGVaF34W%jhbcC2RQ!QzPATA*i<LsmtB@TAa5wnqJq
z_jAony>tL{BbErot`dTz3ec`{kOB^?Kj;{C7!5qVv^Hz#-dAWISOJF%fnmYv(&n@H
z@f8jNe4eSoID=5oYm6k?E<B14AM_Ww*|1*Qdn3p@#Zu{sq*tcT<JV3buc<kYR1VCW
zkI|G#2K{SqEK;Hs#!r{!@8H5;8M?#hY}F3)5&^ajrLV0(=X2WK`AO2NbHT|JkJ3|a
zqQjfiO2>u~$-*AQP6nFShefR^W|b!?hU59*MwyWKZuj-0MxZm2%m}7OByJ(@eyC9;
zM)e|-un3Bp=R9c8JNFK0x!MI!d}E{TVGD4{`uqfa&nv?6<(f|3rGb5TG>YsI|H63Z
zSQT0uADr&SJ@QTTqk!mH7u%qh{)?BMDoO8izPbVM_(4BBRqk$;q`h&kZ|ZRMM{5%g
z_s)nB`b&vv`QwhGfe$Lw8%<8+Syes4;pX{uJF!#B8}X!;`+X&71>$&W^T9Y+{OQK6
z1NQ>YDp}qL@=CEh@nl~1WWw(3^zYA(QtPl@NX}19A_7>VQ~QSQSg4lf^xJ^OgEo8@
z&b<6E%;X49Vt!s@LRbQMYgH!%E_DSnlREc~qIXxUk{$2)-ZkBQS>kA4OkUa5VZZlZ
zJQBwec3Y%>52J}@Y$$;llXhG&MR6yJ^ewg^JzkH(PtZNT+#EOWF638eoO~~kEMFFP
z*EHBaq&di4)nEMJn!c#@^IM36rL7@@bl|l6q-fVxcT;M!Hqov_B&8%qx;r>9u-e&H
zt4<ekkmt~=-iJV*t7Vtkl;K7U$@+mpYO8Ye*UnZUY`(gZ%c-gIhRd&oal5Q<J1Vbc
z+QaJ)x@i(NH?pWjt*WQiqA_^893#WIv!pVOmd3pME^e=Cv)TAkEKWRG&2&<!qD{=!
zsij1mEk=;?<|@u>k;(cZJ65VA`V{Y^o8v0W_6Z-2f-xvUKWr)YHLDSOaWz>KxtRG?
z#%=kmtANJzo3hFtwhSvB_NHrEL7w|L4=f7tFJK98-D{nw0tj#u0p8Su4)orIelh@y
zu--1>92)6MM0C@34QW+D?WZ?f4}7&xV$<KutSQiZoCS*K=;C7z(Tx|>i_Mnzr$4wM
zNtHM<`EwJuX>f40v(3)xw~Tw8Gt?DsLFE&SFP1h3&mmU?$;N2uQP06vWzuTrj8N+}
zqluMofrqAEIvu#4WGk&Mfje17!jP?K{ovwYL_T4u11mua>zYcEx>6Nh<v6u*;#?&t
zmeYvipxTtCe;;t8KBNO)Ijo;`jm3zT-D=GKPm`}-tyT$Y=u`Ab8^8b5sN`}sE+OC<
zp?F(uj0r8PSroQ;4&Gx!;mgz-`-dZvPa4koz4$7ZHOULjdz`HZ9r3FvK;a)_Pu6Vh
zlwbkZzLGlWK#tSB06HKR&q}gukHqqz4}(S65>_^5>rWLNJI^&~i~X{E^R30?N{apu
zojLsmb9!Kc4!DirhQd+lGn_5WPeb^2nO09)@63M7=-`}o($0h_ppKMAHlqL}vwLQx
z6ldZ<Dn%{kOwnokQ(HG1E?3{wReCMWqxqKI9{zC1Z3hl9b$BD3R9jWdfmR`cp%%sF
z9!%r9t+GQybMeV<!K%W-4-Idee26wDyVG72agBXJYt9X%8*{(;rmUd;_L%GE$TN1l
z+4qUfC6~!u96%hec}&!~R&Xeg((u!>g5dU#l(g!P20`)TXDdE&xw^REyuRmJET<(7
zyt4eq+R}i{Mlqr_ac6_mW@Nw;DoCd`gD1ZQ+}y+bz<cJ*GX-DnM!Ws$uVZGell|g*
z3;Rnr^U5ek34!lM`!39-h)2G(mW|Y7y<g8`y&C{S$}6SK=jPN_SO^Flt%NC$7|<($
zBs7e^5td4I8d-VZbqUh$?R<Mr8>lOHNo*TesW*(3K9_aS0XCXsbZ}SUHH(YK{9_xc
z-jfA$XO3%Vo`}+GyM+iWZH)#KT~TBOlBVlZLQ|%(0?EdDWVyKS@uTLkWn7Wq=Z5(h
zvmHw%z<40824pE-&d+H^krW2@wEM8u0EzN!ID%RARuisiRW@z%aDv?{ONM`BVe+fM
z5mcRsGsL79u4Zc4sIk3US<_DY#w_!&AZF^Bs&JQWUR!6V-?p+{TSf(<CYBspGWNfr
z?IdX|F5<gF%mrFbe)-Z1aoF3HYiFWg{dG=v1wugLR#sZC6TwAccye_x*9+LO*7D$!
zYo#{?%nSGKgy_kJ-$EQOZAP_W9?dRK6YbpHS<&jGWPA<xr|c~0$&a8^7TWg;`*3&5
zr~{z~^d4aO;>VG71&QCtHLTIYb5ZBl;|_IGo@E%mJJmlkC)j4_rZ4AsIEj;49JK!X
zK+C|kZ5g^bB*<MT4kM4!==9G0;Na-HscE0|MKqo*{@YyS5ghMV?zY!4!4zG=Wd}N7
zey$xwvOkI;egd|#!5PjHoZ(zW@f4&$1V+d&zm@;V^!v}6r?}*c<u|6D1%aZ;$9X(4
zim1`4r#8?5PuD$Pl-Up&@$5x0S7k$bYmU}GQ*UF1P0AJle311~{skmgs}UMOvc5a%
zM+f-Po~6+~tA}1ZI_EGVS)Y66HiM_Ls|{cU%fwxB%e(U_HmJcvpt9_(c~pQwYPR2T
zYtegO9^6ja-F}O0<aaxE_<!%yjlcOD)F6bchIyVCLkB!qQ0vDX)|1h*zsLMZi#31Z
zo@wQq#Q2*L52Edkyg6;6>3YnL{lpE1{$xwkVOM@|bsF2Ynry62P|Hx&4(93>JM+Si
zaL*bl-aV8GowSYn7g;<AiAa{BXb>t^c9RdGk5a3QcTMZmKOiahG_~>)nw?Z%b6)Yk
zt)xmi`P@9$G4z#{td3Q?0;;SCMJ)uA0U076z=;9{##>!auV#4&##Ubmh(YCFn=0}e
zst**_6K;Ebh7QzATp=6yhf&N?^{)q}B$j##Z_^aMFJjcX)E1~!C^VD$`8m|P9Q>;L
z!9jQq+JIUV4^WUJOJl7(B+*WqVDpol7lm;$`x|TXt-juTFxZn^ASuS1IWByk*5h8g
z@$BB)fMc^AIdC^O*XP4_MqB)sbNgg&)EhpMtykBVy^-g>@1Ti<>n$`VNf~bka|PMO
zo?Exo?Tk&K0}cK<PtjZx1B(FiRU(%KIRVnNqhG&91)LGYsp;4cIV1%-z(PjQG~Evl
zfu+o?CeAX(OGdl(w$Y3T@o7~bp8Cwze%#zb3+gnI1y6lHXqB0k{M}-3m)^(YYM>YC
zIXkJ)5j$FwhE^dobr|@Rc}l+yj_@yaHZ#&t0}mseQ|9dAG6yrbKy*{r_7?X@QbUzm
zTD(#;yt7Dt<d8b+yHisR4a;-dFIXk~CL1$vu+QBgMS+p=z$|lwbHwa<8Y5vdd9@<v
zMee-yo0SLU(V&b7J(*5MxEoHjV8&QC09jkJoII!EIPXe?chtaV-QBE)?LtCIK*yp^
zzfbeo9_On?)(Y}1(9U9LD=W#cy{VWJErX--?jvlJU{{X078Sz;4u3z#v1oEZCa&$o
zm&2FFS}f85&>s|v`r!|vKz~qS8AW=%?GM7y{KNs!A7q>lhJPsRNxri}mcJQS(H`Q@
z)SkSCza-2HO>D4WjLqVMe9cZJi^o5o5gJozHpAB>7jX?Yu<64ZH+81OFKe1huL+Aw
zvp+E8GUXpZ@1fqn_!eixc0{MnH6>7fczE1${Z-}D+aBJY)IyyTt&`nnwfP|PC<Mk=
zZSpf-qDJ9@F&_!>!*$f;ef!bCb=!4(e=pk8QMqWcJ9KJxIgBh#y6*IZ2v0NSCz;t}
zn=h3YEiReW<@<XD*%&@Dzm^kfE#I0`nqc${oENv{Bh%qj1R=PCIwZ4aBr2}Pwr&{L
z^r$$xGv;DXB2wnulLO|U!QQpHZLs%ZK!a^Jfgu)x_8M4Q<=NK4c{TVH+K7k&OK>t7
z-k=ujZyv@K^>dtKTj=-zI+WK<y3dH{E(epPqQe}T#+y-u%JvPxv0RoDkDCUUOY;@n
z%w!%&T}k|4`n=}0;w^+IDV1yxKTs?farE14It@nHOj|9nQ!>nQv1x3%!dpG~)nXa`
zQ131cNqaq8kL?KbZnh-Uw7G%t#;p%01FDqwHP&4%`BaY2a)A%))%cYr7>9wGDNuD~
zx?^7tT%a5TRaYdxBzn;$qq2(grGI(Y=*=1FS9YP++V4nqxTtn_faJE>F2M+nh|&*F
zv*X7rCj1F5#|9ps_<qSEJ?B#UTLk|nEqi!hF`*L+y2;!>HrwJ+pr70mFw$&FFvQhl
z7zqXtrn`+1L)s|Li50R=K~zP%_GLrkFVDr<1F|O$rhgMrgf6~T*wCcrtcxGu2rwfZ
z#(h@qbK>bV65+ob+VlCjxA%E|$#u!aXKELU>wDV}8B>=H2D*!((U@+*{ErLW#x-|b
z++JRYnX1wXG8s4#;?@a{yNU#q4|Z|@Z_x;*Mw{9sL<wWJ?R$dOtCYt2<FZE4&pjR6
zzi6hn69tzO$@0-ymnTHs3}eA)%OfK-$6tg*MU^@a7*)sCKPL)!ezDeGx8;K@%y5##
z2~POg)L=9cOtiIc$tU0b<V<$WFRo}02n@M&ZqZUi$=DLP%gAXv^yH+0p{M2cg2Q<#
zXf%Xt?tZw1P#vRf4<+5il~y5A4p>A9zETD2`z9!yBv+f^@p3uwV$b8<yUO^NVuP36
z$r653=M5Tj2*vG<1&;l)>3-qLitn>V-fPr#FiWn>6mB_!3W&IXt)Fc}Wr~~^Y3i<l
zk}%!6j(0s%0^RpFw&rRXU2!bbRbpA@RLV)f`d}tI@s3Z84id2VZ3kKR-g&?7nS$F>
zlLNJnl^4xK8WABkL^h@rp-VYDwC9*QOy;-g8a`4dKJ|P<;DK+HzKmzDdHQ1(<F6N4
zUZ|Ha$hD1}Vf`VN>g2O{Oe)yZS{#~S(k!RXR@W|Rj4hj$wx)N<fh3D=Bf6D=8~4Da
z9Ckx8KV}F?u%q#AASpgAHjdjRxD&*&9W7DqTXL((D>~mrjJD7`N6jC8am`;&k!yeN
z5v{$gZLc<vwZ6+?<!;^gK4Ms!g#*Ka=B&yyOlvJI4_|!Q!DR|B5gU&oif&*?9K`gE
z*+Zl!;MVtUU7ZV_Nv`g;O|8+FviFtQie7<bo75Z!Edb~Y)+;Pe6YAaF`6=q8vtU;E
z)P*dO8UI+@s+(<=Lf$;)A`f9_EMm5u!RK_Kt{@Ba2Kh<D_?+|K;tqYM^j+_JC(u7P
z=i4S)WG(IEnZN|<i`=%pF#Zrsd`=vGHKhnKWMt@Z4~!uf8n0Ef`*ZX%Vqz~zR}!qg
zC*r^a%imbtI7@RNCbA41Mb-5L8shvEIKkP}uuccAh5J7uA?<QJgIpUy$#jP9YL<u{
zzwS)yM%GprNAXirJM5TDjdn`t%M6}&7`ptPUs@~)A(_5)3e**~G;BQ`Xe-WA;{yX4
z;nL_*m*^rP@6nx-&vF&t_bg;BSa`t_4!qF^zSTg%r8Q5GW3N>t=_xYh*mO5xsf$Up
z1=X=8^ZcpnrgT)2@5M`eWw72yU*AH`ZM=^6Ku5K<WYAbM2m(DjZk{MGBU(pya%DQg
zdMwSd!3_q(Q@>xEYa<FKuOkH}Rd3EIdp}JSv%1@rAjSZ}Wp|BHLuXWp`R8zP+S<X~
zRzs$;rTj|e{c9{@2yZP&KxeDqAX?6ADk?QFe+(WbBb{p+3Mk~Bg}8j{i?-}JhRD_$
zA8j_2v4MqNJz96!unk6tyXtiKPf8;GiRVC+uMw+O#;)VuxgV?z6B~2}9s2D1FVCMN
zal2}V&;c$w@ZMw`-0~3yrhujrjDxAgt&-8b-SHYvhMUbWaw9vu)|8BQ2^pP`0G4gz
z65Zk3X<5_^X2RHxD$E~;|ECf~7N7|GgGqFNT8dq+CzXA78ULh>enM8K4IWeIouo;3
zmVUrYq_#_FjT)((L3d*s?JB;Xt&Tt9+Ui4GyV>QLul-H@-yR<DuPx;~!cO*Mrpnqx
zDzbuf&{j<kN1Zy)tX>Unj2>S}J(Z(~SKsWnB#e(ld=DY6(he09;IuY3Fl{!(VuHN8
z{=X|Q`V-G4{GF7y%=~%`8eY{awDUFiOKoDg`vXmo62DVIcMjUCsR(LCj_UiTNmiF9
ztTa9y@qLvu*82VyL%QNWyb%eg6WH?@?pEFz^y$1giTtgTq~f`3Z1qR)NzoONh>3GA
zuAcU3i>peQ@BpU^>}S0D1ZF;`D>$nFBQ!@!jVuTNchIFBTTNMSxg_i6c=M#xn*A~~
z#&xCObnTabFZTh(nk-cC>NK(g`7n6--dxU<UH3({r8m+?!#{IOb9^Z|6Y0`fWOZmM
zJQJcUQV)cr)9j7eNuD%LNpRh%nq-Rg%V9#>Avv4HtL@Y_d<*Wq#*>}06%=QEY>jsW
zWm>&FVsyKnE8ge*AbgYG93zY&EY6bjJZahBD!5uP4;@&OL;fua!1!EtA{Ky)w}Id)
zeG2NsCy?+vQ4L(5Ir#UG_V5k={}%o?vih%B{;MtjKOIC@z$p*wXDiq~+hCc1^3AA1
ztVFeHJRA*{9HDe0y<82nBVCi(bgy!12#3sSQ<^ZH*D*MJ&Xxg|(u%eLkI!7`a|c5p
z4iv8WSWWsPIv{?k_|cWD{-)c#I~@(qx2hA_-nm%nbyf1+dEOi#DRkxml=I0g#7bm3
zO*Nv1q=2M|-6W$vG`SfPP`%fh1H-(9i^&Gl-GW<}-+V`}SVaVcCtuCZD862ykWM`X
z+Cp)#HU|nASTM4a0_G5@v*Ng<fw`ze38}lH(XIUj8=<-P&Pab0yZh;dfg-EWJ^PZ4
zyYMdyzg^-56OZ;_%M*RUTqH9cSU=vdo*c8(g-s=(EeA^nzo;G?J$ci2rm{KreqW{+
zCN{ySZ^MlaTw?f2>)^qBcwG6B_3J=NF#<;lDX}S;e%tV-&(N-=z=QFMlh6y=O6<Si
zQTcmECNY2Ju{FigTC~mm)@1xUv*TH?EZ@MLc$PL#k^G)GqKW7crvVHLO>357N#vUn
zA3Yyg$zN~RB33KsEGQ&Hy}!ltkGJW8VS@1?YCgv2^XlZA`MLd@PwP%$2}Pt?2V%H~
zlzQAXZ7B&!eV>`beG5I10aJI!@kIp+?;hIL7I`CCu-<6KuE&nITVg|{md^!m5eu2%
zR9^p*fVwt7GN^O*1l1{;WGZvA)b2uT=tKBj+Ut>iM2#e}1M7*wT^ESVM-dKy=fb!q
z_dYB`8xuy7?N0>f*(JWEI;Y8Q%40>bIB>rFZdrT|vs~&wyA?R9yb(ZS>7@gTUr8L>
z@e-I++6rvCg{b%YH~)5xGHHA3@GetMaDO};N*md-xRJzmw4mqZ#fq2dGDNx3yFkd=
zxx^33Wc`|XH5&6Y9Z+VEA9dd}q6437{7sOP<-Z*v=2`@oYI5q4Lm~Nk!uJ9e!5_;=
z1-I0r$jp{tbg*y>QHn2OOP&q-^odiWLPlHVKPHv`zx><<bYWmJXCL*Z))Sg^@#Nyt
z3L<RY_7H}b@)cDuC%8r%D{h4fb%Y?l^b$5}?tWfdqOoMr0VKF*!wDQjd>G|es>LnD
zBIs6vZsFw^k}mC~Jh-3r&bvccA1v+$W-SMmFuQSp0y=<qrei7Ipi@{$2NopaL2a%}
ztH6A0I#M(F!)lie;B={ZST;KFv2iBB`1Qa0mmU6|*1AuYZ#%jcv)_+;ZrrB>PnPJw
zA(wps?e%X@5pSRV_$%%G=|IR|p>9EcZ{WXUe~<YWryTx0zsvN0eqsb$Y&U(K#<`Pv
z3FEn%E>hf%V)olA=yK=z5ZcmMLA@y(IVRAgenX2ROnz=n3Qu`Fc_gX4iQyJ>i>(x!
z31)`RJsH&JrVZS#j#lW7*4x5(iv&~5hv<OgcREl2PMNWHp=2$P6idn|qg8#S1F8eG
zZ=nCj9gZ1o#VkzHftmZ;U9jC_(jVwRC7KTOfw`uZBbY8%<hS7B?~$0z`w6J}eafUh
zaA)^Z)Tde0+A<wjbwCmYEvYU`G}mJ4r(1~SH|aDDIxwf2v(+>}d4?j7TK=~oe@G%D
zKYH;oPyE1b)fk!XnC)I<r7BQUFu1vaNx_YFQpp`OFEKvn9@>DY`b5dazj#W+GRz|)
zOsb=;NquF9OcC#^EQd5!(GXS>)UBt#Pu9)Tq_+L1YB2W$4mtCNNPfqSm*a=(t{-SM
zmDMb>l$OYRu*-6e13+tTFY(d=aMkz3chtI<!)9^_4N1b_R$1K|%kZC>SA4?N>+ggf
zxoGvi2<PPS&vQts@vktC1k#8bm<ta-JVkCu5iGN`?bwbZ)!kR}KGNJi7he$!zSfMc
z2oYMyinDYF;@dIIG#Ru)Gig$xYq!dJHxbn>j&Xg{SEoCr^|=<Fw`<~c0@(%fuv0A2
z9Wx03st(ScPITa<5k-^^c=Ljj|8USf_j-520TejRw*`|G;srrmU`srxnC+uru$+Tp
z0uPt%9mcLt-*;Lbr|{;`4lWTyX)k7zLC<nJ*aYb_^lv`E@gsnTfkEk&6x692auMd6
z9JodA&GrbD38p+yCp%!?g2VKlO8IuU|C<aI|2$HRB3ctY-{H7rm+I;4o4q1`;uY6v
zX53obgi}4ZB&tr(Y=63$NRbP<O-k2Jk5QfRW^M23xB!=VXM1)xpFPC<=ll3<CfWlZ
zoZ8AeLW!EsAca?nS~TQuY^^PHm@zi9x><|oKpaeE$F1G_mndSZU_TTiFt|d3pM>z^
zfM~Sm+={OGNThiA3QW+cT*FXU#q;?W4Fpqy@fi}hJ^?>QdmYa~6kp6BDByeQ=g-<W
zvxm6P%*f|3wjp~(u2y?9V^Yz66Q4?3<Nn&B#D4_)NfhG+I!BoL)nzE5#+_iC>{U3M
zVWfSBlyPKqKg-7S^_z~cr&5bOYqc!s$K!fO4rYfHkBI>Pe5h4|Mlb>OPpu$m1aBe!
zsTIW5?^A^SGb;%8WBUJv4WSX-DdP2nHS$4j^j?z8-H(pfgbNOgOJnoI`(FgASj07r
zuVcxQ;C4R<CdmC<BvuULTXpo)vAu5^8oCZE<VE;K2r=RwU&yO7XGg#)cd$QrX=?n8
zXowf=n9XwIdq&Xh9zgihWZ$Tj`uRQ@34AlBWBF+p4z~$AaqhW(&3i!_2QlXmwHSq~
zM1tG)o$)S{K7{-XiAUUWr}GOsr@A6_*0_g5((#?#<2j}Yh-KP8NiP1Q#3SPW^n}&-
zXB#g_8FOmqk#&OI?it2hc`rws)o|1>r@AnTu7KlVTVaYgq-OCfjU$MfPeYKfxPly1
zK(M&Kz|+l)1>)X9{)U+n*0(SGIU1^3`kHMePu6I@D^^c^wMTK_IJlk-o}3&2?Obm$
zXy+8S?Hri>2glESBxvS@F_U{oFzeIhgYfm2_wSZ~zXsa|y~X$G_es@7wDY_>6N$~5
zHcK3<@-CfNJxUwK7`T|XJXQV9T77_%DKsFLFy3pI<fb)JU_pq=4Bvf>*t#qbd!F}Y
ze0sLsM-z#PU(AZRuW`-o-uv>YawE!TcLr*>6fihuS+V0aAK#T_2uZN268XDcS%A{h
z%V(HnU=rt@)<EYMZbj?Ez`=7@Hf@-Oro`|JS9muux^y?|;;LP8;O%EAi(_*O5{{WW
ze3Mt;`Mryf3Ew-Y8YP+!>i6-TB6QPbLub1WGC+q|u%jl!SS|1MX!AiF72(tpLU9so
zw0|u{aeYy9J78XIJG=2$esb&U-(;Ybb}S{0$v=J)k*)o{UJUY0K0)sOW`VM=zsh{&
z<22!yJ>_qcg*)!P&zs=1elS3?Zq}y*rfk9FE$qD0&Tp=2_C7XjS1XiXa6djBcg7FO
zYeo#LZiyT_<2>tfWe>SJ&?}i4#?BN06vamL1l+Ga>q3l5HqumSmXIA)(b{|#cv0om
zNA624T<W4Z538tsP4O0QeRtQIaF*8Qb-5ugb%o5j)T_5KILPLa#$E$_P8sn-NTjhu
zeBUhNH*i@O#qV9H!q)k4=Qz?Q=XH_Ar7^|%G!5Msve|btF6Ez49(_bTBuYLTb?MmD
z*$a-r^|p`pCnh}ihOOPk;Vu=eLn_QIch;Kn+G@h~!oYff2-#6^Ps6@P>H1%)PiDyp
zTST!6o#lzS#lfo7P`+}L;ue>APs3NV>_n&WH9psw$qDnN*?kx9ggmui)%=)eBH;Ic
zZ0oXbM6BB*jBmM2)&hS4nOMd8vwC0=#wbvct&G*cofHj%>G9$XH;d}=RO4s?Avt%|
zqeHl?iJfUl2No3;2aW+`-wh;bo+vu+J=>$#D)p{>iiDbTe1>mP^RgDaQgQSG`m!M~
z<8;=0dgs|f@_j6rLptF;MF+s2!t)3raw5e7c>S9&T<F02(T`bHUbg#bOK}M-n)|BS
z_ik?7)&HQp(brL=Pw>rtAb6M%R2gvJq)mL|&4a7(aoDAGEeHjV`9rRSdnT3;fdMtF
z9lLQ*Yn7_==?YmJ+<O6T%D)^#0o{_iC_IL$Gd&2OeDs@H|EJuMdv>u9crtEw3cHa^
zy$9}u6#?aABsCP?LyA`ccRA}2$1lhP^r;xktq9N6);DBb9tcak#-`Jy^s<dR7eW>^
zkLN|Z6R{M2cN)tAo(1bSn_;Xsi1kCH9+Ps(;hQimvBa;O>a^QwG<{tLR>MBCC-+s|
z#eJM_>u96Vmc2!M#NLEQ18Fm2E!lyHqr<pSm7o{XqEp8$<g7KKSr4A`TIYj|54i>7
zax$^Z#`5m2{>7X|PT+5MF7~1PGHhFuR`Bh>>d~9&xQqJGstCcEorLOZ_l&ddor=ug
zyfm#nZ@Tk&ZdIL_R=G9Ig1H?X2yX$x`JA9QyYyMM*8hjSHxGpJ@Av;llr5(0`v{S2
zm5_Ck3Q0<#h^g#JlT?&3Bl|ufe4<PxRF=su+t_6(Yh)cWNLgo+F`1>`+von>=iK+_
z)A!uxKHu|Qe&=`oqN{Pu%yqr5_iKB;9xqihe?LlBONK-AbO}b2R95p2$))vf^s};W
zURYz})W*5$o)(~ssFx`o1pSuusFQCh`W`u)P9rbxN$&g2{b+YLms{fTMYq%3{>S`H
zc2e`g>gB!81ZFqfD^IJ;wMmkl2><HOIbF2bNi5g)mMF<|qnlEu&zAS0chT|Yy-2NM
znwO6B7Y+AJ{kGQB!Ai4UxrZEIMb4eJ5$IO+zqX)sbB~+5zWv#E@`+DlS7jZh^BOhy
z+xDXjhK*dGjnG5y@QOV$d4`moF1-YKQyRmo6c4HU!a4W_pF;4(jAkBYVF?~9;;0+-
zVh+`5_g_q06_c|2I6A7steA(Ug-5z}NRAd94_*kv(W0q9rvv|V4-<zey`E3P($5E=
zMN2<Ei)Al4Sr^yW+;>;IY1ef;HXve^M-q`4GRU#+D>@6`f@klZCv0V^zDBvHoXl)Z
zH?V$DU7Mk%{k12Ms+wB(C`MVK<)Oa5>^ug_yiV656Gh%nA^GTpV}olos2|nAxzD(U
zEki6Pg!KJFpl3!yj7?(O2~@%RIrF;rO!9(}z5y@A#ok!$eUb88+uY7q^7VaPzTBKC
z7qQ{&eM}`P?d@F>b_+evVyIlh5bjg<ratm>;J(8qZhkcfZXW&-GQZj7{hS~MG{cF+
ziaH`wM4Pm-=+4+1*keJltBhgp#^5Jhu4WvW4|`woD4oNq?XWxK#wYF!2rKV7VLMu9
z9z(f67!f92uVk1Z0;d}=V&9QGBk%LCZir+kjcSaK20xe76ey#-SNQQtD*g0SSXf9q
zA2A=ph4Df}A!OJ)=;CDd{Q%j7$`%3TF^2&S&Do=G-Lga<W%J`6kp*J5xNU)6g{&K>
zg;L<H2oNm@Cwyb-QkB!m!nqc^YT4bjkt>VeWJpTi9#!mbB)thVNzHVn)=bsEnpUCv
z=LQmvRZ+Jejp`>4$_IT^)ZYgAY}yN2=dVJ(Z>T1B$?Pl}*mv~sg-3}H&R5E{U5!L(
zHb2vB_&Q2!3M&33V>!=_x2kMljYl&tT2s6J(8MFZq{oThIp#&|^`ec;Nh`cwtMsT=
z2ik@Q?wX#pf56`6?XHKq3?Dr892`=)U$2BRq(6D_B#2Z*$P0{Yk<FbxSslBqzJZK+
z<WKMA_C9tO-vW&%a<he{FH_I9-qVY;CMggZ_8a_K2gAZjKirz=;EW&ke{prgCi>tz
zow{xF(qn2bgqr=XFDTh6-jsB<wCB1dKh?V}L3Ad=ynW@qi99uhY0!)Ec}fh7)O8Ei
zB-&P{Q7>p$Nr;)rD{?C$C3F^U{i#>~KOP&Ah_Ko-_&}@1p;2tqb;qHAI*XCPEhj`C
zB)v0k!2A7~I-<vh(6e2r$grZ@u$>pn2fyB<=D&f2^Gb4t7^b*P|Ei76VGhX@HE+$@
zLxC?|Aj5^}+GpPO-&S)f)PGi8n))>3!1ZjH+OzG4fKk}keGCJjC)^k$hOSCz>WPv<
zfDKB7j>gE+m48T*>TAoiVVZhwSFZcM`C_Ij`B<+vma#t7&J-J_U8VM<<}vLD%Awm_
zbU7`$Xbbx=3oi~^{b<JCgRnC3zsv_dBSr$Pnu!SNazAKzM~l(1r-qj({L*USk5Y`E
zoLe?qY>;9H{wV{#hx3;yaD3^%=?|%``p~|yDp0p6&=#}+D-+{^5geoUOzX7_S6Opg
z*JO4SmsFHn56p{q6ZTbxyG3kuv@H;swT7UR`w;OPQ4K#KbdBMtgO5;mpQCP3;L&SU
z(+8mZ&Vf#g8E31v|L_i$Azqd4>3aLnHLP9d`^w^3#$7-+&Y|lS2KJBz!ZFZVyQyGD
zBs8$yZ18$EDCM7eb-hs%HC^tg$_wVl2z17$9^_b`5dAU6;A9i!WLc%P#^gd9TXtuk
zj;vzqMtf8lOP7DPD(myW$-QFJ+&=K%^i0m^M#y+_;bcJY>Bt_thi?U$)0J>Goc#%{
z*T1y(-qUtS19oOGYv4p8vV{1a%i{HOiISHu343SO^p!*4&R(zYp|kVmX*=et&rv5F
z$J<Jp51y3M-`QrD8fj`PXezVQCD@OOpZb`WAWkYDjw?G~dvs>+R~yWh$>dY}<h4HE
zhEF_&T0bw*!S3)fk+V=5UMXC(pTAWRGJc|%S2@K{(YfXNoyMj_o2#D>LV;PVbs*Q7
zHK4_)nyIgRG7c*<PL<b2`qZ4}Is3UO-o;3WyPI1@goAj-#hKbnt`7rk7KFHZJ$kOH
z@&F2!jqq_e)7*^}2-h-v?U~TM<9^m>0<50*6Q=PZ!50?p$h~C#0(F(r-XyElCU$y3
zN-y%@3V&-+!5#4vN|oXcm1kc>+9y2hn0?BDg#?3kft+J#TXqY)0^8>6Pv&mHk2uig
z!_0fxyHKhO(e90*$DfJjLkFLjV)|ATRx|h4-zZhxWmX-+(TSfg5N^D^#o4jCLnKyG
z_LSYjZ#;^jJYT%FII1OM+b6fCH?N~L;vC=j?ro@gTPMChGw>t=)17kX;~4XTqU?e&
zX}!%R94?kjwuwOR?PH#-2<QEf5-ji~`tf}NK%OK+FM|FNi@&D4|Kq9YzfDvBTfhIa
zy{B{lbOzA^s6v6fkK0NsY{Rz---e*;n1STfv=(De29}+9tD2PoR%Rlm(}-;Za#)5`
zb9Ux+HEKFr08~doai9wn2f(9{JE0i@&%O7D93Wf}GexLAm5E2Uo9yUadnq*kVVw+*
zl+TjfHj}KXeB1rfy-2Q5W3{g~l9)zNDErOjP@i&dIXp~Gwk+|S`|7PPQcbtU_ot>!
zWZy79)3dEU2z(asX*==)rP-ax2+a4O;l=bglq(4a`66zjMjguce*X22SO2&R;#3;t
zXzYRRZx(jvAiPRh09MHX++GqD*MbcpmZi7B=*sJ@HbRs1QcJq8;1m2NSA1?2Pawet
z!S}&B#aK9l%W|8iMDA(Qx0lCcH;ZOlt?3EWTUTB5SXi)+<H`8u!o8n^Jg9bsvx%7k
zKPq;+2kVY5AI(}5ZI*Yl8}B?k<Iu$BtDqv6K2GDt%xDAjtz5$<vO`SH01B}o{apgV
zzN)0;;ds}zDz28{-D2XB<2J8L5;NJnQIsfJ4?UZ~#nh&nH^4_D+mBGjrPRfIUgU+|
zVwC1ybWBJY?a&@qt7(<L^kKf>Cj^Df2r*%NBuo_`AS611l0O|4^?l;RdJ|lz)<Hb%
zI)3-D^33MZvVyZ6gO?sG$G?dFs?5t@whz!DSUVX=^r!lrtmyjfrc^}Bs5LRVXwBHA
z*|h&wuyNA$asji`DQ-7fE=Ek08Lo~%?=kJ^Fopzxlox~hfkqFYIq5#s12(b4S;kb4
zy!^2RtLK<Yqgb&|>b8$Gwsa|2id61wkqW%?Y-@;0Ml0(#f|oad6BohC%@=1j62E@O
zhnfhR=u#hFd!fZt)?CUPYgEXxwQvu$s=CiPa}~l;q1F)=``}D5{ssXuf^S}n>cupw
zt9~<-U3WQe>}%h+m2d-%6mmDfT61_TUe73^-HeK1^XV0QLfsjL0~s@n<Wfn^Yh?>1
zs!(CH+Y?2pIbUsVaGG-sug4clN1m*Fm>JzDIbI;%Vxo-c3^tJjOI;CUZok(KnKO4L
zuAZV0qv77TaJ0s)sP>J3Ht3G48MQ(Ql?O)VP0n7JxWsJZO+DXoSJr|t9ugeK*bBlW
zQ??Ac&$Zn}j9L-*5_OP@Z~B(knk7f&KU(sY(jl3uY40`hJZ)rpYdDDPIyg?G{irkt
zSMxQ>f&S>}MU*S+3BeO8MPDIZ6xbitGPEvc?;uV&Y~j6ltLu^NGFiF#n!K9s{xX^S
zpK+8ka9O4l{UZfLmpOEPhEbr?5>C8UpF)L3moo%RCbFz7+cPp;C$fWcEi-r~(zfIr
z{^H;2k1579VaCq3<BHRp0T6@-?qjTX5==09ALiIp&okf_cdD|Y@|@4z-9Ab0i<)I3
zD5hpLA{>nU3}YsS?!-95l<5V%ViJRxawC1R#P*?5k^NPB+VmBZq#q{hizW?zcQ?K_
zT<S1`VeSlToaCSkFBakh!$=rxk%`h5^j>OOd7)`R*Yk=9VXGT`IZaMul1ke+{AA)2
zYaG<i?HNni_=8*&qYe9GEX&d!{&hb7FzhLTV)GL+CQiEy-gp<qrrBUU;oyQ3%do*k
zy8P|^@yJB4GWyP5>c{gt(5bX7>``J#3X3S~?a3a6QSjZEPoPSVWoQS2i>gdFoG!e5
z+cdZ^5Y{}rZsI&NxLR~g9)PJH3v}PmZoub(M^=NOj;kJh^Al3}3~)7ixd*Kn?(8m`
zb(CKYj^TxAD$rVrVC*AIP%D562!q-9_{|3_6D2?g5?=TC7{#i^vX%2InL==yH~h|m
z9gH@Pp&sO*Nuh^`rDs_^Qr=PQ(U0M*e7L7LqyE4ElvN>0bp>Zo_zCe8Ue_uI)iqyJ
zcIpMf)B|E^AEP?!C49<<EyA(B7d;3o9bge9z!}D3ZFZP4Oh647dYc&GIDI~_xw(?6
zBvlxFlWKHRch+Il6!P$0qpTW987xLq6em2uVX&Ra>$3nI@u9&fDvK{}6X{2g*OBl_
zcGp~R9!zTlHBr@$&+z~L6xyscmd)nHFt(s{SfJGE0p$u5Cq<^@el^ji2D2h7eZ@0N
zXrpS%Ns1{4ghQtGHFE3F)|ad(J+vF(-Hx)~;da8k5T8m(>_;TL)cnxUJ-IAjGrcFl
zFE8elzq+0J<ih1-<e?&yOW|_mg<v}dvd5H<tVF`%Jy6X0KEAeupx6^a;5!Ij_)iY4
zS)iN8mqrx#O8yjxJzfDR9e4H`-am1754W<VYr=GVz@052MtG7Ib7v4uw}cWpj|0l2
zC|7zVRro@*H5o1vn0x`LiPv(2bY2;6ycFX!8{ulFDgjBpY2(B&LU#~E39b?JLQ2=+
z;lx6U$;t_aXIR<95t`3?t0PtW-c{Z?vARpc4ebyj`6z|!QgU~27!8!TLLac(L8)D@
zsm3P80FijhnQ!(Iw|&1((3fks1(atGW%0lC^qNU{p0elsOZ&ESsq(`QP?D@Nlo`Vn
z^pvg*HyIil_Jq0!_u)<s7@aEa`0V4j+#$6%dg7w_?k6R_@l|ni4`$ue8X(MN@MczE
zfvADK76+HZOg$#@v-dKc=}s>evJ{37F2rcz=d^h}ZdYgQv$Pc1B6@gAF!eivDU7r1
zLvw;ZJj^y^x5FUineWe%v?6ZR37;(=$g4{^9oD>2xAL1xNoAUSQlFdMs+7W<>y|_M
z_}}1DDHzHLtxsmtb4+0ZDXNtaI|;2DTwC(D$#NP=X_0Czuq~N58MeN|rJXO~H3wga
z+*Gp9I&q47v4>%T?x^R&M1gL>xrkeUNAxB4_}eVQgQFhl5(li+Qk3u^+kVJKpWb$3
z>t@B!1Jh>C9))lH3AqwyL-g8EUjpT#FD74$`w*S|Q+|EP(`PPqN4*|PdAF^KAcpBg
z87TsDZUY{YfhGs=;BmcAv`I7oOlbstkM8T7VRBpjkcqSh%)hB#R?Gd$Ik~e-LcGi8
z1*N;s_H3(7p%JK95bC&N=zG^2S4Nx3tj;fNPAWWH2LZXb5TLX>4fnFViRi@t2)a|9
z?&g3@mrp*-6#}h-Pvu~~B@z?CE@H#91dh^=1u8eWvI!cAll$I7S59w&#~T<)tw*lm
z1U{r!h#S_vN`nhJT0E;rH8N1UaW9r73U1?T^a#B4b2@{cd6<qQX^DPy*-iCq@fBQX
zmXqx}7*~bIukpY4(Ds&ylyH8Mikj&DGzwWr=J<i6Mfcspj>Jvln8H1cM3FT^V<}>z
zZgqVM=5COmjBcN$=hMb(RwriUx3+P7;8g^T$@B1N1m&2`r;T>gYAST`QJynXh92Q9
znR$#V9$7A3<55`?FD(9qBbAgPc8&K;_U;D{cs}^72GE|;X9E~Pm_~Ji2T_7~bAW_9
zJ6x|xM>bEYmNcBtds|vt^QNXVw>RH!_K~ipZozM|YBVz%xTvAI>{c8HQ#c_1YrR2V
zttZ)gN9&6~*XDrYtJM{GLGlXxfrU%k`=L6Nnvo-#H?7f1OcX1bX-dJec?}tdm|I!T
ze6<Vd`P0y-6{d}k43@v3UcRm-%ZtCQ^Q+RCle;|3xeSsEdwaR(&0B5giU_6<&XgXU
zAD9e!TPozXV6Ds37T7`>1{>3--VSU(asJ{9@+Fa$<D^>A=?CVbGq4h9Ec`lbG@Z>W
zNeODJ7ad-9rLwyFS*2&Iaf|EX8SamVD|)RI-|U_|-#>X=MSX5gDJ5gWpq<V02rRUB
zW%ZF83#9z3E@lOBg0G6MZX~>Q*Oz`;U6-aTDJ#ii3>Do7d+wE?7g^?GBS^p5FAKMM
z6KUw<<m5H9=ThWuzNEI;EwA^6h#rP;+&>J9#87$wuFamXAu|J>(dPh6eh|~VnYecR
z3Hjom0w!g|0sAw&3<%M5Q_w#369RThu;QP6uwhC8&5kf4g;1s$LA7dzORUvFr|m`v
zRO8wt{;%Ejes}ioLf|+L9eGYDlVU#IM51$bmeOY#W}xG8J<;fh@2&UtUT(4dLq=T{
zhg{>MJQ^hT*hrE?;F-7W@9>2wQ6Tst69{TMtB`5+y7?7Kd|=IKOJUNTf}!45Yf4k-
zLpqE;h8p_=tXMNuCEAUy?IRwIN9h$_{4$!;O20c(KIprJx3E1UmY_Tf-=mh&EXCRq
z%A@hjDah^ov}uH$1egU5YN0>}5_Z2<nsGYNjLrL&WI^x($`VJPpxU53jk43Z9<j(p
z*3q=Pgm~ZW`{(@;{a{b~L&Y8OA5V*m(y`#O*aRwql!v!7`~uisd5sV<D96#N>AL~@
zu3a*S9up`v5|S2W_#u*Evhd6JQQ*RtwG}fwz+Ez6Iy|Qbw7Tqzog}tSN>a~hTauQL
zi_y0H$-d^J@^9m1kSA9<R3!c6x#w*XjO<8o&Oo>wH4m%h`+WjxS(dSSx~AsR15=+Z
z;;AzpQwmRa$4rX?$_FM8XUZypd##Mb(NufOUrCc-t-qBcMHaBR-L$WTUo(znjE_31
zCq2~g)xXmJI_q5acF}Fs2pGBxK{<;XtFewEaWCZ;1!|M#n%?HdtWBsj^iNLAk1p=3
za`oB$@m+#%VUE1m{?A8D?75^i;%Eb`@HMT3dO3Q)G<+ogLODge1skTPywDi%t;zjO
zqIkHePDHoQYH%`H$zuGe`m^I4lJ*d~KbtR#A;|tfC>dVFy<(5RKm-x-9Up<)$=<<A
zztFFPfI2BZp+!$;9n2b{UiwtI-$wXANmo^ILx*kWqzyHQ1iugb94uXfyD7R}b?hWt
z`lHD<GyJ@xYCxjE5#7NTx5}zdn<j6~u$cAAoV^oc7W$U^D<KxtIog>bnKWAecc9h8
zR74EluZ2=xA$^x?&3&d8G8dN2TX;PcPNsFP?>|y8RALa?uCZtDA%*&a8rB1&JMgKz
zYS>a{&c&}c0`)BE-YTK>O>)QT#eH8&=eWfmoB6RtT@%&YST&O9#ktC$g|nWp`Pm@#
zMmYx^i6T2J7L&T59QYQsCI2S2(m>fEp|<AJWnyva+pGdZTclJ4S)EUd`5!NdHlslo
zrFbKJ)SS(Cn{hEPf0~wnB(v0->s9)NZF<Yki94RIt}5|ew;i>RlFU7KM&{%^s@!{j
z*Jr|Mf=|zgHd(KIWz>llOz)ann9v=wqMsp4vz#1aX_mHkpH)}xcs{oGm_li!q=I?8
z>ob*DxEp5kZyIbygJ@y&kJJ1Ux^pM!#dz=P+$7P*$#pIJM#c_mYTA*HIjG-!uJ^$8
z6?ZIzIYZYbfo%refS}mH6Jfk)j;~=B6wOzZBojqKl*WOIee)T?eHF@+J6n#Nn@Bym
z{V_+xX%jhCxREnMn`yH-&4+(w6R(Eeg}O<{QWb&<&pJ|1PHs0?iz`SmXco*o*uO7w
zk|*?d=#ESad6})8>#cBCqRcp^(Pj-hrfpx<zicG_8nq9>SsrFoh#tm`Dl9$9-hbD{
zG)@hthhElo&G>Pa1YIP6olk>x|2sc%1lV7r%!YbHy0h%k$M(pxt-}FBQdtqAGk9&M
z6Taj}n!e-!Lx}^OH*Z23ATVC00qYq7xT4c+-c^Qu#}t+~aG((_NI6(B4CC)fILL^z
zT9DR2#RXJG^=MTa>-yL4s-s2P&V<FXcG35P{oxKPTn9FyXiW#*r47}Hm|9b^wUquE
zP7K8Tj!PeMf_B_p5n>-+&3@$kM7PRr>QZ8TDkY4~yFk{kqPfshDFL)jYR+&AY$ww-
zd3mlSAjv4k{mQUfbm8|ZcaLwE$_{zm<nWM=y&o>ObBYjwqd4}25%@IV9x$#2n858N
zxMi8Mq9t`QM}z73Sa%0@uj+MmF_l=WDstQSiN4Z32gJIBI6mVlk&D_S90b!Sa~o`9
z=zj4EoLH?pC9_GY;GTG#jvB|-MZOt{PVO{P^3j-G3Apav%%|<!is%HI4}B{|h0SxH
z%GrwGHrka#_pzl0G)WYd=RYx-xSY&(>mT{}*?soY!TudK0Vd_NHc-6aTBP8@fj63Q
z5BMYPW<zsX##R8rkfQnaR!(mE>A|DPmH`UOO4u@si{@1%h;_Rp9!4Q9mNEkA18m-&
z>7GwDw9s0L{E(&*sMzzQN302K^PzGT7iK!CS7UM8zI-AdK!y9QN1p+Vng;~$9vM1_
zi5s;sZdxNL4WsXeqZH{A@cTy6`STU0u2h9tR=-JDww2_NR(iPi>D=cd3%wZ|J~R-*
zg<7#&q_`Io$YONasbDSAN-T3{_Qm;08S3#E*r)O!HI}Ye8m|lOK<WEcd7--{`{h#}
ze7d}d69srfZ6*?&01Z}9DyR)Wq4Z%={S(qyf_TflOWH-5WZ5kf3W@VO<>Nc#rWPW3
z+VoWTKDCFSEa||IY<<AWLraXayWx^L*eE$Z%H&%lE0YWtrC)bq)Y-1uq~1A|b|<A-
z=5&XFyONf&$o`Su)7*1WZ3#a1;7ubJfCvq281FxROl`;d)>>?QPZKhJoNgr=Q90&n
zAD`bYOKw&2eG@j@c_gV3p95}19=ybJah4$o3x$;<7xSi;)JSu&Ons_i^Tx>(I(pRD
z7+LoI*rZyf&%+2iccDFy(op)i_No*EM+O@D1>3l3;$l7-87kyGiU2#aXVqG!Ri<G_
zj(D=;<X7s2F`g|)zbZz?m*tvci%hRr;LX6tOlEiBb`q}Hgv$w2xSI_pblX-<sYOv_
z!>GZTv^^QaCsVV|nTebgR^$A(<(cJtQwaRX!jAz~ZTZTmbTfwHs1-JfTWln;R9Yt0
zV1nfliS3THLHuVqsxbTGUnZLEVPqq9SYn`V(gGb(B%6cHe<~LTHl1rr2J6-~{PeSp
z8|hKYOK!<$(Cd21rP;?r6?evSu8O6emy7k{oWaCT@_|p;iylU7FUOCpwruD%V<Svt
zsqQbT?aK?s=EXBUJk1F1mzZ-pfAoy`X9J-}N$HTsqSyBQ2mnbZhAiFQ1`B_KTQnyL
zfV*NznMe-AHkUX%b<MhT<v4m*c;A*x-Cw?3m~8Q6aJwY$7D8?(lg`T96re>Dq%hZ3
zMu@anO8Igo@;OSWmMYs;ymc@+XK*2ZWOtduh^>nG-g&DZSUK_B=~f78Cs;M2bl@Aa
zd4DjZ^_qV|J~<pIr#ru5x>6mYP|%?KFQn-#9xbKRlWY%G)3La2(_OyJ-70q$cYe>q
z!l&Yh6q^OY$mBE$7Q)<`8|dTkrbOig)%nF0jeGrU(FuX+tNazD8B04i-{muJOeGHC
zi#84Lh*~4AVt8?(kO`rt&TLo`_Dy(i<h*>}_T;7Gp|r`*CJxGaoQgM>ZM%{lV|$1~
zOl@#U$51Efp72E?c>+T!it&6o`b687O3PUPcD3Y!h0)vHl>?(9k%sM9CHC4C`zx+{
z56g3|X23^%$iqu33{i9|5mK+>BVKU_G!T`)H$O=&Un|2R{a$-dir&4FvF*|MoiwV{
zqZ1D<lqMd?TSL;qz*`!yyV$yvQ{fnQXB7+ju4%As%!_5Dg^_`@>r7n!U5&?LRuM5v
zlgs*NZ<cgv+43s6JGQq0PG)7~3IW`Z&0UM&VeHS|K@>v?)|7v&6)n2hKKGJP!PTj?
z)307_$ipWjdqpNf{u)x1j%VnB{pK|Mx{bgHy9ZYOVv>`h)qEH4t3oyI3D;a%(J{Wt
zuWt(mX49gdJDqpGB|Y)zg@nY`05u3ImEn&%PniStpS|x1AmyvqAg4)xMVSULg~Hpv
zp;SoD%FgzatImUN5_N=%3!-kJdn^-or`#+EPYgJ8Z3$?wj!=+GbrcMFZV?K?qT}?l
za@j@4fTfmm>>x?rvfi?8O6a~qChw7GP%23c?@(@OP`?ljaroN4WXX_3-NMpRz;3zJ
z$Pl<Xs*I&_p6GLGma0!6?|yX4*Z<fmS8=OSTH}jQFBuP&bJv)!KiM_5(1SqOP9%bM
zD=#81-~*SUOrHnpHOp;TEjmcp7N|`776|Z%!(O;^Z&NP|DIMxQ{rtdOvU#@z=jt>W
zw>TS2Q2|Nux6}bJM)NVA;I+aXNZU|*!rzi%{X$NmuJ7P?>?KfuA%!Qs&?leYcH;oQ
zoOmA^1Q>J;YBr6V^|W3P1f2D|5hM7x<st!GR5@I?k-7Wj#qHzgd0rfQTM;><X5N{K
z`0d%X{rJ}_Y<^7R36PgU#)CvPY_SwW!o`?ur7jmM6U4C7#wTdNr8ld4YbR{xW8~K(
zeL+k*SzRT~#7_1?Z954tU8QLeRAL113!-sl4vFeaHLBV4ytjp>5#Rd03ttqEoV*~B
z<G+2?a37*fxb$A+=?49S96xYmn<zl9z;8qM7<e|o$NXu2!<(N$$os~~SUVMF*>Ahi
zKWrP3J>oA{=Q?Mo{VpWw1`kL5Iu*L0MjB81#)S9glnzBjlYLDFa|<M85U&#aZb-o&
z{Aix*Wab6PI83XwVk6;TUrfYp(ZP>cwcmmBT`B?fIo+_=^tYO8yf4x|eAeDR(0*xX
zN~7zz6$H_B0V)A;UBl6C({*yt9|#bpI7Qg3CjE37#UsY`dF$;%Eh&W$)pjI>D5(b5
zRD?x*;D(&$F8QNK+2IG1-38;uc=aR@DPTmXXA`az7E2)Q94=hLNKTBq1XoYn5Ir)O
z7Sy|G@0R@)+r}(L@673MA@oWSexW=@0}Ikz51%R`e0Kt}>DiA2dMk{wf~BkBSz=%u
z*W24j_I^Ykzy>krF#qdcc$d%$16g3cIMS0XK<X{Uyv*(`4~j@o1dx`nbLm2&SEQjl
zvK*2N?=d!Dvg(o^*SZ{Mnbj@N%NWU~_{Vo|p5~syHm&@A3bOAO5QA?;U1s-`TSX>-
zeF&T)?!Z=CCthAz9?6B)d*)2TX*S;ikjewMRnr+<fOv-`y~PeL8k@7mD%{N#v#WW#
z%w50XzFWWg`l$B+c>NAWIStPI6S74IM5JhXHgM{+B9`1LoSwiL$kVl}QkHhECUz}W
z(!MvLD)Daqh#@<aFC&P_O|4u~V;oq3bF<~@%I@Xn___7fjr~Tli@X(}-dPZM`X1+D
z*nS|DFB1o4^iaeb?hw3*Mqsve@9^UAHHEiNj(#xts5c(%0csc_ukby{F*Vv4c;OAE
zT~H=$J4(~!z>vpo2fGA#ah(2_$!lgyLYG#{dpTWJD4uK{yD4XNvzMqqs_zh9ft1l@
zW$Ftt9_(aHL{&$>N0%^VSP$SH_z=G~BEJzV@9XgXc>W4(PYwLSEK!97N)pURV4^Mf
z*1m`swj#C_!-LX#73lb>)2(t)OF3Bo@^QGTCG1)eWcsF>M+JPU4$eim3N91isITxe
zGR#p{at9NbL3v8LM~HVT(;0@ghU^h#mGlq?!KeON<*aO=Vx4kW1s3ejy8pwlUkLw$
zGZCPmd1$jK3d2EId_qV3gjiRs(R_c0Q-B1*_BZE&ooE)uG+pXcs-w#lf7$wu?}(3d
z-m#twfk{;}=8vg}O3@!b7`NEX>9BGerUF5PEgJY73DTotCNdXof=D((V=XDsE+k!R
z-`m1ll*^wSz93xbV(NAS+H1h%0<o0{N}ctTFqKQFSPwDse11MKvq37po-6F!z>4dI
zB~2YGL*=CUv)?|eo_@qJW5Hpp_GwL8i>~Dm^ZgMTRzBQF5a>|%P&GR1&dR@iKr#Mq
z8ttrdkFg0&Sy>^lO>GJJDTSs3Bq>&uNMw|Y)L;?wSb>j0LR%$S7IUVt?&F$IlT^^7
zJCp;5dEOeH+n#o<7{dGwtO#**2eH%|8;<g)R`fJ%7@;*O?JX-}-uF%wRlL(&T%5kV
zrCH>+&Zn{FhqDt3%<rv2>ASFtqKpH~YpjqmVhqTg+k}5#iPjsf$SHI@pBF7}MZZ-e
zfzLJD`uJv~Rq!gW@?AxKMWe^XeD^U&L3$WFqDLdJuqL{JV~uwlqr%FOp=dR#eL1;G
z$)nCj*wN}WX^802Q)1*-{ZbQg*SWpQZjC_SO<2qXTp&eOd@Y<|h_bI6xGjLRtox|x
zfwN4$;Cn#}uUr+cW-X#=VF|hRwAoWqrk9(f7sfUQl(JAT))mNM0`8;vuZo`;L+zqR
z0H_bQrFw#TwRK{#zwh-p>69cI(s(u@241JH|3R&if^3G;RZ{a7SCJG<E3tT`^@+cI
zb@7>(fh9=J+6>l*X9~+{Yq!N7j;j}{9w-{-;calPb@=KK0-ySA*pV2HxoQ)EE7O>W
zAV#uH=&x5VyfL^~V%++q>|K^s=k8b?r)c+Msdgu0QYDq#9CkfN0XHRdl&(l}gO{GV
z4^YK}g^P=kDely5^S(!nZ4H$Ws+zk8TCAlJ>VcPI;*THZ7yfV<u8#4p!H?#XhnYeS
zwCfa`cH$D)Ur?4&)0$zVFKfmgqfXZ6?)nA^B&@#p3DJLe^vcbdC*M?+lC3ev5v5QN
zF3^s!5?918(mAHOti>IJjlNbozV%FFe-pcv^uFbTl|_%z)kPbs;J!on2b+x*jXLOE
z3-FSa2IR;bX)caXxq=pDn)Vtw7c97_R#ycTp3pF`oUL)ckuK<-^qJLts&Oa8OrDRI
z74sCTOK;6b?d=0dx6t+J)QO1nu#7gZ+cD+9sPFPL_-#hm@WC_5^Z9P~!w?VHoBlqE
z{gGG-i(I-+n0f@4I~OQr$M8s>T9Fwos(h}l2dg_;P6#g?2WCk3j4ScM&GT6{3&d97
zAi8X)&r$MQFx$`yPUS;k<U)`_A;d_#me-B@N-tgRd?S#0x%2VPcldT(IB^?csuWgC
zybmf(BkLrwXOuZIK9p%J^vO#qFGiU#pc5A)5&7v#wS|y{+xgR6w(;j*N*cf9B+xHV
ze?kzf%Jx<;O#!|%HWi54Nfm<&bnO0a;M+b{R%c@ltcJPs@g{qY;jYwlUS&tUvDNF_
zUr~vT*s<w0P*q81?yPCQr-yZSr6Q-?)-n7o{OK9KS5(9@&L!ndCY`iBN{U1^3O@*j
zo55W%pPHxV!r@*>VfHwz0vCG_w-aSc)lGm#X%y5Nay|Gms)^nHd}_?;;7<tQx7r3n
zqY#<7B7a0CP7Ll2-;UZ0f!QNp(1L_C1pk+f<1tj}_EB37+VSD<etzEB=}U7W8Tx!X
zSC7jk2B4mbvB7B?HQD=_hOAH!L}J4Tf+!7WOCg+;mYcDTtrgf!FP7W=w)(6_qp<$Y
z&Y^Yau7us!3@-VH<l2P!fxp!&Ul}tep-ZP$wg$%0tm$<xoUKJG!h)aTqn1!M$h|zX
zC7#hbsr?n)X`STbSNK9dwJ$)IDjCM;K7xo2f`jS7N<ksGqfma7&+O0h0(uU~Q(gui
z3m1>5E+MBY4Y3f393cGdIL&_@5nnIAnKV5E8;c`jo5ff~i%kA0I47v_yJO=|x=7d7
z46gYe`3X5WF>|!!{r3HhoM|SPxw{)BW^QmW;{MvTfM`Q7cUH3PC0MTs%b+eenAQ&(
zeKuG9R084KoAxEUpAi2Z_KS*#9IT9g0P*~jq7l5F<L5s~EdBTDfreNmXxYFxG8nEF
zL3JSMg)6S!Mv4T&FZQcH0L0kVrH8$3aPb>zKe9lU-idJ4CJd-tcTe|>sI)uQ6@`)M
zwP%!Te7#?utmt=c_V+<v`zrMATxk<6s{70;WZrKW0vk>h`RIOIFnq^xQ(2z8f9)Rw
zmyWv!Q8v7oPZ6iJ(t(DA4?|1n#YWc}Xp#tGq4S@+S<i_9X>9j`Hyz)WjgXB!3iYsF
z!W5{PoS5J~hjoY}8Hx9|u8W`jc-#2+E|3u@Dw@SEd|O2nl%3wD7lqO%t?+o+qs1ss
zBI?s~y{WtF3UgjqZQpS;3{+u4_P$PpKp<+XSTeYE>$ENOoM~S~`@QzC<+2*w&dvcJ
z`%z{5OK)9+l&WUwI47&<XICaJzE-_ydBsv^!{->}24Oo}f@wt8p0d^^MKvWz4Kz>6
z^^w1+moX&5_Z@kp6k)gAZMEMBu$z@qT&yWjnknls+#O)I=v}Q~jcP%okZk#@<_^O-
zvEDfh=Mm4~Pif}oA08~SKNNbrCh?=__a`D8<P6;662<>Koso+kluE;X4qPzrSMDuX
zgO{B$sx!H3G#u9<#3QZsffir&MOwz;KDrMis;$9>1f}Is2VtW1djf9;VZ_G9SPy)v
zHJ{ynaTSVeU!KkQa6Y~h0^to<lF?LKj@^X*0az*Me<HXcw!Eh-(1IxAa<GBxMRMO3
z^E>?f0{m43G+JAhlm;vgw|$k3mf0?-Hr*qJX_Np<{7JngRX3Z=kL4Qo9;$xdSUp&l
zpye=lkfrd=qs`Gu+9!Ic{gmC#bL-m(wlALwdNyY9Q?Si=K5xLb6nx~9?Nxn}*T>z}
zU8oU>-0u4O&3P#c5gqtL3xg=L`xk8z-#dRFcMj=Lc`C{T9#vyMyj-Ob%>88wQDBQH
zQ_e2KE>u+g9<1}*vVqS|k2H2wlvh<8O?6eb`y5m}`|3yZ@k3u9K)-;3VEZ324nV{D
zdF9g>X*jxm2l^d?uU<H?9<FA;37j=nSmUOQU$|hlJ&bZop+4zv+I;pr71V3N3D&~`
zyPW!Jt;j6?Qy*``1V0Qr+I^fY@b7UoENV-hn6NssnCI;#pVWS0@nvq!3k$ag5q6TG
z=(Y&~Zt3~tMAM-6kejCoad2LyB3Z+C+;TVjS@vj;pBl&g&+n*d4_r&r<UW3PNg>(r
zf02`pYOEH^^l{G~JFIb~I8-EY^bllJ@%%$B-bCH|@qUhXHWDJnep~WPwC6l@e7hgr
zt`jnAB(S;D?W5$Rhp?r-RG7&1ejnUF>OJaSb|>wD;{Gee%|fr`)h%}&o=KT}i%EnF
zTt^>Z0+xJ}mGzam<|VSP=7N<$>TmW{6;@T<HcC!af})B2_hjTg&fhxCorO}QUnapr
zG5kjQl%R$O!MJ0TicFuJ^KE`fTVMDHxy8FjpFY2?uTwLvwKWh7Sc%j!5~XrmlnmeU
zJ!X`jFK~Q9v(WS8+_fZ&g2V#``xL6L?g21_aAGlZ(T@UaRcVKBGZCXZG;Iuj0CwEE
z-?wl%$xXuD(stjM7dPxI&VF@?pd!J*0ZuA=vTb0RaK9El?N!#6v^d~0pi#cN()+OB
z74e-_M;aacE_!krZw(R<;h4gK3ah)#NYGT#3mse-PM}tUq}KS@CfkdaCd6#!{v4`g
z6c*NV;yX@?sZS50Di5`_lQqNgd?;T7-dw%oH*a6;tWmdAtSlWJ{<={)KH2tIv#QZf
z=hVNODaY}{A0(oH8OH)nff~CD9t%&cLuWg5fq;8y>vL2vj;wB=8O4f5?VPqg+ceDG
z?Z9x`z@%5t%^n;3jD)F<AJ=!?q$~egE%jfvds*a+i#yec%mp}QMuviKk=H7%H98xM
zGcR$ZX6iSxmmv3iML#3>(DF7^SaYdQx>(oMzKdnjqLrbdcBPM@D-OB6|I)sU=x%4q
zf=F)9Dh0`UXl)2qP<0OG<l1JGy_E_42S0`rrqS?r0*sVXmJwMqRd{Nw)qZGSX#a%9
z<FjT)UfF4WTU&}=bEv-)xp@o{+zjq0$OHUc8`khhIrA~5Q3EqIMfg<NfGbf6MRTEt
zqzYHUnC4Ty2Z%=)76Z##*Om*_9XczL1fE+fyoosD=3u%SYAR3N07-+L+?d8)@GnJ}
zSxz7bnBjx4GM*D8F=Y7_x{?Y@w1@fB2f@5=&O8c|c3dE4e*PAG1ObqncmP!SS7VvL
z+(d@~4H@pc1N__lLd>_VFzSu~rjRf@c8+~o2hTqI6gu*HQvs|X2%Nklm_E=H+PSS9
z^!kfnT1<%)3!4o!+>gUUgdbY~R`=zmq&V7;&C3fC8(<CZkpjst`7{65ea`$w6LEAm
zaa+A0>J)Xj&4%ME5=lnJh}*Ac$rCcjJ~5hE@3-IBv+5k~*Aj217{B-aDB%$N{|i_3
zm&)_k1YyDySbX%|*ie*eKq270OGU+(OI+~?J2g-iwBW7$Ab4<9>r!Qmsqy(r&d0*7
zXg^G2C5+od4Rwk29IXvXvGqzLvL<8gw)0ZKX(9yy0R~UL5s5|@7Gw?_let_i=Hc?P
z0fIsNElc1pU4_T~A)*uW^PfbZs{Q!RdP|s^fd7SC@rrqk5?TBgZiU+TJZ7Y?{daCf
z*Qud?U%;(EbS2rvs5|(nV*s{-ll~q<KX{ox1-8U>WG)1ynu5jCUgiP~jlxgJ+6~MP
z;AgH6{c98cF#toF0@=v{03#`cQF#cgi!in$hPC#uZTLGe8&z;7i18Q;=FB5nKOqj>
zKOt$jpO9dmzXAcm5$q!9PlyJby#d^>9dSP)AAtuloA(n!1RR6EAOUuX129S$0HfIa
zgw&T|{`>R%)7R&{4Y;$MVJb^pC*~d)sfK|&`wHKW`Q*tK82EqLH=b=h;tNuLVc+C@
zc*M$<`3w7|V8K@ouy1CKIwa49GzLJL0s7|82(mvzPTHAffC9$}HpMr=J?yxv5IT?^
zY=Ys~tL(;am@n`0SNQ1gKOXsIhx%W;J?NY?e!4kTnq)lJ)?u>iD>7FrhP`KDV>!(^
zslG4IIojw^WZO0F(N6-A5;J@Zc0Hgvvo{MsBLUPzt>^&nJM~a{Y7rf2H6nCu)_X_+
zwp*}4FLiR{PM6&0dH~V+WpCGiv!4DA=JyX+Pt3VZ1_>94fJ2e&KD0tD71N3huhyB&
zfBDY6y0%2yJEdpW{5Ru=5481{TV}Fye}|BuFq?+f0_-LPU}=NV@6Q~D#S^Gd?54eq
zfw3Ld@NAoG_AcsQEUhB2v}|B$JJuLF#~^5sD`+u+ZyH=B%nt-GxF%q#d;9OE_9zyx
z+ctoyRT*CV2!w!Ln?WRqbbx1&1hyH>rfaYPC&OTyPJs}diC;i4afs4$r@5!Km}bB*
z{O%f<16&LXxCSX-fK%|_pB1<;|MBZO(+)CQQxQbU2`FS<@mw!k(0ibh$MClF80&-)
zcEdBk|A6b*bpdo99n(C@9bRT=vz>0=Mm#xiP2s#op@zcwOOZ+v=MoQc*d3mNKtzlG
zu@(K5wZ;7WzYEuFNM;!<oTp^Hdhsd5qq;0hqVdqyCwz(M+z^xf04V==vzqH203koG
z4HRtM+X~4N*@==Ga-yp8u2t3hrh-)QulGRy+HCiWpPaMM5my?Lz<Q#I-fbP6Z~hu9
z_d6gGeet+fsqzbj7J)S1*6p5i65PgHgAoWIm<RJOu(2lc^g2B-X-$J^QA-b==3nsg
z)j6bjNh&MpmDzQkXe(c}D|&}5gj5b&@<~3z;+dSKtg>rH8bue_{p(p!!pCgsTTTfa
zn&iZjyMEw>Fx6H|WI5frItUsDp2m;h!T(2WC`31rDRUO|Yy*Hqq#C82se@sv_0W$4
z{DNKyLyM_^7)4xXAV28{WO<Ik17?1pJr+@8wCVWa?;XDgFn-B-_>ZlnU#+jrW1^ce
z1mG#nUdE2*v*&OuOJ6m{!C$$de<Vu&in)3zFs^9>8h0)I6jiij;&7tUxhsbSIUp4C
zD_)$<1oxF6JG9`7yHwb5vGorMpn`OSDJ3<<ds4Q->AY-re5~cxcaSX0#jVJHjpP2B
zf&Jg`ll%WHZuKorYI4H6Uf|=JwD|t_TT@$-s^$w`TEOp%a15M5z`y{Z9Y(HXg5<@o
zle-AX^CBg8MPU-#<@P}#ca-ZJ{w_cDD?SnQ^9oz=Atkqt3@A2&ars}xmUQaFrk@<x
z_%Y~qjB^y>#Em@ck#%t64SoPiSDI_tjFTOJDZ7pm9X5gnra$nm-_d`|>B$SR*!2??
zi2$%9Yo=bT$NjSL%dz0Q)ch$T7<(y9G69`j<PTXHc~K~9&)o@YrPOMDZoA8!)%ye!
z^&L2(<Q={t@R-IbSjBpSmhja8+#Bc;R4?jQeh2E^v$u7GKFuSEBG$T(cVD<*F5Tjd
zTgC(Y<GbJ4gEF8<&AlDd2cE>)RWgEoG@JdWL;nI9B)un4ZnU#x5p0CXZeT!9!2fjQ
zuS~-~o#a2`yi>w#Ni#P8WiU@w1ql0Vz)zc(nCq<UMI12F;lnMk%d1Sho(Hh{-4nP8
z5IiuLw?5amgRUlB@I*GlzTd|DK+)5IGrH%mct(FDQ)WM?9D&=C-V=lQA%vy>>CnGm
z82@~l|338}uIv8~F34MGG>mcrL)Xe{0^_iJHWkVYhgwJb2u~f>7??*Wr2S*xt~)%r
zAI<i2^1TH!-~h=xF_x`jvT5>EffH1Z6EPCVW|~t1mR!DlbzFL^M@vviG_t_Ye7HYo
z5NFTVAah`5YR01)<R|_sEk-6A;{_c-u=(#Y4xuhn2#s(V^nhdCP(Hb*l$GoRlU!K2
zj`M!pQ15Cfa&2F;%2hqt1A+K52R09Qmbv-gY=>VhBCHwx^#N9^uP+%;&mAmRO`aT`
zkh<WW8mgeMy;NHU0s%#Vtr!Ue#q^2&*t8x~ECmeq%tmdIT4}mhAg7eY-@PN}_LDpO
z`6o9d6(WywvQq3<;8XVrl=IjGG21|M@ajC_GrgMoQcRWW3Kyck*vK~q$kzHUgnrUt
zfxKa(K4Iz!d@Hz>nHVlNx)r79Lb(&`l;7Qg1&6Eo{+OHMSCjKw{Ei<`h!)x*Wa;5?
zg=2&BZ_Vw+%D7thr*xRLwNs1j!PAy|B2K*WuMIT^0}F5K{BcfXFLx>Ze>|h-SICtA
z1@p@P7JU7S-(f%hi$kS<>01{$waaPt*K$m~cWO6S@Gb3IoU400$L+>*aeDlId);lF
zA1T1(JJRt$bqiY@M2Wg9clC%(ntO)aAbLazb(>e%?O+%~(A!vmr7%Vyy{Q0!F7NS`
zayO7owt-)3ACOtYFMuvRHh34z)O(e71L5nXL+Vp?A#*BjUt~PTIeY5RE|_LjOdB9K
zI0a|2RWKt2O0p}gmT?_DPzob{BltO2GKJE~1f~kE^fbk8F>}Re_ubuDyj{T=*SdI3
zMm$XyA98H?{_XPo_xz4{02G&qcu+b8dT94UY?-gC*XpU|%sUaL&B4ioF}aFkH)5bK
z{So+&%n>vINlQz!`JPPmjFb$sRE|<=oW_Xqvpk$j>FvG3JI-SnR<RHUoXt~C#j(Xy
z7V}h^pB(XBpX4PZ_p0h6OPqxdDlx7fc>0}3ZEb^)sr9J<C?x?irtxg8Cqvg6lkJtY
z$0sgG#7LeixTIx6NI_!<=uRs}^#4V2_P4G&#sEgKL;SFSHX;}in6DiR8|qk=BWo+h
z0Q1Y^5R*S*E9;T0mzbHur69!>j@i(3+&J>bBM|uCJLa1pq`yD%51q?jIh_Bq$Dsc_
zDf>T<*sYdC-7u=>9GZ?7^LX<XB50|sTT~qjp(AM?1NbGQy8*igg^uPnnWo!jo4BFN
z*LVL7IrrbQAU9uwc#ma@a!xBhBHN7CoTL<fhmAVIL$6dOe(rPo*3#eIW!%I)I%Z`)
z+jeSb)Ztm1+Quosr{#l_z9;=aJ22JuS4y<gdL+JsI->yvO9xJFo3(Z`ru<GG$w>lU
zdJ7|c%ulvF+wwDydqhUiEv@nZQEYd-Y<^Xx>0^gF%!h069u~xB-S*Fk(m#-4`2O&3
zeT+1{<~U$JgPjDekka|4@7i4bTZ~0v@4LBg+XxWCRD#QnArmbWlKzNsnf}3e-NC=Z
zhcnAz$sio(T{ZUQ%+agx5tPH?%F+djLkqmjrXe_Bsy#}lm9kj<&77;UkfUmB%R9UR
z7ZkS9>KwlO#Tu;ws%4GajLvvP8Y1F&rBafGEpKSkoqM<CF~uC3q}rQc3BR|`UW0El
zFPZNTT=Mj5V&&PSEa@`ptX?JAFjQk%EQ)zt88TXKdp|0GG-5O+aP<TKg6CQ+i7OhT
zp!Q?A3Pd~G1D`K(1t7$Pj&aMIB+qzKYw%;R5t}J|G{zGdvLW7x-MJ7)R=p*X%!9Y*
zL{@K0$~w5m#b)j57{^2}A7n$}56>TT&Wz2M{}ZChvDq?o1JBYo#vB7#y?n$|{G84I
z=)azF|4F@_g|eb!xLbnxGz7`Bh4!jL!Sgj8dkd=C%-8dK=T-AUCj!O|o~OhYH@t`3
zfD4$w8Y$C9(#<O0`sAeD!3AkH@$W6#pTZjbZV)RuRpm@uE_yn>_olY(|DjNOn9crc
z#{7TxPc`wD>ijP*vV%JBdM$?T^ncj#c-#J0*F1@$<rgt6@E<#LdKlc}pg+6fDO8Pa
zLj~0(GCVrBcey~Z{Cr_X@R!+`z3-|TVM`9ZsT9m&-A{-jYmOB*1182LIZXbY65v-_
zuU{SGpo5T3|IJSb{5uDJ;sg^cmB*hjxDCkga?U?2!2PYg_&uewid*u|WBPr>c&_X?
zkA6SE%4|yxPGJ~WcV_ze@61f!di=7GpwE}iA4FOaeYgPqfe5(`1nl>=J-9tq2V1On
zj!oN!D7)Co!FY;$XyJ5!G(?e=47Qm>1BXQxi2)rwjwz!984hS9>3EB{bKQO4w-D79
z<^8R}k_eGaU`9n{GiEfZX~-b>Lw2sW3*5&lZppkUCJ_7Tf@AB=UZwuS7OAd&vu`{O
z!vpKH;XXh$b{Bh}t;2-TGs)PUfhwfo*n@=u=P3zIqdsZ&;(p^cd8cNZ+HXd;KELUD
zL$pEP{=3fCLCBdiHb!D^j6V((__gIc`9!iaS4s|qoGXKzxi}n;@&tvys4R&(Y9)5f
z$ryTU;EJ|0ab7s5yu8*mze7FZjL5y>E#+l}4kw3ib@?KXzK#9X`AsQnlFTi1Ox+gp
z?#uj%k~i|9yj(J|5CYh+xyf@(5l-4k)>E`D`xAV-i7IMeFTCtK43ySA!L@J>emx3P
zc~|F+n@Kx&r^OAHbn4#rEHzpL2M@=h>LB=%sFW%E*cfduXrr~O=Lv+8agjP0F<v>*
z0gc;x+_EfPKYW?yC{`>IoH=s-(##E?g{zP~MLumN2PlB~!#6LdPyL+dyD6uF-VO>5
z+WWhlN<%4GpYL^cvL(bmF{;RGQn~LM(~>my5?{tT!n5pq{gR*3S+l*7=Eo(s7rYQv
z3>Ea^w2dVduvJh7gXmo@%-wH>uPIZHKk=3W;<212okiW!{pUXinobtiY!QuaG*)~2
z7wcbZGu;!8GMk3;IC-O`Dj6rKlS&0OANSpt5l)xCtvFe2BgDK!cb{5`&XS~CkrS?t
zcC}<_ix)ok{<dEjA)u?1HrFXJ*O`!-nH1vFzlRePP(3F&?J4aM<+9L=aqp_bPWyg+
z>m>awCTg$67t^WXS_c>j_d_5siroZq`7bKgK7lLvA2753lYhhg&!XD?Gq<x}%uIw)
zq3ojq{_Mte_=d(yPEh?B31XWwz?KCv$k__`S~alj|8VHvOt$|rSa=R3gA_d5|1ul%
zg%eSo`uF?OzgYnN)%REHVrw%UD4Xplk=5y~u$WcpV5rqM^niSPr#Wu#5!{{*{eUwY
z!!I2&z#<CT6k0bInl~WC3dz+J7N}{_Uglvmb-(3UDt5WK3hhk-OlLNn8AQ!LRSArC
zHWMf!LvvAEtE=iLgeDpVL7T1hd&sbfyd8A+){=E?!FA8d<U;_bdQJVF2jLZT%#ik)
zGPhU^hKb{8zg2jx!55eIS!J8;Toq%pSFhRcR~}CnwpMbT?HIL`Rr`jg9inqkj4+Ky
z0bm(BGTc1sTbs3YuvUenp=-5=*d4QkU(&4ay<g&A_3p=9sLyAu5%J^nF%Tco;^;sw
z%+*03^YJ%{V8~w`c5IK<k!)Ws&nZ!W^SSok75dRCv136T=q9_^JkKbj4B7$uI>U*M
znXWHGoTe;A-CqMj-Kzn}s@+Sp)PPs>w%UoWWCpBOT~jX(kE6L*#e}IBpwB|Q`337G
z+!GltCx(m?ry4KEya)_)tSY0Ll;$P6X6eLEIvM)k$i8)^Yu7vZv^IVel|&4`M{FmK
zuCn>8DDdX98ud9qCkzcVGcQZ}^jv+tUZyJcz>M4Ccyj=lF%?t4g$^3*@swtoTW_s4
z!<uPL$4$Xw*gFP%%bfiinp<7uD+bTnmBn27cCFw_rg!9>)4sL%iM<9zvyBbhy&(3o
z$ByF3m?a>P;CdA{jayvF_C`{=S{09{IN;9Jrj0qh8N58?OJ>MdB&x(zTvSQb_ddRj
z{47#?9kyf&V$&@klDWJRV!{hpdnZsPeaPD@BFrPjl<co2qJ*kJ?K~GJ>wRgQ2X|;s
zJd*e77kVb>@OfsMj2P9L^2jG)=z6Qp{U}+=v;#$__5J&(*dmk$=H>gMtM;G}?CUgn
zYSmiZ@16TT)v7ez!+k=XBksy|%`_$u&~T$a)^oES*6(F*9WG>^A$1VEFuYEM<9ohj
z-P%7XW?S-npSzNq=u|Iv4(cAghGBmZ-3*himuC}++$cryh(#l#jKoY*T(G0B>9U=b
zQN?I@m&{eXu=>f8!~1KJI>TH#sOGe8n~{a7;YOPXSn1sT%fq$7RI^iMr4-Ony1eyC
zL{4GhV}Bd<)l^r}Cl7buw38g0wUf1&2WcHV=36{Afk@jsiP?qNhPp|pVr8<G(H)q|
z;rN20qIwx1q7<h4wCWAL>9~38{92GSrW9c*bG2K3bw~Tb5L5`>_OLwceBfs1O(_t<
z_Q?s*B^myKoXtbko-N*UCB00Wsm!tbG5+8qBCBFUG_@*)WbOZlz3+@_s@>KNg3<-)
zJqRdBRcQ)HYzT;miUNWV6_9RJM2aCnlrAD5prFJ;QCdWrLL_t)r1v0%fJ%{)0EPuA
z-q&xBd&k~>o_+SW@80J-<KFYbAz8^<BUx*{bG~!VXFiYmXV-i31@*F*lQKOhI>Q-s
zh?NIo1j~c23^IckKu3M0!G2WgE>z+0rlK#vYD6#Me!XC+j{K_~yAtLElQtaPxu3BW
zl(*L#LMYlKJ)CM-lQ0<KqZ8Bm;>;d$T-kM94X?Eg31aTIl8)vn8|uC<-*xWe(JKxd
zx7l7n6XV=Wk>O^n1R4dDS216YvF@>rJ=d~77v=gt^+`)NV=W8s7DhJe?J)B}r&-2`
z-B<B{XB?%;!RTYCp|8@o=ipTM0jLZZ{Dv8_(6@|lsagl>*LrQl`{LUO@nSJ)79SFe
zox2W;@hZFfuCtI2oa21r$=(JDP9XWAs53SK4&EUfpLtv^uvD)p-(+)fYGA`5_2)_g
z$jgcXZs`!9nA<`Noakuk7}_8t%?u$_^{ZI>*p_w%yxre3D_Plo6Qw<@F+E1gP)X5c
zDqjg}R!KGCW=h~|6-;Oqv)G)9C_U!`4Q!b%^tmVAY`xCqY>%p5<_?eD*9Vp3Ej&8r
zKR)khxwR|}gGb?BNfbZDkP#a(0Nh$@gpmlcKR_KVrkbBF2AqN>ekeT+`OlFNSE<=w
zA~y`@SM)k_q+iJwJA&~|-HRwh+`^U$)!E#sjEcM35fSpD?*i4J%AZn*61L_W_D+qB
z*W<`Oc$$y<OsRYFLl1rCBIYBx9B}mH(jy`Nu>}cCJzMAXYiM<BL6fOpPIXB(Nq>6e
z5^iWfB1f&u*A1Bz<e~ojfqG#JVgO48Xd8*?N})QG9C{t}D$PizIZj7>W>f`=dggt&
z_@h3%*zkT@D#f|q>GWpdyjIzrsnYGz{IJlQz)YM0^wFDn`8%xG@D$i;YawMZ9{`~@
z8QQ8Ej=0bfRn1ScZ*1GyakAS)H*3hn>FryJXKqE=o!!ET7x$^R?5kCdWvH_GKqE%2
z4+3HH{6&zKJ#~EBLEmi#!jc(e528~d0(`}8HBZh(Wx5(G$8<fWmrQja#vvt5VbC3N
zL#7;Du++&ml<&RVc~9++@3Ia@lhw{8-?p!WWa%GSpa|}hFK;`(FuRTVwJs1L;Hz`d
zce&8ENv5pr(PWHiqq3Q1{|?9Dmb*3G8k#nj$Oa$pzS$g16o7)!r@?Q03Xv%XG@Jx&
zC=v-?UvdR90~%huzJB|YJ@8Pq2m}f-)JosTO1auGI6x;4oP*qHoD`!Gue5TRd%8+9
z2JbH`@4KG+stMC4*x<`|f3dLw{km2W?gyBc_)@4>zS6a533GuobIWRKc1Qj7szS*|
z7wP+1q=-9JUP}9Yg<qUZ$w{^7=WfZ55qm`3j+CXD&&7eSg#cCKIwT1<!Ci|Gz}GWm
zQFD9j>q$o|OxRjIR~uzNKj^m#n$1b#d9}DdY1^s=_Z|e|8+Hgqk7R++bWVpPM88eN
zMxY7;5@L{>v@n~4?CS>Jb-K7r%gB{~*`&wiuKG4sTE!xIOG4WFkAk6%v<f!AC_|2E
z&bnVl7DCJS&YRfKR2$Q+`xCMuKK^aPE`E;l648zy9ar6-E@qwIdTn)GzPMJ6BJf^t
z5rQZUWY+c!KJ*#t9%f*s!oYGuv}1P4nDGfKr+A6}ll~9=RxMQIHjP#nL81)5pnQ56
z#CYyWE<r|}?ZpT|?m4A>CV{~kSu&~F(j>pq=#<O;az}P(y+0>$Mf92&aeSdEVbI7J
z;B3IGIC9W_BJ)|OpFBR2>ESvqG@D-@ZW&Siz<p2O{YTqJ4`w@(tY2&KZ|Cw*UJx46
zXsT8Mdlerv24s8SzsrQA2}(zdTRQ3%W^3i1W96%Q8gF*Ny}~Nibm8Bg@4qdQ7$!87
z09N)pp9Tb7*oL*GqNwi8i0IMESH0ijGQ!rmI2UxuO{ytIBI>^!a2Ef=>Eh4n<3IBn
z`$y-Oezi&bXOF2D&ZQJ(yBj=0hg*0Yx^r-kw8Pni2AQ&x0oI2G%zL!;eZ~(O6q|Gl
z@7(`bGiZ$uHi<@1!Fn1Md+TRj-@l3UVanCx$fp;IiSPH+6x9*PAT<#u$WIg=wN|a~
zey`HiaN#U1MRp%wu<5Ku_n*I)o?IYhjCnBia(`6K@bnCT_ZmjJgAulvKt1e**Rhxl
z=A(=BZwtu11MS$dY+^G%acHFh%utlv%0$M?&f<pJQqG+JqHL(O2sFf&j5^m7hdjUq
zb&)lp{68-E6+ZZ5<oZa;wNg;7OT`?r8Cfy_e4Rh8_sSVu&t_<)o(}e$=uD4z$vG@Z
zE5-NA7h55XAJ<!4v+ueGv%9)>DB1tHS^gPP{g%Gh8e$*9-rcB-IKPu);ijYBUlO@}
zu-h_fj|JuoExNBd2o@#y2xc8=Y}p^KuQ_s5j3fDDuM94VfGD&QSZj-aJ3RcTORq~a
zLMShln|m6$lTE^w>(nC$J;r>$!{peir)OjeiNgiUt$TDW<F^utgtvE9E)6#=$W%@E
zC%%?{KKQ=Iw2&$~fec4@f`vCK3DKyd_Gt%b7c)>VNWo#e$5oGwp1EPU&Z7N<85gDZ
zHf^uM8#BzFAV5t#TaD;rT6$6A#<&}Wq#c4>&k(7s_UtT&K`YOd^sABE_Uj@wTz4s}
zZ{&F=zD%42_OqS`+QT@CHtS>a#0xcK!k`;ZNZQZ*DOjm#@=$uRLlu|g4s}AY^~OcX
zt5*zorD2=y3RP(7`N3_fGTC+AQmU1TZ7P@Z2)C|&+}r9pTAKd_F$AYSry}MOsA#k&
z6nri;*Q@zNuO3nLxI;hI@aUttPre5iwfo(+V0<T@bH}b-`Ab>%NnrML`mN40<Y6<D
z)V6AgL{2@w9(9Y=qsFmBfd1LPN9Rb~v1I#L(w3@}{U)`r#FUVAgYP+CZpC-~MY>P?
z!<1o#eMnB(`ubEWpWZv0S-l3-YQ#d0Dy=B}50{RAE+zjnuMvL~aQ@FamS3Is|4c?c
zi6`MFE<R)IW^xTw@0>QW@=23H3|%|Dd2=?ytl^kK*pJd*uJ@V*p?*TA0aVh+8!)oo
zND<7o4_eFehVL0CZ)cuWxcWi_{d)I@J5R%Q;f8E~T<;K?s}r+xhGgX#DAP=;7}~w%
zDPvE=%Z-oW_YcYDhWxnR*uZbsldhKaB8p%nj%e%2TeUMZV>2C0kKjd_ucaEI>)x9F
zm2Ks%_*?q<Xf^E6uW!2DDk3iMNg!f<Y>~~rB<>erZbca336IX?U_Az8Bnn*6wh1ki
zO%HPm!*p6`V$W$*k!$!irez*JIj8R6?Va@g&qa6dWUPYCAJuX}26Ce4G~(m2R2zAr
zlV!wiG$$SrgI4HI&g#SoLJ{%r!j&R!NCaxq-UY2@af-ud!8VkONQK9v#mBLCfV>(p
zVr|1)n(Me>%r_fhZ-X_0L1l@TUHALXB!@;LY1bW%T%Pr=!iHlH?-;N*gQ#PwMZC~4
zEIZabhhV_a#@)+48dj|xg3yXpmswGoeACT5rNp3_1-^H_Iq`0T8QIu->MtE(5Ex%9
zVFY+#OYjjG9keL{vZWa|9mQxsm0uYL>RcpW_boFmuX3kNHtb)GtI&M3SGm8s1=^C!
zM6tj|V=PMsK9^g7HW*+_2Juq>{s_O!4~Gs@?le2}>jZ2&MK<tUG_j*TZh0W29VD$O
zIfa0>EX=ZKfq-=89GJEuN-ZbMUT?cTZWB|+;9++OHfQ8|i)swF-dDM+{f%q(ygW9>
z43l<@d+{59Ia;x@*_*Jnf&}LY^3c{Mrw*CZP)UQ5WO=DfL}Ot=dT*S+zu=2^nHHP1
zXKrmuOyZF;En(<E2`6a-cbKvhHiPDLA_2lbFUq}Wf*d198+K}ZoHj@J`uLcY#4fgf
z(H1yxp{;)7;5*b=)_tHXGR&Z3fK&H%M(>8K={7t}haMBByszbzp$w9X<BWl>_mwlU
zmKTtv=E7AKzPw^F%IA05CYd<Vb09CqN$^ni6%mvvt?;2#)U8azZo+}=8GE?!H*0&V
zBtH>Z>3&P=hx8Mm%xn=?Z0p@*`JU5Lk#kKS)X4t2cE*`N?O;X{K>l!!3*-<^A+s94
zJMuRt{PoHI&c8YTd%=k9j=s&_TJ>af>dNkTlw#7lF}LT5hbI+=9t*`_LE9O=fS84=
zvTw&$Q}Ln@it1QTX?mmm#s|Bl$BJ`bai<!`1E<~GtaN(IAFe|F@aKQiTEX~%#=QKG
z;$c)2w%(Cdbp)&oe|9Kg2r~=@-#Us}9U86QVW&IRI;uKcG?tV8$|wC|zT~Gi>2I-Z
zN#{0JkS)(V16_X3+ymjc0*y92`NYcGjch&e`EXK>ld@Ez*f+d29*6Kw2$w{ZVr%@a
zk2PjKU(-zQ7`hxR^_%;&rE<W7%qwV*Hx7?Y)?=f92(FwLSqLMxPrm#{?kd^+j_Q(d
z@GAm7@_oD8wLLyPK9e0o$gzlySqfElAG9Ml&$Mi7JiTDlg2xNfby<@cZZjg{$JCfI
z`rS=j?HI?;c`y)Y5$MKKrWS+)c#sP|qe_d!k~vJPzu}|Fcjs&})gDRiTxWVsYUa{z
z{L@-4w?O<PU_k{w^%s54-#0VuxT6U+PoWd<1LUvSMM_?l(vW=@D13B#Z1ZE2330G5
z37!noj}yfBp-y){$Rv%kj`+TNXW`^2My*kJd?#h<>VG|EXg$CY!T(Hv@V2695owjp
zrw&<~z}6dqR&_LXQPBrS7Xl-pU4DDzw^TnnckPSu>4}uE_DwhCFydFLg?<L*{~_~5
zAlSy(T5GIZM;LO`JX`Q<Na~AmgyeKr)&L0+sh81qai(QA%-wKZ_cjrcmILb(Q=%uO
z@OG>;tRD(+4K#O`SsxgKM<2@dfBd0*t>}?IO8?H2a~c=<DkLg+<+|q8haHOgYioDu
zuLe@fu_RkI?{zTzJ4Hj*X`#l`>haOl`n?1%zj6Hf0>{W=-+=uE{S}q|CjRfV=oI(3
zD|7GplS@P43<GGG&c({Zdiy!ir=a!Yt<i+QCqZ6J!*RdOozt%h)6%!v_xfHuYlSnA
zxUK2Gfxqlpcnuh|MLs18S93ERK-{>Ct=-2ILI7et1T<Wa<Hf*d4DGEbf~v<mogClx
z`4+kd*-ajMFt5ni{-`UqnQzCzX05*R<pfB5zHn?|5Cp|$csyGymOSoJXMF{^;j4>W
zPxiI4w*$<<CuIzkg6zh!uJqmF(H9PWH1&J@l6y`(NS)n{5OAVrVuu8*K}m}@J;)h-
z_WYvF5XjPGW`{N`g`k#h$Qn(gGvCub0v1i|O{Cy6)-zl~wI~$#Vo1d>9bdmkXYcj1
zoh3St)<-_ob_w=~myRt>oI6j@@bC%FZ9tJ!DacwONE7pfaR7a>m-`lBw=2VtM0T#u
z%GvgK3BA8zf7jxdD-DV<`>tW{tqXcAM6T3Wx=B9?O)_lI7b-xF^fax%PACe&`>EIm
zCm3{PhJ3BOf77<RGe-BS?(cWods@r&OkU!f7&xK@vA!BinI0rw6pGSdoI<NW2^67Q
zqmuoZ<0!r$r;}aSvU%-U<!crfdgt4EwK&g+lV6SM7E5Dj?-b#sqk6Q8o7HkbcHd#m
zNZ|k{YoUYP<GQ0r@`qG<KTXFz$&xSc`8O52x%h86xvm?tbKjLXeN<|di@gGv19<3)
zUx@cRh9~H;U}lQpg{@UI38dNY>%EHOs<;(dNa=`X%Un0;b@a16LI{_*)4tS}@P4m(
zx>QzGlG%wXS-6kz!HPOuDJlZ9ap(ZU3?d$;h4wYR%}T$TZg-F5IP4hA8=Ylq!gjsc
z&ct_znG$}A`#**5XTf=1>6cISYAb~iN0#KYF9Ru4$>({gArX;}BdvHR9-SP!Ke(Nn
z`a-bn<!gyZv!%oHyopt)BNIh?rq+e1?{<&nN%y+1q`2iTI)5)ddXr9N9q$P67xPkU
z(S3caelWQW=4lTy`&_0rz}$i!Kem1sC=X4tV_1)R*qHN6)hqBBbbHxCc}UKK=OtPZ
zA8b=TMSnCfeXWlPGxcXBfoYUL5cm)vx0Nwwn<JKqa|*bnC7tAzpzko-&&&8{8g&F`
z#sQ`&HLw}S&2C$%o0)82>y`8d$Xd)j6){J7Wamj=c;i>!awu42SNq1*jokaqpF?p?
zF2dAXm#xR!>^iJ0GkpC5jrPjF6?-FXLVvt5DK?xx-zVRVP@d=(X|}N_OWfTgoM$W{
z#6erJGUB3^vs--S&b#~8HtiKXeoVjZ)km#o7EkTghl>~r8{ZfZf5=v%GLN25S{pfi
zlxOF2#e}9X1GOA;75_u8>T0_p4{+YyH!t{?oB{Dj2vWy0v$)6btUBWIr*A9?b9Nyn
zocIXw%j042pIgL#pN1gB?{}jwr5saOzQ4muFwh1#%~zPwk~q3BKv|kKA}#);X7>MQ
z$X8D45@lfy$vDKW#puw|YEi?wwbdrjP0GLkDnN%fXrg}2cT_RlS!u2z@$_hPpfwkL
z__k}v-7$HhdOkvVEP)@YqOXD&5$%aAvyU>B3W}oShM{#R@;>$H)y3m+@YztChPiyj
zI~rF@eLwik1*dFD_WWqUc>_n50WEY{x+&{f^^d&Iu$uEU2IRe^6?Gl*Uqgst3SVtH
z^%HoeBxU*^jce^{Q%S{hl{5Nf6ST_T3w($$_>_6cq~$w|%{#|9#=OdkWb32%(KaRu
zMVV?d?P#U&O;=GuXIgG++FPbd_AE0V9N=NDZjMM9zLH0{d2OVCdpRCVooa!eEuROi
zWZbZ>8S-ZsqQz+R3|fhOtg*&*Az>(Fe88fs=yToMwl7cAoGz3_eYxs(LHFF=<5dZo
zP#I&rC$>z8DNa7vPxOJWx0*olOcA-X=HRC?+dY?06ZWxQTo#LYyEm$1QClTtv!=`T
zR;9304j4w)UU)3x6}f&P0g%2UCBd)P#O!wPsoo0tg+3iMAA`$hKODGZ_RRSZ%^>B)
z8KwJ_H>D@+HY6sx--cCT4kFSK>oA;{cgR<{b^It066t-cyWfbCXlrV|Rc=l`h0JSN
zI0R*?Tr*g)8%V@V88;kjNj5UtZu~L`-v1d)&`K8kfFVhjks+nYhJ~9U9(Cl6fG4{m
zUK8~#$V8rE@jxkN<q&n>W-qtXs7(H#Zu9-mk$ht3iN}eqI`Mc~>lg-CFcM_kXv$sL
z)i19;X+yh^qMdy0LO4$x;dtwZyPxR=`HLkQ9GwGwKY%@d2bS`KXq$QrA4cRsc-cVe
z3$p{%jES6^sBxQ(E|7oI&W>{dRV{(xY6?5Ar64q5=K2f@@&=rG+$Idphwvgo>doMc
zxQU~Wv|msd<c&dfUWH?XH!rURDc$IdDcllyE)q7ji~GsD@h}rIn-4Iaa4}d>i1WxH
zSzv5s9<u{E_&TBJY9R}4!tR2pz!iy-Htd(@R<@#tyFO~Js&&0GIGNljv*O3;K$DEd
zj+G$<02WMgI5feo8sgM%oU7jP`Ha<zhVHG#epk#X$P;KVodk$PYIn26AhHdJ^VrDp
z7032u^$z#T1>TZt?<!J)?c??NGj7@0M%wYGoaL#74YXkaSnM|1kf8x=!M<7u(+`)N
zw>PK4W0;%spmmc@Z#HX|vdoGk)&|eK3ySfmSE@q4;Yxz3z(Q+5F%_J3?-~=ttXJ4^
z8<t@Q@)lWvAWbzMm%K$B%W&Dq%6igMWFmT<^1}XPf?dklS8m9SL$891KHM-*7nMG@
zbk=@4iYabOf6v0{5eJdu-1S)AApBvPPMoQ-XP}D|6@Vq28$+?rU3_+ASTt;}o1M-7
zGJm0|ll#nFp(c1acO4=EkkXi{fNzhe=En4-lC&nHObk8prq(`~Dmn$1Hu(r{9MvK7
z->#`|H&b_tA5?yLY=h(+o}md&ku#NHw_~=_qGsRgL=pDTT-uvFs7FS*`<=_C1E{&P
z#~tgvE-ij=%Q$az%XhQZ;>0EPEjG-Grj5Fxz?(5~2tnBq%57~l-zkRm$_Qfjg~2#i
zh9MXS@(#Rg60}CgZn60x-f?Tx$tVgc67{&JD7y!R)?#J27nujj`F80idoi?+v@j0e
zdZ)UuE^7dpi|N6YVrx;5QpGK{8u~cHxw#1`3|*_=-!)#j9yMP!;@+5(?q<)Ceo5ty
z*8y}xesa4f=K$gy*l)b+Ahk}I&vgVd=C<jW*JHUYf|0X0p?6K}p!=7)M!c;za|H<N
z<oGNu(N6+4Hyl|6qmABA&1H&bk`HIlBVW@@v*oBk>_f2|x<6!jO=rm_l@r|;FMp24
zT)7hLoWk13ZXuSiqZpd(HWvX_CR)9P3fWqQH|EwhtZWXnG2XcG!h=k^=~fx$JfJi4
z5gH1lQ=#K|Xk}oRH#{>1x-lw{xh=7qU<H6s!aO`>sk{zmd-9N?$_F$R&cy8$F%*p)
zlYz~!IoS;^%B*-36m6d=kI!~<s!*e;jL)1-{Z8i&f9=GguyNN5D)we2ucH?fk6I+d
z6psml<rOZEZP`{Wh#gd){0_6as4<Z+*kcJ<j$t9Sg*#Yx)Sz+0tFK7Tc>?d2h3Ms0
z<AFXsq)<?-PojXO`=vJZMwQM7(sN1scS_;DofGZFj@>4fB7ZZl;__sMBGa9w@PL8<
z`hN4@_HZ{CZOso9&u*|0|FmeX=cBPLiB~DWJ!NOqLplGw@+*zR)uY%tIAg1VA}Bb$
z{<`GB=4CPTfW>K<YJx6@B-)m7&Z}CWigpRgA0OoWIzV%BW+iIhxa}K!clN!noPS&B
zS1N!~+{F5HK$<itmukR<ZwfM|aM!m!5;{4cDSx5Z4`oN#Sf2PHE34qHvhh6?jdfXH
zs!xFX;2p#b^nAvVyiAu~toK_<O3{<?1jtE2d!J66R_PlQyG1)H)zD>IS}Rw1*NXqc
zz{f(qfS{F=YEMBi#YVxmBvX%Cn|DA4XlWC+Zb>)Fy%%lhg=gjLxS;h}M{@_+#O!vW
zxnjfKBo6$P4DlhJ$D8<y7=axt!19`i{wTu|x(1H+UR@9-HVW$2UQvcZ_L%YqFt{pq
zI3|0EzpGl^beDJM{%TIpJUs+3p@3$QIfbn~h5f9ESdX0-{|?Jl#ZSFLeDhfrXHJ9f
z^Q(8nU~4~@bpW}<6Mz(0*TJsa1W>|ne5Uz+KI94ek$UeX{202xt!b<OHgxgRkw27-
z|1*7(U!8;aQ->-Z(J+q!3W97-cKhztb#}B7IQwv2dxSZ{)>-@qD_+e)gy{~dPMo$r
zO1M$((tA(p3rkM<#;zzZX%_mAvTE8-BA8+c^l#OyTNr6iqlIwhX4M9`B$RtRsr4{*
zSrXx%8dT`_sj><ebjS7;&-qr^t)v#?fvHBUL8daR66-n#X8xoBE=U&B4Hwo!ZS=&h
zyD9`7WE%QCZ@qE3aAp!y=r08utC!*5ts8dTV?!7MUCqgKrKZjCQ=RIFa!g*;2U$TC
zR%LyDSFXHE+YvQ5I5lNyE`NU$G7(z>gpGi#(iX-k=FYeYM9sob$NpZlen9Yb55GMf
z@hAGdWa<Jd?%p4*Nm-rP)$Vg2EHou{Cysmmo6v1|u}+<i$PkoPj}&BDn&yu&s&<>a
zL)M2(WZb9h4|er3wv@}gt^2$Y-3V4kEGrA^M~uQ2D<lG%K2TQ(U1&fE4S#iHIDIV+
z%D3#Ec<rUH5gEYP(-V{2dgWLu+~DIKp2tE1K!T1A^|QC5kJCJ6M`#n2k?*iNa;(dy
z?qrv=1C?*1PL#dv&i0oXIXzmFmwZTt1HR*l-C4q2N~i~5`F}Bw0D=>;wZt;P{^)AC
z<i@)nKV1Fv+Hk*6$;VdIjcs?dh88PAYj01K`%D1sj4`3P;}Z*{;U++ajwDU)>oMWQ
zs)pNyn;289jhNmgj$mPW8J5@tUyV*Q!K-m_?G3wiGkhmGmB>kuWE_Tu**umE;~^$@
z#lSb~b;FKH6U{O<w~8V%-#&*f>&q^b?(^9C>HLS`z-HO}cLdJ(AsGAB6ew2G)q9BN
ztKg)ix-NDjc9Y3*YKcSSD9z*)72njF&-?AUqs|E7(o9dXd|S!QZK)$U?*w@GiHNQM
z7{(3Li7n4<&VZAivB3n+Uh2k2;|r40Yy}%JAHy|v4$0+#yN6zr)OlMu-B!)Tm%Cu<
z&udkf!=cydLadiKdMk9QC@A*~^<%X#&G04~B+ljyAqUzkE|X?Rr)_qhdvxkx*Cr+L
z(ERtxa&BxLOrIUGEDC69SOBbQB(Mip61HwLkZUXLBM1hMucFM}cEo-@B<P<tR6}hQ
zw({cFGxR@aR=?rMS);WmpvU8lmV$gJM4(f0j&(~fXileEF{tX~D_V8J_;LM?=+dFm
zLBaNtEla#g*oxo?1XjJ&_cbYF?<p8NHh+u=0I8o#SQ$)v3NajT1uJ7|y5kk`;-9<F
z8aXZHLuC=+t%1RTN`O-G`B9Sr+tjgjoZ^gbqBQZsbH8su`pbS!w;-tSRM{Tcx@v)!
zoe$U^&e~siJt}!@)N`h`o!zC%wX|0hYNoHSDiIf~)zEgV5)9|iG<l;^fKgE~MLx*K
zFhp)+E&6Nzp>WA`wWSAcVUJ?@{q(^+LL+=w+lGhTk0_a}L9QP<{nd!O>8p(h;BWHL
zEWCfN%l91N28DmIvVBXf>eI1UhHeuH3mC;Wc&{NFED9#6thST}$A^w#hf1#-?%#U4
z0k=82$zc~Z?V^7phLb(w!qr*5mHiR-a;3gw=vjjuTZY=kel(G9C1_K>^PuugGi&V+
z7U}53i+6U?^Ezua&#rE{nX9hGxdwkqgdu!{ZYY46zi=cJM<LI-Gt|9F^t5x=C*)P@
zt9MY@PYTH1bffl+g7=?HKBV=WF&f>^P}uFNh|9R7_z)Db=KQH^Eo3?wx-p>xZ9_(|
zm7o%e{6`}!Q!zd5)`ed8&a1mb<eW2F{gh6=j{VfJ6#Po%2CWGOs?^;q@l`PH$5ok7
zTa4!F6Q!6pnL{08*9Nq4^%ZIEpL+GKbMx39sZ95h@lqh~w%uv2XwK<*>@g<!*O|<j
zi@DTE%6!Fywa)mVlE>2n7^N<yOhMz5>HXVue8=Cwj@&)k;uh}?<L0T^F88HMebt`s
z$SOx%Kn|M&e()CzgP?ST$UchS-s$vY72SQGZElBiy^EN*wDG;D+TbqL4PmBvMIKEq
zd{k5eQotohV|-(xd(jjrHrU=yCce_yvHd~&kW%7lIk&54&Cpne6$sUUQN?Xx2tIE5
zh?+KWt?apDP}Hd&Vp(CqG7G?~Y_F9p$>?ln-Qf)no7u;8v!~Zyl=_U#*TLXKpNFDy
z&|9gKci`4Eg)+q`o8p11RV?wM&*#@=>4c)Vt{Cs&dtT%mQ^S=GTfzPN=t%7<SWhsb
zBbd$##H$9GWVoE8C-1nIuSv}Qq6aEphTNCRR}Vhe=X_&jrD-?b`>{}}i82Go)DeZg
zy)&^HL)@(9?$Xz=7da4kj`Ee?Ya(E`z$<gUS9e2%g9_pCxDvxCQ)A`{$b-h;B$M*)
z737is(WjquSUtn1&8(0#O7e=41?0CDwDro9z7KE2t~nB#Ck&gg5#*AAdM)IHYE!&7
zxt=ZE`DAGUKkxraUsHT9AHS}y@bg%HW8pkr#beyL_H9TRgsaVvF8y}j`2n^u(|}5j
z3y=~vm;dr2r}pxd=Y(6LM$#Z%EU8lH`-Cj%_z{=Su(B~K2{)?+2z{j}v5%+Av)!|y
zI155ok<M&d0sZN`TEjc;57$I$F}`O-Ocx&u?Sh=BffOBp&E&_2V+4X+4^uPm+;)?2
z-1E@Rjxn6?8*$1?;nVHRZ(nfIL|5F9F+H~L35~lM8#yXNyY}p2oLpdf(F0V#mEtGw
z_GvsxzF@g(=tsvt^T_0PQ26q>f7ir`_Ss86253NE1!E7zvHABg)_IcJ*cnfPZaUD+
zG7~gG#XC1@S<vcakCu$m0m-V0iXi7hrpwk!j85*Ug?fA>Qjjeibb?%i<7FapAlHMX
zn&*0!GaL%$Ts5yWo{u=ip_;V!(>FXW01v57&PtD4pI>NjQG&LN$+Gsdy|gbD6`}QW
zt@L^hH)dMOKh|vjV0l3$>8Oo<uLFAkXvq>8x--PG$#8->YFr04wPr>yGkul=FU3Cd
z>M|(_yD6~6?9hg-9QA@(oG!&wBH-Gs)?w;V7aH;F2}z!8wH__~>l;!8uIQJ|TIreH
zTP!%<v~Mctu|P*8V!f##TBQ4PCtCnAH>1Yin^kZMm8j$Ad35irgvBPYySunzmq}{B
zjR5_tMj3x}|8yQh<?pX9Y;w}-<rz0Sqyifg7UH_Lwc=|kE%0_JoOAj`eo*Y8Sl%td
zFHUI(-n9UnQIGju<f+v+DH>aQ2*$qUFO45aizV^j<uFMe<Rce3)tT<>L|@LSE~E^}
zI4Iw%YrOYl6sCG}wyrY$cRkKu0ek+{$G-oW6OIpPg>(HGV<X7p#r|@gr_Wf*-pOmZ
zbrag;tPi?P!hjBE?*M4C`vU+pDa;hb!htP8b0cQwn;yae?3UhbZj0)s+oep-D!^u~
zLvJ9t*{$S7#3**q)P^N39{Q8g`!5(4esoJg@QZV5)Sx(969iIU`JC@|&COmay;d0T
za&^ClS)fDfMDWQA{7D=p_CO}i1~vEu;npz}cNp@b9h)9ip}qY!GG8_x>Y}%l#IWzp
z@ybnfap)S_t09wWw&j?}<7DLHdq7N2wGlNq(bP;|1`_ud(41)&-L?mN^x*<fdkZD2
z!q4hpRYUnWhrmt^E7TQ%CvIwmH6M3?Nn+}ejv=RU$yry1vKJi2R&((hSZj>T&L6cj
zNK<(=EcK0ly2zEU$BciTS5fdD%;1v6C)TPN%wvY0gq*gw+kRKUGgDuyN0Uby--x;e
zK)?WkX$*w1`Kcablb~V+_p1DXnYv{^VBcMnW*<+950TA?i&1D<Ryv^D@P22CKd)!j
ziBrLX$O=6$S2&7i?7)m-%bMr7scGZpb3Qo`yoRj+nHOQ}%=m&XE-nBLeA%f9wM5<v
z;anA^=MNlyaP1OIIm~=+%a6Ilv<R#_9#V^%JwAb#oyHccjPlSD>Jwyr1~OGDx=oz+
zjN(F{B4>^$jPJ@Ri#?e>fH{3Cyz<V5qo)b>^*E~4!f;$2x%4BFdcu?7HP%YJW53e6
z0spwseM>^b)=p=xosP{{%a@RGg|P({39>sBmACEn|G|VR7(;Dk%fzvzHD--)Ocm_X
z(q}We4z$ehATOaizM--CjE{iR2>+OeqN}Gqz$dYP!&vSm?$=y55*KbP<J*X&Ves+%
z2}C@Jd+q^40m^I!H&24OC$~J#Xojk{rv3KWd$oH*-u%K#_f&8uR~iCeOuz$@mwx~`
zoS`_X4x6ux;R?A-jKSxm^B_@5TK$}}H9kh0DZ7XMtY9Y9`i6d4ab>Jj;rZ9rT~+0)
z;x;47ipz*{pl>oT0dIiE5lbo>;6t3wT}(kg>W1bsH*I2>*6O%Y63J=Ean&OJi({n|
zLGoamT%72<^;{#S2Gq6_6jWIE5f>AN;p1sHoanvaK^xZ*H?kGJmb16Y7)EF>=*t%R
zpXynn+nNk)chWRStdcf)S=4^0Utaopf;96-1@#_U7+RVTl4rMt;G)<n5WJ~khd1wI
zsN+<1X;tUN)E#n(gVu8PJ6L!2n{=o>^)*rZl)Q!m6@5Q!EduL?io?N7%xSh0QO%4I
zae^1^`k9-jd-ceIn)#rn<|C9McUiAiCDp#wWbxjKdH<We?4+(=6UY6)z<`qMo}g!A
z*jc~AX@r0!N}g#}Sxz;NICr4jyf2`iVYE}BP3(~6y|KmcY6U8y7S0dOQU4CRh!0PP
zhZm#9bmB5a%OO<35lJ`HxE~+F@F*dz->1Rr@$rrimg8@g=>@F&-^h@f4#<A%iF|Br
z&k$BZ?ZPbuxwO+px3?}>MV+K+=glN;Df@ItS#?Nj;JV&UQMri3;@3B8F(e>yP7a@A
z7zQObVoQvJvN2nN>;RQ~gu>Sbqs$i-r@9Bv>@OZ3Ib*dc^;kTg$gLO2%3>T37-uj&
z-(eg?H$0@3cGFZ1)8(Rkvu;g*%)Ou~vN*om?SQ{_;aky7%H@Zfns+tJ`+UHTWf9BM
zW<lp*y*lfm&@2!?KJ$@z6iON2<6-G1GjXJQzClJTb>MER_7nY&FU{pE&G{;Iqeh}?
zWi9oW@wEfcdm7kf22*qC*);nb`e1>0t>xCd_xoo1+$+uC<uvI7DalgnHeS<P#C>yY
z(<fuajU2Y=tft38jjc|@@ycxelJUYryWHNU4vc9PgiD1jZFTF<GCq09aEFxqE1%B`
zLwI`j5947ElQ#qikzB{%jl?LrscN~;^i$~2n$bsV6n(df#q0uJr7CuQ+h?9P{$iIu
zFY*=bpx+{I#B5h(N;oxQ#nHM?&opLtP!9|0*!1JIRQ(iZTJtT{od{Fn(!Jt=F>WHk
z=-UDK_KvvB?W~8@yCJ@LGJSxR!aSGF?lO33EjEzJOD!9>_Rq`t96M><uQ_z<ZtCDv
zPkYOQdKByv=h{KYa@<BXsGfq2BG}S2_M-TM;*RyqP4+GarW+@_UYio=3@(<iTxWXH
z=;3x4?V<e_GE*X(z0sTaGV|@2O{~IZKW@AJqFEwE+(HX^tm^H+>=&R^>ghXSe?7s#
zqTyndgZd8FPWxUW)rKWRj|RH4=ctnhSOwbdRZxWAvxdqKX&blTKD0{pdvHZPP#Szy
zeRP^r#Bw+OHg@c(0zXtjT>&#6aK<&rre-azfh@q(k2}*-Rw!f^?d;ueRbVEw^@+Rh
zC6B8^<z}|TizCnS)qc#^7Oyno6fhsLW%rO}*trBBcj|B>qC_J8xswpb!B<5EX-038
z_(zUT=Q;pT&X(xyWwCoGK{{IjIC0)^mI##DZRmK2lafHvs7aMvyO1#6YEwQm>>VQ)
z=p{kl>*kP^!r@mHIe@x%hiSi*&A^=g!A~5X^|f*@E1WF~E!2{Q=Vo=5ADK62s=P|8
zOGnWKKkCT$XBZzX+_I3~QKoeAgLYs(M>X*>V(cMXU8Z>!;4rw)1aY5%Jc7qsc}#W(
zKK4mX8h(#5$dIXXlzy~Hdo1}PG=E+*i8JZIMHuH7ETm-~O)%G)eM3QpvEjrFtAq)|
z1j6nye#YyKL&`7vx1vg6lMzC4hYVEC=5HD$9<P>T?xL#J!PiY=1=!MF1|)?WPlvM$
z<KrKmS34JDwEp;Na&MC5dzFFrSn6@?kW~Y+oO`wzOZ`frXDh@{XeqE;8(buNRXdVV
z1=A;D3P0SpTa^`*l`kwcofX-E+#YnD%~vr_<_*H=2x7W$CFDje$>#p&=PG+jbvCvY
zdaa}#ciYjkaMo3z%fL`WSDT|&MX+Jr%A6Ufrtf5BAlwkcoa2bP_w%!bn5{v&E`1B7
zdtIG(cC+P`#<%5`#VgyHS5oE;jW+~v`Axg<GE}Az)RV|);>(0OatzSVaHZIAIZluA
zcb)G<tLA&+pFcV=+TWx$k;*tGxuc9oYFT~$azFa{$N}B**#Hu*9zSe5-ZAUXutobq
zEZ4k2AB32Re1QXWfI^TIdTtQ!y5YfPLBe?{D`juV#a+QkTP}>0akL-51YmZE;rj8Y
z*)|Xeg~pIg9XH6EE>^2R9`!O8AGqgwlGe9<&djG@x9A_~r`fiI-KX<s;aZbMt!LgZ
z-VSqTo&}~-4oU~7ST{{2*j)%dJ(g~*<3IyS{J_|pzb$R+>N1{ZL?!t^@SgU%%=67E
zs_(Vm-P-P<Jdew%UiTIB9I+eF7pS*gbZ7~YYy^5M?W(<1=(w{;-LP3@XKw5ss)dO0
zo2OM350<1CS1brSYNW9D*%CmxE{}M&V^Fqc%{-PZcN%@n+P}dlvY6&nZ)b-krO`+}
zNv+`54N-Z~`DtaYGFH+eF|aM$P0x+tHWD^ddm4!49d&qFEYOq^3+kb`Sr(K6#R2X4
zt3DkYgS`C&4%S(nF4RU>1#8ER?N^LbBO4s$I3_gR4VYH`RVj%*z-NF?ceDhSE}Q`H
z8Ldc*-yPb^{e$X5Y5gSY7U%<ZUAFHQU;2&x<F60>Q|uqVVg&gk$2k6*Q4}aoEC-{x
z3!9}h+s<8q$t4}}+Y1M){BKeSkTHKC1+a1xv_DmbTihG8*g133<3mD!^{0P|Y)Yt(
zxY`y4fEtelF*EiQB=bu>^E<3_12N!_L$2|=X@E)zehbIT1}>l9rqReevYPxQG>u`m
zCW}C{3=><I9vS+MRuw<IC_SUmmH!z}a-!Qpyo{sR^Pp5tEjNS@;=C9Vs*9KDIGqn`
zldU${uu!XCpai&=KqqPaDbU^yV}gFvYkT&?OybjbKwkjgX}^^FAHH{ta|&#M|2k#W
z_yV+MqSy!d5ey!4kk)<1XK8epZeb#Bj+;hEL|wkppD*^+^qcdi6uUF7%8Xu)FUX$&
zN%om&J-{$jAJ6B!arARh>S<EwY!#1Y-s>it6`#(jpI~l({I>pm*xWC#$N6WD6{<Zg
zMqA}oM^Hu%oQda(_wduC@YcA>q&9`p_R5~L@4)i1^~g+fnixsG@7A?^@e-T2a>ZLt
zOG+uT^43KDsqP+v?>lVL06xhM(`URuMqrmRgqFU;_R6q&|M;RHnqX1L!TM%I*(6g5
zM~#5qFtq@)-^wsyE^^-_3;%BT(XG%9wQuZim?-;6!#O~5WHanjPo~CT>*WSRE7}=Y
zIuVE#RG||}z9~z8Af7qKJ=OM$Tp!*Juod>~6QHrnrXbg@gs|g4E8dQ{5800U^&5MI
zezt|@Ihp(c<V!QLM|U=J>TCT1U$=ZlxAs!i+=%nOrjws8WdFC}sQZK3Cx5+U|8M{P
ze`XYI%w{;5KJ}6nhowj|0;4Vl0GNp-X1HSZgJcT>p8RNtz4EBJyPAQ|02-I^<PwkC
zj@bmr(`m%0hhaVk2LLhBCe11WPN!|?&Cwlib-#&m0BybB&j|c0EcJ)sdBazQ0j_6u
zGn^flT7CC-hrq!0b>N9R7(AB16ORK=44m^%hkohr{@p(Izu6?vDW_o#=ff?2Myp(R
z+vDY;Lw3Hbg-7dgP&<AmRTFQ9uoR$BN!S)bN{9kHY!5n{+8?|>u}?Ya`VHrZe`@9(
z0|M^<;Xow*wdeiI;Oj38=to)em;ccD3~Tl~@;ah-!mJJCe9X#_E=j^Pf42EFG3SDO
zkh%Li>?H2+S{~7uh)Nio7`LDE0lpXqv;m|HBM=lg14}X>yr3tPt;!<$Ha*I;4PdW`
zajYr-d$$Ztrn@0S7h3bJ!e!jXrdJ*Eq$9QW6$dxfeqy}Ddpr#@aUJux8L+?!9iFhH
ziTQ{vIulyNZ^lOmZ#1t=r-%HdE3ob-!oz>}YoR}L2<L~(UP_2lQ0gP-kHzJW@a<M1
zByT$Cy8knOfNR+0Qnyc_meD|_zQt(mW2E+30HH1(f9SI=G7FSxffHcr0J+Cy34qoI
zHF%mBwvGXTPVGJv^M(*ed4Bs;JECME0eyNRpf4d-o83o8Dz~smTSpj6D`FnI<b9_4
zcbzcP6607Ug01Pocn51eaghtbG=o#C*}x}tg5tI!s2McaPp|*|heGV@bmFkWgyS^6
z`U3+2LZ)DHJS6zI_O+%DyH9aHm;XBFtp)>3Pg-DHEs6p-Ga{p&%qW-@DA+YDp7*^N
z@37cnb0Q?2aRHQH$v{nch33HyC$Fx9vy~DcBvt}D1-2M>H-oK&#&S6L3<a5hl;DR2
z{O{lQtQWMW4KbZArZiNztfhiv6+?#vKvIS)o{VzeX0q*Vw`Kf81SOPt8tmjN*n6YE
zm=nI6PmOa4%a$ZJ;@0@FpLnoP?5{r3juG)8Rm89rrq{l_(ZK~EGTzc7+J~gg`CwDr
z`;I_W_!+h&bRApdX&WqgEZ7O|U2bTR7j)Kq|8@H;P}K#F{il0){BLhD<}Ud5zyFkd
zH}da4u^BZEDT<}|DkyFL^%MK;azHOcwHiFPs1%Sm_|u6{`gd3dRtqsD{+TsWg;|i_
zvo<iJ`nP5yzWCSa4d*!S7E*$}Iq2EAcw|)3j6!Gu`{MHA(=&7N_pjs$9Wx#v{kZF*
zXea0mO{g9&TqY=Vpw}eM!K5(eQ^VkhO!4P?nOWcTC;uS}+Kt(RcF^SL`-{<G5`aHM
zk1+NHF&e9R{8WNm7G{awOHA^}v-zPCc<9j`$=%h7fV9>SjGX+<Lw)u)kCUbNtIy!e
ztN-2;bpiPH;EKi(tUZ-jKg{yqp8+@oTLu}YiYv`*>(?2HlB(7I)<%gIpke?r{l7KU
zUw!By)`P47l{9_Lhl@G0@@K2fQy8VzRV$P8YVDVd2D%C^WyL!FLst2d;V$F<(}x9!
zf&bHoMQ{84;zq|YPO^KD6$TNko4--v?tZ(3>7z3p4{RN&wohRyOSiI5G0Ko!?BVaQ
ziVHUwV!-5fu-;G@Zv)vPsPb8chWaY<{GxwV;0l3qJ46Qdd0=9oF}z0p|M--tZ@`VU
zkxL~L2u@>>-R2SV>{dD+(Z(W~&SmUa>79_?qcJJ;x3~8%p5Pzw7E8EW>GZ;JY*Z!Y
zO_9~)h|QOU&?o-ohmO~U8F6&lnreStBSx?l$Y0aNM$LK^?3zi1@!jf~Qkyz6`=&t`
z?H_Zmi#He;Xr(c83k%Pd`kFpM#szq=aG!{&aTR`Fw^L4Xc9_Jn<A@%3g`koqnm3Vp
z@5l2edMpyJ#Z+LJtVZc}Zb#-hP-@Eq`d)i6VBhc&z|)V~AiLbKGXqm<93OyfFvtE`
z%ZtTq0xLCQJR#anMxp9?Fui28s;4E!zue$l%kw>Z7mz+cv<GcXLyb>1065nEUcEg+
z#}>8DE|#k%i@IL*ZcaTBlH5D+@K>SbcXvn}Wify;ggRWxiQSWL(<w)l6Ybs9g`5Z1
znOtr+*I&~BEl;ma-j}AY(R@y14fx2!Wa^U&pieiZ9rgZ$ozQ=@L;4pT|5K^^|Jj61
zV<~MSmnrs)5;zN@{(%$FsR{T-pA%%S>eD-GUP@(K9(S|b-~B={a()Akav3K6NBv5?
zqDF^;PzaKx$M$F`z2;RKbk2INpqkXjgv5KprHmek-<Zk2bB|+Dm1%$oBT~k2)B*TV
zdK4YbTpj;G&HK)9*4c2D0fH-;QO&gfimxF;+sx}0NSx!58PxpRQMvx7)xCteEsxG_
zI+&<z@!_-kc^LnoToQN43LH8JDB$ssEeMHK2#P=_q8R%MTMh;=E)09jvTYu*+N-XI
z41CFDidfa?jCUvmP10j~=aedhlpP#ZEJRe2rkSgKVlXkK=)S#Eh2U#4Ui@M!`}gN&
z4B4GnN#X@m1ab&Y?Fy{4#tpN(SUA=T5zDHUMdnDxy$RXmYkSNt0*%w`>J3cJ%HmfL
zaopH?gSDmnoLP_GlHE>Dzi+kYaD|v4Ob=ER3`(To%7}DTrnZiPBWT(4fW#5=p6*k!
z(RASRYDTp!?weJ@VHoS?(`r=^l5b-g;mgOC@eEK_?8ldCX+N$mi>3F@$GX`c=uxj%
zUVhB~GgsFCJzf8Q@oxIBck6#D;r>6pwm#_$S5VA<)V7BF8%^Qmac$KvE7-jyHLbz@
zSi<Je5zfcoVIkFTb1GG$UGHwNlTuvd(c@rtVe9ST(6vD3wgu2_X!y!-Vu)VE2D5Ou
zvW4%kK(>QxH_?-LPA39EeU5PN;19xl(NU+f$&8~*%7T+Fm?gpa=;K0+GKd4j+F}IL
zumbRBC1Gk=RS&VfI&4$_Zw$k)$i8l+L*ct>P8|>9hH>oO`1EfXL;kaLpOd!2=08q#
zWlO+k^MxAXO|^b#Ox&4zDGf9x5(R3oH6M<Ku9I2qpeulQ<j-zGl#*v#Dfl><vYc#I
z{$<f&Z!7UHeNI&#JE|p7EpU#SSt<MZTmVdgO#zBCQ#l{9pvhiccf7+Hha;Dh@-Iag
z3I(*Azs64v|Ddnz#B>;trK;C6Phv~3b+YmU(J~^JPL<BqhCJKDws>h;%CWTJ4Pz@)
zt`DrN=jl4LMCyh9Yt%3C0p0<wmvwMoLQ_opuJNBe>&I%}vC{k&d*&1qRMu-Hn41a!
zdF(Tq2ECg0bTzFqzICvE+b7w$_ojVU4~2-cIu$;cVGrE<xdrmCncnz$n&ZFlHR8|2
zg#E({EN><7TDin4GV<`<T0XrbOXc+k&7?IOsGyM(Voxz_MnJnJ*}M;ca6?+Pcu(0Q
zk7h{&5vlCtdOMBF7uyM&<W@w68x`TB=5Bjp9t(}iXsm)EhUk1?BbnIctxOPEYOjGT
zs?`WFt`7F%syG%eaT9{-oCEX~+rtn!A^+`82m;v)j<5&7IY1sGsJzH3Vem7QTbh}r
zOM$_lIGM&EW{2`3f#SRw7!czECHp6a<Em`_QZoBAKuK+~2S3>aObS^;F<_m}fs3SG
z<zVS{{m&WybFcmlRx+?C2^xnNq05C#LDtIvoOqC<r6ve+(MH}QZ{j}N@5Ic^D1Uu3
zA+r5D%-6n)NE630MLXEH$k8}Ry9c}Kfn3l22&bOufK(B4_u1Tu1pSFP32M&E3j3S|
zo0qnivs)|Xj+uR)5qf|-AAGJnms`^~3=8&C)T1~sXGDF5a9!XIvYXe@I7TdE_g8bB
zBY<t_=p2fk$ae_)5nrLPnrZ_Xm9Tj!GCUJhj|Q_-QZO&lS(p$brib|7&nZ;60zo&h
z6|ObDINv=wQHK-uJKiqvYMK;mwz64Y!Z%bb9mY;m!{7MP{e`ww%=$3U=7C-eqo6`m
zK&UCg;H&xDnAvYUPv0qcBr7VooxRK7<b3ijFV_uZ=&^rY2lyX$@IQ5q{}t!`nE-@;
z^!qcxs<@eeF@*-k?3tp-V=t+D>PglUg;zT2C2bpqoi*o`UcY&;Pd?kqRW#(;%Y`#G
zOc7N!uOLG>=sMsu4+i8!#Cn!cvx^3;JkDdBzjZF8OJD3%ud8UIz@>Ht6^Ca52g<H|
z;1}_427AIE2Ge3p*aq?_?xWvfJ(z6dOCr@8wQ7#4Nnogs%7SBPF%A@4{>Q8y2pLa>
zs9@vC8w#RBBG{cpUB><vGj1}CL74_=4ItYg3<ID*)%rhY{Lj7mA1nF)bbZW}k(r{d
zY+mwpUwR3e2SVpfa5Ym3jSQI5X9Y|j$1)saVQewtSPmIR5Co0|G*H5`(Ne4@U|x<N
z1sz((ZECNuo$8<eBJQbbfjV#9kP`ldH+(g?E@}9Z!3|db04)(XuYKQP@7pl##1+t{
z>dr7?w@q=bcK(MoPmR@{|L{FEj%84={JBo@XTAPYdCLFMK*jbXj?G|K%>yG4vyZ3A
zYpC9Qx+I&o5C|8{L7TvXWYlBVP~k*{f9PXjrh|X5?C_tJCI0vOoX|TEQ9*U((-)!#
zk`axawtj@Y@Qvw)t?k4v`Xfv5tOmq#PCKzA1jfFK7|SCr-i3z~S3t?UCwXA`G<>aW
zjgNg5B!<6y2NwD-su};XWB&)Q4gWJar~h=r!5ctr6LDZ#keg{wQ?<FFebHpkGqU&P
z1DiLiT(?j-Wv6^ss%Ycx#t>^Xive1<@AJ_|09f7@{Mo%5XleM<16VJyW5tNl$y&G|
zyAvT;Ers66uBDkht}d}EyvUZlxk=^Rz5OkPcd^m2Yec#k>#eC0^ArFxkLwIh(DR@W
zvY@GY5Z2NfBkQ1(cA_W1S;-QOD<hpz&*k5I((T-9k>Hlf+%G_v1Wx|~bUWnPHDrD?
z{}_2FttoSR&+?r3=JI|`?OCPLx6bni6Jy-%PpM3NfzgmwXl2$tq8E9Xn_ft(n2TY!
zK@MoOo&X)#8Kx0+GD=Hdue$GC+1m#>>Fn$I=auiAbyz(dpYl=nrj!Sa)q}rJ^z9%e
z)ZvOfW?RRJq`)Rpz$iWkvg2`2YHvQ9dEs@YaZulp+j$#SPZq02yoWvHT#aL_$B@>D
zwKkBdP=g997caBWge?&x5hI!VFRE;H>dAI5kU#zYg5+_jr}6JiUBms`Fm~)-a<Re_
zA*S#%2UY>rljYhVlh)|$*bf&US*<K2k(8mEwq*g4RtVjebK+Hxd1ek?xv0pw7v2Tf
zFg)mGw2s+$#=4+-`YXsachKc)h+s~JzmHd*W)i7l_~P8yImK9uhm@`74Jw&6*Tz_V
zl)3$W$i2mV7h$Kh3&&H!m)G}--k!YUvpN7geF~-p$&YnUfRvC;@`jXKYYnuo{h4sW
z8>6Nd0eRaK1Naq9O8iwK^=la~Zp=C3=R`pyYVJfKT;+Y}DKzf*AMJhq;rdaDjD|~4
z`S2M+g@eAVF|su7`t@C(CGMV%ynQe+YjeMe$n5HQ4%YfEWIMhQOk2?-fI%>nFz<2P
z1kUko1l0)?$=Oe<tYgz4hkW0o_>`yCd99w?5Bj&_MqW03czBkQmdyfgbL^plI4hRu
zp(DZ`fWIWinjEJfqKSgb(*$$<zWF!T^Blk4^?K)C8Fjq8D%HVVqy`@!qae3U3Q&tb
zcGOsX%6fwKp-IwvS+B8fDp2q^%eBS@4&_r<P7dftbj_2tHO9AP1@1f`dr9Jg;3wX?
z7$pH`o=X}95R0)3Lb7?|8IJ4@q9oQ`-qodB4;f=>R7N$7E#+sOUpZCWYj1D9>Eo+W
zYu%Wq0T({X7Hx-pl;T|5uELSrY5&=fDeBRfslj^2MA2^2KlYUwSK$Ppo(9wtNW1OJ
zwUUH=)cLRb0=V4f?B2c+wcO09>b-PF17JhKUx4q7tkW6%4zs6{>*(KMv0ulnNANcY
zS~8D{NI3v?;bDJb_XerkC7gFms(rpD0P(5Z2!w~w4U7mRI2JLS4VfP<>mKv<^IA_h
z=Xj`@_O7NXbGD&#gUy@`&Hp6C!PtpD2+cipG{asWBMQurW+i%(imkPAJ}NVJ?C%yF
zTW7w@<Rtu6RFk|tJ%V-LQ~@14pgG>NfcBuY={jZhuX9v$BUV^G5U%)e%4$rsU84m&
zsx0E-9Uy26r`w=G&XY6!bt%$X)P8_C7DwjrorD^>Yrezy@DYTqY&9Bh+U!cwv{I9f
zL3{f|h?K{}IlixN?ij2;+aN4NR@Z<Cpf98g^7dU=HzaHdR|>p?YO{-W2`EBGmK7TK
z-2VvOnY5xw;54V@dnJ>+H)TlJ#aFDuD_GQhE}x)Zccj5%f9r#3ZFt~bFcWwsNR*yH
ztsf>0cj%TC=Ee|=o<zqx+>5sM3{kUHDGEt^$33Sd4!xinHn<o7O4_kPqy$ENYVA=C
z6;abBBgE-t@YHL4#6Wb>(w^l7nV0t0&stY~a$A?>k9=f3_P^S@(x|4gbc>>ZOaT;R
zP$Gh&L=2!viIAwsRFr^-hCz)jG7~KX1SFLp4k%L?1R4;70}cp883jTj5kv}=QAQ;b
z777X6AcjZ=`_TQ~T5r8oKdRoU*Zye#X5Dq~J;OccWbgg$O%`o<RaZ{|N3Z2eMV~A2
z0ix%F`Ocni@Y|v&Zn!%xug8w)93HVLUjF3#&ouvOW%hYbl;;xZaZC|DNYFO%41Pg|
z5arx^nr~xh*fUf6!_CahZ2LPfvxk~5R56NcIP|Tcdy@fqpH8rsy=df<)A5c8oKGyI
zemH7X-{)5cOx&an?p3p;wRz(|JwO({cP|?|QGOvr-9{dJlUz%d6xO$PiM6fCQscZt
zv?)3mJF2*t(&LWTgqVDJXq27&49SD9@>7}G-Z(JBeqyQRq_=NN*|4JM3I)KwC$Xb_
z9Aq1oBwH`dK!;J1E1*6OD679V$gWNL5@T+2sMjRFLwvN9QTB6{wv&^=dDH6;%LsvB
z04+hO;pve8Hj}3Y)jy@FNel3yTs5?NkCy@N1Y??kaC<X0?y8%2D8|bjbsVNWhki!B
z0IzL-4j%zkzM$q%SPET(tK_(eB7b4cD94?!-)rye>Eb&!?LXSU|0)-q;cukrx^9Qk
za`_(=XSB5?G-AsJ;9Z7=28dNy26LoO*d!QCp*mI!%YbpJjz(DDsPD(Tyw%z9fm!as
zH#qx3H)cEGUUVAD?Kw6I8MEH!OSJpA@HS>Twsvc6#WB1M<dJ3#Ul!-wvJmtjrgTVY
zj=W_*@l3>+UQi)>$Z9%go@h0D(_)EK<p4IBTpc2y@XWzPSce_bA8Z|=T$Slac0;A@
zDRu~jrnB>dg=?i3+qRZ-pX6J0L<nSpeHlM$$c;ClQwZ(E>WRxlR^@_oDjEkHH9j=(
znF*V`VccIsSBUfL#8CUTHzQp8Hd?f8?c9tT@qe&pn=9h+YX!yQOQfq0U=!i1tYIT$
znUYkjL+D1?(*$90%$9S;zOGPnZFs}X=XA^3omxE=6jcE(TgA6Don;tNl%>1l)evZ0
z@S-i4eHdL8Cvg=Zg&Bfh+MjneIX-C;jN2w(F{akPF)<9N(fO!9Vop7C-2`>O&_|^S
zZ7oMU){mK;0Xc3MVW$)Tm8?tvv!l#Jj&=@Z$NWT<YTG!8kf#_$e-NS{-P;zsA?dy|
z>`ap0(e;PWJ9RZrYX=AeAP>n(aVr{b2de}V#tOA940t3(-3jZize-)rDdKx}RDOI4
zuN`swTiK6#l`dcMTw=?Ex2|4iAtx)@M0r0U9O|Pg;>3iwnZuwFkNn~$PbVP*L9r!+
zPVc_cpU)7Q8MO&$`Uh9sZn9bP&}D_0I`OP=`$xD$Yp}&o1IozZ`h%Dqt~XJKrXGel
zTOH^3YxrP4g=)VpO<FeKU$FMh?7I|dq|5!D^VhX_t@58U{s+|y;~LA<fodnGP+Cl!
zHu@@8x+6wfG$;rK|HVAs9rKZO!{w0CA0(q!j`xq5wBTOX>s)eDG&Oxh=^={};QTl2
zt}km*su82}^lnN8an3?iq6oU-_YBRnC5ia`AfLg6Fp8}UX3S`X5!CbdQhQI=jH0U;
zC$BfQ$4}TLM~8TC3b>&pcd}6SR6`@tkde6d&l33mkJl@H%S3~3e;PNG-lUpS;wD(I
z4E#!V2<pv)DMNTaFM|E{!EYXsIFrcA3A2X{e^-4h7rPGg2uK@Mz+BiyQ^z|?$;9Jb
zm%zdzLxwVk4L3m3X?ca0$i>?2ITo=S@Gp+Jj3(`LHXfsW03fl<7u3pPt1>78VC_H5
zMh;J~$L?l{JcJke=9<Gfr%1ZH?o>g6E!jKYw=30e(iz$II?&-pt@t3gzooQ*>M!<}
zwU9OG!SKt^b!(dw_FoC@Kq%b`Pu<CB$XMTgQN8<O2P@cgY17OyLc44U6w8n0qDP&$
zUi~qrwM9*?Ro%BU1h;oI1{DW6=$dOAV-6L1Zpcrd9XWYC66@Qo$WG>mvS6bm;VAfG
z-6W18ZH~u<3Ksq9>d?~Ag;SSf__k7OCEj%Ty=?YYFYhE1hTFy5H!}C}MB)LIjc8>X
z!9to%#X_CW>gXYZ)*ece`bR73<~*#X6Kt-oOt9FKzwXqQRWT+YD!UO_`2r{xFqk#P
zgOZgK!YES9=3w?r2Dy56IIJ-yqtwbRFw!paOYFJmPyRJmt2lPZ0)tE?`7=pA;e>7i
zkdq`80*42sTG+5oCo4*#TP?t2hi{k(j@4HVO&%8d;pu`;Ytwd|>OIo2JwE+NS&6Cx
z&h(sY28>>2<2)~z3*;)mrk)-I(ys7`9(|9?WMw<e^0=VizDyri3)3Gq=W#8o%X@Xa
z<!U0UNSyUe6wzjoYAYad=dTije{o=MBuOj4;m%w{Y+c~~a!U!-S?U{4!;1=CUKZKF
zvh8QrKzHe$Kq2`8rU4g)&4>_r`Ro`eFgF0QpL9j>VO~tS1jF&(9Fb;gS^o%=>){=5
zt9k+J4JMZ(F%ahfD#TN%@#5_t@&zByk*}0<aHz?ME4Q1gZ|u5n$0(_K-rIVgSCX0L
zvJ4_L^a2m%3WWvn!S1;!e?+m@0sHYsd$XEbOK>p6rsYF&3jU^R4)f)Rc5r=30+>*-
z;5-#{)I*4%OUXtM=?WDC_+o}VMbtardiY>S=E!T>p;!GD3_rHy!~BU2s)CtuOYKQw
zy&}(EK-??BiMMr%?L{YGDSj9pKR#ru#3&(BEo;EMB7$3UnQcgX8!vp0w$v7Fcx~kb
zn+^n4kxXKXGgS{f+6oNbHCabt7h@(Ftw?4M<l-XlGItbIOb%#G>Cbh)+lRlBx3jIb
zw7GG*A>Op;W$rDP9tBSLoSRJfws@Q5u=FN9xER?=u1>!bi`7Qyi&B3Q#9s7rH9j9m
zdvxve`SD!t?rcWyQoT36Ntf3}VN2&c72n75oW(l$pG4pou#8O?>2bkF%p;{3q8<&z
zU^ORGrnY2?Qd?DwT@iMUSz|-g$Z03DvBTb(dnf?FJ7JEIDZ|7Y2`|UsU{H+2R*u0O
ztQuoLzLior<j5{6&?~aN#y2o%AM+?MaaH-TJ?$<5`(Y!{Z0CX2?k02+YfO2?P!1>m
z0y@;hH>Nq3bBa#!4>N;u-$YdQ4hPUQTei?#o`k%U6zICbo#fMG7YW^CI)l_GNU<HY
z0;++B^?xS8CeQBpdD{Dv>65zb9|ogx550Y<;FGv36EPH00t4$1tAMG9G6sK+9tAVN
zbAe@P%?yvEC5m-&+rPK#bqcrR@4K>TCy^$&mNmDtX0V6x2YX_WT6jwVJUQA&GSw;F
zIy<5?znr<{vDN)f4Fy+ulf+$v@xUg72xjFLf|A5TdL7Lo1C5SMNfO+LeoQ^U=G*#M
zs~~L=q>WBb@^;(3Fmx$;fBa0PGpd1-LEQy)3ERP|{EUwk<(GjsQ)6;hGteov()QGW
zXZ!mr%B|BCeQ8R_)q$hykNE%etLljz?{tr7wwQ}k!DAf>oglrJZzG5jzU&9>yGg9u
zaXy?CK4mW_!nDX>_06OMMedKY1FYNLyl+J}BwQ`J<kO*|XVkEi>dYc1(Qzcv23ai^
z3Hm~XpmhWvDDtS78l<g*+I~wd8y*g`br$B#WHTmJo~NEODL7eZwR>6KIL~9uc9Xnd
zJ#vU7ybGMyf{7UmSbj%YCp(;()-&Qz61SJ>X<M9pv7|St`R3bu9oZcJYp$nW?ndyw
z_?$ArmH?|u2m@2VZ@Rz=Di!altQY7!Zw<|iqro+XU}|qW^}o11aLMS5PVL3iS*|e1
zH8^7_4h7A1kNd<{{Fk!vA@q8lP0YyQz}wKvCN0B`ZK-Y!*@B~D!Z)97c$5)z)r;Br
z_91SwkIcI>EgQl080mV-th14<qI*K{XLqH=m8g|(<6>JIPgTcq=^9~$(Sv^8I#w%8
z+?LnGo92$ow3MH_7$mau7q$Yi_(r<~fxJw4Gw{vnp;-^i%`818i4kEqck8I#H+w1N
z5iw}>msz|UJ?sVx=`B6%d{$%Asx^kS6HLg1IDC)Wmdwu=1PDh(#gMR%^_s+O-saKE
zqr$^uPsiHLj#viwBh~IL*uIpm+H9VTdz;=R{$D6IQ4bD9!zI@Tc~f8IB4N_a)fC<s
zJ&h!?g~{B*g)yL*H(7RVcu;uy_bZ0}B>wnUV3_}Xk8c`d^UY6Be=!*TXF%{j+V+3f
zbzi?>7{niK<A1UCOX3E(lttE_4%s)od&N3>rmJ<{b6-<2kI#8hSCF{&mRk<u+<Hs?
zzgT<aPk^;gUS#c|dmMVJ8tf?z0lB9Jv&Efj&+)g92ln08aNHi{?q%v5;22d~RsLh9
zW!Ic}Y-l(!+&q2Gb^A(VXOlCVPDcMNsT{UUvqiCjuo52y*p5g#tAMOebxq(@>~b2w
z!=i{rc|H<re4TKT-(lGjsoi?ug0$ap&k#r$S_N2qfMxxY#;4*JY5dy&(i#WFOI%=E
zgI++w)qz^(K2Y4Or|S_p+OS0}oH`b0;Q|)5a8)GHB?sAxiLY`F`K=xj-H&uhc?oQo
zB8r<?l<TCnKch>`wlifew`GRl=Ks_X2o^O2%IQEukc|-J%Zxn1P8JWU!rlu21gl_s
z`l}pb6A%J<qZhS!JMoKJyo@3sRQOd+3JQ<DzwP(F{XP@Ee`Vj-gzxL^H`*P_28oat
zQDpi{ZuPtU0w(*DnQ9jNYV=0~=+O1Y3v%Itrr+Jv%-)eC`j5dT$ggQ~OC@Pb_B8I>
zY3X+VBimr;T3_ztx#NI^ZjveE1oKas5C$aoVOmJTT;c8p0B_{DLgQ26sOnQ0MnN~C
z3x(cqmxP#?T(l`jvs9}$4n@Di;Z?+|!B%NS48RT<?rNeB_c2lfA5Ln1!T7cDDDn5*
wboR_jKCYPMnk@CQNNHWVXPv%y^8e%j^Lv>Mf7Nf_H2dL?p7;LKuKPOt4=Cxbq5uE@

diff --git a/apps/emqx_exproto/docs/images/exproto-grpc-arch.jpg b/apps/emqx_exproto/docs/images/exproto-grpc-arch.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..71efa76f985074556554f6402131d502c29c244a
GIT binary patch
literal 97464
zcmeFa2V7H2*EhODfKUXa7lj~25LBe2lz>PR5i3ZIfOG-rD3D+SX(Aw~prE3nBE&*b
zDWPMd2-15K5s**}fwVh8J<mBF-{(Bvci-RpefR#{o}ImzJ$uU9Gqe7y%s%uk`Vh2s
zx3QTq1cO1)CGZcT4?{slVV-UfWMKg*KoG<RF~h_l7C?b4kREK^AG9${9)ho?GeJ;{
zC&c_c&t7n49H6w-XTDvTZZiGI!SeVf{09viVPvJxKwA4e{DS-fJ^W5cs&3r|Y3($#
zU}lsEj#XNAm0bHlJfS-YddfT*#eQ{~v=c)gS<7Z-Xo%i-z|z=kkI`yJct}nsP8?@i
z3qd}<K>-I$c1j+xv6V!OK^zb}#0P4YadHVfVX$xC9!8lzuB+w$@k8ubZ9CMqg;CZY
z$^RL_cg!`=1$5pXWOqIm=;8zDN(f@U?s6g^2!dD{>C&M=Cm3`TpalXz0|9-RLA!sW
z?=xuUZ*<veo<j!=L7o=yO4c|z1-L^HcOOWX3~_M><#1B~z0LQSr!NHYYzDNRi-*%O
zKr`CD*~iC^L0<*5Jjj0n(3ODJa{g19?th}4oSgqC-^t1S5Bgibz>}a6yF3F=9Ctdo
z`p19gkI(U7z`NCBBlun85ny@%Tm=9RyS)9(8T1-JPy0IWwFERDph=#fci(6x4v%2d
z!+-|)nbx}m8UnsTLV(_O%xRZ7pw|Q1*!TF}J>S!v-8_xW01ZY9Q<!Iv*&#rS0Q!P!
zpwYqad2R;y9r#`sQ?Xlsp~3g`S55(d`c~IKu=im`I-~q~4_CAA<-@s8c^t9^=^PLQ
zmkIH-V$2S1KyMB7KFDYfXd7JTl!qZBeKk)&@Bv2qWkC7?S6`EzfChbmhqwh8Gy2ZR
zALkPYsMWs1Z+du|F`fl{fIkiLIAjWFz#n+6i_>cRL0{l4uD%A}c>)h{4LrhV8_3U8
ze9U#15uice;h$W64>S79D2H?+XeXmC@GLXOiQ}vD1f(-dxgIxRq)P!>EimNZ_h*@{
zf&vaP(m^|!-A)AUWAG5PllhdF)9!tM2JK<K1nq$gp<R$96bw#h$Pe;@Je#IVroms|
z?ifQ(Pypl(xk6jMr~G)rdi9Pk_&o@nf@UCJkSFku=XS2%b%jDeI`xm#Z_jRl+*a>~
ztUloleFQc5K<3bK@OLnvUBNRyYO{jIK#J!dfB&f636$vq+It+FjQhV%|B?EyoCcu3
zd%iy#{G&!mo*&P%8nNzTHDxts-NY=$tjDa)ya)X1gHwfBi+THxe*7yx%SV>?EF&!K
zEJG~aXwNeNKk>){8Uj7~#zR-Y-#_t!c_S!Oop~p-E+`$8%q+w#25n(h1N9g%qd?8-
zAl2}D4;ftf@kajKr$2fC{p)Rf&&R%vorztTU7ub4=O?)pxYd93ca_(F=H$1wI{(4%
zA1(NM{r|e-2^|CNH2>pmd~X5#0{j`g0bT`v4KIV2K$37g{5kv`yqrOQuitp}?YjR_
z+kw^gc!T%i`A41~{bjsyMxBiD5x6aH+vGONw^D*!!-Bwgh7A2qoDA@E_Xv_S0Mfx#
z(#+Ro>t;!nZ7SO!h#_kjc_3&(XjO*5gx>rs&A$?Yw#R`ri?Pg0GIBwXlQaaq_y|G#
z#DAqp&x2`m34+R7T!I5azU5<PTv)&=!2@QRC?o+%L-L?MDv$=G4e3Kh&~C^QIt1B3
zj$picfN>rGg+dX~X($?s2hunV%7C(=9Oyoj4?TrSpfacms)yb}El@ku3r5d4GzAeL
zB1DG4U<eo&j2|WnL&9WXiZB(J7EBLj1lt2U0JDJ|g}K9gVZpEn*jZRSECrSUy9Ijy
zdjfj_tAf3Ty@z$fhGCPidDsdQoM{b{0FyY=MkXaDEhYmdbEZQ~4ovP${!FKs&M{qN
zy2^B$=@C;gQx(%&rgo+wrYWYca0t!`7lLnqZ-HyU4dIq>TeurM0FHsj!PDWl;RW!Q
z;61m&hv3ujWoA}per8GLEnozjG9PAkVfJUnFefl)FyCh`X0By!V;*KEFw<DLSk|*B
zvg}|nV>!a&&JxNJ&63V?kEMvE4$P%-79uMvs}QRkt0tI>HmqK(;j9U)H&}73m8|bs
zM_Ioj5C~C(B0?8oiEu&$A)*o25RVXeL@Qz(L1N=%L$ax`8ME24`Ldm1OJ{q?R>9WF
zHo-<_U&}7bzJuM8{TTa6_9XT@>@V4y*~i(*9K0NI9J(BbIJ`Jcb6n*p;Hcy1<5=M2
z<dovv&bgn{lQW9*D(7R)SDeF~%WL@7D6BDDW4|VN&BZmjYbw`tuUX*Y;@Zfi&t=OM
z#C4JD0ap#z02hgypL;8}8TT=6EO#b%F?TEX7an#VSsnu(N1jtW={(PPnt7(zvaj8^
z)^M%UTFlzawJ+9ouKmi(&#TO9$?L<L!26K*HSZ@r1m8wJBfevN=lF8?YWPO^;r!D4
zhWsx4XZi2&*YS@FunNctm<f0Z#0%sLGzky{`2^JjtpvjaGX={9hlJol8->h-jteCT
zJr(K@S`ii(HV}3djukEtZWUe<Stp_|;wlm+f)i;MSrL^KH4^m}O%^Q??H6MfQxMxP
z7Alq{Rwp*SPGFt(I+t~E>z=ObS<kdyVf}&i;p=nOzgz!RTteJL{Dk;5@fz`I2_Xr6
z2``Du5)~4YNPeUq(i3?ZiAR2x6qGcOJT7@vvR0C?Vf_Zv4Z$03ZD`s+mXeb?EOkZ-
zC)F>_A+06tCVg4DTACn(l(CSBkjazjk!6?FlJ$_iBHJLlv{7!O^~RWuB^y7<iO8AB
zos!Fw>yzh_N6Guk-<JQdiFK3KChtu*Hnk`)DX1%WC}b)$D>5l+D0(X1P<+3cW%KsU
zzMF4v?%c9wi@}zVEqPmpw+e0Dv-Ql@lC58qWRz@`l9d{iXxr4c9p83mTdy*o@^0lb
z$}g4YRTNZQR5DdQsB)<qt7283tInw@s=2CVsdcIIt6QkYs8_2~H8eE>Gzv5(HDxr9
zYF^ju)DqCzr<I`fYCFsJo!hb7%eF7?(AW{Q<LQoB?Je5g+7Goq>B#B0>fF&8)s@n9
z(!HfSq$jC&RPUzV5NZR;33VGaqA#s~O#hz#gux~QFM~%0Uv_TW8L+cx=aS(L!$`x*
zUGQBdyW(~=8Sxn%Hp(y>FqSfQH_kIAn5dhCn^c;zn3|g=n|7Lso4J@hFeB{N+#R{Q
z)_jfmLGujrkv$4~0`|PLV6xb4k!sPmS9Y)O-V#g5(#$f|vVWi4KL35C`&swz+n>4r
z;{oLZ5eFI$@*hMWe0Y#}Xy>7%L%oOP4+kHvw&Jm}w|Zc;WWCEe#d_$7(vip`Z*9bE
zJZ+xaB5bW}@7aE}GqOvw8@E@tkGAh{kaGxgc<m_Wc-*lZ&4YGAKRe2D)cWYdqZB7g
zr`t|noz0xDI}=<CU9PxH9n(K{`PihZu4{_xgqyBgirXi5UH4S?Ne`4qy2rGqp=XBY
zoR_Irw%3xkrFX73{kZjUoDZANQJ)vSe7@ekwSE$QVSevVD4vKuG339)Kh2*IU><NU
z5EkeV_&i7efckgA^1<hWhePy2GDAqAR-w<rc*A_d-knr98GCZ#l<}#%;mqMK;nfiv
zB2GsPM;b)l!oV=jm};yv_8fLR$|UOkX^zw0ryI{~JCkx|@vQaPm*>RKMV%WxZ*o2_
znmalmx-&*QCi?>O1<wmjv8u7xVrg;5;@-q>i%*ZIB)BBJNmNd}nn=IscCjf*BPr_=
z>m}by9m%NV`zgFBr&2~!EmDgwOJ0t<yqJbgd!4S9o_&SmO7NATt9!0Kzb13-(lttk
zM@D<*&P?3(_19ysFWoqHqcuxEs~}rEJ3f2mrsvJBTPC-PZ*RPvp2M0GlJoJ7)t!dB
zT6Z7Z6T26GkDBY7J9PiR{n`hb4<0;R|1c?!DK9v0@{#?cmi%4$&kME`+`<Xr;vYkg
zgCBo>a`Z{ZQ}d_Q&$ONu6v`G}FXAtXD~1)HEGCqAlngz$dH(*z?ibZBwO<yMZY|9%
z+fbHSE?Aya!BKIpf{s6h|5|yXa=OaBYP1?%-CJ{{=0olN+NL`5x>xna^)(F!4ft2O
zugYHUc>Usy)|-;I8gGl=slO{~RBtS5(r7Af)@**>vc2Wyd!6?ct*F+jwq0%YAIv_y
zZQtAezT<F5SEqgFP}i}pPu<76=XyeV$h}d0EPZkPYx~m&)(_ks+%$+A(ikcq-ZlJg
z<lso}sLSZoSl}3C{M<*bkLeT0i3gulK9x-xPquuv`#e5%Vv0N+J;OV5{fqpU!dd;<
zcZ4H^@wtFG`h3EI=tAzI+G6$BeP0KNK1A|T97&XPe_3m}Va0l7f*eXgP_9xpQD4%`
zX?=7bI{k!GfYT}#fP-HqH=w1@=Ry#d4Zsd9Kz*?LrVFm-fPK?n0S)_pGLnCyzv+vN
z8vsK<x%v=vI0}OHR6<Y|IAsC723#2s{*XSzq^kPI2~rqGpqr}7Dgj#)0H6tpPG1m*
zAjC@uq6X0E<QsH4^$yS{x*@32|C<iV$j!PIf^Nz&sK!1~#^o=^H~kbO{pjP*SI~1+
zRW-&lf4R~tAzn7v2+LzQObTM+g~54Y^jZiB`pg0V4LE+(0%L+Rv#=uA*f}^shN86)
z6ATV#VurJ@Fboc`NN^uw=4IjAplra(zuyTV<u9OeI{6lx^v)+$f(PCcWK^94&aiU`
z35$q|$!?UB-=v_XuA!;5eTU&LBV!X&v)u;|9k#LtP|oF;tDC!rr&nN5a7bv_$x~;~
zosW*W5F3}0dO0oq%GGNbw{z~?y_b9c!NaG|3X6(Mp1*imT~k|E-|*`7o7T1u?H!$6
z-95u2qhsSACq7Mno||7-{7PIREw3>81%u$<y7foTe(D!5=ob?+Gn^U0=ogGB6r6Bg
zW|j@gtb7Lh5l;U6QYxp}1a>ChdQ!zMt$KhU=p68#Lr6w#Say!lwbh>eXB|89ztyup
zI`*%A^#a)atyfGi&{`%Y@T%b807#E<up$6h0|x+Qs|VZa!Ol1UhWdWcK_M{4lW;f-
z_>Yr~mF>r^|NKht2WBEWdJnV)4g-S;&I_R+8cqIo9Q6DApWy+$g+^1%oC}Rpql1Oz
z)M)L?+h#ICy_%c#g|)jRD`mKIJMRXijnW|rIy9E*HAt+XLng9N*o~NaI+WOxe;YlC
zk+}GgUA5RWf2;U91cG@xg4t!t8a3<}5lM$`q3MuJ0haWV$P<-4Z&sL1_M<~NS><P<
zbg;uF@f7R`zJv}{2i~PaZq)2I^C*8A?WHgMw8z&+;kkR>&!OvRC_-)*YM8Z^4i#3s
z|F}$to~QU^YRu3fD`VBv&H}|Q`I|gRbm*u0ey*R)6bC7SZjkH-k=Rexbm+BWHf?J~
z<?Sdv6dgKWKDR_WkENu%phF{5U3vmx_y(FH8B3AdfhPKOQ*hEte1>?;%-|Gz)3zN!
zjo~Z;Fi@Bv1r2^VBG1y+`Y4gjXC(Zx$*~)|pZN}cJ?64q_tZ!kmL{~+Ft{Q}hvs)r
z(4lzT<6pKGv`!xWx7H>7y|KT!_NOuRn`^(v+V2_qdtLkgwlqlgsn`|~Z1cW=qR_ln
z`h>amd1vjRbV+1oXXoLhys&uvmI(aJ+o^CRO>LcJE8SlI>%P)jubOndoufG9Z~yyq
z89!oOpNKV>b0#TO_F#McMw+vp?rQbzi<eq<)?9Pq&X-p+XjAJ3I<ydinxI8|f_{>P
zpMLs#YMMhH!u?&`GQ=y14*e|cj*|9|&><uV2gEhu`Xsg+?>=9a)Mv&`C6{0y$!S$i
zwy94G>_a3`tmm*vlubk)l0hMUMyc>*1@?<frdwkvwmmsv?CVtA+<zvzLG%7oGyqCG
zFQEi}<7k6)h`s3wHIs-{d_}FjG&@)tx>6mOz<op2qz)?#`c<8Mln$L+XHIJ+n`BPV
zM$C$j_m)s?M4BuepW}}H0z>@f+i$-86{$eK$J?JE_V0Q6|Ht)>i=;SbZcR#My{VoV
z=9K=b?kwBUN3#9h@#_;S%BTABfQHj;LUW-*#3?#d<N*hx;F|zL(cc3#^eicJIMT2_
zi>-ptkv`X;+niQ(S4Og1>cwj)>ug(oXj&twv`!3rhN9~~;;>&Ph0`Z9U6S+0^xC6*
zh=WtDQOY#YF!VkG`po7C^@lnEmOdZ9c*M$wzG~WLinz5n<uD$I;hi(i9<}7LBV92!
zlRh(nX}=7Ox(IBCl0TeUEJ*qH!t|en?f<}iJrp$${}D!q{Ltjx6_pG@>@~X_h3)O6
zwF1==x*hlL&qr92Nf6JB9}vfnd#QLDCgScw#g{>R;$Y~-a;^NhWi*X%3zjD4M~2UI
zB7w}y_ERs*CN1_asg}$Jw&B!ZUyTIz>$CjdbVlIFs-#eK3$~aJl>pCB+2FI|3nLy&
zJ`1XemF}XV4f&D#kE~c;DC7!%N2{qQDW89Wf0cHuw^XaC)&Kf>_tq$lAI2tnD;R|h
zG+kgF*w~JriJ@KGP2>RUb`o~ptjLe-1WXqxQ9l_n%CJLnloTI1S}z^?G=V#M6R7gw
zq#eW#<)8`nO1(Kl!W02H2Wm9l1s{D%Gr>>o$nn~J7P+6rigU5*b?0o)MT>0q-LSzq
z&hR;N0F!D8!ZI5>JdY-vXrPMa(vA$s0?W%wh}I~N8&#qq!C#0q*!K^y<B20^nt9IO
zQf~50x5m*_fJNlzGEjd@`CaP&EC+BO0F2$xOc4wn1%qO$h7R#Mk-CRx))}=&aA~9;
z@ZoZg8yFGa=WtYHA|u2qp?7`qhBYE5lwTocx2(=N>xLy%AtLGPjO_$Xup^$>%U0|X
zS(vh?^a_dcfFt3tPesj?KJw^(G!lT;0TP)G?Znf}?CH>4a90>&1XVW^UYDL>8K;JP
za>V@O$!C%29>f`A#RY9a(W40Iawu|xkv~nZL!FAK4n0+Jeg@Nv6}~cV_~cIiiw~M_
z&M8-?gz4se{27Z!=~dpY_?sDRk_Va+qm>V9TiDeJ;hphU-YqzFy`Sls79I~c;;OHc
zwFv9lkJcoS8O=h}T{&fWei2#RWi-BgFf!d!)7NOrf;5YkvkAP&A7~FH6?$~21xJTc
ztWgvPDDt#X#NZI}0v!@AniaD3)RS+))Hx|#``Add$>}W;!M&S4<Qld9;@4@3f9TGA
z_~XAf{%8FD3CJqNBm(yn+|&SnVSCwrZ=&LIM6-r?qC|f|6~<aN`Vjo}tRrf4meHa@
zq>#g;o^T7M*9maXf@lNSCs6V(L0~v`J@*IL;(0-^s8F`dCgB$q!Q@VB2G2OeL}8>U
zj-6#To_9z&24ul=74Dgu-EK*~ADr>3Pxhxn0opByRsn0|=!^@xB|<JVFU+xXrey9U
z=8(3SMehy6i2H`?H_4stsqp(rX<Kdl->i!jm;R|c`r_vW7qCecpjj;uHlcS&Xalm(
zIY)FFXjW>-*nvTnZ3m-ePH0<$!NwUrI!ooCL(8&(bf~Tc(IsHrNQ04*=E5E4T<@ih
zBqFA*_?EMd54vXPmhO+EG}Rd&fxVh_too<kL}_#U-ERAnWt1`gp3|X!7;axjX?lzX
z8O*s3qz*?SW{P<M??8hrdXvo~URCWCNv@pHN1FbgJijN;zf_g~7n299*b;toh+)j>
zIl1ZV-c)-dqLQlnr8h4YG$ypu@Gq4UtnXN#rTCC;;V2q308XL@(8bHWl&@|LSDuOV
zyrqs_|5!fq&!CiHc=2tZ(4poVk*6JbfJXw421~#on3al6C1eC;p>H6R629!9F+=X7
ze#uUQ!s{5)L=dbA|LZP{n>>%@e`x`V`p+h6*?*JcM;_kwt9JbC_<?|F>hBB4uO-$$
zJAR<>-(34iy8H+3vfo_$J39J5Gu9Y7s^VC7FOHblfjx%nHm@5j6pkq*1=~@XwD<e@
z1iX7(b|rLQ@21E*%7<0HNUk*%dDY}ifLCD&*4ZRQTy6H6-mtde!Ai0?*0_9-7*5r$
zv2AZJtgyQ}c<hP8Q;kk5t17Ld24i9nE#Ct--b|A?4IIl4f#wuShu)ey0JxKZ8vcYN
z*y2_+v6RB1L7Lf3p3f?AGyqb6O3(S#!w@Y;{&%@!8UKb4<7J+J=O^jVnU@p|LSu8H
zo>T<SlNL4aE!iIU4-xA5w!KClwGuVoZt1!GCFHPua=Ik9DR>DTam#W<0cuWgc26hq
z03m6HWkg(0T!9XuFMhJOvr|>uBzyNm$Ge06n*|f>qGT>{tN3TE^h9w0`9s`Khpy5g
z>PtE_V@qbLKv6GaKLU-w7f-fgthL|l5^#DOjizveb|d$5M^f(ROD2KLSNqpL1YrZx
zl4I+6v-9n7ilpxQpT#U|#4Y!=PNejNQEoilRVN;(06(+M*r1^`N>{38Z`)$#uC~SJ
z(#2<VW-iLI#iyo5ZDTcS?kKQMqws$S=CT{Uc<sJd>gzzAtdL1r=PzApm9MwUK`xVy
z4^~YV$a*woW{QUWWR9C|#V6pGdpm*fY`KE&z6%NLH~NoGL5eFKs>(qwoIo#aqC;P-
z@XvNLl<uMTNz2cb$d~ERlA=Dc`z}Myo}jHEogBu(B6DfH&$E<@rWZ7~M=YOgaLf+t
z^haw`m`O1sNg%$$8(VFrU{17@e%o_e`J-R+UVP9##QXoWMgKeb1Q#@CbOQsuha<P=
z-|=|;QZh{j3tPn9^B$)|Jy&Q(4w|%zW?Ga7{1cMn8S4CEM_`JNlT7v!i(e;d7_}@I
z)V#77Lx=PQTlOJ<6R9YaQi+-YwmnblF2Q;HjPh_l){$0At9kOge7>R$|0?!QZ|U3m
zkh2Lxqk3sy|C!T*K-DA^s_~GHpb7aAnMoj4q}d{Gj1E0qIQ6A}DU4i>-LV+=C;Y?E
z3xPi=6KKCJEvR89Y<1DRuO2``x*E7tT3+K+X=wlGm#>tmRt6?mE=4ZTA-!NC%eQxK
ztvWI*M$)VlQzWG}WR$1J<{ImV=aJ79pEsLe8B@r)HG8NK4-`Be_18fpHHYxMWs#1m
z>Ty-U0@0t<n;az{MbxdclMP_yxeJ8^Suf;{CiV8xIIwd|L=vf#ycG->-Jm3>KP+%~
z`{R=Gin&9fPCXw-Hhh%3=C|!Yb?`O85T0}uvqsG-JYjz`X%lvOoa{r{Mok67>Q)6C
z!TzOt-L<i2t-*c>^Ai%AE<gMdoaL#hpj|J%$NvWIg-u-AO`cCL<0!n;CwM<pZ_g-=
zL)DuM!&d1Q;t`*BBqp6}tF>)!h|77g$xnKBjW79Rs@Jj~49eka{mN9PI$})`NTqQ!
zlMxa7NI*SW9zw#rXsmM`FIZ!U!0OZ(bmfGFGW@holW3aRiRiURPqeZbYZU69nBv?Z
z5f7G|v<M5r><k<Jal<sr&{fRF2q(Kk7442hKRH7JH7|`iPPy=DocJ_*lLNQ-wz^k_
zgxm&v?;wp6Nr#yGQw>O?<e)IWN{Ou`hdi%Ko-4T&DXw7gj~Tu&Nkz-TF&5|2ltXUo
zIB&UnLA2|i9%e*-EqLI>n(ItECd~Wj$zz&~|0V2Num1mN{{C09MQ{kTr9$4D4)I|N
zfkAOYN&K|q-sTN9fgk;vLRGOrE+V)v2K;qJE`#4*9Ic%Jh(W{}1;h@Wd5?XgRv|-&
z`aqZV76)Oggt6mdXfFI0Wjd5=_Xagoh@MYWibX9U=ulh!4J5&6aM}1ujUPDyJJ~TG
zh1!1~l=Q<K`Kznq`~;2Dhz`lOlEAPyfu-)~?)<Ed0m8G&0}ra=!+rq@K(5^m2sIRs
z2X#dcE{QPe8pq^Vk2h0zLuvc(5_)N)$d%wS+y^g6v5|(1P-@Xz7l|Wtd&gpW$7dJ1
z?IawhUA%Bh7XvdE;|SO@XaRLP6pI2L<V(GEL?t=*OOIYGXijKfV<<8E5M}#~1R!w2
z=pTMzKpmoOB%$}s<(^S0Q@>m0-yAsZ<7vjGVOkKNFL!fsN`L)erRB0rk0lk%?)S}(
zRrbglCC<+hoCKq!=pvJgW;12|jl8nl%cAw{(4yWA@3K`BD-SS+hJ2+%s72XMq9^*#
zOZq=+Og~KZKd;z80$@e41dj$vpD^_emJB8oFs1@~?q38NFuY%*L+)r6Qcg9p7fDF5
zDbMZEYaah1`K9}#`z>7+dH7@;s6vmKiUU*k9`Y%A+PuKCf}K?LsBa()cO<FlDd9`3
z*UH5_HMEAzycGGu?o0X7^3L3SL!-?o_aqXq3Qe1l4@5W+IxCaT_B7>$k2Lf3I@%}d
z`RI8ZdqU>Pa5HbLWRsEDU!4-_Yacm`PQepQk}l$(%?!?LA@9euql&O`i<Uf;eVKJj
zwt-3)lr|JTZwoRvb~U|4Hhgd-?aJ#DcZT#&m%2w$qiJdsS<(Xl8HA`$@k9BJyv2!S
z!b3`2)XY8CQs0_CV|loIg^djn^!8r*7;9Z6^RX6$^^nr}Y*GAB9+q%Gsb}w(wo&V(
z3W*35$@QU4Sg3h1A?wMO>wFHqdA*iJDlYY88yV-k6xV~-4+%N)P;=?fQ9qKRUlpo5
ze5kVlCrYtvEejM_!pIYr;&A8#WY(*hCHBf8n<U1pQ#1}I))<|!L3_?;lVoNoyf|Pq
zEz+D0zDsLI3s!8Rm=KaKU^WbX-f@RGAlyFEmhWoxB1I;{w5P|)Q%1h|c?HMQA&w<9
zX@h%>9kzRrI75Aib-$C*TWjln+HWQWCE&GoS8z06S<ag*f_(DjM>auQ9-FOGIsLo^
zVL{&g2`_>lx`ij$I)oE<5tQmIMIy8amesTH-afB+lKG+Z+PC+cCRN5Z&3AYENguE=
z<79_3ixIMW0GLJ2*nzd=5ow8_c#s4q8;327a81-I3H5$@O0ulWIQ!XuK);#qRken5
zCeKwVXKC)c?P(tpI<v7=T3BavEQ)YoP$c3wSX54bLW)v+2x&U5qc@COUxn?Rn|7S9
z=6h!J@#)iNcg$7lM0A)E2k<Ab?nsi1QWdtldE_jnO+tQ7Gp<6JV%aw1nzXwkBKW}#
zqv@_&kUmG$xfJ82t#3qTq&G(C*^+YRW{F^&p1F?c%u=IXM7i*YHWNyR-K$@xG}LEl
zwq3emyL5=VYC33Hb5p#x^rmEvOZ%@rIS?xsk9m(L?BVIHAu7cfP;cXhuA@aTQW0iz
z!RdJjVncM<;k<@$p9ek9^;{lbuHxNyNOAM&L2q9ZD}ziV;rK)y2&p&~I-NSI6jLGJ
znZKDPrIb*_W$5_ygPbX@uTg;GnaT_9Npi`7lQnr0;$S_+;fL;3tewlADIcaoT{%R@
zmK;)Mh;#aEz1Y|2o6>C&>RwkHuF0HeN^R=9e@-VX;KC6hpD5(LQ$BT#12_DFPqLR}
z9C<%>;nJStm3((Da`Om={DZ&jpZsY*?&IW1MTC)wk-f>@_j(<+JSfR*-2BE4wMk?s
z$@c511;5yA-kFMZp6M%Tjd>27u@N^PR{2+LA4BejzNm!@wJydxsP~>MIWM(YtEmo-
zy6e%-wRJhzLZ$bBQP)-}vz=M~W$>g9TnnpS{>T=%!90*lO8L`eebWo$N0xl*{hud{
zN^5=1X8<8$0RZ9%YB_dBfz0&J3*n!jQ{?F*0Bl|SgzOmvt}Le#5dBJ7HlK*>$79!3
z%!;4#*I&mFnh{t!r0GJ#PBc|i{*yZqNU|4b@vs6O7)kEPTwVK(j$1;BF8&e3VtLt@
zH+)7t*POVeAZEf@B=DH!f~WwD(nxznhuC!Z!CG{inorwCYXg&gI)IcjJX@2r_U$kd
zPC8&SmbCY@&%A4ChJ3eSqm)Qjis|NQ?!(fY!`R1`l}g=U=3yy9qod8WJm=SR407Pz
z@jUjC(Mo#enUPzGL;=kwJCC`^$I20}yy4->KDB^~8IT8~-?q=QLY?|d4^I1#rA|T)
zXNwN>e|FqJ@^_8&anH95NZG#0hgoIMr;V}+TaeeD9D~2p=fHIVj+tRe8-a`PYcpvh
zqOM%YD#I^2V`&Dtr7wNHueY39pMA3_S}{0f`^GpkThqJG6&w#cr{rY?up#OP31-dF
z*@PqL3uqplP_hT+)ed}3{<^)S#*uKUBZ*Y#_&QRDV82J?)|sANyqlly&RcK~nLb??
zX#>`koTL%q8706dMN-ZPjwBy+MM9c1PS`GN-s)Zwc2NKE(-$iBA6t9mrKAqnyvi_k
zo_nRY?`;O{EXu{NJ9j7bB7iWnESPsR@p4*Q2_ZTo-7kEMnmu#ynObV|xL@kq1=rBX
z%wFGVUtRBU%kCu_dvgJ;8C7U9!%5y1=GX8x_<lq{P*%H4>zj%got>j^o#c9wdJfy3
z2$_!27C5#KF=R5GJ(5J)B-fxsl9!v=Kn}xH4y+@fV>cI});0o|RT5U=eV)_(-ql*g
z<6Az)%o+%mzD}u(c>cw5@?Ihtf$7gKQfj~>Fm2g{!$@9|jSh;C722_=#6sFAI?&;;
zbIa4sod@j4Grf&--Ifh~D&<9MFy{ac0+H-TXM{m}$x1z#rk9T8AiB%q)dxRy^O++(
zk>~pD9kx}?M|2aXW2KX*F23Das;8G`AnbM&!KeKZmJjQm6o)Jpj(5~<UKe3GH*hQP
zk%Q7^A%TlWhQA)R*(w`sPwf<s!gV*tgNXE{={CaP2>vYIT`69y7D-5_7^HRXe2;0+
zT`V!?)70Lqy!&x|S?cDxwJa{BY_%A@Tnew^C~kUbPP;Y>C<JHxF)b^(Rdk4pRIoI2
z#ZfHN+`_gA;S{Yb>c$Z=cCKHD@ciJ09<Im+vIw?HnZiTf7Gd-O@6jArvAMlsYsArx
zA)!vp);VsSuA}v9H1;t~dGoFp<eo{oyv;H_3T4rLSU?IASOaN62k(CiwfGTo@xOds
zMibo$U+_2SkPp!7kM!A`#JhD*)V}}H`_X+}RFjHolI_avCyUv<9%4(^s4<a#;o~mY
zWQEryA^tb+jB05$--V7dFye9`V|LS_%bpQtAebLTyK(#zU<6<WfX?f%eJ)_7FS(5U
z3C{kEW+6<@chJcIp1(X9a91cEz}-1H8W?UX!OsBR{S``weun8(W8B+plGH3E$9%Yi
zT8~<sI*Gpj0b;~SK24&4-<eJjc+ttwai^Psj%z^crS&~|{&WG;_^dfLr@!P~lP2u?
zF?Wf=f5l56>FxhpJ1s)9{(a2KFXIpXXTk9cEElP*nx?dXA6{2x4lw9~#u<&-rX8m{
zSzoToq(2*nfIS|_1oKh(2>wSFgwNVG5&G$xT=!&&vrmhL63db`s`JOMX~gsx^j=@<
z{qS}a>e4GcNmA-abZ+pdUynJBef%NmEHQ<==grHs+?XC7_I?LMua9oshlRKNEHIsh
zKzW}#v4WOwSAaUk48+?R+fQgV)Y1HKVgNOND5>_;V4dAmVqgPrul-x5*MVXCsMp+!
z!^V2~>Tf0ZK5RmZT1^lg<Delu!H6vc;VNWw53-u){L6qzz4e6t%R4YP+zRH|e1`Vj
zFCBAFeg#htadUagXQn<P!A-q@byJF=sgqLYc&aMaMWT+7%I@me`Aggir$hW}VuiKW
zj7uKfn99XeU*j)%7HtjOL!#vEm_{r!9Xf_PM?}K$?&Vw&+QX3=X5%H#Y(BnFSW;1Y
zs+>Mz<{HpcOKCc>ja2~BZ325m<_C$u4sm81wn`J_g}P9ZEmW~NV*7cD$%A)t73FQS
zzKaXNa>kx6#Ti=N*`lG{<w>$n&2UdpZj1;lVj%Srg&QM|X{_LVOh~^xjZ?ARpwhP^
z0g-i*vr+YQrKiJHZq>LIzJITZ{z^UluhJC%YEbh2%(09m-lapy))sUK_lyqR6oXda
z)!2E3$?UI_JhUjqn+4dv{J9#|`=?+hptnj=fZi%YO(h3-U#O`2czj;eTF<R-BA{f+
zSUGO-pBt|@jwP8EfnWwt{4`IAJ=n$*S=KR+9c>HkYZ@$X-don$zUrv&Pg(|%P&*i&
zBoJMk1^|W>nE%7~KoFH)zdw;@nYdv08bAPx!9Z=ylJ1TL^r3%+RD+1=RfT@JK&h*N
zsCTwOZX^Q95h0N!s~UOpbKb3P&Oz;vS=HwGh(_{@{?hHZyFZlE|E?>T1pjQFh5y~I
z@E%McV6O-3v<6tG8)!HD7&z%4EF2Kk_y;Kduda->b&D`qTSqLZK=Lh4xufs5|4J%A
ze-jI7D~aeUsJ|Lb@cZvWk0Rx2ZCT4dVx0!<29}Quj_rQx(|_IFQ>%$vb<&RU5~p+M
z5U|0JgMneQ5JvnF!G@%F{K8_9i_P_1Dax5#xx?F6wNcYVA;!4s)hn>E&3#H=!kWNO
zGt)?26@!a`osSP|b7@<)`tVz}4qfbFTPW7LEVXs-UZ_%34rTk||A@Ug0!s#O>K&HW
zk0s_up0-Dw)sqNASE4<E!sRO$KNGIg*o4+|^zY0aP=odTS$tYI;|1{EmfdzkzU9dC
z7<I}XLhjkGW-k1)Sta>4lS^EppGLNi8!JTW*G00Rt8g>P<jr9SB9N|UuSFP;l_G5L
zA09=ZMwC5D_$LoE2=+O@t$yMt8GA3zqf@08?xyi3y`KFQM8ji;NAUzp)QS?48$js$
zZP;b0BvRNcg}<2=-%x|6D5wq6OmX#S(s@G~`ve^_yi#jP5t+nO9_7$B>;vQCBrw>I
z&+*eC)*XIyNKqb6^rlH@gAuzxhi=aiW`PqtQ4<6U0Y=1J1fWm{MCX-7fDF|+V8t1W
zW0>zR96}9cVHdYY>;f4sW&!~61~nqcLz2s;a-(@s1Q#&F=buKQ-0;6!`<u7FN5bz}
z_IpkEpIC3bf`B~(HO*7-d7sBixq1-T=jiBQ`oxe~LbmNrx|zuE;lu8-SF<4a#)=Bu
zLN$;EV3S#u6xc#OOWKG%qlXN;GPJj3#K9ITghux|6qE;g?~t->;J=k%*VB8+EbvBM
zGzh&~A`{YW+)38M*X}ugSvj1ls{C4}`kG7&;^ra#UONYQyQ>}g+hI|trd-@LyysMA
zCYp1y(MQ_Y;yv>NX%cYpMQ(d||JJ^v+>k)g>0v8(LPbVXfW;%3RN7Gf3Pivr;u%hp
z=)vynt`og)iG$kMtVdn*M3;3o*s{Ruon;J&_-BXdua(%pNawRaeBl_-GZYYS7V>ET
zKItrJ-T=GvY1S5{m?czr?zrQeBan!khWa2*=R6RDov)t*Q{G}vh2;uPvtVX0G^w<6
z;U<qMfM;;<{IK;DkieyYa6Q=pEGKj*D?GD_5%aEiuOA<tUEVei99}?_p1*YyTMd|f
z-g~Ss5>GqjgO;OOXLg3nmNxWHEqC782Lqnh|Mt_-k3a?ibcEg+Y*(PYIdM=4oAst^
ze#vFs;Z-&=0_gY{0d!`xHd<fwfYOtb+B)Z5o3G)w_cc=ACpbsxjxbRB-!P}iUtM82
zKYP`Ffqvm%#a3hc8S(x9#fjgF{mI4m&F%JAJH$;mjSX-d`0#)!#XpI<W5D{m5AUz;
zLaOoKJx`jXNCIA;<U_<yZ!eG~`(42|yB<Fo{v`1seqei(2fX!%3P$e)$o36Q!)r%$
zDxu-v2elVt#aSr1<H^b<_HUww5_m89FX9g2kfbH>iH1xoI#i5Y*)GpCQKf6Luf0NK
zG9&td&K1?y6TT@{TW4bJ*QBPLVAV_e%=i`r3^kVOi6RbyPeJI0fAgIKx7k7o4(Lg@
zwtkO<nD9dbEVk1D>vs8<=9xc_>>srC+!cW660nU`*uGpk^um_bs7QJX(4{fz;}HJK
zLEu=;hd_bA4lTHVue7{?kq6F;5{gX99sIF*o$~wq5^j{msU@RGUNn;S2DJd(uq9|}
z9wQ|FPgbJUYP3%QrEZ09imb-iSMlAI*n%K>{x=O{#5|}R;e~y@kp#@NPLaT_wX3)D
zs|_KBW~K=y<}@#Wptld;(@-SsgCMC2OXi$Hu528@KWsjSnl~#0PaTa{qVipaeM$o+
z{~2>SBvk-VD%u@HT&RC#IcZXdixEcg1;smP^i29#lnr>g9q3**ZD2mtg7Eumc!pI-
zl5>wE@J^KaX%Oxh#fWy@bYILDgMd-*DlqEdu+CVgu0F?QwCCX1u2!G^@lkDq`V;=y
zyMamXs~<4w@m!(4i1c&)IN_eH&`|2DnpnHKwdVLg&v-OoLnAPhXD=_{9{(xoBIuhI
zhWsyXGlDV%V@E9c!vd>bat+3nq3_#y+B%%`QEwj~%VQ~1##yJBY&dKZV9HcHHJ3}{
zW=}tY9lA6q?6^_Ew8dI-G`i!s0rG;D-Uk@blA;s3szw-%4iC}<#lZR~vmb<U0H+c|
zk$4|Q0t@PSW5C<jf|RE~mTUoT+rj3pUSc2hTp1_Xl43QdnXpL3)&lJj>s8X~x7qob
z<r6Pqjo9%!9jd0P>lN&R64PZ8*1%R^bZG5;?5e&IK#B!JR~)RJX_sMSAPjz0p#Zj~
z0n1QB9Q8nRhW9gc4kHYRB&t<FGBl+16;jxt2B5QyyCUZ}Vi+1yjM9Z{k}}YlZ1j=O
z(1f``hQ=bC6oVxl^2Ae;O@7f^>ro}j&RgHqqg!uB<Y;Sx25DA+2fy3;o3Fpe!0$2e
zdkp+~43yzHu?&OQXnMKac??GcFo-3no93wMX2s^)d=};u`TS8!HiSdh^qWC!+Hch$
z24osAh@pT%Y$N^yt_(F?6;izL`Dw$JzB5bJPY1NpZpDf8^1azPqF#Nz$@DdC{{HIL
z-M_|_0ckmo?ar=wNjpm|p}uhOcl}7sbkF8DDfPQ{-51XI28ajzGb7Ll^*7Y{Q(#%r
zPX^bY!0%0-4_^OdZT^MhEclx>)>a9Gu+?Uhfp#+4(G<n=v*T>lw)>MMS@Ek_6vsaW
zmRYarNPqIUF}9U`kI%)fez@%ajveEuzl0F~6$$^_V7?zvopJpe&c(W={TyQ)g?hG|
z@t&5miNOSPoX!U76X4sH&FqQHnWj08aL;79o#Jnks<>K!uED4g@bQ#clJP9x>@+!|
z@n&M_!o{1xRX4eT;`c8F=C9$;e`@=Wy8b*a6q{&UDApt_L1{R>bS`G(-d&00;X$tM
zx7hm*uh@AF*S@a4zxmxM1^LbIcHWmcjlPQE0to9aW%nE+T9Py~g6$ryf5}tz_Kw}<
zx!~H41AT@^C*mg;ua0Xz@Om<0l`OPV>TT4aV^NsLr0hD3Fkx@JQml^a1KUZlAeLPv
z*3V?i<n7NpG>yr>UCU}IGg4OHNxVY6?pMIq`gQ~n{W0CJXurChm7CmSrac)n48U-?
z*~L8P@V<DGq{&5;$1Hp@bcbH%L$45_CwBci%;Z*tUiiU$UhTd#uDMlPjB5V@JCuqd
z?8!^iJA$iV58ElfTl~w*h!bg!6Q^ce8}3UBz*czm?&jKgHb1iOGZDYze=RHIg!GZh
zKKmzH9Ej~r%8g;IjF6RQhZ1=8Hjs`z(Sp2)cT(vPR*~RG<W5)Oj(|}MF`N{c4+X*5
zX9hT4v`<HH1#YQvw5!JD?&<6ZdG^9ZMri(|lU@i?V>+cadpF>p6>#zaRRAB4CF~sp
z0S;?v8zW>0^)Cvh#P}@2v7xyQvbFQVCv5r>(ks_bsKLm~cfES7N^|S-Jgz7^+P+g=
z-=dYGDX#M9&e`U>0a<#a9Kze-y(#Lmae7j%6iw&A_(ZFDMXd@)yw1D4`ja2=*@I_R
zLaVb$at#zg?1*L+y1T&ac!i(|;Wl<XDW}G2X^U=pa$dK?Q8SKLjbl2+T^qO5Na+ur
zkaWb;*hk4i6dh`5g+wp5${2j8fGROKqLhG<E?er+NX_Rd_S8eZ*I6RV-pGG+_VqXv
z8fv^HnPSvki3%=*&1nzg>LLY5sl$F3f|~gztBTj<D|}IW73!ij$f+{Hyxy%ej&hO_
z_{v<<O5>q~5l}PQ;E$oltr#&<%-)VIH|Knlj?d<P%9xFjk+H8PK5mdP4>-%^J0%uX
zn=W%sk<6tpn$b~`6Xs|3ytB+Gl<R!rZBh3ZFOr?(WE>xTsZ}`LmjV>4n%N#pVlb&F
z-)tCv-cgS*5nCj3R=B7&*v_u|vfO~|hU6}n3KKyR4umpbDhOL|kZmGZOQ}VYrP)MJ
z;}7^^;+<Ac^AWzAN5n0hn6H{pp7y6TQO=Z3eW*}deVaqssABi&<<Jpa7k6`&p2%E9
zdVKh>r7%f)nz-}rp|d=&3?Fqf`F9$o;tpwM3Z<1ddHOgM7v7Fq&)f<oOHh<aenWoo
zFI_upc@ipAiq2Fw*JKGKHD+3Un7L&bskZU(dFR5|*yQoclDi~lhEBhU*bD|zT-db=
zwXpCZ#7rpRiakkrgh%w6G+}IMDLte3$^-jdoSClWPeU(ir<@I_lXU2+)Gm&Os9Lx2
zl6qR$DhC~9LMbt0u4LM82pK&fH8%_P0%2XT?w(>M>3i?JOvLq!U3urbWvFOpp4wCR
z!b^xdK=&Xq5Y!tpNU@>b3IeWY?@?5ZkIQgqVv!{WK5piCk=+Gfz9Ukl-ew!D<3*Eq
ziz;7qS$??>G3g*U*IcXAi>#)xQ=gV0$O4`j>H|+kP@<liD>IF?-0`ewxi+p=;ZYc8
zxinjOVp7HSDfH$(Y?Y->;GAmROKQ@z9RXE~6)965HlGaYx2!D=?bxw5Tekg0?OfNo
zZeH9Ti}_R$4$FQS!OgIhZX-<KBrt;=7(6Q>NsWteCwqkX?P-@OAz{VG93=@eV>_Fz
z+ls_dem$Fgr2`Icw5WM;fK9UV3Z^NWaEM0`(~jq*Z1*FW4B_I`k<l;ToBHa6YS;PY
z8u*V3UpC_BQ5g}r%gTC<?VzOAt13xkzS>XQOt2e3?IF386u&dTTPxgwTC^y~9?oXN
zj-`g7X;nh#6<NjQg8)?&0n<x_Fz`HAfTjPo&(z8zk|D!>0}OLSHlVt`-=r@Q>*zD5
zI-*-r<D)Wo;6;)5Eq|rUf=9M$$?2S(bWBAn(LUgTpB?{|h+Tw({mzr2Zy$Q5_oQsC
z^5@$vu#h;k9#e#Q0R#&jdX;w%+j$4I0u`JA-^u*XzCD7wiaPGslUap)QZl`SiwK)5
z^gBtt9?yE?UR7iL-3RvK>BX1sGZ&_s?j&%xzvVrz4)kheEPsVE?E^5@pk`j*qqQKP
zxmSH9RT0obZn>ekpLiQb);X{?@1L{ZVCAz%y*4oNp0-21qVt17EtSpJHeZJ2fJJ~v
zn3z!_gO3DMSxpdPX6#17%iU`SMKMD7M0InMYZ-4XJFrC@nd^?sAC@jEVnSU`PSesh
zZRkP~Y^Z^?5-J3A6^JUGs(P8&apOM4jdb?Tq-H?(o|e5C>Zy_UR(1t#h)EZcI&q30
z%|{}S%FUqt!Q{tMuV55tACQP)k~!-G<b^UtPQwvxp9n9ek1a11*M&LFN4&Vfwq_k>
zG{Hyx^I%a@HGUnfA4NDagBX^pnO*Od#S}ke5;fj&vFMJ8K#5fk{({@utB3X!oNau@
zQFoyU){qZHs^@`D@nW4XsJ)F(R5~)(bb5#JyO-y2@kN5^y%23~&oiB)IQyr`4bp<k
za(-k}OsgY^fjcA7OF|r+!{p#dnIqWRAd=5e5?`NoJk`+R%DzJvLsCPpNvjz63(faF
zi87Ox``XNKt6GvuM~u#82~u<L9w6d>K#S1$YE$@a&Z)?)tt&#qw_a#mlELv`6x|h{
zT<`q~qZ`Iq*|S6uL=e%`go<^O#VeL)E4ae2R;1IR_j>M|ZW%dm6n#}+TqiHePA>I%
z>gz@*GJh_UxIoRILoWT^Ce+LgF|`uvb7|?<U@<ikd~I9R`<=DrFB_*cT{<Jpb-pUC
zJ##yB(Ypmi$oTb^44KT_LSC5G6S{G5PiGm@U%a67rZ<t#Go#>!OjUw&_(@~^6NzWo
zMGtVZ)nNj9X~2$Mh@~juL;wR#@Iz^6zOr?ry6Z-nZ1wVT!ZJkV+P(}LTNSc4A9%L$
zP|yCB4KTrl=Z`srC()#h?hQzY)-E?<-4H$-osQ?hC`?vJrB+q!&}hBeRf=y(mOfD8
z0cB{tuP!jQ7Gb%vMjv(X)A!vQibxu7Kb&kw#!iFS31Du@&fXL;TUs(Z3br5N_9{A8
zSOZ^tJR0~1GHI3MU@!_NdK>-ZXu6t_@4zPQ#VNojV6oiCilRurL=a1eU}*X<zEg+N
zJFq+$>Ni*q%<hiYt?D9x2x1q)g8)KJ>S^Ls(qn9MNydOB<&-b^TJO?}$<B-w02moS
z^6Xjs_}Xk?)E5}oACkvG&0x6KwX|vb+2;ajL&%j=;C~lJ<C+5jA3GzYLBI#tRGx*K
zB6{IPu|tE%<y~^sC~^{j_@8Nbw{PkS0FwXs#i4(b2hOnU-YCa5Q`v*589&)%zai9r
z8%}uqr+B>Y+QBdO!u%XO2zH<TMQ2I+tIDE}y#L{+_4$X|@#8A^i+Gi(uVQ~U|3g1%
zV)*@eAkyaV)_>?9V+o7C8o5mBNwuiYs*<@^2A19c$C%XNRNv`QZL?KVE!6d$+3?k`
zY5jM6$LN1Hj_~JAHej^<ZI{&#m1$L7`sLvH1ShNgH0t2<a2jX%5K4psoMLB=Mi@RJ
z1Ydud+=kxMj+?$EdUBDfN92r8Uc9KLQu0)c%wgH9N;J(Tx*!XE@NtEiI9T&N_EC?!
zv6QZUJ-fr_))!8jUa&h|_9~*h^f}I!dh;t!LXTyY68~rXv-<2@uK|ss$LT&24Oaa`
z?Yyh?!)wk<Na<8^Y#O+!%zPb=Zbn35l)-|8ieLr~H<2J@Hz&Fc@A2Hp48%`9BOLCU
zSAS30xA%Qyiu|sLfc_2Eyu(jQ!RIv<WI2Iz<kpnJ28|)_uKCRENi+ph+QF=V9f9a_
z+Xl*7RT{ffzGt9k3PrafVNYo&?!wnx#V^cPn$9H=FDH4mP~-7K83X)nKru>}5TwRn
zeYk{lgU~sjG16^0FVp)tdow?Nuu|I5dSp=J%c}&JR2PvZ_Jhq+AUIlk@Ja3k9dp7G
z(S@3iJvwuW@;L;>6rF$1LzvG9e3Pcj_Tr7rME`diOxwpC3TzLkjK7#<xFMN=lk?0z
z%sV=?4tvz^JYG=8^-);s7DI>k2Sz?}^6;a3Y+1JsT^Not+GWr4@+Jqh-LD%#3`Ox#
z!sj9*bf49t_zRyG`tkSO?Qh+h<Ie23%WIDPoat-fSF(vh`aA<T6Ot++aJXTbOeoz&
zQX<6crM)6_#`x6T%XXhI_aCcf-w^RS%WPfB$xyk0C_OU*n!@i*M3cnHx)HlbNb(Mn
z7Z1<tIet@oTaoV0llMx?N>jeDJ6k<}d1L%W`<_QTzbKT(?qgS9z*BfpqfMtrn!6T^
zs8@CND|lw}Rd8*t5S-IEt$n|&FjCJdZc|9)$7s{)nM+)E&&taQl7-Rim^LiILa7T!
zET21$<i%))ZPmsJ*w$`{v1|KM5Y%XN81u!wFkL9s-H6YRLrX*e7EgA=^zElLOK1T<
zAOElh*d@UOya>ESy$(Cx8Z2CM?6h#U7|1yxZS65LGs+TsR5LK)d;rQ|YGk%Mkj6eq
zmZa79q=DF`3K&UGT-(0g+V#t`lR7IGb9bzF<!bLsd2@gF1LYhAKA2*12H7|YrHfI=
z^yrC^(B$J`nnV>+<1pFIj{|Jvr1q_#FZksm-CnfMjQ6a#)W|sQ-@<Nfr80i4UBmS>
zY8@ED`lzAns3(@ysIw9()Pf40LM$xe<gkOv)WJ52#c=q&_c@yTHl%26ERIbdIQIO~
zW*=nQN3&86Gc8mest`S0ML-aXNGIj0@ja^59gd1E0|qJvAtE}e&>^!mPtwvwnV!H#
zgOBs6p79<=abT;~f{~j^6Ppvi605Gn+)uhRnZkZNU!Cf*ul@K@>6=2Gnmn9Ip1gGs
zM#nR26EzRzf$nW1x{$_4l*DTYNx*x<ug7+`IP+28r%PTTOFQ1!m)G_2+BM7gn`~(;
zOK##Q9=AGDxturU2NnPfsS)T_YbYqjCO)sEnfUU94KINo=G<aD50jnA$-unH<`?3Q
z9aHb(WVo$t?09ebm)^(qqI#r>hp1WL5fFJc2X^n?)KT&t5tkS^^t?FnZI$|?_tfq!
z6X$a>5b(tJJFXuKlCh4(0GvXwKzEUe&ZIM#tr6P^<8>49yI4EKz3o5vevO|B4|%0r
zB|G+Xnd5L=w)`en8D*&`JymLQ;g*e~G|oV>Jt@P37dNAZhWFGc!%rCo=Efu&e1;b)
zr)Z~1qycoyf@$@wVEc?h01n=%SQlH-MzE|UG~m>Bo4+1T49mYkk_@Qh+@K#I9H^O(
zxfO;YhLLoKloDvl)LS}oIn>m83B7pB7)LyL*L-BY+VcdBoHr-ML@3W++t*&O%R9E<
z;9jQ`EdeLB6GrVxCUb^+EzmU;GEX!2emFknW|T27ynDx&odq$7Xk)8`XYQ=!f-oB}
zb+%i}$&L|wsrRu%w<H9wn#;wrOw<g<l<W>TYxZ8sqp_AN%el0?wj8tQem7zqtR~?k
zWwINIOhgbO@s-&<J9?{ZL(a?6u7wX@Avh$?)F)%PKHLkFOSfsYO1@Fn_cCwoXoB^k
z3jsBRt#0lv9p0NrFdWLdlp%b+48?EY<gz|xx0Fdpa>YrTv4E!OcTMkVQ_OG|^%$$O
z9LgyvagevjGLE*9kl%5oz<XlHyB_ZR$efM2ohYxkH(@SmS5s`>EGJ+V#2|`Y2Zet)
zUy~?9Evu07zzYqI4CLnT+8kjJ$sMJp&8D8X6%ps}>ymEjzBvh*@gBN)f4k2z?o&Kb
zx}`9C4Xr+#y-=Kkxwx>1fVq&|AOgXNTIJfQuXSI){&=^TnuvGPMG?JAsY#1iHXER+
zaw|Q$)AmKpZevQvcFD|Zn&zB$>iXvAm$O_X%=sI`8_rVXhJl|x%-o!yd2WXG`mRUu
zr6V>~<#*=uXD*qD`3Ah}J*@wh&+>rTP42iq+XDg3GlrsZ16?e|f`Fz~uQbqNOK_i`
z4f6oy6bPU$DS+B`-Nh<kf7VwqwWI|a#{_syi_{dFz$Y>HI&|!g<138?scuPkJf?%S
z=cKA%m|X1AI**@vW~}=O{xz!tO?`kJJKTnyng#)ytoU@l9v2!n{#wQR9Ly`!n(B+Y
zY;kcPUoSRy<=Z9gvv|E^OFM<~#FG>?DFXb&V%6>lds6Cyt!c`VleP!BR2rOULUCPk
zU;~``*2qtAst!$<a+u^aDo$es+e8Z+t!-P5&#XJ}_*rROc&74>WMsCOvd7Zp$kNKD
zwu@;~MKlbG;2SeDPL`w9N=TB5!pR52Ug#(yV|^A6wOyOpT0kKdc|TL4oT}02ukebb
zxa+vH;_rizd1eU=8JW!7dQQIvvvvfny9F`XP>Vdjf~d`YiuJYd7w#%+%raD%c-MRV
zixurty|QC6ItI;H&;WKPSWs1`v4jGeyk`l`{TeX|wdX_qJD={P#h|J5X2%<OA3ABA
zARlvvZ??!Iytwv$B-v9RS#ZdD4Cql+!Jw4X{I*f?m{F(uJk+8GAa^#%eakmnRBf=n
ziGtPkf~c;y@$%L*P5`Qy?}8ga`1+1T>`eJyJi!ixz{?sglHT5-X)K*x?rlMQGO5Q!
z^HRJ>79%|8o=s)sMi0*kUM}YQY`ZzR=DvYIjrUcVj7`bnm(%*kQ*Mr*sN~Hia1OcG
zBz0#GHOJ_|Bcz{_5it=;uHtFeO<3OKZjniV`eiQKnyrHeKGB^TVsNY%v|MprZoSXC
z|A)OdkB9Q_`-VqINTTd96;jz+NZBR{Nz!JQDUxMkl7x&oELqAjA^f6@LX;$X*~YGt
ztl60viY&uSG>**D{q;M~^SaLEcU{;0T=#iDujhI_=O11#O=FJZ_|EtE9G~UAFz$VW
zXhIJmN;y~x3xOF1@i_b37l;NZ0T|{3PC}gww-3J$_M9w|N6)6;%BB}Jr*c(#kf&02
zH&^ZxV`UHy?XfW0h44R?U}h%aM<LHA(kCgzHs~I*3?04buWr^%l=LZM#b5j(xHIYS
zd5g%b%BVrJt=AHF?w7umc(<*i1y>I^z7VXOaTD%-g5L>B`?42cS;ITQNvf0cS|9T=
zJfoKqLQz(#UrB=a_ehZ%WtJ`6#B9B{bheIR8+S8UUdY2I=kCjw^VfpJhMzW<>;_Na
zAWdNQg{?00MeAs?CDB~LTVsaWfdPypBXEFOYjA*fP=hAeHl$7XgDCKrKdPYj1Zt2k
z!$$QFj0<vzcwL+&>_^d?dtW5gB)cgOD_@x5bR<aplf8N-Ca_)nR<vu<X+QK+bg9aG
z6CJ}ef{ibOE|hZ`=iyVknq-~dXxc3uAKMOe>c6xwSBp+{9bEI7`gswe6eH=UcFizK
zn^5uZku3F7B)Xj_yi4^aJVJ$97r`qCeBxR3qge3l2n6SOrP3;XT!M|gaA6L-avi*K
zm1Gsq6=(bNAwPwpOm-J_DuWlxpaw0+yf)Ddc-;rat9@(l1&Fe6FCD7{!%b}e6K33w
zqsXk!pvq+bnN>lN;tGKWEZ?9Haa)ZPJj<K}IKCngG`w4Yy@gf>I^T^SkP7;|fMzk}
z|AvpuSp0f(jh!(*^Ye_rT)YGwJZBrup(q)&-brHEFNC~LA4EI(7^37O>8B6PFna4r
z3AI;I%tC}e^e2&fz{p@{qeqC$_1Jhay`-&;6pdbky}38rgk#~A?^Re(IJ3r3dslvd
zQ~wQW(9Ote!y@p8J6|JN4xxr)|4=v=6@!bg0vEC1LzL$t@rKI1ZQOyP_u#(Lu%#8V
zWZBN(lkC}NK~9%FF%W^XDw;(O65V>W3U7V*{vA@aElFg*x%@CEBr#j>@@WZkebARX
z4K>uEzQ<VIfmV<}z~M6o-?4_`kOS+p`wnadfMY;!#{fMr|M~9(FVN{I1r+6JrLzbp
zOM~Qw93oI(l`@hiBnh4(+_!GIqa!o@y81fXwRSG7(o&_rrkq}myOJ`U@PKFaqBE+H
z+eJpyXcstnC@3=8qL*27X8Sw6{hp7QsGZg=$Uf|**cCU>KoTZVp4W*prfJqx<X}_F
zID#P%f!_{?kDPncr!|ItFY-*p5NRM?W2F?ZZ#2vBRF~e4y&tZB_+Ti&iAK2+htSM)
zPB95n=*NtpuaBOT>(HFgGx9tHMi!bItu{?v(AdPIpE!3E*+sr%xC1DciWHCog`IkT
zyxF;3KRx7Q!0w!Bnf;|ak7Sz}P%9Kc7WFsjVuwt0$QjoLHn(H*(GA{v;_vc=pO|ei
zKgZL0Kr|OJBvuB@zh@o7HxtXO=6_6*2aS)H(NQgrp^5bmb1a|2c;j`mT=_TRkcV)F
zwo4SB^~K(;at9xMSy#K#QZ%$kfoLjVKeMXnnr&pEnL5pG8lK+_63Hy^sob3V@iryi
z&HB>O>q)v1-<kumM8~ijaE`DwWBsjiy42mW$37QiuJkTmetStEKmNCS%d%X5h*E&2
zTM-6zm_D3X+(nipPJ!N<0Yp*o0#WK_O}AH~AI${pd9HSEM@-PE0+mNrY2_&ia*BLc
zZW7DU%}_kRk1obS?pCl$#_Y<tD0I(R3N6JxS=)O>a)2~s)Bk?juDQWH?xNGdwjGE|
zh$H8|9YtN~WoB{GuQ0-K280QfC`WW+_^#iygU<(kY(s3ob?!?F<i$Fy=(0!BxEnZN
zN54;_w&OHW{J4Ep!Ny-Wx!#DrP+qx67=;mS4G4PMsXYWWpbXb>L4&STs&NcUac>h9
zZ=0aW9qV7nreDofZyNPN(Gx0qz4@2)&rSty`Z}8X;5p*b?yWp4DM6jhR&gjn!_9*l
z1q{~~U9(7<lX$7uO4pF-(Phua0&{jCfVUcGf@G9;5=+qixPD=zp-SONp+Qwe>u+}T
zOB)&tHbx$cn8h$yTtV;%=A*&qS;jbI7s<zJWXY@)E@qfb#K+f>)G~L(pzS<wNo94q
zyScmX-q*7A`ib1M%X;k_DMAR&Tktio1sSTxthVBg^v~-XJv-52vuOD?VPXB{xG<$t
zA5OfR)RreUTSc!%$1fVn*kP)0T%}%Gc1=}}D;RxbRXm_7Cn3gNOxq%Foyl3&{)q)o
z55CV<LnF*0x*1Io{9~oE7svl>bet10AsXeHYH?A~y8Fv{7Od`?a3bmZSg1$EhLkEv
z<e>#C$}~IAZ&HPmj1mR?Hlr-jAxk~m9{)S3mOE$Va>H%IjfJBH)!aA6mpwX=xj{eS
zM>d)O%1n|JNF#;t8*n$^czVQ%8agtvMxDXiTrd$EfAz<!&qZ2gF=H1MC2!on*4oS>
zYaZEEss<E1P*UJj`E_W#6!K7Bn{H7f&lYF1i3@LDC#(kZA7MG^8h_OI5|+)G)!|PT
ziIYWe(w>rZP@bCbUa9#xmLB&b8Js1iNojm19oa08In`6>FTDMN(WdNeB_Yp_U!L-g
zyo^1tug>Fgr4Pj<5KREdN}=;USkW+<v4wdT=AT6J;*|Tb>a?AVNH+7Fc7C;YqD4qv
zlj^90Y4a;wkGx-e?&}<0K+5C>K$Hq}xk?+TtOkf1^#$ll^>`(35xipHxi6SipC^2h
zw?`zCtmf~ByCtSy<>h$Am>)H#$a0D~nRR;tS(5@yzp>pID)s4UO@)>V%6Go4mUUTO
ze=Z|;Mf2Ksv+||-vBU%q-cgUg)8JWCiTQUl>+e(fPvfL%?wu+i%KgW{jsHSa2eJG=
z7`6fb@9+uNmW6jsPyJtVZ~uL{x8FtP{%x!MRm<}x4<~&M&}{pGR6+ue;LhRB(~N*v
zeg520M;P0bxwDr3BdXwFfk{EdqhnTn*QB_1f&r!pR-ews)EDgnxyTFl^#PPS3Rc0k
zkYe%Dk7@oE>gydXRAWZ2-FKSRNcBCLS8BQxjrMhh{EIvwx&;I)y_8*uyu6i0Z)(^q
zP2+wE(9J%c?KdgCW!${(*pZ)~j%10}a20V_Se<@*_cZ)=g0rRZ{XTv<+rI6^8wKkd
z9`+v5_Z_by3&L%Uh6Y_v7-nJRjs}=hZ#z>0F6%lq?Ao+xNKq|MAVCCw7~c#Ii40u@
z$)C3(Gm2ArQw{|(Q7K%I8}{YgD(N28(sD=A!oE3-H{XZLQF1pg%SIZ#n-ng$?Pkk>
zSo^JxlY+XoD1y7riR3m>MWfT%wyDI;>>bnXl0-jN&Cs}=<DI0#uUymauKTU8b>ExO
zp9l_SEv|W3!Mg+DAV!bXkS)^}4k*OAz$vb73fV6_Zy)cn8=5)P8+uu%a^TeKV@vBc
zdM@pEK7n|38#Uy}WOboDkoRQC^D~Tt4a1#{<a>C9GRu>5O}dL|ik*4Yd{Vap_8m0x
zL);L1xM9bew%Z5};wedf85FYyi_PR1vRIt}z5^+sZ_W^HLyEA?@;!8;h~9plu2&Q7
zDpM<OkT05V6H{*v>)%kaq?0=BA)LGb^azUBTg@8CWtEYJJDwF$FQOYj=kUzO%-!^7
zMPE53UB6{|TvR%C&hFW9tcFqO_0xxFR}mbsrzCN_4AgK*KbUobEnfonvUYMioi*U-
zT(d2PMQQ=J9B{Y%c6j%9$wiBX=x(=htB8Mq6|N54YxoH^08a~XPC8zL+gi#UZ91Q3
zM0d`>`f0q>KFqv0Q)*vqUO07En0N#&l%Elok#;p;V`xaX30@1umT;e#N}+_YjNodf
z7vob3J+!g1aKin~>(o_w{qNXaJ>ssn?yEtySHHx3AFKz{Tmq@mcK#>J5Z^J3rI{3Y
zZNWGzFvN#6qo4Hbz!Y@&OrEo3rZRo6JKGPW2zc-+#~^@Vy@M(PwAHyn&l$oLW?>d6
z4=SST(c)|+y4l@DO0QatrGNgQ*DdCNl$jXhVT{?4+TnQLzRBAlcyf{q@5a)?SeCE_
zS4fYA3bblM3DwwZq&%6+R05EdXSo;&QY>?DZ$T3>b8E<hgC`7owuZK00cmJC04kW#
zJwMX+;-c}jfg3T~#orjKy%gN=P|<I*AmR$cK^txZ9o7trSu+MX6wyj7CpTH%Xm6IC
zZoas;)3_%p>wf3c*%jq<o$7rjT+_Aps~*VS#)yco=UB4r@#EuCoD5tDl^n_yq(3WW
zXih}OZckb|MXv}~+!DL{u5EQy=2biI!lrfM=5nc&b-bH-R>~!Q=F(NTLaM$KiwR6*
zNhi&SKHvx+WC%Ewr!E<ne0HzwQ_~Klg?aXW;&!LYC`X!3$I&k3DEK)Cy@VQUTt1UL
zkTJv(LOnUsP!UvY%_s!f#B139PJe%YZ#_d$cGj^yEkW4B`k~@F(*t^y@8ZB=SE)`b
z_i$(`iq~UtLQ{4&HQkUXW*uBG(=#riaXqW%&Tb|8kuL*H=wc#`m4ol&9%c~gLDd#`
z&<1vA9IQvXhqyO6w6|!5kAJ(W8XH7aR*8JW--kF*YrF>~0yS8$x4420$j>RMTN~=`
z`}*dgzIxuw3Td;xpK^gjAnl1+S?|u#{q3XgKE6Bg^H#;-tvsv_tS|qlpug9g+PU2~
zZyvEZ|89H22E`}OG2bJ&8>kFI3toql*j7)v*W=y>@s&H05SZEK1@|7g_KFAYQ&*Bk
z+M6CNy19tlA}N6E<*8Jr5X|vo?E$Heh<{NWw7D$yF!o2a`rZk$RdF}vZA0iq^2L&-
zZKZq2+i<13J3*@30+tUQJ!~6)%}{nWec`e9gn^Bq&$Y7WKG_x{zk%x0Ug?aaxULH0
zz;j`;#E|V0!INd;fP+A&9$<?QZ0J+ZDMef1fCldF(tfsHp_<G0R`;Wf*MZI_+@r4O
zO{7a*@lCw{;RDGHj^GLfPh#b9Xoh<udN70Xtd^02<Iguto)Ec8K2y?t^NscfsDH%B
zV2)sDS9SPI%_QG*FuQj2DEb6NfCkJtAQ>oyx=OxFk{5{f58-u$QS0--kQsgFhsg<l
zJ-NaIV+#&yQ658X7Yt8j(R^-iKKgT|o=mqv#gG-a+dRqAq${06i!Ed^+-|1Lif%%#
z$k&9-`=k06O3aGH(RU@}cCY!%4;nM{`}}QO$^bFK1P=weGgrIo4&pzguBk50Kc^I8
zCiFUkIYeJ-yQ@f4ft$aWs-MV*i@HiT9AEPc_`ch5zvRBv)CzkuhM5chWC$=lx^VIg
z&H6gUnx5Pm20yKh@WbGkaIASQ>)L`#$dY!qzf!Y(n#}o6qd=NCCcmg{OouC!!H}Ey
z)>ngNA=x~@YZe{tVEvKVF;U>yE`LaF>DtK;tKQ|KcMWD$qmI5Sc>5siU6CDw#Fh}H
zn1Yq!`-SKSjcaGol0I$nCJ*New&~_Zp3g_d%13R^4R>zK6SL$iVb7ZLZG7&w_k_TV
ze0!&SS&~Cms`a_E!rmL}uM0M`TH&_YeuRnvyXPzwJq$M2H#nC{)15w6ThfOuyXb0K
z>xQY-Jl~t^;a)+!YJ2;>wCfAq%pXgd^JH)rYynzm7L24O6WE=OX>O+%S+mX!u|Wk)
zo7b=`^JzR$_*+m1_F!Jx#vz_|-mr8Ad5A-#1h6GDCavmgxBqm|Y(etPpu`o+op(m9
z_Dr(&&YC!fEy#(VFjKp*r6&~Sz6NOE8iVtq0f|O3Klo}iUqat9ZgcK3rrF|P;5fr_
z!0qYMM%^QclnrWU6z=LE+jjTOq)nMd-dI#FHaZ9mxZMx7ovdWbKVQQsQAnJ~9|X=8
zEc&y1Bl4%xxD>!LnWS;=o<wkukvs{o_BuC~X(?+v`_#rG`#qgiqXh<#-sR3Ah(k?d
z1wYB0d=ljWsj_Vz|NSD{4GzfHc<}PrY}M5<)0WU_-_%i3>V|3YJ6I6)t<(QeVuXt%
zQN}f4mCku0D+oiDR6}`TH<Dtq>CLhSXBsqLy{t*C#uRJd+qE1kgUnY-<9y@NxfzaJ
zkuh*1nkx`Re9U?;en$P&AX$UX@?Q8dg~mNXCq&=uP<0r1Ns~H9DlNMwoYAl@8A;r^
z+w+iANcH>H$%OK`G9LCQz6(V+A^?@JFj5Ibm8MI4t{krUg*d4D>FLj*uQb+xfb=Nl
zn+-r}+$2$w&GMS&x|avEkw6EbyJ*-Iz`$!ccRA6nzQJEZ@}R^m=9K|yaWny$hSm_(
zSs*{EgN1c;xPrR312?flv^&6;M(6|Z+x3$mOzyVgZIHdciU|OHx7#GYZ&{*^so*%*
z!CL0!MQ9r>_b);)?HHNvy~q}SQWa=sgML;Hm{D!2D>uML%VFU|WUipy?LbF+q@@?=
z>c!@RMFDWLa626<kvZ3ym!rU9#+von1c4XOVatJzGGD1rCUU^6*Ph7sS`Uup2{utG
zt@rrAz|2cat^|t#-iiQkH34s}Hqau9i9Ra^?UgNOD%o;+;I%rRbnIQJnF103ykb`Q
z0mz+r2z<;{6y-Ow+_byVy}$;>CkvbykOYbwQ?EHgvP6T1i0!h92?EmZ02dDM5e)~d
zPOvW+rh_wOq=%6xgJAhFHx1R%&t4Myg}5<b*fD(>ysQcDx;vv2+tzChvdqL6Yv+rG
zDCzM%bFHe&pDzQ!2nTL#K6vvU5@i7By*1q=F|t;@z#6jeI=hhRK1jAWoqY_D$UHP_
zaGIc8%<3!DFZ$t(MVF+qNb^66W;fNLejzfzosL?XK8hq1f)lI&C#chD>E6aW^Bmm!
z-zAQc=@>KimiQ`6oi5VybmuR`eaxykxb)Op;EaG2B;}#N1d^?4^a^JpMPBOil7)U3
zHD;>+iPc+l3=3-mrd!|bz>K!Zndf%U_d1drX=)zoWd9r(1Oj_qm2BA}u(}IAnW}KO
zVR`})s9p@SL82X=3pIeXE-sokV+jT>GBbg7CrSoA$CcrJWU1E`1iPtca4OH1mqGh?
z6h|4yOu4*C#9tD8_YO58zeZPUXdr`TWh`+8vDU1N1h^M0f&Fv~70ChR`tlD5U246C
z_gN3B#}7LU#eN}1p<f6q+aE0LzqJ#?i-Cq~4VsFKKvpi&9O-fsUukuTlSFa&6H3Ap
zb9-iEdS+yh)asr}HM2(*KX*6WI8(7{(^1Y?Q3EuR4Mw~oJ}A$4iv}Q{DH@sxPf~Z<
zjW`8rw%*<q8Bj1f^znn?kY~PjajJ*;eIG*m1yd8gD5ZG>6|c&^1Y0r8xSKY>GTCgM
z>dMbW`Uj~fu|cl^<~8L=AK76~o30OU&#MWIyJjh6J@yOtb=G950Hz=53VOth*~ux?
zw_=?LbP2h=Vglb|R@^XtF)JIGuxICZec|JeLPI_`>JtYiYL}SD;fvY0+nhSw4#pxy
zps{^1lEh~y5{N$EQ>IB%SNi5%;I%qJFtotv2x{IhzEZZ3Rr7GxT#*?~wVj`)V<>5{
zKnRo=C9A`{`kcXgo;x%!%{smm@@mD0eDGR{Zd;q2%Z9o>9(WJS2;YY0B~cQIWyl8X
za3xc(1h7d0;&6V?0=KlRdXIffe;_66Q>L_zdbRdor*M7u^!^V|zVl2T`OJB`CJz`5
zmFKago?@esTQs#Z<b*ZD=(A_vKbbv06R_Un2Wj{E)UlLdgOcLir+bcNX4x*J(ZpCf
zI7v<cUZ#T%O-{vfs;M&z>I=i8PF5as1_gI_Chn?8+LM?PeF0=EHw5{;fsC$b#354I
zLGI_*-@XKLtwcqIDqi@wyWC8?u2Dl!dIwS?C*Gf#=!YY>4rhr*)ocNq*M$?IuR3XP
zux(tas~nP@b<k>@XyS?&`mpT61#Pp1gQh&B6S8j~5;efoqp+glGo%s}dn=0)K<i-0
zq_$JJ<xgjko65&7e%jHytLj!&Nz#qL6FF(uHBJag#EOLx$4-911ye-%aOdeh+4Q9e
z(`3(A-yCYxvB8%^#5=J1mY*+5Z#IKm-%W*T%qnQmGn1)7`o1q_Q&Wf4K#am9pGm!9
zVO=>=-Ekmk^RDp#cj;+uM)bTg>+&4B;#0(=)xBZU@GAGvYd90XoIr~U>M9Rk+1pdE
zkT!hFxEyq&*j450rR%1u(*;)W4uDsY?YxjMg+e&hWo#|DUZs^jp0_J)de2zRaCvw9
z+ieBwqMta~&JIM?Xj41a2jbfsoj1R(>?tcew6&tFwDj(!%5drW3kiq2_>Z4K2xTF3
z&j@sqDk>YiZJBYL`+!OyMCW$WP!cfaeD5_}|B!S|y1-^hpAX6-Z&q#FA^HizuwMfj
z`3vC!@dug?fAy|$qc575(kt)XG=FEoL7nMwm5iTmy#8+2zK5F=!v&odY<PdHCmE7F
z$gpzd{1Mi9_(z>O&YEs#C8dv%!=#(g`crTX>v@ta%w5D^BX@fmKhD||dWnZrmPczt
zHj;<UsDya}-S2b-umr~W7VP+Z?f6GjG0s3dwW`lYzdR(vv|Gsh^~vVYQNJb8hR&a-
zr(3O9yYS!?dm_-c@a@oR!u%7K^a#3Weul#G-n3)`9)%oJbLHATpSJ?yW1}^tC0Bd|
zNtg5^C1z!H<{9+hCQyO=AP&2q=w=h;;D}R|-HSgo%TAB`rxalCp_Fs>Y4lIuXq8^s
z6^cr^=-ybT!yvH5Am&()KF_vN=Qc)cb7iubP^zE1d%kDyn8Fbr@5#j9ej#qka?ZoP
z^Z{m1AIV)FISJkQg}7$9cc7lvDE3153U{;RK8KN+;zpzz*{kv8*>GtETTcN#7t;B<
zP52HXUmfBbUWq=?7$T@OA}Td!JHDfTdy?m?q`9+w6`W@_tm8@E;@&dxzS8sAyXq7`
z@D5i6arlU~$Sv>Vu<Qic;%yb{+A4otael*-c3%>HGB5XCg^(QAKBn1j@+!EUTCg(g
z1As}e2rIYE7g34P&U@Z6$PwjeLb}BGV<;r&P@G$NO?92;X8U*FC1O7wxORl+LHPO&
zD$H1}a5R>GfGtj(RI}Y6Z<=zAqJY0rQ|X2ZLlADWFcXCNQo6vTW+YCTf{js-3!gNl
z?<&fhOXp81OB!r)4ar^aXcq6CxuZnFMRM0iJIWJ;tu2E@Nox`v)}z{#(k&(rJ>-;9
z37Z>Vdr3Oqtl-}CnxzEY*S}HpG3%?7g28THMgUhRR=*ejj#N@t5ZIE6x`!5Zf0I(R
z_qQ+YZ|4t~nlE5h#%rV|RshUMZj#(^i1XM`6TTr5&=4<DgB<Fu$=d7S{r%*Jgpz_?
z-O;upi|-4eP$HskEB7ODqne=zduwk_5AMh_txj)m?Xi}nY%9f+KhtOJpIxgK=RLxk
zRgX9$P~81jssf-P$Fl~s{iB8*0J#2%Deo*wx0r|`F;rMqtQ&HHbuC}!ze}VUUS&`F
z>8#1tt^AQ-;u<L9f2@E-4Vk*q$l;|{f)wZV)SEO~9T<ihq!fQ$Xg&1e7b0-_NYRNR
z0a%$~jE0jrd7QT*HE5Ubw}OP)i3jn1Z!=ig(k*{BtO8~l$TbU*fAHx1|E<Kl&|m0z
z|M84s&EXPMacmId!aH&MKG$hN4I117Fv>Wt!%s3w`%LJSl9??ncnZ&ZJ?~Efes<_`
zp!uc=I$>;a0mojhL>7qzhf!kXT`i*ZJ8nD|Sw1seT9z0?_l-Jyc#3qvho-JAY<^91
z!aVD->=DI8W5w)^5|;u&hs6LhVKsP==?pkS{`3(vES&F^T1AYw2{L;07`)%rQ=}sy
z_BQwSkQ4Tdu;YjCeEwHOWYE=dXZRslMTO=@pJb9a$u-KLg5e{#Xymy*8=hHZK5_~v
zu<WBvigofa=<fmwwvMh}-Vwe2HCGh?C%=&^iok^qrcqvj9!uxuIhVO}jB9rfZlzBV
zycKLP1a&*LN^!AmXWyPr%Ax4Gt4x9z=E@Z2WE<`rV_#;F!{Z6DSh`Pnh&Xrg#M?Ip
zf@$-~$CD0jk{Pp)S#<u%+J|o;mkP{#Qb$N4_>S?-W%SY8$#=1@By!%?R$n(?AN+jW
z{A<J2y$Z*qR6Jy|L_0d+UEbU@N)b>=uYs*52Q0AivxeHy&1c#Ui3gKJotn7e4EKjS
z@9eixy&p%}CfSh8jO)`XLP8C`BzLP#xC1w<2J{7}L`g5h{TQ4c(7=c+X>gTqKv!3N
zNi}gzoKkh&D9D;-KH`KyZs_3^>t6ly0M%hS*(|$L>o&eJ@8YOu`s0#Ar$1MfCGD~2
zQMz;EouHD2xpp`HBf1zp-^r5q)J=WJG7NN4m%Zq9)-X3jt=E}6{;qc8imj&Fcb@mw
zn#JbIN8e|O0+b@G*b)B-+JeH=nk%05)oeqGHGk(>I$-uSg>QA;yjkDCqrjWOSa>g)
z7O@q%bCj*s<@R6`Z<YPKCxqw1^~|CnWCXdivY|8dc64mH)tzA!^AuNazz1jXN@rMw
zNOQ=YA_K&WQn<m0*?Wa|t%uLrU&pr-*A>>O1(GK3=qix61}<4dm=0j^pMAM$uGb<J
z3GGX`eCBh-n;r?lNgljZBD^CqK9dNx%v1P?$ODYHVMfp%p?$*dLvDP;zidukz|gl$
z5Tk0&7D5fXNM0v!I#U{HS@<5=mhqfKBW9vx8aCkS6~og<uiPDSbDN1gQvbeaUWF3S
zAQ}lq+yRY`<tT)P5KWd`BNur$t9QQU=PUi+#)gmSzaKYuRGYu?$?EWoQ(Gf>2+-sj
zh#TSR2BK)q5s`}I$uZY61LZ8ehsw24px&|;s>JSes>xFNkfmi26H3|6_l0+9OB;D3
z>RN{$6ZaXf71+ys-$SG>GL--&=?Tz9S4d};coM{1KG=L&w2h-4`%=6eVZM%}zlf8f
zKtn53Bzwz1^NQiFw+vJxv?;IzMsD^R4)#3hXeX*c(5IjH9waEEq*(3h68#~fZ7wp6
zEoRFVY;h}W!Rw3o9!lXK7;&MqS6j0W-AR*+U6c(T&2SM${&3p}k_FXesR=>@>JCYk
zD^12p!-dp2dB4W02kVAI4oq#owExv1{<HCs8~9~5T-h$M9T*1Hldyz1uwa_?i$mGg
zjA)u`R@21dhS4#*A^CL{yS0yKTU6iea%>XGZLpiZZ+`b!a>@p$kYPB02@4Cbw-T8<
zt351pgbUy*^_K{-vUDdSMP>6d02sL?>2ODg1Q5{?RAC9Sx5BYGxU=-iNS_}fwoQa7
z58{YJEw^a>gC;&XJFJFs!l83Kw!;@se0W`y18j*phlGI)aEZRW8wE9N(Igg_X4&i0
zzuN5(M7vt~=FA22t;`;i1KY$m4ah74OQUHpvtV&gqUOQS+O4gLxVrIkEdA9lgasS|
zx^Gi((PhSwo`JKB#n78a^ySoBH#^x6%2)Q&kFYwYi_*KFkCj`9g{5<p`cbZ^ArhLN
z)<ob1BaGn32dNrQF28`!9npN%Zs+V7b8gsJ<?+<%v*yxoJSD1LyPgNQ@#4<;5td8f
zjkYFq87gYWK(aZJrW^91T|JlfVAQQ}p)hmL#HaO?R}!yvc*Bk&Gf;FJdE=8{rPWzV
zI63;k+_q+AIPV#J@9^a&FcpL>%^lCB^x@itHAa(;LTX`;^CUq-A-(?)=*;j7amuxo
z;!T<})w*_i?qAw!u}3I8gy*W_EM@^Ul))8TWU1iaE9~sk_oMqYoz7JL{B*N3CO!A-
zr-JA0o2T7}vC65(jT^4SJuODuKOq6IoFb4rHiEbT2Z3q_wP_ierv*&Nf05#DuUe~B
zOD2X7ZpD_^%PS7wi94R3_ndF(C^DtO;Z+)y0BcUiYR8|xSyD`(DA}eZy&aK_(N6i8
za2ppRs*+W77f_)&s$3yI#!?%!g+$4P03K5{*ivQk>g$<jqVmQs+VfkUdfc$^ypkxa
z60aEd^lRArTNkI}Y!}m-(Ss!BH2?|`ZbnPs0;to~41rjE70s|8j_(#1)zd@P1>t7Y
zZ#C(Aggr{SVq$;&*5XJ@FsgAe%8(C?HK&bXb9&QhOO>WNxsvG9y)P%P`bUkA9oxA8
z)R}qO^?-t$i#aF}GK)fQaQi`UWlL1apJ%o~f+lXPb2FV+l;~dLCb_Rj)Njf2Qzo?<
zGg@5-&6-?n?~A?jS_OTq$lyHKf;q-{Z731=xkpsa31;XYEw;RqIeDxmR8D5Ig7faa
z6lL=bPQ2kwsOP9{04YZZN0&Xo%UHz?Ycfj%^&Bf0lCgW8Mjb5OpASvHf2dTEr1CRh
z+Y^`g)~|=9zgrEva|M@JySe=Uy@Cs15So&7?v@3{NjglW1pDQBU2kqPL=UTdjU40o
zB!28ePEwY*If6X^lO|Eo&f7r`DvG-~(6#A&gJ01%v}pNn<q?7#yYAlUactTlzip4_
zq2&7|d+IkH^kbfb!&uj#hT}NZ2~7f-zfRc`xvowDYBYN8Ic%Do9eAtP`m=`k2P^f3
zqN%!%z8#7hxU%TTRx7_%O*+IC9Ae4g_!&^N;db0^y3=i&w^X|ye6LATX?~|qzu0=Q
zhNjlZe5kx3>%H%kZY0miQ2xN_ScpO(zBY?9+<}3_G}x*kmsRdAC@ebkmesnS>0Pch
z4cc^ZL5=oGF|ty@{#fL-$Ms*j1SX>A3npZ6CZP9qO5+NH3jgLp@7ssEYuMp^wdzj)
z>Y?WwlhkayQYq^R?IN<&&%9TXlUY{a+2Y9<Xo5iNx?#WJ<}sYXn~3=;t7uB^V$T7d
zh%@DKKFtx~FMAe}r;rEU094s6Fi9JnrW7?=4Fxb`z~CLd{#C{VD#nnvrgu@jtoUGT
zQ?BQhAy2yF@OqEz{jH5k7J<n@iaRpa*I9GYAj$(U=Owi+4z^Pz3t7itFb}|;85ioB
z_h$uai<lixU7GK|i%iaU9I-?s-bdW|km(XBT<y_<@B&a$4K=ncLzI~Vms1Xu1WJJh
znS{U0P4fxlx0M^lvV~(Gm98_|cR1<Nn-xxr;FiF(4bj`;^<6=$4m|GL>(Qd(W(@6x
z#7U0frwtDta!0fV+P7Uc+i80BOm@D~Hrr(pI*A(4L<+Ct>ETMURk{mtC@M`-4C{8;
zO*%o^bsJsaoVnV^8y}lXflT^RQ3Lo?m6iFsbm7UUN|q^Z8~wJ2f;vO`t!#WpIgLCt
zrIVyqiYzXh`YbcHHT8sb)V>XTT>@XE*jq%YqBJ7Ij424aPY^<(a*>2c>KiRPwE=T0
zzL^#GQ*X-URLYaw-`ED+JKFI0vpx4GQXA*W$Zj+g>;aK34plx)z$4jK$rFV|_t@V2
z%<KY<Xil`pYU8ZKZD)fQf>#neaxTSBwZy#V+en#Q379~$#a5W>;M_@XbldH=h=sCh
zqS%LCjLq<_qI}Ooy2)>v<YFByVxG8+Ilb6(!`#JOdwC!Zazzgj+R&xPNyX#URN)g`
zSxde{9Z&4aDmHJRJoMSD>QHm;`O^IpA79CgDBo?r!aK;7{^np6$(4nJn{@dEF_-f^
zQ&TItTG!=VZxVmHH>@6XZ3Mj7sjx5c9+B>>88d#U2MThfS5i+WQ}z0{-68d36Y``x
zi|%hS!M|58?ky{J&oO-)u72Ni{un!3NceJ$JkMd3!GRXkYxI2X1aMuVzN+?TSe-2&
zsM`szIFo=;&=1VM3E|ke_nY2PmJq)DH9L0R-GI1sfBpO!fzdKRhWsZJ)Xy?7)RxZX
z$2$isE2<pNV|CK)A5`Ga?Qc*hpZzgK-eRaYf;-f!{zEmxrb<fur;&B|WVqiu!v{R0
z9!&Mz8ObV4#S&KNxSj9gd+VW--7jP>exFTutH_Cc?Q}dTQhzc~09lC6+8E*pWWgi8
z0>28h<51Asq3I9B3nOupzA~+*zH`6pg3~VkLhKV|-3G#L)_<`9{7<-_Yf|EWK`yh_
zfo?ukz6(`Os^m6dnZQr*=l8TvtZF=0CuCfAc_Q@CTHys6-v92-YzGFc|B1zpBY^Y(
zjPEx2-!Z;`gMVF=V_;`H|M{QUVPCVP{BQgq|Jq{hZ)IbC2O$5G2(16Jh3Nmg3QlWv
zJnDD%ybMObJuQ%t!M7)ytDc%GNsj2K9hK4>++MG=DQ_V6=9>N{Kp}id_98PurE8{)
z_`l!~Qgje*Vx&>AAd#cborlXA#EWJ0>1eIMxXOS5LW!1q=(f^o1+mRiw{~0*Kbj?a
z>M2Q1lnwGp=4DI$z)#RR-09c`IU6%ZFl<Wq@Z93M60ft`5h_0<rl5P3WQ~`?oreP$
zrBrST!<Kre7*hlXINouxBM*@tZtPAnHJaV9y<kt1>bjhD8?rX7{vAIF_<4WQ2iXBN
zx<%fqSy!j2@J6r0TY6^Bs^RO3Btd)|BwkQkbLYC!(e~OKCzB(>H)M&LJ*{(rd03Zl
z>p6M)u3!my*b1MO`?OI}4(;D`**6?55K#=_=NCLBj>py=k-Cv|AZK~6Rd3n9DVP2~
zQ6_DNv8|a>4Cpba*~TU=a){W6Wnz_h-@Z+6wEO;;wEl0r^8cuT_!q?A8tU)=@P~&T
z4HB1O;&<~pVbCf;gP7EP=m*CJw_}a-MTJ;=_RzNnMPIG{YZe&dwla>yI`_L!$S=ge
z5D?`T2{HP6g^{CyR=`U3Ah#AApo{;eL?`?=|K7?2g6iMK;ULm~!JYcABiR3rFv8!A
zWY-j8dA^g_N)8~zYmu1(Bd-iWvSK)n2|_Vusu$d`<I{Q0nAyL!n+*v&%8v(kYeU0+
z3mvw&+{Enh+!$HmOB?A`9d}jeyeh*aw}LIrnKJb0xH37C5KOYF_<XY(9+oT6dzTs<
zl<o6e$w#OplM*h1fFys1SsoT;9^%9R!C1|8+>c0!nuC)D#%OvQlQ{fJD??A_8ktrV
z*)bf1)m}cZ&Fnzbm@GAnSCNk!3N-^d(VAfB7CaCPt+oV$p^xz$P}3XInz*PD7d%p^
zn$N(L*#Jpj01yZwXEOv8LoI-(0^uk!j>M3F*0e?Mkb$<S2GACDH)ETiK{g07!Y4XF
zFjTmV%(WkwA7Jan{w}3@90{aU#aFSv5Q^P^k2nFkivTdtEwCn~dZ#V}Y>8!_wSljg
zEm)p4_XW!}HPmpL&M!pj&3~QjzgG5N+u&a}*uSE|KPAqx!|(v?RE`RTd_>_RX&@~u
z7j49doNR02DoS}{*B5N{z1XT&qpF_q&_?EJyr0_fS4!8OJ5e5qF7B-hfgM@O+z(`4
z{~3L2`gtlbQXl!kLMC!i%Tlt_>WxR|g#$+7`_F$nt@>^6?`oE78s0-@Tvw3o&4D9f
z=7m6s^EVDte|F0HXO1lQ){gbr*d&d2KE9u==b9WTqs8NL@8=@ZhVzUojUOcQlxYs@
zQF_OKV4qk>!Mt~nXyOr;d~-#K4?zW46UpdQTwlQU<vcf(06_Qsbb+wCod!K<_R0R<
zrqz9w(H+Ktb8iGsn>M#G{Ei|`|2@OP(O9ZL-wPy4*Q_EAAr%ZaWmI(e%f*83^gPNv
zBjiyh-@{WCh?|#=d^sb~t@Y>9@&AH65FrPSJvva+Ij=VtOjea+-?g!<E{&t9{Eq)~
z`5Wn+P{aCvQvzBu9sGMGp#K-`tt4PqmM09IT9bGvM6E+zf$oZFJfT2BfzWw4J|ySk
zlft4!YU0az_SZ``CXp-qPF;$+G$ew4`x*WWiXbHH%^*-!Xj|x&Tp?S!N>f^<RvNWN
zXH_#6hsxVq`-2><&9AoP@MQ0m)c#X%;>|Tqe0$Ny!`j)^*p+eXsH>vqxx;OzTzg1|
zYYgb^6alvQdFD;{EhFGqb)Qs&@tHoH=dQR`MgBW0d!M{qUOv&=e$QS)^6+2@&@B-x
zQb^+pgA9=G9abnFdxA0cDYw8phD!fYk&N?y=#znPR4zT5*P(VR?ll3`mVjygK^U52
zj&rI2a*(|3CCbCt_X+T39W9;3Z>Fcrsd;D3R1mhUhQxi@DUs<OyYh9Z^7ev|@pi<#
zArb&48$7s%xIHDDXJsgPShe2Pf%bH^3e_}ME4WzLQrP%2l}`4$dgbx1E2>k{Pa8`W
z*6-7=o&;dz&WSLPSJ_*!+}L}%p3(u<r3N)ofE5aiJz8y59;<#@xIFy(kYA;*o14c-
z(v$ilmoR;XqEG_{KzcgY<2#3)i7cZzDQ97rKz(c|qT@uj9*b<8+drGy9Wy?@fe)$`
z*X4c<6S7VVGQN*eH$1|YgbV1M+zr1FlcM)fvdcj@ZJ_XpmMyH?ZuQh@UFl5moNU~>
z-OA_I53M^cpN4ovf62QJAuwY_Gn)itmz8-c-OQR(>BF|CjEsniIL5o$!x)8xaqGJD
zI9ZQm+og}aqsC&&k4&~+yO45jUtuqPh)6#J4J$U{4LGT4kSj;^^k)jp+LXP!q@U-)
zAk(IF*g~m$!DFJ5Wt2`amC4lF`$kC?P!ol~$Zq!pJOi#&qxu&jCu!izHq`eE5G9q!
z-0Ou}jkoI(=q5|yfxM+D>XPO?vIyG`K=|gGh+FY8?4t}5!kr%;YBx3KEowJSU-;0V
zU9H~S>Tx!u@}XVvwo8&5>&T2bz+=ugJjflq9X*d^ZAQ;1NY&Eu$(WaLZ>w%chL^>&
z_@i4q-7#);%Bd3<np<)pHM7K(C{Z4;yZe42l09HwFk3p`h+YM<2%rfy#|-8q845!U
z=h#6E5?4r_%6eNTg+uq01>HnRD1XZ3k4kwtb8F61J!NFjT*mZG!hSVxjWdXKiAxmT
z<!mZ}CdhK&egtv3G6HDkS&g6_yK4e+*;eHwXan4KviDQskv^?A{g_zQx&2Drdjb>S
zEAjP8-VG{Ws5C%e8VO*2hgTSK^`v6Ly)twpag(7W<^b%x)FK;|$f?fv8m8sjRNWgN
zHoqKoSiPN3&92nV-dyC)PaUQ`41t?v9L`_`!N&kx_y@hX=Hk=9U8;|5o!}V%$8O6s
z+2tLM7)K+&gG~XxdoE9@>@BWX%)o>V<KL0Xq8rh$a$YMEObtu&Xt~dkd=7zxHiydi
znjI4&$M%?J6wKUy6CdY!J^wv3)+Nl%_ENy1^}g=}22ng*WvIbS-}pK1948sCH8MC;
zcZl9nUN~@vtL*qK8IZ{IUOHa9l&rLoYgZM@E;*LG=`F8dEvW5Cl=})ioXWJx>9!D4
zbPQg>TfhQtC^VU1?SHzDXkB+awllpSUFOoS^MQ7(#Jl0k6zM$VN*Hl$MO6@63ESXU
zYE+^aER$t~amxx!4R(yhJPxovg2}5`vNyJ`-wzr!N<Mz~o7V|65$UHP0#b;J;Et@(
z&!ZW^=R-s%1PF$EXSqA+%!j_-hq>LoMczq)U!%^-#1J$Nsc7s^SmyZ=4FI|4=j!wT
z*Ip0Rvj5pkm1dKuJbKW?&)q|PWM1;toT9~z_sLrKveOiOc_o%s>O1d}=obKw4HYIz
zv!vU$)@_6LQ`DV3$&I&_xsjYoD1We?CTo>{YN>hqmXcKKFmu5KQqWsyP>0&ccI_u&
zMekUlhHP8VoBe6qIy)CyexxN=C*UvsoJ?=wL_m}rQYm5Hm8Izcl}OP>3c&il1dQX%
zkKZa+eV%(8j*MVzRIvdrjONCvJrl!5r;5D?`L8$gcJ*?F>=|RE%cNmp2SyzsFAy`C
zH_zJIfBSRco8ZS9o@~;Ap4G7{O>&r=jqefyL~0(1*;kp}BT+z~RSt6VMlzdVXi{@S
zpy|SNQ~xS0IxMfNW0Cn_*U(j@SD)-nkE?HG{O?IyyNnl?ezl*QAWH?hx1qL>Tu~#X
zT%j!!@j@$2vZ&UM1Ks-Cd9!Ebg5PUlMTasRgWq39`O%D4@_nwq<ttFtS>D1r2)$3h
z83H)8lsSMi<8C542hq&TGEOP#3Sk|-*QUbQ5|Wr{430JNp5gD)=yKY*|I5=3xjQOJ
zZ$51@32{Xy5a~xzKaT^B!|K;UXl9&Aa`}c>Gnx^R1~Bk&;B5oONH@y=tb6#^mN$RK
z>-=MuMP<v-mm0b2fE|gVuRa<xH05*S=l7+AT0=(Gris69l93|NBZ|yCy68L#SkN2*
zez{NJ(#y}$flyO;_p9waPZJ#9@-IfZlp2e7sO_&%ejxcVHc})mF@p2;cL&HTq~8Va
zk@xDf*$4k5c)vM!s`Ba3n&ADnaPtWuc+b;<z>EA*9gqBnP68U3l>B|m!R!zE2wea$
z_y;u+XfOOx6TyGYQRNT&4u912K&*Ap|DZ+kue1Hv+Wx6o_OG4rubuF(odBA=|D1RW
ziGg;s6B<^{n;!$Y?moI%6X4?ucI#W@bW-)^SQ!-qg@u>QEb=Fgi)92CgrC^$_hxtN
z{&emy1YW#F4JpJvxbef;-jgLZHqzT;&Tqd*msjNqGFZId93IH_-=!PZO9rHtsJ-qK
zh${Q`HNoVFjg1|Tjlg}QcSS|{h<ufbimEe}`(K9M;6*@>t<VSYy#qRj>ZE$phfU)$
zo(i5bqa#luRxewhJ(g9!4Y3Eq+xW7R8lwH^ONO1f3a7zwnFplfa`@e#OcEiLqFz%g
z0dn~kKrY)Cf1PhVRPra}a^Tv)@2_0R|7$_yA_2e>Ll=RhX%YOAGVRET;07&V^|%J?
zR~ffB3-}eQ5496DWUgcssOyA<xe`UmzH77PnQ|Nv5Xvr&)GZ<dil&b$Bm#YC0g&YX
zlPn>NPW-zo$X_QD|EItI^YGtDVEz4{3OAdv|JG+Q`|pL8&j`$FuZ_N4;AF1J$S=ey
zGwm0`NW1)O$41-DWn1#ET(^F(y#2>k9vIvNf1;}4!9M;oRV^0m<IA9C`;C)8nlEsK
zz9pl9n*)k;O*Dc;KS_*Q0R|nUk-AkVdN?}V|M3Ob-HufD##`07yT~V}>fXfg)ZrnW
z^$(k4n!PDkD!w}RI>2L8^cq-piEcB;v<+W!f*t8*=V}?K82yXtIm}`2*4!^IZ>8GA
zA24-$xNRYsm*=$U(J#FHkOyJ7n)wWV0?tUN4|Pd2RKb8wZuo6keSN#V?)clhR|U^8
z=f;UY974)^nuN_ZPn@<`JfFbBONQK`IAldzgC%;xED}Y@>hi22MdC!W!8S5_#y0LQ
z#J6A|w~gM)eYTR}<{JYxBTfviD~af%5Ys_(5!7a{7iw9jFvwCYTf&Mu6`u<mXwB($
z@&@)=C)mWES$e>!8gxE(k9ppBH&ycT)b>rj4+JKWLupOvR&9%MkUYv28q{plT>)$9
zt|^Ao=+kPg>3`)@R8}k1V#_LgTG_j>aN%Qj$Yb_<MH_$Ae&rZ|`N!fm1Hz4jJM$~-
zhGE&U4=@HI*MMlvCs)QL=(!8w{%;p<E+t}jWe2*)H1~#0xr}YN;I^3PRMY~&dr_?;
zny@mlg*>czs;BH1Vk6rX)++?m6r;S&SS{G!G2~ePu>B6v^2~7$_obch^#WY|yhkA|
z$c?-SYS@aGX7lvow?Pd@m-PtIKwwMsY8CdLRtWmsfcJt503Gpnyu7ud;M6^uFW#!&
zSJV+HciqaLF-PqTuK~j@J}H>PP_2hHxWn4HaHn<e;!TdmD);-!ncChbpVeF|YO5{U
zZdIncjj?hkFWI!OUmpt4qE|2kcu!{w81=)!%tUy40=WrxrB=qMU#YP|jLb|~o*wR*
zSbxadVCjZNfb^HgQeTh<LPdESx%<7w_kwm1D2VqhgYd!L^R|Rx^Bg;&(@Xmi?>t7+
z8j)md$~I^lE>gT_zRl>G^7l_eJhy}bKMivV=r>*jnw>l@z3vkNLHjNQ&vAw17}?ga
z2+I&^4DzMZ40i>dnoYfxso68ESyrZieB)9XfbstNPU94E&%Ts~b9O00mI&N=%yX#0
z5flfFDvUf6#!3{*6Dfd^jm**QCp`Vu<!LL)lv2N|Q8t(V>Y@gp{x<WKFqEb*D+JwU
zM$?%D?Aqz3B9TG18Mq8pxM$@gOe^rJ3hH7Xqy#PI7WXUIPl`7|&rXVz9NVtZe842i
znoq$5x?G_i*ng(t>5DY}tsnAlJYg&$P7BJ+9F@!m5FAw?xh`x1dO<yF-Z9r9j_%OF
zpAA<%NMB{q;?RO95XE=YMf|-|{GZ%g#R9lzbLk`8N#v@3O;Mj0;vb8%B`BIKyet|;
z#&Da`C(so?gV{`*wzO*L;R4R&qp47Xoqvv_qQCk<OZNXezN|c{T9#YA+MFe?hrG#4
z1^l|DTcT8Q{2=p_>Nz0cr0b15@uu%-zk7M);`VcipWZz?ZZj)Ud|&jsh{wPr9)wT+
zdQM7>=}Hl$Q-EzcKzr#kU7WOdl3xD#YjNh#hZ6;Ajt^24GyTx#0FWPWa)->ARgBbZ
z02;hi8sIi5vP-o5A{^}W`b|&yVaiV^aL3!@8lkWGo_N0nAg!Z@^J|^#e2qfyBJc4}
zOzreN7YedNKYX|yF3NXd`3%1S>U8gN?BQkF-VL<E3AuB-AMD({EVNI6de$r5F!`1J
zW0Yfg)c3KNU3<Dt+(|GRu20ajiQkHN_cTGeU;4t%?L5||2;Qu9M1ZQW@n;fpy!?!O
zpF1@9Di{2`UzY#M6`%1S@jKDC!=wA(5eL8|i|*0J9+l#JfLJL-^F06z1#7u-eT2DR
zQJfEdv5-aUvH9TW2?FQ=VW39yy%tO>#rEN_{ZrV^)1;fW-D^;?c@TH^|3a{U0^4xe
zpZrk&JJ78Et-tvLpoa5*48tqq8Tnh3hQ#CS!HTpThnZI+9W{HzF1Oy=EyGbY4K=jo
zJk!@Jnj;Sq2XE;})!7aQ{1ns52nY)N)aCnVn|n`P{>%RyhWB3sTGlW#|EApuhE0FL
z(;-5_)^ec#;D6V^8UGEO+kg2tIEc0T7vdwt9fO#KAz^4$?nkctz%r6XqP5G#YU<37
z=)>s-Be;)~*MG+u9z|YQgO>b(W5hQQ;xqssUaL+H8g>1JI9>SwYWUlT^!EV?fzST)
zaEj;giy7I|)mMgnDlsBot2y8DOcFO4Sck2DWrXE_Dd_DLyUjQB#l3wm1dbvoLKd;H
z!4?74)&BQ(Kd7$0|KdfqQc@sd(=(DX*n6-V*otLb<vyGN-L?s@2Ul()++bD?r-k8;
z_!i7`nIp+4&vS|I3W&8b{su;h;1Ok~ZK-HJphmRpr@7QrCNG-k3X0XesE;^j=gE|{
zero4=-OQWMRdCx$v8}-fVAiZMpU3jRcOokY5sUg4>7tIhVLewRtDX`4Hm0UWJ-*?`
zDk$(g_FnFK{Wb~jJj^!P)y&WXi#IK$&Q({E`mRylWOk*7n=9G|zMnmF|0FTjYi-g7
zq*Hjo-6b0J3xTZL!?u8pDeV_cMXabc1?v+F-Un^<<SQLL?sneiy<%zB+4ug&nQet3
zM~+J04v5m%&K~c0?y2ivUf9ugpnc;>f(q+n))qK@6g)51V4MH^XGQ~85O-#Ps|0u`
z0FY{o1(MK@Gmn)_e<VLzxca*!G~+)ot>*dN%lm(j*&!DohbReT`kBtb3?OcrTHYCj
zmd7i5)JY9YFe+nSDYUM-ByV_Dr7S0{zi*pu{w!I(4&>Pl$H1Qzq7ZC|C83|WtB1SU
zA@Cj~4cGPboOrpjqR*S}PzBN>ar0@K;{FZQ;df=y4ku&Rh7P-7G`+V4Dvl~Ifb*KF
zuIApt`A=9Myy#$}6>0O0;^VKv`?>>9_q=^N<;l>ljHkmb?%qh@ts4|gR`-VT1A7Zd
z7?g2<w??2nXY@{D>rq3~wsdk>88LEP|MPMx<7#eRNOAmw13@;o_Bme3Nfy<x*Vu)>
z*Burfv>GwdM$=|p1q3yqONjz#tI}Oho)|HNP3h&CwG4qa*_4dVyqUU7cHs{8>*LG~
zKE6#98{K(4_|XF}rU^HEL6FDyzY<WHEV|o(G6}C)oFEglI$;$}wuEL2sT^vH(eTEL
zvoZ9klxLk2f!<%=R&<xwN(Y@a3iw)3cGk)GgL$0P;a1)Qp||m|EED`NvKUL-59WXr
zTUuq&H?p|?7KZckx7$*2WwrahRi^4r^)MX9hn13#z4vcyWW3%HAxXKwRpVr%u0bQb
z%tFTWd@oBJvx;ge62k2c4i*&;Y`@TZy42tArBmKRriGkYl61vL{!aJAyJK;_@njSZ
z5C5bua)okP=WrshGE08+{lua$PJ_`B-HeoiU-iqJKlz&5W-n5h?sOnODLD0(oU012
zND}Y7;U-)F4B`)84X2_`AE(bLS|B$%Zv`Gyev^=3;Imm7$5XYz@9JwxgFef+q>t4%
z9zndaLOi33zBJ_Hc9Sav>Wl7?HX91#$u_=onX+^!Du;0^gK^NbN2Rz|^O|~zPvJuM
zsjjBr&HVjJ$?CGnW%Q0o65krTf#06<7BAz#?MH2_@uxy}6r>sAwJVXhJ;7OzeS#nB
ze{p=DKQ1$|UyBm-Tjencncy!rFeir%aCQ8riIXbx9G3Qo!zfO?nl720r5XRq`_&~@
zz}+8OsXP)H)jQiU*ezGx#r7|)=NbNB^~G$yn%W8PBs3vIb+JtZc(+2dFMSSR=ECL&
zEE%SRf>{SzZS#s`_NBMw3FDLP>3S*a>{_Z)e!kB35kzoKG2Gb_858IT@TF!zTR;H0
z=-QB)2&C;z3g3e^g_s9MDQPBk^`q^+5xM)5;^m3<sn>Z%O<l>q5bArw21t}5{5m)&
zo7+p;h*yRWGUK|Z(}yvOf*ua~hXf5C_3UluJj~C1zoek$@}U>8?|^mP3<YvGIA=9f
zz!e;rTpUJIu=8z)2sweVPMG&NsSqd#dOkZYv+=byr&+2lSdGRLBvK(%WAW&<ThSfJ
z3#|Y(DApXLH!e+DvBjHO(=tWiX?*`8wF60Ir_np|$y%`${c|UVz1dH5@5Ipac#%3A
zj-s3)EHt7zNnZPeC{!`Fo+Rdh6kaggJ`-@eW_&-xx^g%>cD|$hTA}**iKoHO^h@5s
z!}XdUO+&1hetm!oh7v+~9<CF@_etrZTTs!fpVG9y5)#TDAJGb$*92lgKWfYDb1X};
zK4PU&`x}%($h@55Iuu)l&djEdP*vCx#?;J2KM+dlr0z|vv;_3ig4}c9x5w_j95s{6
zu)e9(a=m1aYYKArRir%k{kS?TMIpm`bec$!NV+*zX3lvxd_E-4>pRZ4tN;7b1$uw{
z#xp*z!BW?9kAEM<MY<-ItSkDE(<Sgj03<FvYd>fJtCs~ipbkHn2NAhnF)Xcr7!#HK
zMeY*>jMAcT_F2G$A;9Kp<GnPb`}dX20oRrec4a=4SZ=w&m1E>ZveDB}qfTHN<UTUx
z&F4*i<j?y`1mXX`*n97|rnY@wG>V8)MJZAwC@3f(Dop{2jV2;isu&fK8c-2wAwd*E
zM{ogxLR3UVN~9}bLPtSB={+F`NC_mAFd@Y|SZl9+_Hylg_P*!s^X|K!cm9xs;4GPQ
zjxm1aTYd)_|98BK|6|fd!i3fw0Qi~#yQ(~Z3q?BpfF03Xvk;SnE_;=X%Gxn4DXRF~
z;^5GlhAFElJRQ%DD0AZYAO8V+#{XTJ2TZDc<=iW9<|2^H&;AW-1Spum;^709wuiMg
z=&uy`->L9Fzk=}afzJ^@c_XugNTBF5KHiAbo1w9w!6o0R_J|%r0)WQu=mtLkJoc@@
z;4L6E&z!gW1dtTwWG_9;(qY~Czr=8$*tcQk9w(PWV#;7kf52K>e<At|_AfEYXBgd?
z;`vAwP)9KY#l0FZPh1Hs8<~dB)5c0c(kb_ZI0mYF{@!E6*Z)0rw*TW^X&7Cwg5TD^
zMIGG2R4RomC{4?n<@iWBm9J<4t&U6jcgreXUV>S`OvO+#Tk5+MK44y;cR*(Jd5T4i
zx#X}&b?ROrnVJ>e)q+>zchSuU>kr&qKkkrt7om}_YO0t5jRV0C)^6V>W+f+fk%U7C
zct~{DryTCg46D$b6ThIFmmr_AwTCFS@rZNH=Cz4}zUztZkRzC|>p9W6`UleBoV-On
z!hMqH!ee%BK#eUI?<1SIboT1?eI{|HvR}#_Unq|zZ`f(%%rg@S@97>64QDwHV)}_&
z-&eF%SY-PK08_uqEgiLq(oc8qX%bu7Jv!_5xa5uE^QyVZ^Kr<uq4f}p<queo6<#A2
zqL>Ea-Y>u)VK@D5vDYw7&#pt$lQw8pD_O!Pxkd3n)4DT#9@{s~jX&z%Lwv+i#(W`z
zOwq%$uVsq)fWFS36p8@!e`i9bbN=Mr`WB@4<kDU#LYtJs=E#HB8jVctTkn4w%3>@{
zOR>(PWk4Wd>3mt00~*U7+fG62XKRLbbQW6(y6Hw~V4d7ncCwpq$<i<FIglKe9B<t-
zb3TOk@xC)6B?w1kzbCaNj$uKyn0~^#TbI$}J3bs5LsXWYiHbLVHHDE4>?OuX4$vzU
zH;l)635|cFNHZ*YyQyGBQee)|Rk6k0)#R;^-LO@#ca{>q8YAAZpwzWjeR_wN?72y+
zV^qGNmJ9DBD70glX<QpRuBw|%KkwNG76uxY5^2}0FdRyt7mN(6hj>S_{7{IJ=!G^5
zFRY-u#BootC<m)6I@cWpbFv+n05KDs2n2Eqtfn)D0RmBj+0g~`S;O)C?qJw@9~L=Z
zf^U9rX0+S$meXi`^`u@{$$_l}pG_-OiXZdTVXwCK3ybtJ$C=+bc|^qb1I|8|B^g>#
zeXpX$s?T%Mh01Lsop1E<D0b_elR6o6w)3OxJ!WZWkvgP?j3I9A=YCBj>eEk$=ekNn
zzOhAXKRN1`)3w|9$+nj(`R{GIMy_s{$zQ&9YGm{q#tedkHMtI~^6HgHFyB<!O5*YW
zCJQg=n`GEklq-2=txR*tb1earT}Mnz$AgtS<6=Ll42Q|bwLxCBc)DjNsY<!RjKNdA
z5|hA?X!&}jL!WnV234`U+xB8#*G6}b+b!+rFtXP}>(?zX#7mK$SY{S|iI&OQ?~7zc
z(HA2plrDvy_|Tq#nzKRLe*AK&()vx}+?Wx6oz?B(w;B;ECB%*3VmhH!!6;?P`r4Tx
zaiZ*<_>1$4Zn69si!CqQ<>rnJUr(8cBDyu?j~<Uz>rIm4Lj?R~#rjhj{x?&@pDJu$
zzzthx59}me(AvOGvVoiG30&V-9TFo+bJ0L#bO|6K+H*%S>0lB3XE`+Tf+Y|zRpYrl
zk9a$qJB!ZooZD%mJ=3C5^wfz@YT=ns#9wB8#IL^aKO-JNsU;RWXIkvZy7~i_9v>tU
z1lTV{c$O#lE$u^a1(u@3jz=kR!QJ{kPPp>x1pP02AI4a}NZS?cEgZvN@b;tp;yNGk
zonmXuPPc0g$~7L=F)5Ad8ruFKLTp3C;e?xf!=_m-DISH6yPjnC*ZH87Yw8Yc6vdUj
zmG7KXUMu6~7I1KLSDRLZa^=MnYc3x74wGGT!Sg@Mf{*ZC?E{Q#OX-(oqcN!{q3Iv6
zsl5szmR7)grg8wg#qO6gyaDBAW-O;dV)(Amqs488f;opb=u2n5boN)rP1mPB>#cI|
z5I$ka$T1ONy@BPP{Er^ip8}EpExgL#M+L9_f7(y_N8A5oB}IJpQx6d4@JAYwSj3wM
z@%1pu8nYvEo(#TW%sqzEG`|1QB}1mVhSS5w_w(B0dI_Ym{ZUpgt?si?&~pM?8<cu#
zLWe+kx1YUuqamqqYhTl9dG`bLpNAoTQ@0AdcNx^1`AHy44gn#$fJ#d#i;q1&FyzAy
zShm*&2C$qNe8O*{M{xKLSaZ)07=C%4@K&V?L@8ENptD*I-Z=VofhYqw*91HP(k!u9
zl~;qL0Q`scIfC!AwM1z!#2<0Hz@iL9*fv8`AjHi}@XU3+yfyTrZSP>As)*L&HwoA4
zJ;%k5AG|FVTy=9pi}675Drbj}4+}IJ_hJWlfJCDu=!QAcm$(AOU?uH@N{0myVMu<E
z9q84rtbaZhm~_4ky`3u1e~6vwjBiSj>5gWaL`4_JNSWy0x5u*$%(%i}pr>E>0c(<}
zC9#uM(Lg^-Ltgk*IIHFxi836!qGiF(uK>~Fr#sl6KLIjYpdADv=0EM#_|G39doz9$
z<obCp|Fhr!xxW7=pR-0!_7(sw4`JOw2ZBNR;5+hdH!YmrYDD)QD;A<8Zn(oaZrU-u
ztMqNsnW$#o#oF4Od?W4PFca^aCQ}@nzw4Cz2Lb@GlAr^urbtI16q7W4C~qgrGl|sd
z=<XMgAN__jbg0Fdr|nlwFu*Vm{)z?lXHb+J029sWk~`QcNi1lI36W+%QkrSkh@cc9
z!EzmrSmIk<u2X;VGY&$WUG1>_S}|2W_f^yWdUapjQ^^~H?2i@SyUb%bqXWVs@5YLi
zpRFw{KCEEcMGHwQbQ2obo=|-%*l?iYe(1XEa=2p9U)ccT;d%B(N7pjR&u9H}ACy>O
zU;Nd$FB<jMS7_G`yqA@|xS|ZpDgCNx<9(s~df`1n`f=%jtsRZ8{a>R!c=`|iVd44{
z^#u94^Y0blVc-J%u>zm45{(1_jv;y3D5=Ji6@{JXnj@Wk4f_+b8ziQG!-8?<nf^Ty
zMXcH{|Bvm-f8F*3a{*g*4eL1z@}a7Or0cH@bkPUCx@$Fip6y26F>@}q*w<I<u|3T}
z;iZKPaUJh5+-18%BYbqp8aUmK1gR%QvkzSzfv?AWE-53%y*awAGhs35zP{ltl-Ig9
zQi>7Qv;4Zc4=?@#ph8+JAV}pq4O%dV*oS~4{mc`<63`976l1IQBSvLOYf00`zaSPO
z_Q1IAq~SRv{bmD4I+JTXv=cD!%MgG11W4^YTa6px;O~5b*spJ}qtR3(*DU={pMbU@
zP*w++)IaUxfA;!6SK$AqD=<I18I03fB;C?8C{2UDm<dF?)s5(B$vGAe?w|eQohmUl
zvo(1g`9}O4?Uw@2OL(>FL@C(_?w}h4Ds%VWf{}y<{#<GDfIXh#4Z}K#&+E_*dwIDH
z2Oi3O>HMioK0y(?W`Xd^Z4{IOlYo+d4wu-<1sZeT;rxY&kcBR<c+^!z{1UHcH)0sE
zEPkhTWdR3jjN(AS4IH7^hh2%FftcCFst0J4(Dn}xVlQ)Rxi$IkKFkr@Ngu;s_Ln!+
z-@PA288Jv$1Z~B$ARX-@6)#oed&Vmz(hfjTNo8rzb1ye!e7BW|TT|ZY9c|>fc(?1}
zT7ma7ru^wy>w=CLyao~&o|ygEs+;;&FYs^(J}gq>DQrEhk%`k9ygM^)7q_9YVcf1^
z+tb@4u$jQ;?>@?QcOl+N(y}u!1IYF2=l~tu44}Gr3b{#QWEeWQS((pCr#h$km%l7O
zvGO182<_8NklzGqQ_{)=9F~$!F2)qH#4rtV>YV2lN{*<kslIc4{VozZuCwCJoW<I^
z^mIk{n3@9~j+W;xo(38i?_Lv{NztU@%zDpIY*Etm1WWb1KPJ|Xiii-xdQp>n$DDKA
zH3JOOCTPK*`K5MVdsy`9X#EC<W)E%?yg0KK4kX41&?5b#wF@2EGJHDgm9zB4h22X1
zdlz?=9+*_oNEQsZ^2k-*q=WM95pelj_+3ZGsuGB?&-QiK0~7h__g)Od@aa^C9N+c}
zoeQ}<HC@sXAG=C*RuUSGL~AW%o*IrF<fn`pyLS(jT%)0O*dL7>-#~OQ$~Z$jv}dED
z;KI6iKCdGZ&Z{ljW-xs^JHzR3NyE0wI&hH9r#-O(b=!+$i-VvdyX4RHp7>kEp1<%?
zbwJwn{28{o8oauF8wezE{ZU9Ij@6UyyR+pDgHy}hFaLlzfT=K&xWdAqlyMAw36wJU
zxM?{mOjnW=mO`0bKA}|C$_m0xOjZYpKspWFvm5ELTo4?r_>%~|Z&vj@?xV4zoA7`y
zH-i8nRrU%e<=;{P{-*^BIyM+7ru73Bj_AYoKkTn#sw+7?%y~brGp?8XYhGKi`ZWt;
z+2AJ))W2Q7@b#?r1~A}D{u3Ai{67a`9)Z8^`2FtxgV+BCitN}Am<UnwJ6wp^&B1Ba
zl2CI?%hS2B>UZ}STd^7rHTxU-BC6CQKw?~rry*z`QB;=Xqr#7tmzJN*r+y|6Zmn15
z8Cs2GSO2Yg*Zqk(`~Q2LVMNL-qzlk+t;4M>_#HB5dxy#*Xc2}3Y~3g%4tSPw_do=7
z*6JI9y-g2%I8Gnu#Flw-A5My|bb@*yke~bIHk%(1t3-|fy>{i-JTv}3_iO&EzjHyt
zLYYP^!x2t|%rL~ljZ|cB9TwCc=y&1lSbSl3do6rL<McC;X=(*<;jM|phwB>VJwe?m
zc{SvzS-9Js{n8=$uv_O;GjSK%xCBDIvYWKh&b_mD=Ui|$Z^OFrhk?pG@4imknYF3i
z=|+tWiG{r#(GwHoCZu1`EFbOEY(kkzUU?V3li#nNE{w1x9of248dfC4*TfwlmKMx=
z6}Bcg43<jOQ#GQZM!HH?L4<#3ZGm}4hT@n5F9tYfE9z1ma_h6Qc7#(d{3Jaog!XND
zB;p6mE_{YCyGd^IP08s|+^z#_zVBywAwz(j8!x6GpO2t5fM)GHQ=4vxuOslHk-?3g
zV!r2DC%3`R<aZQ(ta$mpIEC`~r45f>8KqD|ys}yghWW1d()s$skc(1^beK4ukEZTO
zXAO%?myfi{aa#@cgOYtDNn)UwGaK!3rIfYx!~2_$28mLeskF|MMlGLDJ^tv9La6%o
zbLGy10uc{=n#{{SPBG*>CCW}Iqu9r@?I)QlgmBM=<)fSXt&h9r3O!Hol4;hHxOffd
zof^2Y+%Sz;3GP<5Hz!r!jt(DIhBE116k5pWW4e9nU~xraQuF2-RN&}fLBnl^Jg>m!
zCV8jE#K9x*NBH8FLhw+fLs-@xD3Tfr9K3)J*l|Yr$)eCH6Gl;~!7jJRX7kI3bCxz6
zmEC@sbBOiKiNCiFQ-JB4_a%?uYDIbqnYvH}n&VUJPs@x(Ti-htYQb-v+gyDzJ;XFm
zaSz|!OTr1stZQhH9S4K!Uv=yy=yiyQp%0frSb7OU)<uV_^kuwLP2JmNA$ymG>EV%v
zJvFjdLQHZ|+;)XS^NPxwcC!>}$b}8{a51pGZN+hxCHm-B?k5UCz?Z+hdT2|TTbQDx
zk54Jwm6&?XRN6TOvAC`={2e^$=2(yc3h?jltV(@WT_GOCe8uce;_k-xb`KBYaQf|^
zUA(e9J3U5E_m6}KTD0=qM`~fKc7tJnk7b>~G$g^nT<0Em-s*ijQ4QE8Mk~-;60+<k
zByv_No(^9A<fy7)Z@$Oq)lNUb{dJ|HvrbCIMVuG}DjNyyTB6CM+xl8GLCvfqz9cKs
zlT(4mnmAj`I`gg-_bjR0ywWQkl+bBu<castxp_F2f{g)(&4d@iD?jitwdjP(4d}DE
zzPqZ`MVz?@0{t7?YfA5GAD?EHc5j;1iNo(cn^AJ%K)z5>R20k@+`~d516xJz<6}PO
z#G=^dfmApQy|WW=%QbxR28%lqRkHicyly#nZ+84_`8k55fv!l)F-Py;3FNz%sCzSV
zphzYMTFPbLWPDyq66`h*H;~s||1gB)Eu6YOtf2oz?K5<<VhCBacNg&m=NXBT47$lq
zfXn*WKoe4;`<#)}g@9pT?O7<h;Zb<^X-`qJTQ}p$w*8Hx>qNy2W3*I*>T~u9hFCmj
z8v`i1m=~}Wh@`@U$p!dIF-Y+$oz@(k+_7kW@H1g_Yg@ZnaY@3p=%=YK#>T8S?`(Rb
z7gV%{(K?+BDn1^N3i!IwU)iRV!P8UqLwgysu>|x+`inrnA(!#s$%)*YjQ38wgK7`F
z_6x$6B{Yg0;9kBB+zs#P;|=(Y-rFo1hIAR&aE#U^>n1Hyj7P<BtTS_^eEV)iiITb8
z9EqmAYir-`w+@2EYXE$w7k6VP>!>deQ<9UciS4a9S=ePD&ux`XjHODk^}M~e6%%uB
z=O=c^oAx}8H%jeIk9(|qu6Dnk*9=CDfn$qBG6&w~Lr2rm`W*nV4;Q*LXxBtl7q_3f
zTPoe%d*$Yw?ZjE@@&dE{XF|s;4XvBREfx7;>?uwKQEw6s24^hDsuA~)rI}&Wu0_u^
zMZoV5RUcnKHqDy!S6nZoGR=5A67QFnXO?HP$wRd{WL<0-;)akO70?T?=3f9LDLQQj
zN@RG;B~$NVBn<Lj{xVQp6fN1OHTCYKW*g4v2kcl>m_w!Tr5U~+t|;acd6Rc6w8yHp
zwQqLB7^h&)cZ@z3K5T(YDt%NHpr1GyZ~pppkg4jIgQ<P{+SbLj8BGc}g>i6zgYVh5
zg((lDcU91E`rS|ugcDx25q*Am@R&;W70qqeM%IosOy?@Uo5M>Ti_>)7y#Hy@0~lHq
zs4g6V{K=(1U{P!ZF#kE=>oKyBq@&xbqjb)lN3U(6a}zJaWU@SGGz$ufTT|{D<sFF@
zSl?G}wu+su(jYlu`Oz{YMr#b#2_BK&K;}U^>`Z8Va3>DC_f47NTLramE<UOS`8JCB
z^(NQ*ct-CjRRV8{05BU7*n-ey00;p#T|Zz!wz2gjahD~XL<UsQeyJ^I;e$t;ODZ+q
zG0CO0UnVR<Q!(LGT)f+)2(;5;`sxUwr=Nli&*knBI?!4N-&Aq_wQu>kwmbW*OxqMm
zJ)0Z9+|++}7WQ%LI-1nQbwQZ4KLo_!c>fuq0@edS+pEBh<#PBuVA*>!c^v>QLhl*Y
z4eQAXCDQ<!cYahob?GjL?ZK+>o~UyNEx;%e{iY9ajG~TnDiI5dSN~!d^;0hbhOHtZ
zfYH<g>=Kxf+dDa!=2gW^8E`b^2N0M^ZvB994kNp#JAW0W{43POY8;?@BAG7$y6qnD
zw`v{XtB#JOmauj`N;i`ie0$l|N3>tHcHf>;Dhejg@11MpS-X)SNXM~7f50k1SjiR=
ziPGN<4zg7wntr5IZKNsMf5qorr{q%dyMlPj!o=o`k8VCeV>_(wj+6x%B!JuV6w^&q
z<~$%>1B$zt_93A*HScEQnz@Oub&mcs4?n7VZZARA?IZ7Lw03w$NF!5mY>Aa-p#d^K
zQDW!?x?TXgiEONT|EsN8U=ZGtO5$f<q|QnK41~}%24A>=ysM;cTCVno@bR+b%!dgK
zMF)?i8;X1Pr7OX%Sk0_2XWax(*G0`{X)3pssZtSdovxY<OdQ9ecbNdy=$$^EFS3*}
zVEzr$;0Ez-eh*Es5NJzA=m*LKTZ#dv^tnn5?W7m8siP=D4sFPnd8t<XM(NY-y*utb
z6h5F`h|Xf^a(fVTYkZ#<B^Kaso#CNmK?5o573jqmq)kRwDORW|EPh|(c1O#Ph+0Fx
zq-h10m*}IMD3U9(uf5i`@&gpdke>=4QQPT0_7*8}dBPT*-;l92lQW`Kber9l2EV!O
z!lN4SB|uaMP!SHp<Y^&#X(dsJlZ<v55kj2)dQJv)t$L<f#jJDao9WiXi{9r>8(a|)
zTeIQ<+-!&NqL@8wEJJeo7V9GVuxBV<Tp#iB6-g*ZvMI}@EH6%xXwgU8D}FxY;hO{d
z1~%%C+MjRM2jzHP9!@$&1AT{~Grb5VYBCg%>Dz)_J3vgOdP@4H%$bRZSWh}1aXVO%
z;FtF*R;gKZ<c40b&@Dvacon%{hDxU4serp9Lfc7s;)y%&V!)SF#TBLpks{9#uWJ<d
z4_-Fsn@LFJo`^QpL#|u<1n<Qa;<gp(0r3lD4MEf;N{PtetuM}UO)}?}j4dy!JpSfq
zmwnK>?Qlc<Yh_pwrvfbLvAqsdi%@+@aJnjVK3q|&0Mv8_XZ)7Y5UlR8w<yy7<j9V#
z>ZqBo9@}l~LLRe&7C#PHF<mQ~M)>X-h_H?6yyGEUy$M^({NW_$jQ1s7FCyFye>EY<
z=zivRyv~0iEo%KC!pZ2i3pP8pCj`mge+W$ITV{dFSr4P3k{rh6=OiPX5PX?2TvhZ5
zv-b;40_FJ*nbti$c}^7-c(;Ag8>{Q@-+8cao$UH$4QeSZ5}fD-P9$1GsX@JuHC!6R
zwxg3z$H~~?hndf@oXiYcy**Dtac80}y(15K$I9Ne5tD$Q!SrK6btoL`j0`98b6$Y3
zUJi~!ND{X-+)lB4!Tf}E@xJQ2Un_UCP+V<G8qfV-25NUJiq4U1k^OMy80T??XjVUX
zfJ}+&ow)}g_bUN`UUhOXJj>{ls-ujeTeBRr@iXs6jgk@RyqOJ@AWVm^ULA28159pr
z2-~1z6P`t>9xVbam0#AWc6BQ&M%N!Xc>RizkzZa6=}9ZJn~#=7w>#ZUgmD`UHh`_z
zDk8zyO`3jM9AvHB))+HC3!K{3we{7tcE?&hx3yp0S|4#1c3JW^KANb4=^)Wh<9kY`
zY7oGZG8w;Ru`p-CcJLRB0{y{~f7kP?R3YiHi)PIeSvle2pIy;CV@BuRdHxc=Zw)8(
zEV3EbfCWgOEhINQq^1;wxY1kTmk0P^<>*6g#p<HA&P%Z<t!dNS7uBxaG<jgIpmO^A
z^R$DX{nkW#<HZd4zGLYpk$p8xZzzd=|6<ppVW%*{tbr^P({!%G=|iZLR;F9D?rp~#
zJg62*+rGy7i1$?#o)v``Byp~~@2bUKQ7l_R226`QY`r)3w!S(Pb(|9e7h&1w6Csmo
zcd^z#Ft_rUj^EkWWrkOavfR7BDOHmD8df8b+lB;88=ih15n<cF>?+J2Qpf3Uck{`$
zo*3HJrj~KNXoF^P^v?G;1>;Z6)D^rx1D?C-m<TQ?NZgq1o7;wEVmSox-Xa8e$P^>P
zE(<|eO0+R3I7Vo#PxU@H?Wx&+U+v|iX4&(4)&t7c8Sd}T9fB##wS$oiTIa#Owt)L5
zLPs+DI9Y5IHC7B_l25m3*>BeBys;|ij}jMpx_0n%@2UJ3pYF6>Z&Dxzn(!?c|BluC
z%PSuPEZutkpeMhwdFnT~=3OvXAQpCZGhKe;oS+FT4af)i1zYk1R;ucuT0t&!pQk!6
zq2@KBE1jgI01x4;^@;_^4g&z9fLQurE}!%<;d+1h!IrjPSu?+BN3;K}4Z7b;8$ZAP
z`>76Kq5PZP7*L2?Mlzk~Go)ufU??!1TMyXyk#6*k*M6PpA9IokYB``0YYSTeQNwS@
zn_oSi{y!mv{NkVEI#$aStBoAW*VyHE>a1UWz?M`1^Z@$@mKb=9+g88bd#n)DUd>gX
zCk@L~n2`!;^V-4Mvn{&!y4RPj3d{Z-8NJ^DGa_T<T;WtuKk<URxWK*m2h7BqpW_Oi
z>TB4>Ll|Cc5AGRuLhRx)$S?k-mKH1RPf!|_<psJ@HPC9yhL>2?_mlf9Y`S&=ZiP=R
zf*$f+Zd1FKO6q~Ofc^_YegVE+v4Vw%0*Pma)@CU@y&i-;>J43eju{})&mm*TMesV{
zYgy1;GrJb~og|=d!iC3AUG7v@+q>&Z`PY&<*@)X8ZpFCOZHG)p$h{6+fx~n-1s77`
zMsOtyE~*Rrrm;@8X`zm}^{Qq_wCpN%$+#QuE1Gyne!h3;z|8ZK5S}I=Z#4^&PJll|
z^dp!>?W7w3Pk)|mS5N^(%w4vxp&mw@khq;=ZQXbo-R6OOa+|Iz=gc#!hk%sfv_O_V
z+MbT6AwkN<)wv2a7&$0B=jiaDN?n?G=aaMfIIFTjW<bE}UE#Z;P8ms@qHR_DwqE5q
z%aq#>FNsNDVMKbom?!8?As`V!3rR-r-ODx&^t!RmXgMcUtTJY!po6^lxLWI4q6{?7
zz%uW1@&Qqa5R5I<p-s@K7QORTbl(^KwS6aU4`qhIYgbz0^S)TCEv7`;9mT1B{8sUl
zcY9b~Ix`aLWNe`rubOa5vNfPvIcy8kI|wfHG{q99D0=C*z*InUjSTL@TxZ;wARou>
zs2f2B!B9HO4_gJ|JO{FXPQ69{7D^JXSOk}X&KGjKKtKI{XY*LHr^>qdzOG3zmpGeH
zO4L4KQ`i=yJr`gz&tQ2l&1q}tf#jM&iFv9{G)5V&UL_~phOt@n*`GsnGpX6sZxj=&
znj>82PMMFrM{>0YC)3Yj!BR^Jeb3s(*5aft!b3|8bi!OxN+a~IX4`DgWJzuHn@%j5
znLjlh^oI8R^sNbpVf7k&$tn{4lDY_5xzqH05#-21*w{c$tx|gD&)AuI{Bm2u(){aw
z*#t$WwLymiE<j)w=OxkaCMeYo`V8~c1Y(U#kh-1%-}^?tGuDLrdB^y@V99)nEz5oy
z7qn5{>N|WonstG#$tlFFbN&I7<4Od+klAMTIh5MS(9bRx=)b%BaLxq#zzIs$<c6BH
z7w#j?tdiLK=!mM;HHNtpc)mN$N~UImmee0G%Sh80<p(LL^@4LP`D<89)w4I2W7a$K
zkUAFw)sM7!6w_`~^~_Y1FH@<0j}>njZdIN6?92aVqavLbqw1^2oCTva2-BDCH-d+h
zur=yJy=WcNAu`}~)Vej5Yj&aIElpAGxe6LNGWRaTwSM*wI=+LI#FijjVkqHAltiS|
zq6q(tq{R!h!s%<7)7?6oYHod`eJlUwBWu-%Effhw@1~G@%PZx?=&HBs(p|XQ+T{zZ
zf7#==5w-OgY*Cg2XxT?udYB=&^fgYpJIO($zr6A;aSe1YuXlh9xt;r(*9U|U7=qeY
zK2-O8oGhr*-#uS+fZe}-r1bXs1u&a~sVN`2$8caSa=;|+7`w@Og6@pi_=283VWmB>
zW9YPZzeE|HCfKHl%J0~~G<uBu@NOPy15H)I`Sg!dfe}_V)hPMp;FRvReiCkGaRb%u
ziCtE=8z=6YOuX^g`=d|aZq-`8$O0j4qXP+Lv9h#E40;u=%rk4zs}61fO_Fi{7{l^8
z%ZRP*8QSe{5vHz5+cQWww?tcU*F$GlJd^Q>Z;HWr7_TSh6UKNbV3Tx)B-0XHdKXML
zqUfbgq3g<02zRe<_UW(Y?A)7g&Ah#wTwGxfOJ|<>)uvhTAB(GZtJc>5>~*<fWT-Y*
z5lUhi`w~Y+90y+v*h6#Mj@OC~*-gfa?C%q}6OED>I&^w7Tsc;icMzWvgdn)8EGs}$
ztSgwW*kUAmb0pIXN=}Co?fIxi&l%X`^tv&E>nr8)iqe3d&BMcMwS33=#paGRDkvuO
zm#!tQri}5JDxw4@3hNl{#hl_isc@un5L6&_R?z9#y(olXa*CfbACIJ|eBbp;|Ko3_
zvX7}TnypQxS9b&<K%2=8-`8D@Er5qsz^NkQfHITMAVe0$^7R@!pGBAF+Vq~YvH4i*
z{JNGVSPRVl6sGvOjtEL237DE;Bh#cINtT)GX16o0+`~{fC0A}{tGC<hT!#XpshOYU
zlzhbQN}eq*!q<EfYQ}Idt;oXhAnXkb+<x|62(>puJ9%4e>GopOvA~lf=vs---FxT6
zM?wbg^#vWS|9O=mMPVU55w3A-@6-fUgd>${#k_^An`Ljy0PRIHA}lbH<C8#DSI-<G
zXF3qJ1v>MvjuAk_<%$HoUGfSGv9g9RN}yrsJ`b?|hsn767IOr3C^H*d)xmSJ1il4D
z`dUFAM5l@WfZ5#t0n?B1cOr<b;S~H4{wdD3pD@@3nsY@j+GwFqGG|Iel^(GO{O~~v
zYBufhRI@X-+6Ann?hQ*tslaNXx?x!w#!W^1jo6C{l*I4@d&pvYGO^G}eQgg+6RD}z
zK<1QZJ!T||^R=to0<s0wq*K^{nsO4Yy#}|e1;gI><yQokKmb>`I(F6<>BD*Ni~a#q
zO6N*ivA6lahv<p3teanA=loZt;8roXlCA7*PT=z!vn-r*<}y%l|3apFU&01d_LF9$
zUgAf0{&lZHO5mK&8821v;8`IqPRpjoY%NLlwnOkC$fuk;EbYfVcZQGYVz?TfbiwI&
za*)6bW|no|20p3=r+1U+cigc7!<boCuq}R6?LT%4u0P+g%pvGJo^|giXIDB`#(^u0
ziJe6&4gy7m4Xtxv1QecBSw)YAj)7~EI>I9J6#_~VglKd{41YjS#vtxeRWx~NZ|OqX
zU;i&I2qb8q8G*CGcBC0Q5IgPu4oH-^)ek`;$D@NCD7=YHsQc@Ah-?G<PTVq!Uf;@T
zT*9`2RNK#rEt?L$9#1)U)NX{Gr_2LFaxj|y8Kno=glFrIaD`1{6FF&1*n!N~z}PJX
z<Z+N6A6s$-5ecWql~&q=d2!Vqy;>~`zU)vsBM?oV<a!V};3&VmSS9}ZXR>9z;X*8(
z8KCKhutGGB#X<ohY*}!>I4PyrfhW1}QST%0<JhX>Sjs!n7Ayr1r=QEU8y0>){D6TB
zc6Yxs^&G`JUE;H+`|dN6>duhr{Gsg8ETwF(xFy2$S8(0=uvJ<JXF}mb3Mq0I<d<W9
zkBJaJraCf6mUM2j4QV|#_gvxaIJ{btE%s;xNi$;|;dbg~){^?+)kyjS-^sC-MwwKV
zX-R3%B*Fc>Ar+CC@n=844yoPmxP@H*g^#rpa;uY*W~7CCQa$-5waZGL+%2b+7bYtO
zUtBcZlyG%M2y+zslfOH54L-l57%a#_^x3ezTBM%C`rbQ73;D{CeEma%Mz^8@U#K|x
z4&0$$ROlmR{DAeJ1_<K);1XBK5O+<&>1Q(N@!vK2oj1cAoGVUA6$fnDnxM9}=k+K1
z$s-SMZvYH)FgKCmpu1j;V1Xj?#3Yw=BOCPLg}@yGeRu`XhX+CcX@n`J>mOotgMDBk
z4Po;^#w;@cjyMQuF-W!AL!xwUwv!a<_RRI*ZQ5fS&)M1G{N%Lyk~T{1vG<93Wi$!3
zR@pXyw6>NctVR@s+G;9o-PLa-b|b{5y~Fd+O%nFGfv8u@{N}xpOJUcO<>xnC(?%Ds
zR56YZ<L?nQ*t%WZE$mb6Bb{gjRpn3)utdErVXbs7@BKRQgZc*^Hr_nCjtBY6UC@m*
zA#CbHBapq^ZV=ujNLIh2)dl;a_Npctwl_2}_hZyBZE9@NpnK~IDG8V~f0_+K6wKBm
z``oxfDad=I!l9@kc?MsYcR*zHp06|V#V#}&`h@+!CojeQ0QuiPcJ=A4PiskpTWz3H
zG;CZ=g0V#)x94nm$mUhUOJARw#9M%)e`~X)@^+aE9@lIhFWvw@5`lBw2XNKJ4B*^P
z<Rar5QZ%{b@*|gF0-_qRHD`+@JuiLR;G5j~tXr9;yq$&Bj+<-8d@h;pP`$o;=X-G`
zg1tqLGF}U8D4BvFVL(!ushl_}QuzBPm)ADSUoZJ-@ZGlh9P%ytox(4-4^PbiRS!Zn
zawA%p^BzHY46=Fsi!ZqiL+c8lCc0H!Sw`0fx8Ywpw|~|06dbbO=klT?etci6^Pof6
z)hg~plPRkhz!Wy44WX;6+8I@67Y~aJV`*^uq<S!dXMtnXeX+Y}s@al!v0LAask7y%
zOF_@p+}w)J^ZOny<6wDiOD?|)e>sCItlp1fI&xm!A@uoFA?arbJujLp7$VUXDlaej
zI$ffdWZo{>?^Y%@Csli9aG#18<FwE7hYu8kEgH|VeMTf{0$>=N;$&hZr$}JNtHJj^
zfP|OoEG2ah&xYw+QS~-14C=~!?Az_QsSlU<?SVt-wYc(i*{}=T@vleVA&5;NaDIxH
zUTv=cIc5Y{wj7*F7(THGrw@Bj!Xqa;G9`df<w+vWallk#*37Ts^C!;_6-5I+`}@``
z9Cn}rZ~G-?34;)#FEp%<^C1;BJSd`B3e1W@xQiVN9OJVUMWqM>{8dj6C!Q948C>7m
zD8iB*^Yp4GFkNz*!N3`UAyW#mn5i8LSe44Y?i!lL@q!NGS02Ao=F;Wsaeh0F>(Wm9
zXkHaLQriu_V$}(f;}|C&>tL~s&D$Pi?{u!cxg~P%uvDaF!PQ$gsy@kR=sV~1ZZ-1g
zWaa|pi$kFNlFUgaIa}N(39;Q6<;<qSnD!Boy4X!-*-)tRXehR@-&Vah2lXIv&P>!~
z#4>K}$Nm%LrXS_e^Q^-Vf;j}v(9Wf7cDkKT9_DSWM}}bgCCifT7prZtEGQthql%?$
z9j*p=`hIn4N=Sadh<|+Tv_>)3AKYEgtPo*u2ixCcU*aSnoXs7WDTy1{XBoydE5*16
z6+8}Jo?4~2;rME2`4YDQL)lWD%_c;2)R_E*0|lX1NH@5^#<ju|6pfUjv-DW1eG=0%
z46QY6u43MitN(FqZf|aG+o3I=!_&0;Dx*Js&dlFIEc|ob01-u6?(b#;2b`qessr<-
zgk|8ZvX@kN^8cKy{%-}B-%AXCcwJ>`{So^8n;6m`CDxwt{H(EN^%rHOKf=g4M$gv%
zR~V|R4IJ#R##lddy8d5OvHxoq=^tR3e*e4pD%z_m9X@{(xdgiKGnU}q{#+V50td7d
zAVK$&ip(X%eFHgPWF->BoDV#dB548o%`HfS%eT5Shcwp={D&a{ptN*jtJ+C(F<4=2
z59<|J8ik)DbCL8@7R$!!l?2wN1rg4U2+~e0WrDnHjKCqL1KY6+xHE(<0<=qsot{Lo
z;)MD0apMe+z`efyWG7`cTs&Ug+Goae;}l``pjVTpK#O5`co{N!MzvT(2I4#0Wt95*
z`^u--joxC7g<**^hg&A}T}@%HE(l`2b&vBk0O^Xo_ZjLVoei|}bh8Go0%XeAayCEG
zyi*GyqE(T&l2HWP5HgzEajs6KcI_KP<FTMam6d#B_JmM?(TuhN#0a`d1HPzp=#fbH
zUVw-MQfS6^HeP@C_N(SQs_!#7be3$=mR8NY8%a%uA1@eIdw6~!K_Kj%9%m#`l4t@f
zGoY7-iRL6{015Y2X3IT9pZpWr-OH9_4fk_;#;r1r8-_Y3@de$}e3aPU2I}Q<2CGhP
z4^U=dn=-b&^!FYQuQ1m&yS43syR5Bk9lxPag-qq`uw=DQT1y!)j4igx8qC$mXoMU_
z1dU**PtU#(5rt}olWNsPpq5s1$$d7T?xeWK6x2Vu^hwO*ZWC$jR_bG^gJNZ#(^HIO
zkaFqZi=X!Gj;-9nh9d>?UU|qXvFup(dx@>zHVU$j3HYTUllt%a5<1?1MY0Ls-^$d7
zT1RFh<bX>r!Xet&qTOI0T03~MO~(GB9SebM^C)m^&r3B?K43G9iB#BpH+~ynWjqt9
zN7*rn;0_i+HD*bb2J1Nq4s=39p4BJmu2O1~zz6<X(%NBSi#{vl@+;*I1R*0ZgteCY
z(Tuf~%?qHBfjLuZR8R4#l~i&V`(kd{1KpU?tbGB=!9n|y`NKr?#I}6WVtx=?Gme+w
zN<iu(*lMthqvfDzXZ0fZmWd^46q_%Ye(AYU6;}c_YJEFrjcf$_8l(pD>$70VOEcI2
z=!7#|u}s=Vil?Aa;$<0zQDjcvgzgKMkJ?q90giV~ox-lJi!-P@qVeuq_be|UqIJ`s
zFatRRgd5O5tj3n`(VB**;5ZB%x>0IDX<gHYY<M#eZNv~f=PI4har~2$HRGGHsGbbp
z==O?MYYvDroMNL8A_z(bvgp^g`BqREa-hf7nxG|!awOJ?&4F(xbiJy4STEx;BAb2*
z;Y{wD$$saB%>3mHAB9k50qr8xV#Dxn$-rfK7v@WearGRqvWupo0u0}6sk&p(?4?#*
zpL+MiW|OtcbQR50=gi+6<u}plcZL_?*y1%+cz$_EDhtyxmCH8F&zHU~r;e-D=Be>H
zP)|HJc}}5VaK}OdE$W!jsL?<arVnu4aHL|9X&2Ttz~4K^N##mUl@+qjF=m6gO1>ay
zSL>3tbKA*MOCR{;t$OXaN3J+2CBHt5==S1%;Vt(-kVo;Jf_5?xOi(8c#<IbCy3;9c
zFVL5~^L^F3{Ch5YLV~KK@HurP9CJ}gm2ztei3LH)L(sKYn$Bj7kHDvqbkZ^C(95IQ
zz9YjvVZhM$b&*-*yWDdtDABu3C}!v`MMb@<pZez(7dhh4#*x?vvM6S&wQuPN^4>Sd
zo2nO@>~Tk`SRn8$ty9tQm<P%<gk8I)@_fSJ{f}DHcYdQ3|80W>S&v|E181%<KE1fW
z;NwQMXR{6xM&Mjw&<&28XZo-Bf~?-irDF}}>4h!*cJ|74kGqZ>S`&n5$s{C`T&A8p
zK?+PXqZEwHzpl$tfJ8E2f&1RPetzbPFifoY-ms+;otV;c+dN0{5tov?0;6N2NvkN?
zP;xK6=VpHsldOkL%jub8I>^{yE4-d||B90RTNL@fAXo;@@ZTiM`b@+G^hJ1<0j@F_
zOpsM;xx2v6qd#DtG&^Q^H`@CZWKpHlW$XRg<VxcF1qT<HF{gdQ^CO@4<&Nd^#D9qG
zAr%_`ijP>=!AZrmW=(RpJfX_v3ybvYU))y_>w~u4(co%zn5Xue@c2_MNUEy8d_fFf
z#a0*3c^Hs^;H@^{5jVSes@!LAWM+{))uzlNP;*(5-hE%w3@ZpBP8YY`={M}<&3L+d
zov8W?qo6&pS5)Q%{@s9S5(wcasoZ@G5gLjyPaUU?WRWlFgv@A3(v|K_pUP$4Y11?n
z>GNF6^Y#O+_lBU+qII>C_=*?f8tY=afrM|;xi5vxslYvRc7d6E%_f&#ZTRl91_{a<
zbi+lk<YKuSSoE@~s!h3dpZz7$y#%jZF}>UEbM62>=Vh?-8vXw|GT>StW(ZqiJe|)_
zs*wY!LU01aQ`6@Z!ghRpJiW(vq)M_>($+99<5rxYWXY0q>870A>d%-X{@*<IV5>-d
zmN+*MJ!gZFq_+RT(vbYSu41)w6Qr&IvO$KIY^;j6lYq4GySa<Jm{;s8bfu~vurMyH
zf=+4(R5{tDe}E=ds@>Od*4(LVxA=&Y&An4O_f9_g8q}b<W}?W7Dnh&Z8X9MUB13SL
zGm?I~S+7nS9|C$7K2>D;Q{N8@Dz6GYbX|6Pj&i%oe9TZh6SMPC)73GReFyhE@Z+PY
z(e+M(O^-u_;Z~XsYp0v;P$~s=zRuq>RNrM-$n0WSr)Gclwu>qI{Y3f|(@Z?BJQCzT
zDD?DZ`TZd5@gl4F=yag$s!jtj4{r=71E^dXF_Oa6h*HkB$Oj&t=))P4R?_~+OBR_*
z@zI*Xj|@E!=(z@ghOtj?-*3MeD9OAD`KeEff~~K|GW8(CJl7=zKXE(6kKJthT{m}O
zCBnrvH{?r5bWxJ<oa*gk!W8SoYX?j&R`Sheh_gvx9BG2-KTv}?4h1r-YJrqRM1>g@
zD>y;gtZ(+}J4Oy?`{8X-$=oZWfN<L`=ZutNb>|f0`jpQh;%?LIk<%=eIr=y!2(y*j
zi|1Q3_xJ&;?{k_SKb!y_D93IO>9JANV!v@pTZ_x50mkt?&!%rSN3C5Oggseg#Tci@
z)+6Yq7U9?pcSzyL;$N2|@hP~B_mmi^Q{T+(wOg0QgwB%5Hp<)3F0H~Cl^c4Z=%nL?
z2m3?hSkJIk76|9)0Pe=UT39|PM9U&V2fOLfuv`MQ7sbvfOBr+2UdenoQS;$ZFpv65
z>(k)dKt#y6`xChYPeTnOdeSNO4GrpBL6x|<$cL%xez(L>yf5&WWAK5`-*}HSC(7^V
zd8W18%K+hhHU+h1cxOvFO9z^&D?>Dx$vEOqGlnv#hfmt%6>lY8W%g9`%I`bXYa_1K
z(&-RHzQZmBx1^4f)DVHVh7iJhLCAS{$WT4fxME+tuco^uxxCPCyR7`)H`g>m`*Zw9
zhXm^8J+z6UD?Cel%m%2CbrdZQDcu^u_a+UGpe-1ud=lTj3M+NHZo3ibUa%Y`d{?;U
zm5<ySLZ-Xp`*#JQ0X>*jjTc369zywHqdvmIB2wGjmYLwee2o^Mlcx`Z@$-~H!Xcan
z9cm?ZjMt`YTP~~U+B@qhVLF>L>}?jF;d1Uk+`W8jb=6z*vMe9k1Qj2SEwZAK=uO;>
z*%Z>2NdrN8OZjuMZ&Q6rX!N0yj=Z9BQ~fa2XQ@WtEnPaolTEJSwyhCd!!k3(9wL_z
zrU$_dQZSGK4|Zwn^wk`<mA%QsLP+!2dIKq9m%5g@#-%nbf!DdO)V57OdOVY8Dw>{h
zKzsC^zU30lo`MZS08mH?(99Ca@Ex(Ex8B!+KL8QUVo7ws&X-9g;cre0p8bg1S5e@n
zqWG1HRMb`3I~^qQ{WNhs=PAi;Rt)XVDZ)C#d+%Gdsks-;-Y<Y$^<;YN``oJXY?{23
zQe;MvYU%vt{`Z?PDCiO8G+1rdwSwyv!(La&d0ZUrQBz5h%3F-)sU=EvXqkOD{V7k4
z_JG-aD=^RIy6J-`pL~b8D8cpa%T_fAF>Zevs9gk?VtVlOdhQlFDMFtWyABIxt!mTP
z&6&$GcitPcep}xEiG*<^KSlMuYcYpmX1P6NS*_UKOr|AtpLGPnG;TY|s_GLT%jM0j
zIZ&sWn4h#^6m#Wel&qJ%=ky3e?+nz-I_xVlvX_9`mOzfI(94)QZ&z&^vs;~(o*HL%
z`=Z&yjpIBiY(;P?A?VeDMwu((Ex9g0B$6zIk#k9td{QGF;hN-sx7_FOfcC3h^K!~V
zyjC~g?|B(y?(b7)F5GSlHoDAhxldK9e@)~^YvO7yOJgPN>-20Ubw8v`yglH;Oxn=M
zDC$8`wVb?V*FH}OLZH7BMzX2u^|3u7%(GA&{Rx2aZ4s%ztWwxD&Up1G9f~|zCb#{G
zNw+5I*m3bs$&1$9&o}s7qSNC}n_hVtWHk#9NAjalEOTs?2il3Qeu<Iy;l(Pp+%02L
zw>}|#a*K`jGs7<zg3Pw4K2#|5Or~6q>s;qpQhtVS!PF3IFvJHP2RY}uQE=`Awkjmb
zLb&OEMhY3|ILpaPVx&5XWl~RfHJ$tNT=LjhZ{ExJ6HccT9G@I=|0cdsDcC@wA6sRK
zaF31l!57^q%xR*RQ^v#if)_+Ky7(uwB)i<gy55^5sLOpFPINke5*4ECh(9!W#DEJr
z%r@+!bYr%dCoqW)%;=eD^Yv<wlkF;w?9V!PJV3V3nbTKWeRQi4SN?1M;jk>k6?|U<
zm5+AzH5ygKpvB;?k%TZxQ{0X1=D{YRZbB-Jb1(6q<IUT39{c>#gNsroG)3!Cv_G&8
zVXJOo_}K^B*+;Y7i2O)i-<a_l#+1$hB-y3f@aioWW>%!R=7z@DjR|QdHXrcV^P2B5
zdpGBe)+|8wt8qRcoM$&Q$d+~C7_D`0CxXvNNiewqDkh4K@}Z*o)yFbJ`HxN=fp^r2
zvmZcC=fG7w>`D?ufkaT98N&!{sBbDad{@r+ri%+xs3`4JlyfMOn2_#MtGNAC(cr9{
zwLm#S%M~5SDZsjT_TA@h)MDwOt>`5ceO7e>q{uS$&>5|*K1X>6IoX$M#M)}_@f^Qt
zDfKe!+3|PL?_g*67EOWw^-wg!XBZ!5AOVHiQ1TfPc&|)zwW847RI{)~$?$Go#Zxmz
ze0wTIk!t|9AEWC#MYWn<egme+ueUu7<k8~Y>iQe00<RRGbhmx93#c?zHLQCd9l5{h
zpx02jNUs2QV--l6jxs(h)inbvVr2$0YH?7%*Ui6#^v2AOxvUs}=(3jpe6Nl=yy-3a
z&B^&Lq6;T<zr*UP$|){FDR7Uz7^$>6l^z0se#xhLwr#w9pdrs#a}Db_2;2V!ER-Lq
zW;SGnuf`LsaaWsfsrRElfLq|uG#G`t$Yr#6U5>jfLN}v^k{C)X3)XEJUt-<2={fNv
zgB$E|FP$Z${SmOGRe2x8p9)exX%WOiYLe`9GpYp#L_rHvz`^(r!rjkAI$Zx5x9INx
zuDpK}1o)%z0HFHqm<7igF6GoC7N-3EA}{b~y`vz0=qFSUYwbUGMEEV}hph(wKUN(a
z8@bx9x}lHg4d**F-+wDfLnyh&?Ki&E7(|H@eRykuaDf1amVnpT6Hu@zfv+4=UOQfO
z*!WB*aqC1%XqJAG#;0+Qc+0)C@JoV^;%}}uNSIu;kza%O_Q(an1Tntx;Q-!W@zS6z
z_&0UQ)!Nm#CvqNu?Cn9@@?SO{|KBl7pC?sXgkh8!v&>SqV*E?e^*Q|yueZqEU@uH9
z83u~}14Z1`Q~7T#g#Asy?O*=dtJ_#HK(mVPDzLv^W*rXHKMIs@G$*+&D*uS<JomFQ
zqShj>pK%=lCyCg6C(>TKZvtgrG30XNT<@|;!#e*je4c-#I9uM0z1DX*&h1sXr#Ahi
zAx^62nbSh9Gz<Xl9s|G~0ecO5wP)b+GSY?o?L-@DaCAiPX#LGw_>(Iy@)tctoux&R
zIPU{J9mmF<@Ov7{Jv5?ge}yLkME>6<<$v!z5&-c3LzxIXPk({?-}z0*{Exy#|M6$Q
z27rmL_KE+9>=$Qg{fPo_gzxVG`!V3D{1XY_43GWh3;RFvs0eQITPMv1l5oN1{R5ch
zlq7&xg?5!jm`2PFUoJPu9sV$&Mh4ywDucFWa{iBBxx9EHwE>bEBRRUIfGE$8;R`*u
z^8`U-IC0Xn5ZeuU)C88(j8kJZ8p-q1gQY$Pn_-xpzGf63+9$B?HbD2Nxk^j}`p%?!
zWH3>!b8qn!Qt(xlaCo-wjk$^Y=Hf+3he894reu!`i!7bCJpo11YgTP@gVQJd;h<pF
zhZycauEX$6tVHK!6I{Aea*5e_zDd&_yMo&t-|n}w^Lz8^>h^izHJ7?)20<%jCkuoq
z$Rb=2)~!_lT!#|~2YZS3I<9>C!bbh=RQ!fP`&Vgw#EALGu#~p3OUK1OZ*e5~A1i}B
zV}vruaI_w$2vonwpv~ut9Z9N@G7v&<r|%-UP;*bKS)DHifTk&q-mQ}27!_^r(7{WO
zR7@)0$!G2$d3}E-0`6IF1M@D_Kv4(g6twNE<GzK)ET#MGz^lVsHMbq7Z8BxP*DT)^
z`pwT&!5p5ny+8RZkN2e*XD9?Liw@lgN*-JU>oTZrJdYN74)I+0s_v~`bcA@3)BGv^
zV8tW()KYc5!~^%sdFn9FK<#TaIX{W$?FU7uPCBw7Z8OxJ4k)IR(yg@!QMbfffiDE`
z+SS|(&N~O!#qXJgrRE$bFq8=*^ww#f5pp=bh>u2i$#!jro6->t0Z3u%@3t?`S7|;{
zOM9YKF|TT>U@Bwx`Qwq~Eq=0&x80c4pdqFOAsA1%{Fy8bwqzUj24WMp6-j@~HXF9v
zuwbuL=Z_3?S1U3<DR4scsMqaM;Uw*E@<=VgfTy7<QBilXVxUBU2Z%%^nh1C{zLi1>
zjB%=}bZdRn;nN}#)>C8qQoIvOU35}C*SW^+W@)-S)_L3{o2<QXl9L41w@noRtYg4B
zgLnYFvjXB71}$O>9Px0sYX7M+#?v8%g1{{&=Q|p9atOWO0y4d&e6I-*wf9(;w29;a
zcM{UI)+o3%f|8QO(q!-Jyut8^(LW>+;^pF(dx@50UGX(D)YO*hXHAQzD3sW|l?}4q
zYr?q-4l9cAjKyI~aI{%)(w`WTH4|J>Qwlk(v~TE_FVGEppVLHjlw$x&uSI>c2`xxD
z@0bSPvhMYJms?qPFrUdq>qu~}9A=1Az?+cvVWbsT(w$<IKAd}O)cr;Gf*$vJY0N0s
z#3_7U@zl3nBZ-R2mYfUVsOy2uyb==tyMkXHe}-uxixW4S(UHTdy2WYPR93T-Wg)4<
z+qr1M@?!h+aG{^JO5^hszYXh@RlcNi%yYRd<gK#^N`8tG?Yw9D3|&04I-ISwH;Wmz
ze(>y~(YsB4>n-%h6v};Ln`q_wR+FH1yo_bt0>|0P-G}MI7b?|~akii?ilZ;pt|X>Y
z1@J{jMS5s?YL*Ad*9#Ory|34<&8x|Rd0hlBQ)F-J2r%7*l#^)Z8Ql%KIz4C=#tu(D
z1Wuj!bsY&MeenU^9y57J+PdQXHmjxAPYM$T4!AAuh=4&XF8@Y)VFO+UJh<=((gp*`
z9;~ZxWNn&MhbBk2y*UQ1JLa2wR{vA7!lg%1<$GejS&bUklX{hy*>uZDmK^&Iy}PD|
zxU-cGui5>|7gtFLM6LT2Xz;`n#msiud7~uJ&gPmTy16kcYR(?}e6>>8#d&7{^p{Ps
zl;;=;I)bTGO@OS3;`G>P&BM3NWiE88I(02t6k3Gu!tT9_LV2RL=q=x{QA%#49g)PB
zq4`$F>Q^i!FHN75xu^zjqH7n^=gq%NFCvPL3^{T>e2F)yh})ieH&ZWVAMV*T(5K*6
z<^k&%^A}DkaX$!mxcorGnENG7^eeX;!0>QP%)Uq@D6Wfg;ug(#Lp%H|b~Gy`%lETh
z27a(}9;?{J8uq05uz0v#KVX}=n%ow=hzxbM1`%cT&@Ck`E^|`5OPUy-dm{MIXtYP)
z!5R7YEz~#tok6VUw?Vkm0V?yQK}23I8M_rr$s!A5JuG5~8%yZe2bv^dH`_hV`L1_M
zyQTF#aG%`XD?Ie;mW(&~7J1!wIC_&t;-JN<LhQOOD3W2!bl~Ixases!u5pbvpn7qY
zp`==jTsbK0OSg=fxhzaozx@atGVj^Ecyzt|La?NK_pBCZN+dnQw880CBJ0u0_bE3r
zSbBM-42k+$mxsPY_@*8ap@AmpWwR`kn5H|CZB`}wH_9Z)+}?kl`IHk)a<`DhG?EJm
z0L*HMjkv52un!`FP<mZojVbCn$+0M&YL?|-BUDyo$#rdz-m#n)A>3S-&%zqQyf6nC
z*ibGUGQP+dkIEZqUx?n^62O|uI=xxO?fL;z1-PN1B8#657&M?jCs`-mU1PD0+Xq@S
z?n5;;oM#mlx2XMYrnuSMJF0%R7dFd%vy0s)THk978zWhwjfV-sP{Yx3dTC@43uSeR
z6#l%dup-<k*!fAQsRD4xig^|+<ZNwiJ#ly6M9THuD3p7o*x3`$H)|dZxp+1R#sd?E
zJrlUF+PwXz5#>)J6y2*TEz_+)rR6BMpF5EMu3#S1T-X|(K3Mv>MQ6>^>rQe-YZeVb
z5B1;Y2lk)YgkS*q<R>)@juB|f{giBgSmh7d2CxbGHJRA^2Y(NsE_Q_XpQ%u&4E^LU
z^apXVRr{d-i>x4iCY${H`>&9}`$mW{3Tfs%P@&7k-bnbljlK#OT+Q5;@l0<z@_)5=
z<?&Fi?f<b9QKm#B3{jM#4n?+6vgIe7lv0*b*_)DNA5lc1IO?QhjdF4rWJ#8>M=E8B
zOxd%9W@H;?jQ1Mn^n0^(yvsSi_x-)EKk%8U=XtK@y081bzt?hquRvu{Mm7Di4R@P7
z@AcEo+PMazPP?tHU0?8Hig}5b9GP&9MxtnvxJms~j~6jPxkJG*7m8xIz?=GC-WAld
z5Xu&P227wxlKR8h3JHED^?v@zy-fot*$&b_cX1xk%abj(yci(vRPj@)MbNVj!A{`N
zx1_TNfMfibtmVH&S*W$T$+kheM((j#W_nusVD#1Gf#jHgJ@Mx>gnrz+*MRw<H^R?M
z$P|!dVc=bVSW}8h(8CvS;~o^iHa8{b`A&)|2b&|*6`se^1h<1{W;})5t`5MBbBE0R
z3d#!>Z~e8778NqfX#Ud_B2}HI3!NE1!Av?*phBrGX~1P-pX#kEi#Q#k`n{)?*_#VV
zcePKQl=X~Is?sp1PIFW)U2b%eEJeKl>&Fl_AbQn6!8)5;6X7qCOgRHQVjdQqE85kG
z-ZvaEjvGyYNolM%h2WvaEk*#D(9$h1J@7wSbvK<kuZ9{t_z8=2j3kXz&uomv!!!s!
zyy+CO4MlYWhwk7gqqfHw_nd{^Oc)LSTe?tLLahAvPRAQR15fCt9sH`rHKNZv2C`tP
zYjP)~jP8?iA_?wMk*+bQhm4i=DP*4h*<J_cMt}Ng`~~W$zSL9A{<|=i_+6Ip<Zqm?
zL(SRDXGIS0&F&uf8XzN#_*c~Ck}M+vU+ph5D(Sv_|HoI<6&O$6p(){eFhm^jmi!ts
z?At8YK{@xV@jK<M(<DQT=4%qACQI|XaK~GYHjf`}>D-s@@ct(&8-<r#vb}2SzNi>C
z-C}BXjU8C_pU0d2d$HKrRde4wP&u3T7NT#b(Btr%h^N=bpi*bUjX(0U6l7h#A|$l?
z$l>E|XP3ZvUZ8?aWE<P~tEKXnf!*+6EvByqJ&73a*8Wn4lEKskK-`P32hHtOIhnJg
z)cnNIPS@p0(XwaG=NzTp<1b@ym6f+JxXMbf{nh;n4j-u4NJ8}?;PBlZ^b3Q-*RJ`m
zMC|}=7{TH>KMc~^u6|rKZ5&WFxMJj_5r~F?<&x9$`f#bZYLyq=xTl2h+A}Tr)y=)*
z25fnZz$y$o?R^MTr$#G6v>Hw4^@3bECxO1kI1&rZQMz;TNR+Y9PaKG2In?)<&0|2t
z*M_HT!t_Vt>F;o9GQosX)f^wQCZK77i+xb?ho(nrVTYS{yTs{vry6f#-LQM}IuSvO
z$tv&;RzpOn^)i8MYJNFt<s*ta`N8P*+Pv*CHgv1EaQ+SgTj`H{UpR-;9v@HFuJs6h
zNi;h3V_4;mx1gB2I0jv~B7s)m0h>Za_!n~UUD>}<jwb=-csEdv2WZjed<6#e8#(x_
zyZnG#ye~tWi+cFgs{XC@a365cE?lcWAzQ0Zh9bHD3e}O`7`<8!%inCB+Pv1v-=J=X
z!+yHmwPj9}(%P1z#e2$ld~KvVS&a~`==$(4EvV4+XP6;~=4YEvCYf6p-=(Qi%ws%u
zQq4yN8@MO4t6I9#vy}52%j?Zag56L##Mm_Eaf@g7s{FSkiG;Q7>#nPr(`XGmvETZ6
zBGWBJ8MzNOMkkR)8t;Fc#`_Dj_@n;*>v@40+`!-d;e|b&oFRvz95yE>d)y7lhW=oB
zNr2KH4!M1TUSrgJoZ>J8g3fARdw1cIOGZ5Cx9l1tefE1&{G<QIfCsDvlHg=;<DfP=
zTQvJxzuEq3(Ie-(urDvl;+!n`@h&q-@PC6>^W@C`i7o=)0%(6cNy!U3+C%1*>N-z6
zmCG)`i}-;w^!BK*S-+(%ek}NW#Bkt3{JFoPrRh{OgYy4h!xmeFAGk?9Kw%q&_1pIj
zoborI9Z9Xj=V984tQ%I^7;0^O=QCEEb|g07^euiO_cPAZ8pVF)+C`J#bY2C71pP{f
zH`4aPM&b;HSfz;2@ATliEa~g<5IA;)<4Si2S3|_B2|I;s=~=wwKVM^gj9BH@0a;J5
zi&YSYEK-K<Sb7wQfBFo_Pa(H13}({=WO?FbnwFl37ejMM+Mm^?*Hu(!X?j7e>5tRZ
z5D<^}ieDO>kReQeUn_yfMV)F%=hl_aplZFP<(CQ(m7fnw+}A)nw}anv6=RKELctz=
z@(P=bHM7%Me#TP!S!ltX8-iZE;Lxm4Z$*s{)nQ2Qa5QIc)f;hnxWXw!fF{*3fTgl&
zW#<NBx5huOxODb$^?T=C-8H!=K^NjaGFQN4{x4cvQpc|eiy~P^6{uyJ3L`OG#ew4l
zx`2NndZ;@Q*8=756gWm&r;32{qoPiqgco>f&C<&ug)W(Rj}MU3HFYa970tb_?W4wm
zG(Q%%8r;!A7Xb!#zP9``eY*=X^Ien0x90?jZQeI=TJ0Q#u|}AKwn_{rEOd_%6qP|+
zD3nt2yApe=_yl&)&UH9Q6)H-Mj;0Bwmvn7$xy=05zJtWe-|;37H%nr~Q&hvFWtM94
zJH92d98=n&n!9Tj)x2oU|KOtWdj#TsaF!^R%tjmkh#vcdp(`2Tfg)*{rg!g?3!TYP
zdvnDQPjyw?W@JKEE6qVhJG0g_`>xCP>r1Zp8^}%^3Noyf(M-5c{3yB)g3fvm5}_|{
zTSWff%_aUV9QEb<nUHdU2sC0pCoJ?B!>8YdTGDjPV{g4&PiGYIbZ`5W6-CW^)t8@j
z6Z9nImbseKcA&g5-PHzD2;tlmGT4Mn?3ugTx?5fLFnmC%EqO!V0DazDb6PS_AqtIU
zTx#MMg!3g?;^Xr4%UXmzL|X|f-?`WsW#xssJKT*B-{bG*&%dFl$5XKZ*4Me4f_^au
zF6z)<Nu=26X5|IDM^a6U)O=6e-X&VuqoUXl?~+?4fb*fLoNG5V6c6QexO+>4GqQiB
z1vlG)z8Y`EeNuquDYj??R~;2Qg?Ir3@5sQ-T*qTj@scUnVpYjnnoV0Dj=R@J{OmDO
zQ@XdH{Rw{&Zp9F@@GiPEWe5~S@#`otNyzLBBig@vy`D#@PN7H|rQZ9-TP1z2PMo4v
zF)k8t@oOnDG0p5e|BlpD6UVxaC#RB2fA_B!b<s@QgD^#2!jA`~6GL^DWWA_bx#Z<2
z`?h5)Kacd9Nz9{@0swI{Ow;Ub8=A+4E=L|A1UO}cDo9@(IHJb2bG!PDWkOo`eMqk)
ze)ZtRr_t;#GNtmu0`*(*;xN!%0V`vhW6PJFbwlsZd@*}(W9S6GnjFHos<w0|U7%(F
zFBS#ezr$CGG$y>%c63AS&+HYJ9@LC(C7_PE+&0n?_aUDCaFw~+ot2;UQr*OG3|Ht}
zoy@x{-zA3x!WkX`7q^zuCnh?Ad`hFg#IUX7kF8)0zSof8O1M^_Oi?fL5`9d5^Rt7i
z_$X0cPWuYi2-h}U-&YeCVo>&RbChB#aoGzlDvuJ)CcnAu;3_z#G@6lkX=$0Xqk7mY
zx9N*=2z)O0^vUM_DayJJ#Y1;HJaQ~$I-l>eoLTLor<*Zgq`8KI2OQOw=)nYx$Zr0V
z3{sQehAbB?Fv1{Z6>PidR`FoYNa`U2mZ0kfoy=N>zZzjF&2+H4SeSEg#Z$jbUAsz&
zthYIFdnGR>p7S{->|dLF9ycFaDWyT_S+TI(;0l6YMy_2&H_WPpz3e+Toevd^@~usF
z)4G-ilTN0jL3l$ww~h$h^aPUAT(p!)<bvw-q?@A_AQGB8o4aUYV1(sS!r6n;w?eg+
zyqrvuWGXM0bYv1s1S7<@lR{KilFhH4QQq<JsF{vR){7V1qU!nT*STAVRU@rgh?4VZ
zMW+o7mkmC+>Ok9(Ks3`*c{!Q9S!8#b?oT&5hlQsvOTm^k!>r?L>kHxj7$AP*sQtS%
z<QU1q7rCJrZ5G}>pH`qIb|DhV#=m=lK+^4Rae#5OHD0?m0CcvY?K@nT#-gRbqP*h!
z=V25syU+6UWe}EM5;1ujk{77AsA3G_wcc8FQ~nz#RQ6<?gW{VS-P6>A{bQTb67m9G
zavxmr1A3c6MW;9JP=;}9Hf^sKl^6F4-+`quL$%L`E9k*h=zgeM+XLNx$Q&gA)p?kx
zwHjWWxYE72G~-DQI#ePQN}=e74FTD&qL-NuOHqhZ2=WVN{J0uAU+%yAraQ*Z!)U}!
zr}uP#W(Y%%wD0>+O}QE}x)}&N%*$ISOQ68Jii1*3=ivM@a6rWQ7FE`QcnS5WZc2Z1
z0eVt<MmcD{sZlyb-P+G5lOLBCUjF??&dZqXYYRIOuWWFrW>aL~tEwqttd1HGiK(U7
zrf>RQGxe;df?`4&+n`{>M<ImK%V>7+azUb5#1r=J>1uAa>7F+KSG=mxUYoosap~Dl
zx4L0?J?tn}ZTkGSH#J3dUtl#J)k&|}{+czcw4cX~C2&Zea*>a=x|)6!_&8}BhFj=b
z_(#Cpa-Goj&YY}|nGl&mxFEK6yB0St9J2U-|6l4MA2vVpA{k!{^RSMGELpc$QN}mp
zZRb!z#;bmj+E!Qg^3mY;t8^`M*5dd7l|5&dJAs8FP5(fW$+))Z{tve<hBog!Es-OB
zG6D|`l!pq@!z{I68EY`~jk!>T8eOZrq0Mwn_dtZ|9UGgS93(%Upj5Z(iEO;FKldsg
z%5)f2IngBb*m2#-3h`sX{>#~4SR1Md;%HLU2<{b1A6CV~fcYXYZDuYkbZ<8tof-W9
z(uU(2h;c?nW@?tM5`QTF2_{1^gNHHB$k`?5$Gq6crju38<~C~%=xy3U+K^}eT;EZ<
za!1{K_kHzE@m?9Kt(}MpORziCV)<rkT&}-p7PLpL=s8<>y#X`dn*w^c;@XOuVCn^d
zIU%O7+EgPUA^A%Bk;c*+B`Y}s1g;!pNoDcgT*kvx^`3$*x;Q4|>KT7TPcHsZ-mSq$
z+f^#X#OrYs<0y!9#0W=22Z=O*=sOxgZu*@z8IGQ8jQ#83DqWpaV~=g|4!(7#)D)6e
z=<C#ECSlY1*1R??xk22xdwr*qf`z8to<IcP@l36~o=0rv{P|>*iq0itd`O?nK2x>R
zBW!f6T(@?dKH(m!sgnY`>zo_E@%xs1DL#Qnb=`2Jlt~s<IL(3g-L4hsC%L7y)csgb
z=YXE(d)YaI|8eWqt@c|(UzUse@p~I-*KJM|@)l$|BpJhHMk=Ip5^~(D2G&2bN!SqC
znH_W|;FHeUjSv(p&Lgu;BEyh4UjjoDkWw6obPrcAb1~M)p`H%8Z(^e7liPMh%wG83
zW~MT0Tetn;$wxgy4rc{^67+lf-7-G0*b-)06UaKjP|mdLkom;s9hgtZW0NhHXnZ)w
zvD-}=Kh*BiRjS0UlU@BT^gF!^^W8Z^?pp#n@fa-idJx}hQlH&8a?LuWt->Kp<ffyd
z;5M-x)$_jWoKb2pw6U=}Zhy;pyZE+J<~YsRgKGUqD@U3J;`q%;V@~Jo_Qv$EJ%F(E
z7935_8KlPCchN0=vbCBh=lNYtjXiJ6@=fb3M%Ef|NvR*GaZ0u&_Pdp37@zIjS$RV{
zM~I7mRm7_}Z-u#oE!PQD@e1#Bgaa&oc_4Dlx`>TFp7JCRQA7BJmTZLw!A$>}<b#pT
zS)f8=!8{BUGSkH2STRkmWt5GWqFMydzuC?eGuWH^$qL)t{lLub<J^SM5~WEc{rY6I
ze!WO=*Rt(Tb{Q$|<kH+-p&*7a0ikBjGRE3;4pu<CGWZp0DzH{CSxzDCcJZmT8Iv1d
z%S}qN55$BhSqAJ`-`Ux^oGJADNYW1mZ1T9)7IxbPY@%(%!N}*IEuBIOg9k2M3f(P%
zSoRvt_mK0>!YjyrVa^eLw-b&K^@W`)dDw$<_!UH$zvEI3Ps2U1naI4?I}yL?UC~B)
zt<C<LMHLmh*jTOljA7<rW(_QQj=ZUH-kTb2n!LiSBfM_2I=|A2Oe>9D<>+{JDN?y>
z;*AP~q&-BFObcQk+8nwlTNzZN%dC{Obg2&OPfQ^RPVh!^=1t0B7x`iVy(U`$vv4a1
zWmlrO!Ft6`i&k&;3WW({9S!6F0aRr2dU*1C_D>dJ>+XfC-?QjEDd_7XJCcH(B{0Jh
z=RDzw?g}OS8i&>THLbx->_b@!KdhJDzaJ@FD}gb|feQVLbkJC`^Mv2e2}j;lZ<N>B
z!v3j|f2}w-;{>MuJWr564x?ftZ<A=_b}%wyu-pEo+SR_BzCMVUNJsBcz6s~(BoozW
z=xF?$+tSG~(aB!$y6=s%nqHZX^DL9|uD_9fkq>%z20Z9JtL4DzN)+6;icbPM#w-tu
zPPS~JfW9(`9|i7*Tb)<_@jWyj%C)dKc|)g=e_CJjn3?Sde;Ahd_xEEHdJj3*K8;M*
zU=~Z!<YGsz`%VwbqAmYt*fJxle6sHemw$VZaCb@b#&lo9T9VlIV@FLjAE|GaKj;KU
zLdIB66u^NTKcUG$LQe<<0#M7SD7vh<ArMMQ<4U*~ex?=;l8Kim{il$%_vri=84gt(
zrZt)-(T}0L@YK>kJYb(*t_1$<YcyG(zIqf*I~_tf-qM&vzY5MXjvNghZpV%hAs(jB
z-L!2ahMT(=SA?PHH{u2XxB25v;3vfB%V3Z4DuJF{4RuZiY*o?Z5(4<WtH7^<r40kl
zTe<arji4ucOt}2pJcWrR&1=(r_t*A!tU5|GDNilomeJU&#%tt^oXAWB#Qn6!LnFqn
z*=kg1B%c%>MBkgV@%`I!=dkIv$Z6j=hs`wIs$+K9=-)-nXw245;{3>`%Kn(#;N7gU
z(fMts+}^^Q?P>$Q{1p}NUpeZl*mV;qMi?}%2S%-u7)@XAty&mY0DIjP^}#W^UkEJ{
ztfpP67lrgp(0$vK^d!po%pC~Vo)4XFt~v9r-?-~6f19>oa2-=4B;zR5wx?wS?q#>#
zvagJg(hlo>7&n-FXgxZhvEp-F_*x5nwtU7?m*}Mm*>6}y!?H0n$V^^>3|lMOAI+D6
zUSne0EZI;%JkEEgt7P=&`1d*dGS5Epv|Uw>s_z$8eLXViUVPC_|H`L=GMvoq4|@6c
zh?#ZS&%INh`6vkWu%ynFU2@jDNV4>ENQIEOLhwDRt21gm3@?llDS6d99R@ZIye#vw
zVhZNDR54(N=^%kXnWQzQADj6a3d)Yd)6_?QhR5;9KMOQEbxB!xm}&URbPwds=n%rN
z9IkT!0Ng55e{U~A53^SuM{JT@?wL^?E}L21MK#?IbMCYtNF^Td6Z!0Jz*fU!jP4jf
zn>XZ1T#Tof_4ONn9``aLHmT&A>UvagE>9G@)Xazz&KQPi(E$$59I=8M3%!h*&=uYx
zTu1?k)sT1OVv>uw8I|{Pfq6KH6>_G|pk?zW!&|Im_Xfs3?B79}T!9`}f=ErN0dy@k
zenDrVoEvoCJ$UMVa(j^bK-MbPD0_@;gdXvx4=p8jKfiC~fLYN(FXOGm!N`lu6g_0-
zM~3Y^hG5z6n_7JbU6mn_+2E<><Tg+D{zKfLIuJ-D*HGOfF+ub2>LQXFTHBCuioQ6O
zLY+d?wdnibfe*&p=)%UZP`0vL&_81bDXUSV%QbcKp^f|*P0r6xt|**9Nn|oIzUSx*
zm|7nrgRwYq7AMZ)#95p;vzO`FpBHzW|ArlB9eSM?qsVgw;SnaaE&KLBfiqBi9!dMq
zU%oSa3UTS)1y!EcusADHV6#XRQ+tr(y2Ln%r8-@AZtRqI;QFz$@RMvHb>EDZ3mo&E
z<RRlI2PYu(0q377N6an|8Zq5bT|<P9mS?@$5c(iF(UO{_LIy`e@O{mzb89?gE{sZz
zdk{7|3<$qZNhmnE#Ls9|A&CJB2H`F<z>C(*k7{TO!(%vaCr{jNa^(H6_G|d8ma;C_
zM_AY}ou!5pmY<F1(z1oSpgj~Q`FNLf(jjs|{;1S4cp5rWPxyUeY=P1D_qHr+9h=Tw
zL;SAIfaVFQo_o-h<qVDz*ssh&?r0zNZLiWhS|%_?v|m4@+~`#=cQ;#X$++pBpSH7w
zH8Bd&02ZLFC+PWYO8FASW9BCax2rziZ+<<{^zmqy+Tl~X1-V9saC3#92LcTHFZ4c0
zKcr4+o(#G2+pF@A7Eg>d{<7gSEfM5$caHNLH{5qURl>I!WSR#8V9BVGkZVn-Yg>0<
zdF)yoQUNO;ry2oRzRvgI0>{}>VSU?C)B-Ov%z)E#;0q6KCY<2`Iw0Ps6gI7fVf3;l
z8&%0CR0kTM&7GrR&fO;nvffWQ)H<E<=)p0DL}S;aN3fiIEhkbzcd=9>P+s7=4;q`l
zD~v+9G3rMsP(RI!dfGA}fcfm)4F#!CONZf7m9bXcl2M;$i1*AYmXUqoKX5=N*KwP9
zc-^Lwm98p@j0(O5jg3*KH;?Rd?9W`=Wr4T(wXE=I3&>^Hyd}3jPX_N9SZpry4CK<v
zww1(&^CVU=yQuVmt<43`fZ7lmm}(4kay~SunLkQo2j~x`x^bYQ$jjK^!Sdamqj-zO
zxdRh_uKn>Y&Yi`%vp9Da_Z`@GW;WRnZ52YBzw(f<iKoQ%4P*~Ogn-zjM~n=ly<`#G
z#B#Igar9*ZrxnHFT+$usHP-l3<{~V&4#&x4yA}tP$}8|!w0o;W{C1cd#pp@$rIvE>
aZ{Tzbn?F+z3?9rs^ZtwXo;ik7Z~p=$KGDkn

literal 0
HcmV?d00001

diff --git a/apps/emqx_exproto/docs/sdk-specification.md b/apps/emqx_exproto/docs/sdk-specification.md
deleted file mode 100644
index 5925259a8..000000000
--- a/apps/emqx_exproto/docs/sdk-specification.md
+++ /dev/null
@@ -1,84 +0,0 @@
-## SDK 规范
-
-### 动机
-
-SDK 的目的在于方便用户使用 IDE 集成开发、和模拟调试。
-
-### 位置
-
-```
-    +------------------+
-    |   User's Codes   |
-    +------------------+
-    |       SDK        |    <====   The SDK Located
-    +------------------+
-    |     Raw APIs     |
-    +------------------+
-    |      Driver      |
-    +==================+
-             ||
-    +==================+
-    |   EMQ X Plugin   |
-    +------------------+
-```
-
-因此，SDK 的作用在于封装底层的比较晦涩的数据格式和方法，屏蔽驱动的细节。直接提供优化后的 API 供用户使用。
-
-
-### 实现要求
-
-**声明：** stdin, stdout 已用于和 EMQ X 通信，请不要使用。stderr 用于日志输出。
-
-#### 基础项
-
-1. 必须实现 `emqx-exproto` 要求的回调函数和 API 接口，并能够暴露给用户使用
-2. 可以将 `conn()` 类型，封装成为一个连接类。并：
-   - 将各层的回调函数写为不同的 `Interface`，连接类实现该 `Interface`，并强制子类实现其方法。
-   - 将各层的 API 接口写为连接类的方法
-   用户继承该连接类，并实现各个回调。
-
-3. 必须将各个专有的，晦涩的数据类型封装为清晰的类型结构，例如：
-   - 连接类型 `conn()`
-   - 连接层信息：conninfo()
-   - 客户端信息：clientinfo()
-   - 消息：message()
-3. 必须要有对应的开发、部署文档说明
-
-#### 高级项
-
-1. 应能方便用户能在 IDE 中进行编译，开发
-2. 应提供集成测试用的模拟代码。
-   - 例如，生成模拟的数据，发送至用户的程序，方便直接断点调试，而不需要先部署才能使用。
-3. 提供日志输出的方法
-
-### 部署结构
-
-#### 代码依赖结构
-
-从部署的角度看，代码的依赖关系为：
-
-1. 用户代码：
-    * 一定会依赖 SDK
-    * 允许依赖 某个位置的三方/系统库
-2. SDK 代码：
-    * 只能依赖 erlport
-
-#### 部署
-
-从文件存放的位置来看，一个标准的部署结构为：
-
-```
-emqx
-|
-|--- data
-|------- extension
-|---------- <some-sdk-package-name>
-|--------------- <some-classes/scripts-in-sdk>
-|---------- <user's classes/scripts>
-|
-|---------- <another-sdk-package-name>
-|--------------- <some-classes/scripts-in-sdk>
-|---------- <user's classes/scripts>
-```
-
-它表达了：在 `data/extension` 目录下安装了两个 SDK，并且用户都基于 SDK 编写了其回调的代码模块。
diff --git a/apps/emqx_exproto/etc/emqx_exproto.conf b/apps/emqx_exproto/etc/emqx_exproto.conf
index d3332d24f..a64153791 100644
--- a/apps/emqx_exproto/etc/emqx_exproto.conf
+++ b/apps/emqx_exproto/etc/emqx_exproto.conf
@@ -2,6 +2,13 @@
 ## EMQ X ExProto
 ##====================================================================
 
+exproto.server.http.port = 9100
+
+exproto.server.https.port = 9101
+exproto.server.https.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
+exproto.server.https.certfile = {{ platform_etc_dir }}/certs/cert.pem
+exproto.server.https.keyfile = {{ platform_etc_dir }}/certs/key.pem
+
 ##--------------------------------------------------------------------
 ## Listeners
 ##--------------------------------------------------------------------
@@ -16,18 +23,13 @@
 ## Examples: tcp://0.0.0.0:7993 | ssl://127.0.0.1:7994
 exproto.listener.protoname = tcp://0.0.0.0:7993
 
-## Driver type
+## The ConnectionHandler server address
 ##
-## Value: python3 | java
-exproto.listener.protoname.driver = python3
+exproto.listener.protoname.connection_handler_url = http://127.0.0.1:9001
 
-## The Search path for driver codes
-##
-exproto.listener.protoname.driver_search_path = {{ platform_data_dir }}/extension
-
-## The driver callback module/class name
-##
-#exproto.listener.protoname.driver_callback_module = main
+#exproto.listener.protoname.connection_handler_certfile =
+#exproto.listener.protoname.connection_handler_cacertfile =
+#exproto.listener.protoname.connection_handler_keyfile =
 
 ## The acceptor pool for external MQTT/TCP listener.
 ##
diff --git a/apps/emqx_exproto/example/Main.java b/apps/emqx_exproto/example/Main.java
deleted file mode 100644
index 811bab135..000000000
--- a/apps/emqx_exproto/example/Main.java
+++ /dev/null
@@ -1,136 +0,0 @@
-import java.io.*;
-import java.util.*;
-import com.erlport.erlang.term.*;
-import com.erlport.*;
-
-class State implements Serializable {
-
-    Integer times;
-
-    public State() {
-        times = 0;
-    }
-
-    public Integer incr() {
-        times += 1;
-        return times;
-    }
-
-    @Override
-    public String toString() {
-        return String.format("State(times: %d)", times);
-    }
-}
-
-public class Main {
-
-    static Integer OK = 0;
-    static Integer ERROR = 0;
-
-    //-------------------
-    // Connection level
-
-    public static Object init(Object conn, Object connInfo) {
-        System.err.printf("[java] established a conn=%s, connInfo=%s\n", conn, connInfo);
-
-        // set an instance to be the connection state
-        // it just a example structure to record the callback total times
-         Object state = new State();
-
-        // subscribe the topic `t/dn` with qos0
-        subscribe(conn, new Binary("t/dn"), 0);
-
-        // return the initial conn's state
-        return Tuple.two(OK, state);
-    }
-
-    public static Object received(Object conn, Object data, Object state) {
-        System.err.printf("[java] received data conn=%s, data=%s, state=%s\n", conn, data, state);
-
-        // echo the conn's data
-        send(conn, data);
-
-        // return the new conn's state
-        State nstate = (State) state;
-        nstate.incr();
-        return Tuple.two(OK, nstate);
-    }
-
-    public static void terminated(Object conn, Object reason,  Object state) {
-        System.err.printf("[java] terminated conn=%s, reason=%s, state=%s\n", conn, reason, state);
-        return;
-    }
-
-    //-----------------------
-    // Protocol/Session level
-    
-    public static Object deliver(Object conn, Object msgs0,  Object state) {
-        System.err.printf("[java] received messages conn=%s, msgs=%s, state=%s\n", conn, msgs0, state);
-
-        List<Object> msgs = (List<Object>) msgs0;
-        for(Object msg: msgs) {
-            publish(conn, msg);
-        }
-
-        // return the new conn's state
-        State nstate = (State) state;
-        nstate.incr();
-        return Tuple.two(OK, nstate);
-    }
-
-    //-----------------------
-    // APIs
-    public static void send(Object conn, Object data) {
-        try {
-            Erlang.call("emqx_exproto", "send", new Object[]{conn, data}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-
-    public static void close(Object conn) {
-        try {
-            Erlang.call("emqx_exproto", "close", new Object[]{conn}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-
-    public static void register(Object conn, Object clientInfo) {
-        try {
-            Erlang.call("emqx_exproto", "register", new Object[]{conn, clientInfo}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-
-    public static void publish(Object conn, Object message) {
-        try {
-            Erlang.call("emqx_exproto", "publish", new Object[]{conn, message}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-
-    public static void subscribe(Object conn, Object topic, Object qos) {
-        try {
-            Erlang.call("emqx_exproto", "subscribe", new Object[]{conn, topic, qos}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-
-    public static void unsubscribe(Object conn, Object topic) {
-        try {
-            Erlang.call("emqx_exproto", "unsubscribe", new Object[]{conn, topic}, 5000);
-        } catch (Exception e) {
-            System.err.printf("[java] send data error: %s\n", e);
-        }
-        return;
-    }
-}
diff --git a/apps/emqx_exproto/example/main.py b/apps/emqx_exproto/example/main.py
deleted file mode 100644
index 1e630329e..000000000
--- a/apps/emqx_exproto/example/main.py
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/bin/python
-# -*- coding: UTF-8 -*-
-
-from erlport import Atom
-from erlport import erlang
-
-OK = 0
-ERROR = 1
-
-##--------------------------------------------------------------------
-## Connection level
-
-def init(conn, conninfo):
-    print(f'[python] established a conn={conn}, conninfo={conninfo}')
-
-    ## set an integer num to the connection state
-    ## it just a example structure to record the callback total times
-    state = 0
-
-    ## subscribe the topic `t/dn` with qos0
-    subscribe(conn, b"t/dn", 0)
-
-    ## return the initial conn's state
-    return (OK, state)
-
-def received(conn, data, state):
-    print(f'[python] received data conn={conn}, data={data}, state={state}')
-
-    ## echo the conn's data
-    send(conn, data)
-
-    ## return the new conn's state
-    return (OK, state+1)
-
-def terminated(conn, reason, state):
-    print(f'[python] terminated conn={conn}, reason={reason}, state={state}')
-    return
-
-##--------------------------------------------------------------------
-## Protocol/Session level
-
-def deliver(conn, msgs, state):
-    print(f'[python] received messages: conn={conn}, msgs={msgs}, state={state}')
-
-    ## echo the protocol/session messages
-    for msg in msgs:
-        msg[3] = (Atom(b'topic'), b't/up')
-        publish(conn, msg)
-
-    ## return the new conn's state
-    return (OK, state+1)
-
-##--------------------------------------------------------------------
-## APIs
-##--------------------------------------------------------------------
-
-def send(conn, data):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'send'), [conn, data])
-    return
-
-def close(conn):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'close'), [conn])
-    return
-
-def register(conn, clientinfo):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'register'), [conn, clientinfo])
-    return
-
-def publish(conn, message):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'publish'), [conn, message])
-    return
-
-def subscribe(conn, topic, qos):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'subscribe'), [conn, topic, qos])
-    return
-
-def unsubscribe(conn, topic):
-    erlang.call(Atom(b'emqx_exproto'), Atom(b'subscribe'), [conn, topic])
-    return
-
diff --git a/apps/emqx_exproto/include/emqx_exproto.hrl b/apps/emqx_exproto/include/emqx_exproto.hrl
index 7dcb377f8..079a1e60f 100644
--- a/apps/emqx_exproto/include/emqx_exproto.hrl
+++ b/apps/emqx_exproto/include/emqx_exproto.hrl
@@ -22,3 +22,16 @@
 %% TODO:
 -define(UDP_SOCKOPTS, []).
 
+%%--------------------------------------------------------------------
+%% gRPC result code
+
+-define(RESP_UNKNOWN, 'UNKNOWN').
+-define(RESP_SUCCESS, 'SUCCESS').
+-define(RESP_CONN_PROCESS_NOT_ALIVE, 'CONN_PROCESS_NOT_ALIVE').
+-define(RESP_PARAMS_TYPE_ERROR, 'PARAMS_TYPE_ERROR').
+-define(RESP_REQUIRED_PARAMS_MISSED, 'REQUIRED_PARAMS_MISSED').
+-define(RESP_PERMISSION_DENY, 'PERMISSION_DENY').
+-define(IS_GRPC_RESULT_CODE(C), ( C =:= ?RESP_SUCCESS
+                            orelse C =:= ?RESP_CONN_PROCESS_NOT_ALIVE
+                            orelse C =:= ?RESP_REQUIRED_PARAMS_MISSED
+                            orelse C =:= ?RESP_PERMISSION_DENY)).
diff --git a/apps/emqx_exproto/priv/emqx_exproto.schema b/apps/emqx_exproto/priv/emqx_exproto.schema
index af63f56f9..fb114dc77 100644
--- a/apps/emqx_exproto/priv/emqx_exproto.schema
+++ b/apps/emqx_exproto/priv/emqx_exproto.schema
@@ -1,25 +1,66 @@
 %% -*-: erlang -*-
-%%--------------------------------------------------------------------
-%% Listeners
-%%--------------------------------------------------------------------
 
 %%--------------------------------------------------------------------
-%% TCP Listeners
+%% Services
+
+{mapping, "exproto.server.http.port", "emqx_exproto.servers", [
+  {datatype, integer}
+]}.
+
+{mapping, "exproto.server.https.port", "emqx_exproto.servers", [
+  {datatype, integer}
+]}.
+
+{mapping, "exproto.server.https.cacertfile", "emqx_exproto.servers", [
+  {datatype, string}
+]}.
+
+{mapping, "exproto.server.https.certfile", "emqx_exproto.servers", [
+  {datatype, string}
+]}.
+
+{mapping, "exproto.server.https.keyfile", "emqx_exproto.servers", [
+  {datatype, string}
+]}.
+
+{translation, "emqx_exproto.servers", fun(Conf) ->
+    Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end,
+    Http = case cuttlefish:conf_get("exproto.server.http.port", Conf, undefined) of
+               undefined -> [];
+               P1 -> [{http, P1, []}]
+           end,
+    Https = case cuttlefish:conf_get("exproto.server.https.port", Conf, undefined) of
+                undefined -> [];
+                P2 ->
+                    [{https, P2,
+                        Filter([{ssl, true},
+                                {certfile, cuttlefish:conf_get("exproto.server.https.certfile", Conf)},
+                                {keyfile, cuttlefish:conf_get("exproto.server.https.keyfile", Conf)},
+                                {cacertfile, cuttlefish:conf_get("exproto.server.https.cacertfile", Conf)}])}]
+            end,
+    Http ++ Https
+end}.
+
+%%--------------------------------------------------------------------
+%% Listeners
 
 {mapping, "exproto.listener.$proto", "emqx_exproto.listeners", [
   {datatype, string}
 ]}.
 
-{mapping, "exproto.listener.$proto.driver", "emqx_exproto.listeners", [
-  {datatype, {enum, [python3, java]}}
-]}.
-
-{mapping, "exproto.listener.$proto.driver_search_path", "emqx_exproto.listeners", [
+{mapping, "exproto.listener.$proto.connection_handler_url", "emqx_exproto.listeners", [
   {datatype, string}
 ]}.
 
-{mapping, "exproto.listener.$proto.driver_callback_module", "emqx_exproto.listeners", [
-  {default, "main"},
+{mapping, "exproto.listener.$proto.connection_handler_certfile", "emqx_exproto.listeners", [
+  {datatype, string}
+]}.
+
+{mapping, "exproto.listener.$proto.connection_handler_cacertfile", "emqx_exproto.listeners", [
+  {datatype, string}
+]}.
+
+{mapping, "exproto.listener.$proto.connection_handler_keyfile", "emqx_exproto.listeners", [
   {datatype, string}
 ]}.
 
@@ -190,14 +231,23 @@
                         {Rate, Limit}
                 end,
 
-    DriverOpts = fun(Prefix) ->
-                     [{driver,
-                       Filter([{type, cuttlefish:conf_get(Prefix ++ ".driver", Conf)},
-                               {path, cuttlefish:conf_get(Prefix ++ ".driver_search_path", Conf)},
-                               {cbm, Atom(cuttlefish:conf_get(Prefix ++ ".driver_callback_module", Conf))}
-                              ])
-                      }]
-                 end,
+    HandlerOpts = fun(Prefix) ->
+                      Opts =
+                      case http_uri:parse(cuttlefish:conf_get(Prefix ++ ".connection_handler_url", Conf)) of
+                          {ok, {http, _, Host, Port, _, _}} ->
+                              [{scheme, http}, {host, Host}, {port, Port}];
+                          {ok, {https, _, Host, Port, _, _}} ->
+                              [{scheme, https}, {host, Host}, {port, Port},
+                               {ssl_options,
+                                 Filter([{certfile, cuttlefish:conf_get(Prefix ++ ".connection_handler_certfile", Conf)},
+                                         {keyfile, cuttlefish:conf_get(Prefix ++ ".connection_handler_keyfile", Conf)},
+                                         {cacertfile, cuttlefish:conf_get(Prefix ++ ".connection_handler_cacertfile", Conf)}
+                                        ])}];
+                          _ ->
+                              error(invaild_connection_handler_url)
+                      end,
+                      [{handler, Opts}]
+                  end,
 
     ConnOpts = fun(Prefix) ->
                    Filter([{active_n, cuttlefish:conf_get(Prefix ++ ".active_n", Conf, undefined)},
@@ -289,7 +339,7 @@
 
     Listeners = fun(Proto) ->
                     Prefix = string:join(["exproto","listener", Proto], "."),
-                    Opts = DriverOpts(Prefix) ++ ConnOpts(Prefix) ++ LisOpts(Prefix),
+                    Opts = HandlerOpts(Prefix) ++ ConnOpts(Prefix) ++ LisOpts(Prefix),
                     case cuttlefish:conf_get(Prefix, Conf, undefined) of
                         undefined -> [];
                         ListenOn0 ->
diff --git a/apps/emqx_exproto/priv/protos/exproto.proto b/apps/emqx_exproto/priv/protos/exproto.proto
new file mode 100644
index 000000000..633cc1758
--- /dev/null
+++ b/apps/emqx_exproto/priv/protos/exproto.proto
@@ -0,0 +1,259 @@
+//------------------------------------------------------------------------------
+// Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//------------------------------------------------------------------------------
+
+syntax = "proto3";
+
+package emqx.exproto.v1;
+
+// The Broker side serivce. It provides a set of APIs to
+// handle a protcol access
+service ConnectionAdapter {
+
+  // -- socket layer
+
+  rpc Send(SendBytesRequest) returns (CodeResponse) {};
+
+  rpc Close(CloseSocketRequest) returns (CodeResponse) {};
+
+  // -- protocol layer
+
+  rpc Authenticate(AuthenticateRequest) returns (CodeResponse) {};
+
+  rpc StartTimer(TimerRequest) returns (CodeResponse) {};
+
+  // -- pub/sub layer
+
+  rpc Publish(PublishRequest) returns (CodeResponse) {};
+
+  rpc Subscribe(SubscribeRequest) returns (CodeResponse) {};
+
+  rpc Unsubscribe(UnsubscribeRequest) returns (CodeResponse) {};
+}
+
+service ConnectionHandler {
+
+  // -- socket layer
+
+  rpc OnSocketCreated(SocketCreatedRequest) returns (EmptySuccess) {};
+
+  rpc OnSocketClosed(SocketClosedRequest) returns (EmptySuccess) {};
+
+  rpc OnReceivedBytes(ReceivedBytesRequest) returns (EmptySuccess) {};
+
+  // -- pub/sub layer
+
+  rpc OnTimerTimeout(TimerTimeoutRequest) returns (EmptySuccess) {};
+
+  rpc OnReceivedMessages(ReceivedMessagesRequest) returns (EmptySuccess) {};
+}
+
+message EmptySuccess { }
+
+enum ResultCode {
+
+  // Operation successfully
+  SUCCESS = 0;
+
+  // Unknown Error
+  UNKNOWN = 1;
+
+  // Connection process is not alive
+  CONN_PROCESS_NOT_ALIVE = 2;
+
+  // Miss the required parameter
+  REQUIRED_PARAMS_MISSED = 3;
+
+  // Params type or values incorrect
+  PARAMS_TYPE_ERROR = 4;
+
+  // No permission or Pre-conditions not fulfilled
+  PERMISSION_DENY = 5;
+}
+
+message CodeResponse {
+
+  ResultCode code = 1;
+
+  // The reason message if result is false
+  string message = 2;
+}
+
+message SendBytesRequest {
+
+  string conn = 1;
+
+  bytes bytes = 2;
+}
+
+message CloseSocketRequest {
+
+  string conn = 1;
+}
+
+message AuthenticateRequest {
+
+  string conn = 1;
+
+  ClientInfo clientinfo = 2;
+
+  string password = 3;
+}
+
+message TimerRequest {
+
+  string conn = 1;
+
+  TimerType type = 2;
+
+  uint32 interval = 3;
+}
+
+enum TimerType {
+
+  KEEPALIVE = 0;
+}
+
+message PublishRequest {
+
+  string conn = 1;
+
+  string topic = 2;
+
+  uint32 qos = 3;
+
+  bytes payload = 4;
+}
+
+message SubscribeRequest {
+
+  string conn = 1;
+
+  string topic = 2;
+
+  uint32 qos = 3;
+}
+
+message UnsubscribeRequest {
+
+  string conn = 1;
+
+  string topic = 2;
+}
+
+message SocketCreatedRequest {
+
+  string conn = 1;
+
+  ConnInfo conninfo = 2;
+}
+
+message ReceivedBytesRequest {
+
+  string conn = 1;
+
+  bytes bytes = 2;
+}
+
+message TimerTimeoutRequest {
+
+  string conn = 1;
+
+  TimerType type = 2;
+}
+
+message SocketClosedRequest {
+
+  string conn = 1;
+
+  string reason = 2;
+}
+
+message ReceivedMessagesRequest {
+
+  string conn = 1;
+
+  repeated Message messages = 2;
+}
+
+//--------------------------------------------------------------------
+// Basic data types
+//--------------------------------------------------------------------
+
+message ConnInfo {
+
+  SocketType socktype = 1;
+
+  Address peername = 2;
+
+  Address sockname = 3;
+
+  CertificateInfo peercert = 4;
+}
+
+enum SocketType {
+
+  TCP = 0;
+
+  SSL = 1;
+
+  UDP = 2;
+
+  DTLS = 3;
+}
+
+message Address {
+
+  string host = 1;
+
+  uint32 port = 2;
+}
+
+message CertificateInfo {
+
+  string cn = 1;
+
+  string dn = 2;
+}
+
+message ClientInfo {
+
+  string proto_name = 1;
+
+  string proto_ver = 2;
+
+  string clientid = 3;
+
+  string username = 4;
+
+  string mountpoint = 5;
+}
+
+message Message {
+
+  string node = 1;
+
+  string id = 2;
+
+  uint32 qos = 3;
+
+  string from = 4;
+
+  string topic = 5;
+
+  bytes  payload = 6;
+
+  uint64 timestamp = 7;
+}
diff --git a/apps/emqx_exproto/rebar.config b/apps/emqx_exproto/rebar.config
index 52225fea3..9dd5a2090 100644
--- a/apps/emqx_exproto/rebar.config
+++ b/apps/emqx_exproto/rebar.config
@@ -1,7 +1,4 @@
 %%-*- mode: erlang -*-
-
-{deps, [{erlport, {git, "https://github.com/emqx/erlport", {tag, "v1.2.2"}}}]}.
-
 {edoc_opts, [{preprocess, true}]}.
 
 {erl_opts, [warn_unused_vars,
@@ -10,18 +7,44 @@
             warn_obsolete_guard,
             debug_info,
             {parse_transform}]}.
+{plugins,
+ [rebar3_proper,
+  {grpc_plugin, {git, "https://github.com/HJianBo/grpcbox_plugin", {tag, "v0.9.1"}}}
+]}.
+
+{deps,
+ [{grpc, {git, "https://github.com/emqx/grpc", {tag, "0.5.0"}}}
+ ]}.
+
+{grpc,
+ [{type, all},
+  {protos, ["priv/protos"]},
+  {gpb_opts, [{module_name_prefix, "emqx_"},
+              {module_name_suffix, "_pb"}]}
+ ]}.
+
+{provider_hooks,
+ [{pre, [{compile, {grpc, gen}}]}]}.
 
 {xref_checks, [undefined_function_calls, undefined_functions,
                locals_not_used, deprecated_function_calls,
                warnings_as_errors, deprecated_functions]}.
+
+{xref_ignores, [emqx_exproto_pb]}.
+
 {cover_enabled, true}.
 {cover_opts, [verbose]}.
 {cover_export_enabled, true}.
+{cover_excl_mods, [emqx_exproto_pb,
+                   emqx_exproto_v_1_connection_adapter_client,
+                   emqx_exproto_v_1_connection_adapter_bhvr,
+                   emqx_exproto_v_1_connection_handler_client,
+                   emqx_exproto_v_1_connection_handler_bhvr]}.
 
 {profiles,
-    [{test, [
-        {deps, [ {emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "v1.3.0"}}}
-               , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}}
-               ]}
-    ]}
+ [{test,
+   [{deps,
+     [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "v1.3.0"}}}
+     ]}
+   ]}
 ]}.
diff --git a/apps/emqx_exproto/sdk/README.md b/apps/emqx_exproto/sdk/README.md
deleted file mode 100644
index 444601a76..000000000
--- a/apps/emqx_exproto/sdk/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-# SDKs
-
-A specific language SDK is a suite of codes for user-oriented friendly.
-
-Even it does not need it for you to develop the Multiple language support plugins, but it provides more friendly APIs and Abstract for you
-
-
-Now, we provide the following SDKs:
-
-- Java: https://github.com/emqx/emqx-exproto-java-sdk
-- Python: https://github.com/emqx/emqx-exproto-python-sdk
diff --git a/apps/emqx_exproto/src/emqx_exproto.app.src b/apps/emqx_exproto/src/emqx_exproto.app.src
index 37869ecc1..282397dc4 100644
--- a/apps/emqx_exproto/src/emqx_exproto.app.src
+++ b/apps/emqx_exproto/src/emqx_exproto.app.src
@@ -4,11 +4,9 @@
   {modules, []},
   {registered, []},
   {mod, {emqx_exproto_app, []}},
-  {applications, [kernel, stdlib, erlport]},
+  {applications, [kernel,stdlib,grpc]},
   {env,[]},
   {licenses, ["Apache-2.0"]},
   {maintainers, ["EMQ X Team <contact@emqx.io>"]},
-  {links, [{"Homepage", "https://emqx.io/"},
-           {"Github", "https://github.com/emqx/emqx-extension-proto"}
-          ]}
+  {links, [{"Homepage", "https://emqx.io/"}]}
  ]}.
diff --git a/apps/emqx_exproto/src/emqx_exproto.app.src.script b/apps/emqx_exproto/src/emqx_exproto.app.src.script
new file mode 100644
index 000000000..b549f9e39
--- /dev/null
+++ b/apps/emqx_exproto/src/emqx_exproto.app.src.script
@@ -0,0 +1,24 @@
+%%-*- mode: erlang -*-
+%% .app.src.script
+
+RemoveLeadingV =
+    fun(Tag) ->
+        case re:run(Tag, "^[v]?[0-9]\.[0-9]\.([0-9]|(rc|beta|alpha)\.[0-9])", [{capture, none}]) of
+            nomatch ->
+                re:replace(Tag, "/", "-", [{return ,list}]);
+            _ ->
+                %% if it is a version number prefixed by 'v' or 'e', then remove it
+                re:replace(Tag, "[v]", "", [{return ,list}])
+        end
+    end,
+
+case os:getenv("EMQX_DEPS_DEFAULT_VSN") of
+    false -> CONFIG; % env var not defined
+    []    -> CONFIG; % env var set to empty string
+    Tag ->
+       [begin
+           AppConf0 = lists:keystore(vsn, 1, AppConf, {vsn, RemoveLeadingV(Tag)}),
+           {application, App, AppConf0}
+        end || Conf = {application, App, AppConf} <- CONFIG]
+end.
+
diff --git a/apps/emqx_exproto/src/emqx_exproto.appup.src b/apps/emqx_exproto/src/emqx_exproto.appup.src
new file mode 100644
index 000000000..dcf0d8cdd
--- /dev/null
+++ b/apps/emqx_exproto/src/emqx_exproto.appup.src
@@ -0,0 +1,9 @@
+%% -*-: erlang -*-
+{VSN,
+  [
+    {<<".*">>, []}
+  ],
+  [
+    {<<".*">>, []}
+  ]
+}.
diff --git a/apps/emqx_exproto/src/emqx_exproto.erl b/apps/emqx_exproto/src/emqx_exproto.erl
index c8c36b19e..7d986ecdd 100644
--- a/apps/emqx_exproto/src/emqx_exproto.erl
+++ b/apps/emqx_exproto/src/emqx_exproto.erl
@@ -16,24 +16,20 @@
 
 -module(emqx_exproto).
 
--compile({no_auto_import, [register/1]}).
-
 -include("emqx_exproto.hrl").
 
 -export([ start_listeners/0
         , stop_listeners/0
+        , start_listener/1
+        , start_listener/4
+        , stop_listener/4
+        , stop_listener/1
         ]).
 
-%% APIs: Connection level
--export([ send/2
-        , close/1
-        ]).
-
-%% APIs: Protocol/Session level
--export([ register/2
-        , publish/2
-        , subscribe/3
-        , unsubscribe/2
+-export([ start_servers/0
+        , stop_servers/0
+        , start_server/1
+        , stop_server/1
         ]).
 
 %%--------------------------------------------------------------------
@@ -42,78 +38,71 @@
 
 -spec(start_listeners() -> ok).
 start_listeners() ->
-    lists:foreach(fun start_listener/1, application:get_env(?APP, listeners, [])).
+    Listeners = application:get_env(?APP, listeners, []),
+    NListeners = [start_connection_handler_instance(Listener)
+                  || Listener <- Listeners],
+    lists:foreach(fun start_listener/1, NListeners).
 
 -spec(stop_listeners() -> ok).
 stop_listeners() ->
-    lists:foreach(fun stop_listener/1, application:get_env(?APP, listeners, [])).
+    Listeners = application:get_env(?APP, listeners, []),
+    lists:foreach(fun stop_connection_handler_instance/1, Listeners),
+    lists:foreach(fun stop_listener/1, Listeners).
 
-%%--------------------------------------------------------------------
-%% APIs - Connection level
-%%--------------------------------------------------------------------
+-spec(start_servers() -> ok).
+start_servers() ->
+    lists:foreach(fun start_server/1, application:get_env(?APP, servers, [])).
 
--spec(send(pid(), binary()) -> ok).
-send(Conn, Data) when is_pid(Conn), is_binary(Data) ->
-    emqx_exproto_conn:cast(Conn, {send, Data}).
-
--spec(close(pid()) -> ok).
-close(Conn) when is_pid(Conn) ->
-    emqx_exproto_conn:cast(Conn, close).
-
-%%--------------------------------------------------------------------
-%% APIs - Protocol/Session level
-%%--------------------------------------------------------------------
-
--spec(register(pid(), list()) -> ok | {error, any()}).
-register(Conn, ClientInfo0) ->
-    case emqx_exproto_types:parse(clientinfo, ClientInfo0) of
-        {error, Reason} ->
-            {error, Reason};
-        ClientInfo ->
-            emqx_exproto_conn:cast(Conn, {register, ClientInfo})
-    end.
-
--spec(publish(pid(), list()) -> ok | {error, any()}).
-publish(Conn, Msg0) when is_pid(Conn), is_list(Msg0) ->
-    case emqx_exproto_types:parse(message, Msg0) of
-        {error, Reason} ->
-            {error, Reason};
-        Msg ->
-            emqx_exproto_conn:cast(Conn, {publish, Msg})
-    end.
-
--spec(subscribe(pid(), binary(), emqx_types:qos()) -> ok | {error, any()}).
-subscribe(Conn, Topic, Qos)
-  when is_pid(Conn), is_binary(Topic),
-       (Qos =:= 0 orelse Qos =:= 1 orelse Qos =:= 2) ->
-    emqx_exproto_conn:cast(Conn, {subscribe, Topic, Qos}).
-
--spec(unsubscribe(pid(), binary()) -> ok | {error, any()}).
-unsubscribe(Conn, Topic)
-  when is_pid(Conn), is_binary(Topic) ->
-    emqx_exproto_conn:cast(Conn, {unsubscribe, Topic}).
+-spec(stop_servers() -> ok).
+stop_servers() ->
+    lists:foreach(fun stop_server/1, application:get_env(?APP, servers, [])).
 
 %%--------------------------------------------------------------------
 %% Internal functions
 %%--------------------------------------------------------------------
 
+start_connection_handler_instance({_Proto, _LisType, _ListenOn, Opts}) ->
+    Name = name(_Proto, _LisType),
+    {value, {_, HandlerOpts}, LisOpts} = lists:keytake(handler, 1, Opts),
+    {SvrAddr, ChannelOptions} = handler_opts(HandlerOpts),
+    case emqx_exproto_sup:start_grpc_client_channel(Name, SvrAddr, ChannelOptions) of
+        {ok, _ClientChannelPid} ->
+            {_Proto, _LisType, _ListenOn, [{handler, Name} | LisOpts]};
+        {error, Reason} ->
+            io:format(standard_error, "Failed to start ~s's connection handler - ~0p~n!",
+                      [Name, Reason]),
+            error(Reason)
+    end.
+
+stop_connection_handler_instance({_Proto, _LisType, _ListenOn, _Opts}) ->
+    Name = name(_Proto, _LisType),
+    _ = emqx_exproto_sup:stop_grpc_client_channel(Name),
+    ok.
+
+start_server({Name, Port, SSLOptions}) ->
+    case emqx_exproto_sup:start_grpc_server(Name, Port, SSLOptions) of
+        {ok, _} ->
+            io:format("Start ~s gRPC server on ~w successfully.~n",
+                      [Name, Port]);
+        {error, Reason} ->
+            io:format(standard_error, "Failed to start ~s gRPC server on ~w - ~0p~n!",
+                      [Name, Port, Reason]),
+            error({failed_start_server, Reason})
+    end.
+
+stop_server({Name, Port, _SSLOptions}) ->
+    ok = emqx_exproto_sup:stop_grpc_server(Name),
+    io:format("Stop ~s gRPC server on ~w successfully.~n", [Name, Port]).
+
 start_listener({Proto, LisType, ListenOn, Opts}) ->
     Name = name(Proto, LisType),
-    {value, {_, DriverOpts}, LisOpts} = lists:keytake(driver, 1, Opts),
-    case emqx_exproto_driver_mngr:ensure_driver(Name, DriverOpts) of
-        {ok, _DriverPid}->
-            case start_listener(LisType, Name, ListenOn, [{driver, Name} |LisOpts]) of
-                {ok, _} ->
-                    io:format("Start ~s listener on ~s successfully.~n",
-                              [Name, format(ListenOn)]);
-                {error, Reason} ->
-                    io:format(standard_error, "Failed to start ~s listener on ~s - ~0p~n!",
-                              [Name, format(ListenOn), Reason]),
-                    error(Reason)
-            end;
+    case start_listener(LisType, Name, ListenOn, Opts) of
+        {ok, _} ->
+            io:format("Start ~s listener on ~s successfully.~n",
+                      [Name, format(ListenOn)]);
         {error, Reason} ->
-            io:format(standard_error, "Failed to start ~s's driver - ~0p~n!",
-                      [Name, Reason]),
+            io:format(standard_error, "Failed to start ~s listener on ~s - ~0p~n!",
+                      [Name, format(ListenOn), Reason]),
             error(Reason)
     end.
 
@@ -137,11 +126,11 @@ start_listener(dtls, Name, ListenOn, LisOpts) ->
 
 stop_listener({Proto, LisType, ListenOn, Opts}) ->
     Name = name(Proto, LisType),
-    _ = emqx_exproto_driver_mngr:stop_driver(Name),
     StopRet = stop_listener(LisType, Name, ListenOn, Opts),
     case StopRet of
-        ok -> io:format("Stop ~s listener on ~s successfully.~n",
-                        [Name, format(ListenOn)]);
+        ok ->
+            io:format("Stop ~s listener on ~s successfully.~n",
+                      [Name, format(ListenOn)]);
         {error, Reason} ->
             io:format(standard_error, "Failed to stop ~s listener on ~s - ~p~n.",
                       [Name, format(ListenOn), Reason])
@@ -157,8 +146,12 @@ name(Proto, LisType) ->
     list_to_atom(lists:flatten(io_lib:format("~s:~s", [Proto, LisType]))).
 
 %% @private
+format(Port) when is_integer(Port) ->
+    io_lib:format("0.0.0.0:~w", [Port]);
 format({Addr, Port}) when is_list(Addr) ->
-    io_lib:format("~s:~w", [Addr, Port]).
+    io_lib:format("~s:~w", [Addr, Port]);
+format({Addr, Port}) when is_tuple(Addr) ->
+    io_lib:format("~s:~w", [inet:ntoa(Addr), Port]).
 
 %% @private
 merge_tcp_default(Opts) ->
@@ -176,3 +169,19 @@ merge_udp_default(Opts) ->
         false ->
             [{udp_options, ?UDP_SOCKOPTS} | Opts]
     end.
+
+%% @private
+handler_opts(Opts) ->
+    Scheme = proplists:get_value(scheme, Opts),
+    Host = proplists:get_value(host, Opts),
+    Port = proplists:get_value(port, Opts),
+    SvrAddr = lists:flatten(io_lib:format("~s://~s:~w", [Scheme, Host, Port])),
+    ClientOpts = case Scheme of
+                     https ->
+                         SslOpts = lists:keydelete(ssl, 1, proplists:get_value(ssl_options, Opts, [])),
+                         #{gun_opts =>
+                           #{transport => ssl,
+                             transport_opts => SslOpts}};
+                     _ -> #{}
+                 end,
+    {SvrAddr, ClientOpts}.
diff --git a/apps/emqx_exproto/src/emqx_exproto_app.erl b/apps/emqx_exproto/src/emqx_exproto_app.erl
index b12101fda..73e8a65bc 100644
--- a/apps/emqx_exproto/src/emqx_exproto_app.erl
+++ b/apps/emqx_exproto/src/emqx_exproto_app.erl
@@ -24,13 +24,14 @@
 
 start(_StartType, _StartArgs) ->
     {ok, Sup} = emqx_exproto_sup:start_link(),
+    emqx_exproto:start_servers(),
     emqx_exproto:start_listeners(),
     {ok, Sup}.
 
 prep_stop(State) ->
+    emqx_exproto:stop_servers(),
     emqx_exproto:stop_listeners(),
     State.
 
 stop(_State) ->
     ok.
-
diff --git a/apps/emqx_exproto/src/emqx_exproto_channel.erl b/apps/emqx_exproto/src/emqx_exproto_channel.erl
index 5a8e2c888..9786c12c2 100644
--- a/apps/emqx_exproto/src/emqx_exproto_channel.erl
+++ b/apps/emqx_exproto/src/emqx_exproto_channel.erl
@@ -16,6 +16,7 @@
 
 -module(emqx_exproto_channel).
 
+-include("emqx_exproto.hrl").
 -include_lib("emqx/include/emqx.hrl").
 -include_lib("emqx/include/emqx_mqtt.hrl").
 -include_lib("emqx/include/types.hrl").
@@ -41,20 +42,26 @@
 -export_type([channel/0]).
 
 -record(channel, {
-          %% Driver name
-          driver :: atom(),
+          %% gRPC channel options
+          gcli :: map(),
           %% Conn info
           conninfo :: emqx_types:conninfo(),
           %% Client info from `register` function
           clientinfo :: maybe(map()),
-          %% Registered
-          registered = false :: boolean(),
           %% Connection state
           conn_state :: conn_state(),
           %% Subscription
           subscriptions = #{},
-          %% Driver level state
-          state :: any()
+          %% Request queue
+          rqueue = queue:new(),
+          %% Inflight function name
+          inflight = undefined,
+          %% Keepalive
+          keepalive :: maybe(emqx_keepalive:keepalive()),
+          %% Timers
+          timers ::  #{atom() => disabled | maybe(reference())},
+          %% Closed reason
+          closed_reason = undefined
          }).
 
 -opaque(channel() :: #channel{}).
@@ -67,6 +74,11 @@
 
 -type(replies() :: emqx_types:packet() | reply() | [reply()]).
 
+-define(TIMER_TABLE, #{
+          alive_timer => keepalive,
+          force_timer => force_close
+         }).
+
 -define(INFO_KEYS, [conninfo, conn_state, clientinfo, session, will_msg]).
 
 -define(SESSION_STATS_KEYS,
@@ -130,20 +142,44 @@ stats(#channel{subscriptions = Subs}) ->
 %%--------------------------------------------------------------------
 
 -spec(init(emqx_exproto_types:conninfo(), proplists:proplist()) -> channel()).
-init(ConnInfo, Options) ->
-    Driver = proplists:get_value(driver, Options),
-    case cb_init(ConnInfo, Driver) of
-            {ok, DState} ->
-                NConnInfo = default_conninfo(ConnInfo),
-                ClientInfo = default_clientinfo(ConnInfo),
-                #channel{driver = Driver,
-                         state = DState,
-                         conninfo = NConnInfo,
-                         clientinfo = ClientInfo,
-                         conn_state = connected};
-            {error, Reason} ->
-                exit({init_channel_failed, Reason})
-    end.
+init(ConnInfo = #{socktype := Socktype,
+                  peername := Peername,
+                  sockname := Sockname,
+                  peercert := Peercert}, Options) ->
+    GRpcChann = proplists:get_value(handler, Options),
+    NConnInfo = default_conninfo(ConnInfo),
+    ClientInfo = default_clientinfo(ConnInfo),
+    Channel = #channel{gcli = #{channel => GRpcChann},
+                       conninfo = NConnInfo,
+                       clientinfo = ClientInfo,
+                       conn_state = connecting,
+                       timers = #{}
+                      },
+
+    Req = #{conninfo =>
+            peercert(Peercert,
+                     #{socktype => socktype(Socktype),
+                       peername => address(Peername),
+                       sockname => address(Sockname)})},
+    try_dispatch(on_socket_created, wrap(Req), Channel).
+
+%% @private
+peercert(nossl, ConnInfo) ->
+    ConnInfo;
+peercert(Peercert, ConnInfo) ->
+    ConnInfo#{peercert =>
+              #{cn => esockd_peercert:common_name(Peercert),
+                dn => esockd_peercert:subject(Peercert)}}.
+
+%% @private
+socktype(tcp) -> 'TCP';
+socktype(ssl) -> 'SSL';
+socktype(udp) -> 'UDP';
+socktype(dtls) -> 'DTLS'.
+
+%% @private
+address({Host, Port}) ->
+    #{host => inet:ntoa(Host), port => Port}.
 
 %%--------------------------------------------------------------------
 %% Handle incoming packet
@@ -153,81 +189,163 @@ init(ConnInfo, Options) ->
       -> {ok, channel()}
        | {shutdown, Reason :: term(), channel()}).
 handle_in(Data, Channel) ->
-    case cb_received(Data, Channel) of
-        {ok, NChannel} ->
-            {ok, NChannel};
-        {error, Reason} ->
-            {shutdown, Reason, Channel}
-    end.
+    Req = #{bytes => Data},
+    {ok, try_dispatch(on_received_bytes, wrap(Req), Channel)}.
 
 -spec(handle_deliver(list(emqx_types:deliver()), channel())
       -> {ok, channel()}
        | {shutdown, Reason :: term(), channel()}).
-handle_deliver(Delivers, Channel) ->
-    %% TODO: ?? Nack delivers from shared subscriptions
-    case cb_deliver(Delivers, Channel) of
-        {ok, NChannel} ->
-            {ok, NChannel};
-        {error, Reason} ->
-            {shutdown, Reason, Channel}
-    end.
+handle_deliver(Delivers, Channel = #channel{clientinfo = ClientInfo}) ->
+    %% XXX: ?? Nack delivers from shared subscriptions
+    Mountpoint = maps:get(mountpoint, ClientInfo),
+    NodeStr = atom_to_binary(node(), utf8),
+    Msgs = lists:map(fun({_, _, Msg}) ->
+               ok = emqx_metrics:inc('messages.delivered'),
+               Msg1 = emqx_hooks:run_fold('message.delivered',
+                                          [ClientInfo], Msg),
+               NMsg = emqx_mountpoint:unmount(Mountpoint, Msg1),
+               #{node => NodeStr,
+                 id => hexstr(emqx_message:id(NMsg)),
+                 qos => emqx_message:qos(NMsg),
+                 from => fmt_from(emqx_message:from(NMsg)),
+                 topic => emqx_message:topic(NMsg),
+                 payload => emqx_message:payload(NMsg),
+                 timestamp => emqx_message:timestamp(NMsg)
+               }
+           end, Delivers),
+    Req = #{messages => Msgs},
+    {ok, try_dispatch(on_received_messages, wrap(Req), Channel)}.
 
 -spec(handle_timeout(reference(), Msg :: term(), channel())
       -> {ok, channel()}
        | {shutdown, Reason :: term(), channel()}).
+handle_timeout(_TRef, {keepalive, _StatVal},
+               Channel = #channel{keepalive = undefined}) ->
+    {ok, Channel};
+handle_timeout(_TRef, {keepalive, StatVal},
+               Channel = #channel{keepalive = Keepalive}) ->
+    case emqx_keepalive:check(StatVal, Keepalive) of
+        {ok, NKeepalive} ->
+            NChannel = Channel#channel{keepalive = NKeepalive},
+            {ok, reset_timer(alive_timer, NChannel)};
+        {error, timeout} ->
+            Req = #{type => 'KEEPALIVE'},
+            {ok, try_dispatch(on_timer_timeout, wrap(Req), Channel)}
+    end;
+
+handle_timeout(_TRef, force_close, Channel = #channel{closed_reason = Reason}) ->
+    {shutdown, {error, {force_close, Reason}}, Channel};
+
 handle_timeout(_TRef, Msg, Channel) ->
     ?WARN("Unexpected timeout: ~p", [Msg]),
     {ok, Channel}.
 
 -spec(handle_call(any(), channel())
      -> {reply, Reply :: term(), channel()}
+      | {reply, Reply :: term(), replies(), channel()}
       | {shutdown, Reason :: term(), Reply :: term(), channel()}).
+
+handle_call({send, Data}, Channel) ->
+    {reply, ok, [{outgoing, Data}], Channel};
+
+handle_call(close, Channel = #channel{conn_state = connected}) ->
+    {reply, ok, [{event, disconnected}, {close, normal}], Channel};
+handle_call(close, Channel) ->
+    {reply, ok, [{close, normal}], Channel};
+
+handle_call({auth, ClientInfo, _Password}, Channel = #channel{conn_state = connected}) ->
+    ?LOG(warning, "Duplicated authorized command, dropped ~p", [ClientInfo]),
+    {ok, {error, ?RESP_PERMISSION_DENY, <<"Duplicated authenticate command">>}, Channel};
+handle_call({auth, ClientInfo0, Password},
+            Channel = #channel{conninfo = ConnInfo,
+                               clientinfo = ClientInfo}) ->
+    ClientInfo1 = enrich_clientinfo(ClientInfo0, ClientInfo),
+    NConnInfo = enrich_conninfo(ClientInfo1, ConnInfo),
+
+    Channel1 = Channel#channel{conninfo = NConnInfo,
+                               clientinfo = ClientInfo1},
+
+    #{clientid := ClientId, username := Username} = ClientInfo1,
+
+    case emqx_access_control:authenticate(ClientInfo1#{password => Password}) of
+        {ok, AuthResult} ->
+            emqx_logger:set_metadata_clientid(ClientId),
+            is_anonymous(AuthResult) andalso
+                emqx_metrics:inc('client.auth.anonymous'),
+            NClientInfo = maps:merge(ClientInfo1, AuthResult),
+            NChannel = Channel1#channel{clientinfo = NClientInfo},
+            case emqx_cm:open_session(true, NClientInfo, NConnInfo) of
+                {ok, _Session} ->
+                    ?LOG(debug, "Client ~s (Username: '~s') authorized successfully!",
+                                [ClientId, Username]),
+                    {reply, ok, [{event, connected}], ensure_connected(NChannel)};
+                {error, Reason} ->
+                    ?LOG(warning, "Client ~s (Username: '~s') open session failed for ~0p",
+                         [ClientId, Username, Reason]),
+                    {reply, {error, ?RESP_PERMISSION_DENY, Reason}, Channel}
+            end;
+        {error, Reason} ->
+            ?LOG(warning, "Client ~s (Username: '~s') login failed for ~0p",
+                 [ClientId, Username, Reason]),
+            {reply, {error, ?RESP_PERMISSION_DENY, Reason}, Channel}
+    end;
+
+handle_call({start_timer, keepalive, Interval},
+            Channel = #channel{
+                         conninfo = ConnInfo,
+                         clientinfo = ClientInfo
+                        }) ->
+    NConnInfo = ConnInfo#{keepalive => Interval},
+    NClientInfo = ClientInfo#{keepalive => Interval},
+    NChannel = Channel#channel{conninfo = NConnInfo, clientinfo = NClientInfo},
+    {reply, ok, ensure_keepalive(NChannel)};
+
+handle_call({subscribe, TopicFilter, Qos},
+            Channel = #channel{
+                         conn_state = connected,
+                         clientinfo = ClientInfo}) ->
+    case is_acl_enabled(ClientInfo) andalso
+         emqx_access_control:check_acl(ClientInfo, subscribe, TopicFilter) of
+        deny ->
+            {reply, {error, ?RESP_PERMISSION_DENY, <<"ACL deny">>}, Channel};
+        _ ->
+            {ok, NChannel} = do_subscribe([{TopicFilter, #{qos => Qos}}], Channel),
+            {reply, ok, NChannel}
+    end;
+
+handle_call({unsubscribe, TopicFilter},
+            Channel = #channel{conn_state = connected}) ->
+    {ok, NChannel} = do_unsubscribe([{TopicFilter, #{}}], Channel),
+    {reply, ok, NChannel};
+
+handle_call({publish, Topic, Qos, Payload},
+            Channel = #channel{
+                         conn_state = connected,
+                         clientinfo = ClientInfo
+                                    = #{clientid := From,
+                                        mountpoint := Mountpoint}}) ->
+    case is_acl_enabled(ClientInfo) andalso
+         emqx_access_control:check_acl(ClientInfo, publish, Topic) of
+        deny ->
+            {reply, {error, ?RESP_PERMISSION_DENY, <<"ACL deny">>}, Channel};
+        _ ->
+            Msg = emqx_message:make(From, Qos, Topic, Payload),
+            NMsg = emqx_mountpoint:mount(Mountpoint, Msg),
+            emqx:publish(NMsg),
+            {reply, ok, Channel}
+    end;
+
 handle_call(kick, Channel) ->
     {shutdown, kicked, ok, Channel};
 
 handle_call(Req, Channel) ->
-    ?WARN("Unexpected call: ~p", [Req]),
-    {reply, ok, Channel}.
+    ?LOG(warning, "Unexpected call: ~p", [Req]),
+    {reply, {error, unexpected_call}, Channel}.
 
 -spec(handle_cast(any(), channel())
      -> {ok, channel()}
       | {ok, replies(), channel()}
       | {shutdown, Reason :: term(), channel()}).
-handle_cast({send, Data}, Channel) ->
-    {ok, [{outgoing, Data}], Channel};
-
-handle_cast(close, Channel) ->
-    {ok, [{close, normal}], Channel};
-
-handle_cast({register, ClientInfo}, Channel = #channel{registered = true}) ->
-    ?WARN("Duplicated register command, dropped ~p", [ClientInfo]),
-    {ok, Channel};
-handle_cast({register, ClientInfo0}, Channel = #channel{conninfo = ConnInfo,
-                                                        clientinfo = ClientInfo}) ->
-    ClientInfo1 = maybe_assign_clientid(ClientInfo0),
-    NConnInfo = enrich_conninfo(ClientInfo1, ConnInfo),
-    NClientInfo = enrich_clientinfo(ClientInfo1, ClientInfo),
-    case emqx_cm:open_session(true, NClientInfo, NConnInfo) of
-        {ok, _Session} ->
-            NChannel = Channel#channel{registered = true,
-                                       conninfo = NConnInfo,
-                                       clientinfo = NClientInfo},
-            {ok, [{event, registered}], NChannel};
-        {error, Reason} ->
-            ?ERROR("Register failed, reason: ~p", [Reason]),
-            {shutdown, Reason, {error, Reason}, Channel}
-    end;
-
-handle_cast({subscribe, TopicFilter, Qos}, Channel) ->
-    do_subscribe([{TopicFilter, #{qos => Qos}}], Channel);
-
-handle_cast({unsubscribe, TopicFilter}, Channel) ->
-    do_unsubscribe([{TopicFilter, #{}}], Channel);
-
-handle_cast({publish, Msg}, Channel) ->
-    emqx:publish(enrich_msg(Msg, Channel)),
-    {ok, Channel};
-
 handle_cast(Req, Channel) ->
     ?WARN("Unexpected call: ~p", [Req]),
     {ok, Channel}.
@@ -241,15 +359,41 @@ handle_info({subscribe, TopicFilters}, Channel) ->
 handle_info({unsubscribe, TopicFilters}, Channel) ->
     do_unsubscribe(TopicFilters, Channel);
 
-handle_info({sock_closed, Reason}, Channel) ->
-    {shutdown, {sock_closed, Reason}, Channel};
+handle_info({sock_closed, Reason},
+            Channel = #channel{rqueue = Queue, inflight = Inflight}) ->
+    case queue:len(Queue) =:= 0
+         andalso Inflight =:= undefined of
+        true ->
+            {shutdown, {sock_closed, Reason}, Channel};
+        _ ->
+            %% delayed close process for flushing all callback funcs to gRPC server
+            Channel1 = Channel#channel{closed_reason = {sock_closed, Reason}},
+            Channel2 = ensure_timer(force_timer, Channel1),
+            {ok, ensure_disconnected({sock_closed, Reason}, Channel2)}
+    end;
+
+handle_info({hreply, on_socket_created, {ok, _}}, Channel) ->
+    dispatch_or_close_process(Channel#channel{inflight = undefined});
+handle_info({hreply, FunName, {ok, _}}, Channel)
+  when FunName == on_socket_closed;
+       FunName == on_received_bytes;
+       FunName == on_received_messages;
+       FunName == on_timer_timeout ->
+    dispatch_or_close_process(Channel#channel{inflight = undefined});
+handle_info({hreply, FunName, {error, Reason}}, Channel) ->
+    {shutdown, {error, {FunName, Reason}}, Channel};
+
 handle_info(Info, Channel) ->
-    ?WARN("Unexpected info: ~p", [Info]),
+    ?LOG(warning, "Unexpected info: ~p", [Info]),
     {ok, Channel}.
 
--spec(terminate(any(), channel()) -> ok).
+-spec(terminate(any(), channel()) -> channel()).
 terminate(Reason, Channel) ->
-    cb_terminated(Reason, Channel), ok.
+    Req = #{reason => stringfy(Reason)},
+    try_dispatch(on_socket_closed, wrap(Req), Channel).
+
+is_anonymous(#{anonymous := true}) -> true;
+is_anonymous(_AuthResult)          -> false.
 
 %%--------------------------------------------------------------------
 %% Sub/UnSub
@@ -266,11 +410,22 @@ do_subscribe(TopicFilters, Channel) ->
 do_subscribe(TopicFilter, SubOpts, Channel =
              #channel{clientinfo = ClientInfo = #{mountpoint := Mountpoint},
                       subscriptions = Subs}) ->
+    %% Mountpoint first
     NTopicFilter = emqx_mountpoint:mount(Mountpoint, TopicFilter),
     NSubOpts = maps:merge(?DEFAULT_SUBOPTS, SubOpts),
     SubId = maps:get(clientid, ClientInfo, undefined),
-    _ = emqx:subscribe(NTopicFilter, SubId, NSubOpts),
-    Channel#channel{subscriptions = Subs#{NTopicFilter => SubOpts}}.
+    IsNew = not maps:is_key(NTopicFilter, Subs),
+    case IsNew of
+        true ->
+            ok = emqx:subscribe(NTopicFilter, SubId, NSubOpts),
+            ok = emqx_hooks:run('session.subscribed',
+                                [ClientInfo, NTopicFilter, NSubOpts#{is_new => IsNew}]),
+            Channel#channel{subscriptions = Subs#{NTopicFilter => NSubOpts}};
+        _ ->
+            %% Update subopts
+            ok = emqx:subscribe(NTopicFilter, SubId, NSubOpts),
+            Channel#channel{subscriptions = Subs#{NTopicFilter => NSubOpts}}
+    end.
 
 do_unsubscribe(TopicFilters, Channel) ->
     NChannel = lists:foldl(
@@ -280,74 +435,133 @@ do_unsubscribe(TopicFilters, Channel) ->
     {ok, NChannel}.
 
 %% @private
-do_unsubscribe(TopicFilter, _SubOpts, Channel =
-               #channel{clientinfo = #{mountpoint := Mountpoint},
+do_unsubscribe(TopicFilter, UnSubOpts, Channel =
+               #channel{clientinfo = ClientInfo = #{mountpoint := Mountpoint},
                         subscriptions = Subs}) ->
-    TopicFilter1 = emqx_mountpoint:mount(Mountpoint, TopicFilter),
-    _ = emqx:unsubscribe(TopicFilter1),
-    Channel#channel{subscriptions = maps:remove(TopicFilter1, Subs)}.
+    NTopicFilter = emqx_mountpoint:mount(Mountpoint, TopicFilter),
+    case maps:find(NTopicFilter, Subs) of
+        {ok, SubOpts} ->
+            ok = emqx:unsubscribe(NTopicFilter),
+            ok = emqx_hooks:run('session.unsubscribed',
+                                [ClientInfo, TopicFilter, maps:merge(SubOpts, UnSubOpts)]),
+            Channel#channel{subscriptions = maps:remove(NTopicFilter, Subs)};
+        _ ->
+            Channel
+    end.
 
 %% @private
 parse_topic_filters(TopicFilters) ->
     lists:map(fun emqx_topic:parse/1, TopicFilters).
 
+-compile({inline, [is_acl_enabled/1]}).
+is_acl_enabled(#{zone := Zone, is_superuser := IsSuperuser}) ->
+    (not IsSuperuser) andalso emqx_zone:enable_acl(Zone).
+
 %%--------------------------------------------------------------------
-%% Cbs for driver
+%% Ensure & Hooks
 %%--------------------------------------------------------------------
 
-cb_init(ConnInfo, Driver) ->
-    Args = [self(), emqx_exproto_types:serialize(conninfo, ConnInfo)],
-    emqx_exproto_driver_mngr:call(Driver, {'init', Args}).
+ensure_connected(Channel = #channel{conninfo = ConnInfo,
+                                    clientinfo = ClientInfo}) ->
+    NConnInfo = ConnInfo#{connected_at => erlang:system_time(millisecond)},
+    ok = run_hooks('client.connected', [ClientInfo, NConnInfo]),
+    Channel#channel{conninfo   = NConnInfo,
+                    conn_state = connected
+                   }.
 
-cb_received(Data, Channel = #channel{state = DState}) ->
-    Args = [self(), Data, DState],
-    do_call_cb('received', Args, Channel).
+ensure_disconnected(Reason, Channel = #channel{
+                                         conn_state = connected,
+                                         conninfo = ConnInfo,
+                                         clientinfo = ClientInfo}) ->
+    NConnInfo = ConnInfo#{disconnected_at => erlang:system_time(millisecond)},
+    ok = run_hooks('client.disconnected', [ClientInfo, Reason, NConnInfo]),
+    Channel#channel{conninfo = NConnInfo, conn_state = disconnected};
 
-cb_terminated(Reason, Channel = #channel{state = DState}) ->
-    Args = [self(), stringfy(Reason), DState],
-    do_call_cb('terminated', Args, Channel).
+ensure_disconnected(_Reason, Channel = #channel{conninfo = ConnInfo}) ->
+    NConnInfo = ConnInfo#{disconnected_at => erlang:system_time(millisecond)},
+    Channel#channel{conninfo = NConnInfo, conn_state = disconnected}.
 
-cb_deliver(Delivers, Channel = #channel{state = DState}) ->
-    Msgs = [emqx_exproto_types:serialize(message, Msg) || {_, _, Msg} <- Delivers],
-    Args = [self(), Msgs, DState],
-    do_call_cb('deliver', Args, Channel).
+run_hooks(Name, Args) ->
+    ok = emqx_metrics:inc(Name), emqx_hooks:run(Name, Args).
 
-%% @private
-do_call_cb(Fun, Args, Channel = #channel{driver = D}) ->
-    case emqx_exproto_driver_mngr:call(D, {Fun, Args}) of
-        ok ->
-            {ok, Channel};
-        {ok, NDState} ->
-            {ok, Channel#channel{state = NDState}};
-        {error, Reason} ->
-            {error, Reason}
+%%--------------------------------------------------------------------
+%% Enrich Keepalive
+
+ensure_keepalive(Channel = #channel{clientinfo = ClientInfo}) ->
+    ensure_keepalive_timer(maps:get(keepalive, ClientInfo, 0), Channel).
+
+ensure_keepalive_timer(Interval, Channel) when Interval =< 0 ->
+    Channel;
+ensure_keepalive_timer(Interval, Channel) ->
+    Keepalive = emqx_keepalive:init(timer:seconds(Interval)),
+    ensure_timer(alive_timer, Channel#channel{keepalive = Keepalive}).
+
+ensure_timer(Name, Channel = #channel{timers = Timers}) ->
+    TRef = maps:get(Name, Timers, undefined),
+    Time = interval(Name, Channel),
+    case TRef == undefined andalso Time > 0 of
+        true  -> ensure_timer(Name, Time, Channel);
+        false -> Channel %% Timer disabled or exists
     end.
 
+ensure_timer(Name, Time, Channel = #channel{timers = Timers}) ->
+    Msg = maps:get(Name, ?TIMER_TABLE),
+    TRef = emqx_misc:start_timer(Time, Msg),
+    Channel#channel{timers = Timers#{Name => TRef}}.
+
+reset_timer(Name, Channel) ->
+    ensure_timer(Name, clean_timer(Name, Channel)).
+
+clean_timer(Name, Channel = #channel{timers = Timers}) ->
+    Channel#channel{timers = maps:remove(Name, Timers)}.
+
+interval(force_timer, _) ->
+    15000;
+interval(alive_timer, #channel{keepalive = Keepalive}) ->
+    emqx_keepalive:info(interval, Keepalive).
+
+%%--------------------------------------------------------------------
+%% Dispatch
+%%--------------------------------------------------------------------
+
+wrap(Req) ->
+     Req#{conn => pid_to_list(self())}.
+
+dispatch_or_close_process(Channel = #channel{
+                                       rqueue = Queue,
+                                       inflight = undefined,
+                                       gcli = GClient}) ->
+    case queue:out(Queue) of
+        {empty, _} ->
+            case Channel#channel.conn_state of
+                disconnected ->
+                    {shutdown, Channel#channel.closed_reason, Channel};
+                _ ->
+                    {ok, Channel}
+            end;
+        {{value, {FunName, Req}}, NQueue} ->
+            emqx_exproto_gcli:async_call(FunName, Req, GClient),
+            {ok, Channel#channel{inflight = FunName, rqueue = NQueue}}
+    end.
+
+try_dispatch(FunName, Req, Channel = #channel{inflight = undefined, gcli = GClient}) ->
+    emqx_exproto_gcli:async_call(FunName, Req, GClient),
+    Channel#channel{inflight = FunName};
+try_dispatch(FunName, Req, Channel = #channel{rqueue = Queue}) ->
+    Channel#channel{rqueue = queue:in({FunName, Req}, Queue)}.
+
 %%--------------------------------------------------------------------
 %% Format
 %%--------------------------------------------------------------------
 
-maybe_assign_clientid(ClientInfo) ->
-    case maps:get(clientid, ClientInfo, undefined) of
-        undefined ->
-            ClientInfo#{clientid => emqx_guid:to_base62(emqx_guid:gen())};
-        _ ->
-            ClientInfo
-    end.
-
-enrich_msg(Msg, #channel{clientinfo = ClientInfo = #{mountpoint := Mountpoint}}) ->
-    NMsg = emqx_mountpoint:mount(Mountpoint, Msg),
-    case maps:get(clientid, ClientInfo, undefined) of
-        undefined -> NMsg;
-        ClientId -> NMsg#message{from = ClientId}
-    end.
-
 enrich_conninfo(InClientInfo, ConnInfo) ->
-    maps:merge(ConnInfo, maps:with([proto_name, proto_ver, clientid, username, keepalive], InClientInfo)).
+    Ks = [proto_name, proto_ver, clientid, username],
+    maps:merge(ConnInfo, maps:with(Ks, InClientInfo)).
 
 enrich_clientinfo(InClientInfo = #{proto_name := ProtoName}, ClientInfo) ->
-    NClientInfo = maps:merge(ClientInfo, maps:with([clientid, username, mountpoint], InClientInfo)),
-    NClientInfo#{protocol => lowcase_atom(ProtoName)}.
+    Ks = [clientid, username, mountpoint],
+    NClientInfo = maps:merge(ClientInfo, maps:with(Ks, InClientInfo)),
+    NClientInfo#{protocol => ProtoName}.
 
 default_conninfo(ConnInfo) ->
     ConnInfo#{proto_name => undefined,
@@ -363,12 +577,12 @@ default_conninfo(ConnInfo) ->
               expiry_interval => 0}.
 
 default_clientinfo(#{peername := {PeerHost, _},
-                      sockname := {_, SockPort}}) ->
-    #{zone         => undefined,
+                     sockname := {_, SockPort}}) ->
+    #{zone         => external,
       protocol     => undefined,
       peerhost     => PeerHost,
       sockport     => SockPort,
-      clientid     => default_clientid(),
+      clientid     => undefined,
       username     => undefined,
       is_bridge    => false,
       is_superuser => false,
@@ -377,10 +591,9 @@ default_clientinfo(#{peername := {PeerHost, _},
 stringfy(Reason) ->
     unicode:characters_to_binary((io_lib:format("~0p", [Reason]))).
 
-lowcase_atom(undefined) ->
-    undefined;
-lowcase_atom(S) ->
-    binary_to_atom(string:lowercase(S), utf8).
+hexstr(Bin) ->
+    [io_lib:format("~2.16.0B",[X]) || <<X:8>> <= Bin].
 
-default_clientid() ->
-    <<"exproto_client_", (list_to_binary(pid_to_list(self())))/binary>>.
+fmt_from(undefined) -> <<>>;
+fmt_from(Bin) when is_binary(Bin) -> Bin;
+fmt_from(T) -> stringfy(T).
diff --git a/apps/emqx_exproto/src/emqx_exproto_conn.erl b/apps/emqx_exproto/src/emqx_exproto_conn.erl
index 10a40c987..e6f7676a1 100644
--- a/apps/emqx_exproto/src/emqx_exproto_conn.erl
+++ b/apps/emqx_exproto/src/emqx_exproto_conn.erl
@@ -61,8 +61,9 @@
           sockstate :: emqx_types:sockstate(),
           %% The {active, N} option
           active_n :: pos_integer(),
-          %% Send function
-          sendfun :: function(),
+          %% BACKW: e4.2.0-e4.2.1
+          %% We should remove it
+          sendfun :: function() | undefined,
           %% Limiter
           limiter :: maybe(emqx_limiter:limiter()),
           %% Limit Timer
@@ -173,8 +174,10 @@ esockd_wait({esockd_transport, Sock}) ->
         R = {error, _} -> R
     end.
 
-esockd_close({udp, _SockPid, Sock}) ->
-    gen_udp:close(Sock);
+esockd_close({udp, _SockPid, _Sock}) ->
+    %% nothing to do for udp socket
+    %%gen_udp:close(Sock);
+    ok;
 esockd_close({esockd_transport, Sock}) ->
     esockd_transport:fast_close(Sock).
 
@@ -201,14 +204,10 @@ esockd_getstat({udp, _SockPid, Sock}, Stats) ->
 esockd_getstat({esockd_transport, Sock}, Stats) ->
     esockd_transport:getstat(Sock, Stats).
 
-sendfun({udp, _SockPid, Sock}, {Ip, Port}) ->
-    fun(Data) ->
-        gen_udp:send(Sock, Ip, Port, Data)
-    end;
-sendfun({esockd_transport, Sock}, _) ->
-    fun(Data) ->
-        esockd_transport:async_send(Sock, Data)
-    end.
+send(Data, #state{socket = {udp, _SockPid, Sock}, peername = {Ip, Port}}) ->
+    gen_udp:send(Sock, Ip, Port, Data);
+send(Data, #state{socket = {esockd_transport, Sock}}) ->
+    esockd_transport:async_send(Sock, Data).
 
 %%--------------------------------------------------------------------
 %% callbacks
@@ -253,7 +252,7 @@ init_state(WrappedSock, Peername, Options) ->
            sockname     = Sockname,
            sockstate    = idle,
            active_n     = ActiveN,
-           sendfun      = sendfun(WrappedSock, Peername),
+           sendfun      = undefined,
            limiter      = undefined,
            channel      = Channel,
            gc_state     = GcState,
@@ -357,6 +356,9 @@ handle_msg({'$gen_call', From, Req}, State) ->
         {reply, Reply, NState} ->
             gen_server:reply(From, Reply),
             {ok, NState};
+        {reply, Reply, Msgs, NState} ->
+            gen_server:reply(From, Reply),
+            {ok, next_msgs(Msgs), NState};
         {stop, Reason, Reply, NState} ->
             gen_server:reply(From, Reply),
             stop(Reason, NState)
@@ -419,16 +421,16 @@ handle_msg({close, Reason}, State) ->
     ?LOG(debug, "Force to close the socket due to ~p", [Reason]),
     handle_info({sock_closed, Reason}, close_socket(State));
 
-handle_msg({event, registered}, State = #state{channel = Channel}) ->
+handle_msg({event, connected}, State = #state{channel = Channel}) ->
     ClientId = emqx_exproto_channel:info(clientid, Channel),
     emqx_cm:register_channel(ClientId, info(State), stats(State));
 
-%handle_msg({event, disconnected}, State = #state{channel = Channel}) ->
-%    ClientId = emqx_exproto_channel:info(clientid, Channel),
-%    emqx_cm:set_chan_info(ClientId, info(State)),
-%    emqx_cm:connection_closed(ClientId),
-%    {ok, State};
-%
+handle_msg({event, disconnected}, State = #state{channel = Channel}) ->
+    ClientId = emqx_exproto_channel:info(clientid, Channel),
+    emqx_cm:set_chan_info(ClientId, info(State)),
+    emqx_cm:connection_closed(ClientId),
+    {ok, State};
+
 %handle_msg({event, _Other}, State = #state{channel = Channel}) ->
 %    ClientId = emqx_exproto_channel:info(clientid, Channel),
 %    emqx_cm:set_chan_info(ClientId, info(State)),
@@ -480,6 +482,8 @@ handle_call(_From, Req, State = #state{channel = Channel}) ->
     case emqx_exproto_channel:handle_call(Req, Channel) of
         {reply, Reply, NChannel} ->
             {reply, Reply, State#state{channel = NChannel}};
+        {reply, Reply, Replies, NChannel} ->
+            {reply, Reply, Replies, State#state{channel = NChannel}};
         {shutdown, Reason, Reply, NChannel} ->
             shutdown(Reason, Reply, State#state{channel = NChannel})
     end.
@@ -495,7 +499,18 @@ handle_timeout(_TRef, limit_timeout, State) ->
                          limit_timer = undefined
                         },
     handle_info(activate_socket, NState);
-
+handle_timeout(TRef, keepalive, State = #state{socket = Socket,
+                                               channel = Channel})->
+    case emqx_exproto_channel:info(conn_state, Channel) of
+        disconnected -> {ok, State};
+        _ ->
+            case esockd_getstat(Socket, [recv_oct]) of
+                {ok, [{recv_oct, RecvOct}]} ->
+                    handle_timeout(TRef, {keepalive, RecvOct}, State);
+                {error, Reason} ->
+                    handle_info({sock_error, Reason}, State)
+            end
+    end;
 handle_timeout(_TRef, emit_stats, State =
                #state{channel = Channel}) ->
     ClientId = emqx_exproto_channel:info(clientid, Channel),
@@ -541,7 +556,7 @@ with_channel(Fun, Args, State = #state{channel = Channel}) ->
 %%--------------------------------------------------------------------
 %% Handle outgoing packets
 
-handle_outgoing(IoData, #state{socket = Socket, sendfun = SendFun}) ->
+handle_outgoing(IoData, State = #state{socket = Socket}) ->
     ?LOG(debug, "SEND ~0p", [IoData]),
 
     Oct = iolist_size(IoData),
@@ -553,7 +568,7 @@ handle_outgoing(IoData, #state{socket = Socket, sendfun = SendFun}) ->
 
     %% FIXME:
     %%ok = emqx_metrics:inc('bytes.sent', Oct),
-    case SendFun(IoData) of
+    case send(IoData, State) of
         ok -> ok;
         Error = {error, _Reason} ->
             %% Send an inet_reply to postpone handling the error
@@ -665,4 +680,3 @@ stop(Reason, State) ->
 
 stop(Reason, Reply, State) ->
     {stop, Reason, Reply, State}.
-
diff --git a/apps/emqx_exproto/src/emqx_exproto_driver_mngr.erl b/apps/emqx_exproto/src/emqx_exproto_driver_mngr.erl
deleted file mode 100644
index 4a088bb99..000000000
--- a/apps/emqx_exproto/src/emqx_exproto_driver_mngr.erl
+++ /dev/null
@@ -1,302 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_exproto_driver_mngr).
-
--behaviour(gen_server).
-
--include_lib("emqx/include/logger.hrl").
-
--log_header("[ExProto DMngr]").
-
--compile({no_auto_import, [erase/1, get/1]}).
-
-%% API
--export([start_link/0]).
-
-%% Manager APIs
--export([ ensure_driver/2
-        , stop_drivers/0
-        , stop_driver/1
-        ]).
-
-%% Driver APIs
--export([ lookup/1
-        , call/2
-        ]).
-
-%% gen_server callbacks
--export([ init/1
-        , handle_call/3
-        , handle_cast/2
-        , handle_info/2
-        , terminate/2
-        , code_change/3
-        ]).
-
--define(SERVER, ?MODULE).
--define(DEFAULT_CBM, main).
-
--type driver() :: #{name := driver_name(),
-                    type := atom(),
-                    cbm := atom(),
-                    pid := pid(),
-                    opts := list()
-                   }.
-
--type driver_name() :: atom().
-
--type fargs() :: {atom(), list()}.
-
-%%--------------------------------------------------------------------
-%% APIs
-%%--------------------------------------------------------------------
-
-start_link() ->
-    gen_server:start_link({local, ?SERVER}, ?MODULE, [], []).
-
-%%--------------------------------------------------------------------
-%% APIs - Managers
-%%--------------------------------------------------------------------
-
--spec(ensure_driver(driver_name(), list()) -> {ok, pid()} | {error, any()}).
-ensure_driver(Name, Opts) ->
-    {value, {_, Type}, Opts1} = lists:keytake(type, 1, Opts),
-    {value, {_, Cbm},  Opts2} = lists:keytake(cbm, 1, Opts1),
-    gen_server:call(?SERVER, {ensure, {Type, Name, Cbm, Opts2}}).
-
--spec(stop_drivers() -> ok).
-stop_drivers() ->
-    gen_server:call(?SERVER, stop_all).
-
--spec(stop_driver(driver_name()) -> ok).
-stop_driver(Name) ->
-    gen_server:call(?SERVER, {stop, Name}).
-
-%%--------------------------------------------------------------------
-%% APIs - Drivers
-%%--------------------------------------------------------------------
-
--spec(lookup(driver_name()) -> {ok, driver()} | {error, any()}).
-lookup(Name) ->
-    case catch persistent_term:get({?MODULE, Name}) of
-        {'EXIT', {badarg, _}} -> {error, not_found};
-        Driver when is_map(Driver) -> {ok, Driver}
-    end.
-
--spec(call(driver_name(), fargs()) -> ok | {ok, any()} | {error, any()}).
-call(Name, FArgs) ->
-    ensure_alived(Name, fun(Driver) -> do_call(Driver, FArgs) end).
-
-%% @private
-ensure_alived(Name, Fun) ->
-    case catch get(Name) of
-        {'EXIT', _} ->
-            {error, not_found};
-        Driver ->
-            ensure_alived(10, Driver, Fun)
-    end.
-
-%% @private
-ensure_alived(0, _, _) ->
-    {error, driver_process_exited};
-ensure_alived(N, Driver = #{name := Name, pid := Pid}, Fun) ->
-    case is_process_alive(Pid) of
-        true -> Fun(Driver);
-        _ ->
-            timer:sleep(100),
-            #{pid := NPid} = get(Name),
-            case is_process_alive(NPid) of
-                true -> Fun(Driver);
-                _ -> ensure_alived(N-1, Driver#{pid => NPid}, Fun)
-            end
-    end.
-
-%% @private
-do_call(#{type := Type, pid := Pid, cbm := Cbm}, {F, Args}) ->
-    case catch apply(erlport, call, [Pid, Cbm, F, Args, []]) of
-        ok -> ok;
-        undefined -> ok;
-        {_Ok = 0, Return} -> {ok, Return};
-        {_Err = 1, Reason} -> {error, Reason};
-        {'EXIT', Reason, Stk} ->
-            ?LOG(error, "CALL ~p ~p:~p(~p), exception: ~p, stacktrace ~0p",
-                        [Type, Cbm, F, Args, Reason, Stk]),
-            {error, Reason};
-        _X ->
-            ?LOG(error, "CALL ~p ~p:~p(~p), unknown return: ~0p",
-                        [Type, Cbm, F, Args, _X]),
-            {error, unknown_return_format}
-    end.
-
-%%--------------------------------------------------------------------
-%% gen_server callbacks
-%%--------------------------------------------------------------------
-
-init([]) ->
-    process_flag(trap_exit, true),
-    {ok, #{drivers => []}}.
-
-handle_call({ensure, {Type, Name, Cbm, Opts}}, _From, State = #{drivers := Drivers}) ->
-    case lists:keyfind(Name, 1, Drivers) of
-        false ->
-            case do_start_driver(Type, Opts) of
-                {ok, Pid} ->
-                    Driver = #{name => Name,
-                               type => Type,
-                               cbm => Cbm,
-                               pid => Pid,
-                               opts => Opts},
-                    ok = save(Name, Driver),
-                    reply({ok, Driver}, State#{drivers => [{Name, Driver} | Drivers]});
-                {error, Reason} ->
-                    reply({error, Reason}, State)
-            end;
-        {_, Driver} ->
-            reply({ok, Driver}, State)
-    end;
-
-handle_call(stop_all, _From, State = #{drivers := Drivers}) ->
-    lists:foreach(
-      fun({Name, #{pid := Pid}}) ->
-        _ = do_stop_drviver(Pid),
-        _ = erase(Name)
-      end, Drivers),
-    reply(ok, State#{drivers => []});
-
-handle_call({stop, Name}, _From, State = #{drivers := Drivers}) ->
-    case lists:keyfind(Name, 1, Drivers) of
-        false ->
-            reply({error, not_found}, State);
-        {_, #{pid := Pid}} ->
-            _ = do_stop_drviver(Pid),
-            _ = erase(Name),
-            reply(ok, State#{drivers => Drivers -- [{Name, Pid}]})
-    end;
-
-handle_call(Req, _From, State) ->
-    ?WARN("Unexpected request: ~p", [Req]),
-    {reply, ok, State}.
-
-handle_cast(Msg, State) ->
-    ?WARN("Unexpected cast: ~p", [Msg]),
-    {noreply, State}.
-
-handle_info({'EXIT', _From, normal}, State) ->
-    {noreply, State};
-handle_info({'EXIT', From, Reason}, State = #{drivers := Drivers}) ->
-    case [Drv || {_, Drv = #{pid := P}} <- Drivers, P =:= From] of
-        [] -> {noreply, State};
-        [Driver = #{name := Name, type := Type, opts := Opts}] ->
-            ?WARN("Driver ~p crashed: ~p", [Name, Reason]),
-            case do_start_driver(Type, Opts) of
-                {ok, Pid} ->
-                    NDriver = Driver#{pid => Pid},
-                    ok = save(Name, NDriver),
-                    NDrivers = lists:keyreplace(Name, 1, Drivers, {Name, NDriver}),
-                    ?WARN("Restarted driver ~p, pid: ~p", [Name, Pid]),
-                    {noreply, State#{drivers => NDrivers}};
-                {error, Reason} ->
-                    ?WARN("Restart driver ~p failed: ~p", [Name, Reason]),
-                    {noreply, State}
-            end
-    end;
-
-handle_info(Info, State) ->
-    ?WARN("Unexpected info: ~p", [Info]),
-    {noreply, State}.
-
-terminate(_Reason, _State) ->
-    ok.
-
-code_change(_OldVsn, State, _Extra) ->
-    {ok, State}.
-
-%%--------------------------------------------------------------------
-%% Internal funcs
-%%--------------------------------------------------------------------
-
-do_start_driver(Type, Opts)
-  when Type =:= python2;
-       Type =:= python3 ->
-    NOpts = resovle_search_path(python, Opts),
-    python:start_link([{python, atom_to_list(Type)} | NOpts]);
-
-do_start_driver(Type, Opts)
-  when Type =:= java ->
-    NOpts = resovle_search_path(java, Opts),
-    java:start_link([{java, atom_to_list(Type)} | NOpts]);
-
-do_start_driver(Type, _) ->
-    {error, {invalid_driver_type, Type}}.
-
-do_stop_drviver(DriverPid) ->
-    erlport:stop(DriverPid).
-%% @private
-resovle_search_path(java, Opts) ->
-    case lists:keytake(path, 1, Opts) of
-        false -> Opts;
-        {value, {_, Path}, NOpts} ->
-            Solved = lists:flatten(
-                       lists:join(pathsep(),
-                                  [expand_jar_packages(filename:absname(P))
-                                   || P <- re:split(Path, pathsep(), [{return, list}]), P /= ""])),
-            [{java_path, Solved} | NOpts]
-    end;
-resovle_search_path(python, Opts) ->
-    case lists:keytake(path, 1, Opts) of
-        false -> Opts;
-        {value, {_, Path}, NOpts} ->
-            [{python_path, Path} | NOpts]
-    end.
-
-%% @private
-expand_jar_packages(Path) ->
-    IsJarPkgs = fun(Name) ->
-                    Ext = filename:extension(Name),
-                    Ext == ".jar" orelse Ext == ".zip"
-                end,
-    case file:list_dir(Path) of
-        {ok, []} -> [Path];
-        {error, _} -> [Path];
-        {ok, Names} ->
-            lists:join(pathsep(),
-                       [Path] ++ [filename:join([Path, Name]) || Name <- Names, IsJarPkgs(Name)])
-    end.
-
-%% @private
-pathsep() ->
-    case os:type() of
-        {win32, _} ->
-            ";";
-        _ ->
-            ":"
-    end.
-
-%%--------------------------------------------------------------------
-%% Utils
-
-reply(Term, State) ->
-    {reply, Term, State}.
-
-save(Name, Driver) ->
-    persistent_term:put({?MODULE, Name}, Driver).
-
-erase(Name) ->
-    persistent_term:erase({?MODULE, Name}).
-
-get(Name) ->
-    persistent_term:get({?MODULE, Name}).
diff --git a/apps/emqx_exproto/src/emqx_exproto_gcli.erl b/apps/emqx_exproto/src/emqx_exproto_gcli.erl
new file mode 100644
index 000000000..5ae9b0209
--- /dev/null
+++ b/apps/emqx_exproto/src/emqx_exproto_gcli.erl
@@ -0,0 +1,110 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+%% the gRPC client worker for ConnectionHandler service
+-module(emqx_exproto_gcli).
+
+-behaviour(gen_server).
+
+-include_lib("emqx/include/logger.hrl").
+
+-logger_header("[ExProto gClient]").
+
+%% APIs
+-export([async_call/3]).
+
+-export([start_link/2]).
+
+%% gen_server callbacks
+-export([ init/1
+        , handle_call/3
+        , handle_cast/2
+        , handle_info/2
+        , terminate/2
+        , code_change/3
+        ]).
+
+-define(CONN_ADAPTER_MOD, emqx_exproto_v_1_connection_handler_client).
+
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
+start_link(Pool, Id) ->
+    gen_server:start_link({local, emqx_misc:proc_name(?MODULE, Id)},
+                          ?MODULE, [Pool, Id], []).
+
+async_call(FunName, Req = #{conn := Conn}, Options) ->
+    cast(pick(Conn), {rpc, FunName, Req, Options, self()}).
+
+%%--------------------------------------------------------------------
+%% cast, pick
+%%--------------------------------------------------------------------
+
+-compile({inline, [cast/2, pick/1]}).
+
+cast(Deliver, Msg) ->
+    gen_server:cast(Deliver, Msg).
+
+pick(Conn) ->
+    gproc_pool:pick_worker(exproto_gcli_pool, Conn).
+
+%%--------------------------------------------------------------------
+%% gen_server callbacks
+%%--------------------------------------------------------------------
+
+init([Pool, Id]) ->
+    true = gproc_pool:connect_worker(Pool, {Pool, Id}),
+    {ok, #{pool => Pool, id => Id}}.
+
+handle_call(_Request, _From, State) ->
+    {reply, ok, State}.
+
+handle_cast({rpc, Fun, Req, Options, From}, State) ->
+    case catch apply(?CONN_ADAPTER_MOD, Fun, [Req, Options]) of
+        {ok, Resp, _Metadata} ->
+            ?LOG(debug, "~p got {ok, ~0p, ~0p}", [Fun, Resp, _Metadata]),
+            reply(From, Fun, {ok, Resp});
+        {error, {Code, Msg}, _Metadata} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) response errcode: ~0p, errmsg: ~0p",
+                        [?CONN_ADAPTER_MOD, Fun, Req, Options, Code, Msg]),
+            reply(From, Fun, {error, {Code, Msg}});
+        {error, Reason} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) error: ~0p",
+                        [?CONN_ADAPTER_MOD, Fun, Req, Options, Reason]),
+            reply(From, Fun, {error, Reason});
+        {'EXIT', {Reason, Stk}} ->
+            ?LOG(error, "CALL ~0p:~0p(~0p, ~0p) throw an exception: ~0p, stacktrace: ~0p",
+                        [?CONN_ADAPTER_MOD, Fun, Req, Options, Reason, Stk]),
+            reply(From, Fun, {error, Reason})
+    end,
+    {noreply, State}.
+
+handle_info(_Info, State) ->
+    {noreply, State}.
+
+terminate(_Reason, _State) ->
+    ok.
+
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
+%%--------------------------------------------------------------------
+%% Internal funcs
+%%--------------------------------------------------------------------
+
+reply(Pid, Fun, Result) ->
+    Pid ! {hreply, Fun, Result}.
diff --git a/apps/emqx_exproto/src/emqx_exproto_gsvr.erl b/apps/emqx_exproto/src/emqx_exproto_gsvr.erl
new file mode 100644
index 000000000..286784009
--- /dev/null
+++ b/apps/emqx_exproto/src/emqx_exproto_gsvr.erl
@@ -0,0 +1,154 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+%% The gRPC server for ConnectionAdapter
+-module(emqx_exproto_gsvr).
+
+-behavior(emqx_exproto_v_1_connection_adapter_bhvr).
+
+-include("emqx_exproto.hrl").
+-include_lib("emqx/include/logger.hrl").
+
+-logger_header("[ExProto gServer]").
+
+-define(IS_QOS(X), (X =:= 0 orelse X =:= 1 orelse X =:= 2)).
+
+%% gRPC server callbacks
+-export([ send/2
+        , close/2
+        , authenticate/2
+        , start_timer/2
+        , publish/2
+        , subscribe/2
+        , unsubscribe/2
+        ]).
+
+%%--------------------------------------------------------------------
+%% gRPC ConnectionAdapter service
+%%--------------------------------------------------------------------
+
+-spec send(emqx_exproto_pb:send_bytes_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+send(Req = #{conn := Conn, bytes := Bytes}, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, {send, Bytes})), Md}.
+
+-spec close(emqx_exproto_pb:close_socket_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+close(Req = #{conn := Conn}, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, close)), Md}.
+
+-spec authenticate(emqx_exproto_pb:authenticate_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+authenticate(Req = #{conn := Conn,
+                     password := Password,
+                     clientinfo := ClientInfo}, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    case validate(clientinfo, ClientInfo) of
+        false ->
+            {ok, response({error, ?RESP_REQUIRED_PARAMS_MISSED}), Md};
+        _ ->
+            {ok, response(call(Conn, {auth, ClientInfo, Password})), Md}
+    end.
+
+-spec start_timer(emqx_exproto_pb:timer_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+start_timer(Req = #{conn := Conn, type := Type, interval := Interval}, Md)
+  when Type =:= 'KEEPALIVE' andalso Interval > 0 ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, {start_timer, keepalive, Interval})), Md};
+start_timer(Req, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response({error, ?RESP_PARAMS_TYPE_ERROR}), Md}.
+
+-spec publish(emqx_exproto_pb:publish_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+publish(Req = #{conn := Conn, topic := Topic, qos := Qos, payload := Payload}, Md)
+  when ?IS_QOS(Qos) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, {publish, Topic, Qos, Payload})), Md};
+
+publish(Req, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response({error, ?RESP_PARAMS_TYPE_ERROR}), Md}.
+
+-spec subscribe(emqx_exproto_pb:subscribe_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+subscribe(Req = #{conn := Conn, topic := Topic, qos := Qos}, Md)
+  when ?IS_QOS(Qos) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, {subscribe, Topic, Qos})), Md};
+
+subscribe(Req, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response({error, ?RESP_PARAMS_TYPE_ERROR}), Md}.
+
+-spec unsubscribe(emqx_exproto_pb:unsubscribe_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:code_response(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+unsubscribe(Req = #{conn := Conn, topic := Topic}, Md) ->
+    ?LOG(debug, "Recv ~p function with request ~0p", [?FUNCTION_NAME, Req]),
+    {ok, response(call(Conn, {unsubscribe, Topic})), Md}.
+
+%%--------------------------------------------------------------------
+%% Internal funcs
+%%--------------------------------------------------------------------
+
+to_pid(ConnStr) ->
+    list_to_pid(binary_to_list(ConnStr)).
+
+call(ConnStr, Req) ->
+    case catch  to_pid(ConnStr) of
+        {'EXIT', {badarg, _}} ->
+            {error, ?RESP_PARAMS_TYPE_ERROR,
+                    <<"The conn type error">>};
+        Pid when is_pid(Pid) ->
+            case erlang:is_process_alive(Pid) of
+                true ->
+                    emqx_exproto_conn:call(Pid, Req);
+                false ->
+                    {error, ?RESP_CONN_PROCESS_NOT_ALIVE,
+                            <<"Connection process is not alive">>}
+            end
+    end.
+
+%%--------------------------------------------------------------------
+%% Data types
+
+stringfy(Reason) ->
+    unicode:characters_to_binary((io_lib:format("~0p", [Reason]))).
+
+validate(clientinfo, M) ->
+    Required = [proto_name, proto_ver, clientid],
+    lists:all(fun(K) -> maps:is_key(K, M) end, Required).
+
+response(ok) ->
+    #{code => ?RESP_SUCCESS};
+response({error, Code, Reason})
+  when ?IS_GRPC_RESULT_CODE(Code) ->
+    #{code => Code, message => stringfy(Reason)};
+response({error, Code})
+  when ?IS_GRPC_RESULT_CODE(Code) ->
+    #{code => Code};
+response(Other) ->
+    #{code => ?RESP_UNKNOWN, message => stringfy(Other)}.
diff --git a/apps/emqx_exproto/src/emqx_exproto_sup.erl b/apps/emqx_exproto/src/emqx_exproto_sup.erl
index 64be2812c..d4bde316a 100644
--- a/apps/emqx_exproto/src/emqx_exproto_sup.erl
+++ b/apps/emqx_exproto/src/emqx_exproto_sup.erl
@@ -20,17 +20,64 @@
 
 -export([start_link/0]).
 
+-export([ start_grpc_server/3
+        , stop_grpc_server/1
+        , start_grpc_client_channel/3
+        , stop_grpc_client_channel/1
+        ]).
+
 -export([init/1]).
 
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
 start_link() ->
     supervisor:start_link({local, ?MODULE}, ?MODULE, []).
 
-init([]) ->
-    DriverMngr = #{id => driver_mngr,
-                   start => {emqx_exproto_driver_mngr, start_link, []},
-                   restart => permanent,
-                   shutdown => 5000,
-                   type => worker,
-                   modules => [emqx_exproto_driver_mngr]},
-    {ok, {{one_for_all, 10, 5}, [DriverMngr]}}.
+-spec start_grpc_server(atom(), inet:port_number(), list())
+  -> {ok, pid()} | {error, term()}.
+start_grpc_server(Name, Port, SSLOptions) ->
+    Services = #{protos => [emqx_exproto_pb],
+                 services => #{'emqx.exproto.v1.ConnectionAdapter' => emqx_exproto_gsvr}
+                },
+    Options = case SSLOptions of
+                  [] -> [];
+                  _ ->
+                      [{ssl_options, lists:keydelete(ssl, 1, SSLOptions)}]
+              end,
+    grpc:start_server(prefix(Name), Port, Services, Options).
 
+-spec stop_grpc_server(atom()) -> ok.
+stop_grpc_server(Name) ->
+    grpc:stop_server(prefix(Name)).
+
+-spec start_grpc_client_channel(
+        atom(),
+        uri_string:uri_string(),
+        grpc_client:grpc_opts()) -> {ok, pid()} | {error, term()}.
+start_grpc_client_channel(Name, SvrAddr, ClientOpts) ->
+    grpc_client_sup:create_channel_pool(Name, SvrAddr, ClientOpts).
+
+-spec stop_grpc_client_channel(atom()) -> ok.
+stop_grpc_client_channel(Name) ->
+    grpc_client_sup:stop_channel_pool(Name).
+
+%% @private
+prefix(Name) when is_atom(Name) ->
+    "exproto:" ++ atom_to_list(Name);
+prefix(Name) when is_binary(Name) ->
+    "exproto:" ++ binary_to_list(Name);
+prefix(Name) when is_list(Name) ->
+    "exproto:" ++ Name.
+
+%%--------------------------------------------------------------------
+%% Supervisor callbacks
+%%--------------------------------------------------------------------
+
+init([]) ->
+    %% gRPC Client Pool
+    PoolSize = emqx_vm:schedulers() * 2,
+    Pool = emqx_pool_sup:spec([exproto_gcli_pool, hash, PoolSize,
+                               {emqx_exproto_gcli, start_link, []}]),
+    {ok, {{one_for_one, 10, 5}, [Pool]}}.
diff --git a/apps/emqx_exproto/src/emqx_exproto_types.erl b/apps/emqx_exproto/src/emqx_exproto_types.erl
deleted file mode 100644
index aefaae07e..000000000
--- a/apps/emqx_exproto/src/emqx_exproto_types.erl
+++ /dev/null
@@ -1,179 +0,0 @@
-%%--------------------------------------------------------------------
-%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
-%%
-%% Licensed under the Apache License, Version 2.0 (the "License");
-%% you may not use this file except in compliance with the License.
-%% You may obtain a copy of the License at
-%%
-%%     http://www.apache.org/licenses/LICENSE-2.0
-%%
-%% Unless required by applicable law or agreed to in writing, software
-%% distributed under the License is distributed on an "AS IS" BASIS,
-%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-%% See the License for the specific language governing permissions and
-%% limitations under the License.
-%%--------------------------------------------------------------------
-
--module(emqx_exproto_types).
-
--include_lib("emqx/include/emqx.hrl").
--include_lib("emqx/include/types.hrl").
-
--import(proplists, [get_value/2]).
-
--export([ parse/2
-        , serialize/2
-        ]).
-
--type(clientinfo() :: #{ proto_name := maybe(binary())
-                       , proto_ver  := maybe(non_neg_integer())
-                       , clientid   := maybe(binary())
-                       , username   := maybe(binary())
-                       , mountpoint := maybe(binary())
-                       , keepalive  := maybe(non_neg_integer())
-                       }).
-
--type(conninfo() :: #{ socktype := tcp | tls | udp | dtls
-                     , peername := emqx_types:peername()
-                     , sockname := emqx_types:sockname()
-                     , peercert := nossl | binary() | list()
-                     , conn_mod := atom()
-                     }).
-
--export_type([conninfo/0, clientinfo/0]).
-
--define(UP_DATA_SCHEMA_CLIENTINFO, 
-            [ {proto_name, optional, binary}
-            , {proto_ver, optional, [integer, binary]}
-            , {clientid, optional, binary}
-            , {username, optional, binary}
-            , {mountpoint, optional, binary}
-            , {keepalive, optional, integer}
-            ]).
-
--define(UP_DATA_SCHEMA_MESSAGE,
-            [ {id, {optional, fun emqx_guid:gen/0}, binary}
-            , {qos, required, [{enum, [0, 1, 2]}]}
-            , {from, optional, [binary, atom]}
-            , {topic, required, binary}
-            , {payload, required, binary}
-            , {timestamp, {optional, fun() -> erlang:system_time(millisecond) end}, integer}
-            ]).
-
-%%--------------------------------------------------------------------
-%% APIs
-%%--------------------------------------------------------------------
-
--spec(parse(clientinfo | message, list())
-     -> {error, any()}
-      | clientinfo()
-      | emqx_types:message()).
-parse(clientinfo, Params) ->
-    to_map(do_parsing(?UP_DATA_SCHEMA_CLIENTINFO, Params));
-
-parse(message, Params) ->
-    to_message(do_parsing(?UP_DATA_SCHEMA_MESSAGE, Params));
-
-parse(Type, _) ->
-    {error, {unkown_type, Type}}.
-
-%% @private
-to_map(Err = {error, _}) ->
-    Err;
-to_map(Ls) ->
-    maps:from_list(Ls).
-
-%% @private
-to_message(Err = {error, _}) -> 
-    Err;
-to_message(Ls) ->
-    #message{
-       id = get_value(id, Ls),
-       qos = get_value(qos, Ls),
-       from = get_value(from, Ls),
-       topic = get_value(topic, Ls),
-       payload = get_value(payload, Ls),
-       timestamp = get_value(timestamp, Ls)}.
-
--spec(serialize(Type, Struct)
-      -> {error, any()}
-       | [{atom(), any()}]
-    when Type :: conninfo | message,
-         Struct :: conninfo() | emqx_types:message()).
-serialize(conninfo, #{socktype := A1,
-                      peername := A2,
-                      sockname := A3,
-                      peercert := Peercert
-                     }) ->
-    [{socktype, A1},
-     {peername, A2},
-     {sockname, A3},
-     {peercert, do_serializing(peercert, Peercert)}];
-
-serialize(message, Msg) ->
-    [{id, emqx_message:id(Msg)},
-     {qos, emqx_message:qos(Msg)},
-     {from, emqx_message:from(Msg)},
-     {topic, emqx_message:topic(Msg)},
-     {payload, emqx_message:payload(Msg)},
-     {timestamp, emqx_message:timestamp(Msg)}];
-
-serialize(Type, _) ->
-    {error, {unkown_type, Type}}.
-
-%%--------------------------------------------------------------------
-%% Internal funcs
-%%--------------------------------------------------------------------
-
-do_parsing(Schema, Params) ->
-    try do_parsing(Schema, Params, [])
-    catch
-        throw:{badarg, Reason} -> {error, Reason}
-    end.
-do_parsing([], _Params, Acc) ->
-    lists:reverse(Acc);
-do_parsing([Indictor = {Key, _Optional, Type} | More], Params, Acc) ->
-    Value = case get_value(Key, Params) of
-                undefined -> do_generating(Indictor);
-                InParam -> do_typing(Key, InParam, Type)
-            end,
-    do_parsing(More, Params, [{Key, Value} | Acc]).
-
-%% @private 
-do_generating({Key, required, _}) ->
-    throw({badarg, errmsg("~s is required", [Key])});
-do_generating({_, optional, _}) ->
-    undefined;
-do_generating({_, {_, Generator}, _}) when is_function(Generator) ->
-    Generator();
-do_generating({_, {_, Default}, _}) ->
-    Default.
-
-%% @private 
-do_typing(Key, InParam, Types) when is_list(Types) ->
-    case length(lists:filter(fun(T) -> is_x_type(InParam, T) end, Types)) of
-        0 ->
-            throw({badarg, errmsg("~s: value ~p data type is not validate to ~p", [Key, InParam, Types])});
-        _ ->
-            InParam
-    end;
-do_typing(Key, InParam, Type) ->
-    do_typing(Key, InParam, [Type]).
-
-% @private
-is_x_type(P, atom) when is_atom(P) -> true;
-is_x_type(P, binary) when is_binary(P) -> true;
-is_x_type(P, integer) when is_integer(P) -> true;
-is_x_type(P, {enum, Ls}) ->
-    lists:member(P, Ls);
-is_x_type(_, _) -> false.
-
-do_serializing(peercert, nossl) ->
-    nossl;
-do_serializing(peercert, Peercert) ->
-    [{dn, esockd_peercert:subject(Peercert)},
-     {cn, esockd_peercert:common_name(Peercert)}].
-
-errmsg(Fmt, Args) ->
-    lists:flatten(io_lib:format(Fmt, Args)).
-
diff --git a/apps/emqx_exproto/test/emqx_exproto_SUITE.erl b/apps/emqx_exproto/test/emqx_exproto_SUITE.erl
index 5a9d4b830..dc6a25c06 100644
--- a/apps/emqx_exproto/test/emqx_exproto_SUITE.erl
+++ b/apps/emqx_exproto/test/emqx_exproto_SUITE.erl
@@ -19,7 +19,20 @@
 -compile(export_all).
 -compile(nowarn_export_all).
 
+-import(emqx_exproto_echo_svr,
+        [ frame_connect/2
+        , frame_connack/1
+        , frame_publish/3
+        , frame_puback/1
+        , frame_subscribe/2
+        , frame_suback/1
+        , frame_unsubscribe/1
+        , frame_unsuback/1
+        , frame_disconnect/0
+        ]).
+
 -include_lib("emqx/include/emqx.hrl").
+-include_lib("emqx/include/emqx_mqtt.hrl").
 
 -define(TCPOPTS, [binary, {active, false}]).
 -define(DTLSOPTS, [binary, {active, false}, {protocol, dtls}]).
@@ -37,48 +50,38 @@ groups() ->
 
 %% @private
 metrics() ->
-    [ list_to_atom(X ++ "_" ++ Y)
-      || X <- ["python3", "java"], Y <- ["tcp", "ssl", "udp", "dtls"]].
+    [tcp, ssl, udp, dtls].
 
-init_per_group(GrpName, Config) ->
-    [Lang, LisType] = [list_to_atom(X) || X <- string:tokens(atom_to_list(GrpName), "_")],
-    put(grpname, {Lang, LisType}),
+init_per_group(GrpName, Cfg) ->
+    put(grpname, GrpName),
+    Svrs = emqx_exproto_echo_svr:start(),
     emqx_ct_helpers:start_apps([emqx_exproto], fun set_sepecial_cfg/1),
-    [{driver_type, Lang},
-     {listener_type, LisType} | Config].
+    emqx_logger:set_log_level(debug),
+    [{servers, Svrs}, {listener_type, GrpName} | Cfg].
 
-end_per_group(_, _) ->
-    emqx_ct_helpers:stop_apps([emqx_exproto]).
+end_per_group(_, Cfg) ->
+    emqx_ct_helpers:stop_apps([emqx_exproto]),
+    emqx_exproto_echo_svr:stop(proplists:get_value(servers, Cfg)).
 
 set_sepecial_cfg(emqx_exproto) ->
-    {Lang, LisType} = get(grpname),
-    Path = emqx_ct_helpers:deps_path(emqx_exproto, "example/"),
+    LisType = get(grpname),
     Listeners = application:get_env(emqx_exproto, listeners, []),
-    Driver = compile(Lang, Path),
     SockOpts = socketopts(LisType),
     UpgradeOpts = fun(Opts) ->
-                      Opts1 = lists:keydelete(driver, 1, Opts),
-                      Opts2 = lists:keydelete(tcp_options, 1, Opts1),
+                      Opts2 = lists:keydelete(tcp_options, 1, Opts),
                       Opts3 = lists:keydelete(ssl_options, 1, Opts2),
                       Opts4 = lists:keydelete(udp_options, 1, Opts3),
                       Opts5 = lists:keydelete(dtls_options, 1, Opts4),
-                      Driver ++ SockOpts ++ Opts5
+                      SockOpts ++ Opts5
                   end,
     NListeners = [{Proto, LisType, LisOn, UpgradeOpts(Opts)}
                   || {Proto, _Type, LisOn, Opts} <- Listeners],
     application:set_env(emqx_exproto, listeners, NListeners);
-set_sepecial_cfg(_App) ->
+set_sepecial_cfg(emqx) ->
+    application:set_env(emqx, allow_anonymous, true),
+    application:set_env(emqx, enable_acl_cache, false),
     ok.
 
-compile(java, Path) ->
-    ErlPortJar = emqx_ct_helpers:deps_path(erlport, "priv/java/_pkgs/erlport.jar"),
-    ct:pal(os:cmd(lists:concat(["cd ", Path, " && ",
-                                "rm -rf Main.class State.class && ",
-                                "javac -cp ", ErlPortJar, " Main.java"]))),
-    [{driver, [{type, java}, {path, Path}, {cbm, 'Main'}]}];
-compile(python3, Path) ->
-    [{driver, [{type, python3}, {path, Path}, {cbm, main}]}].
-
 %%--------------------------------------------------------------------
 %% Tests cases
 %%--------------------------------------------------------------------
@@ -86,24 +89,263 @@ compile(python3, Path) ->
 t_start_stop(_) ->
     ok.
 
-t_echo(Cfg) ->
+t_mountpoint_echo(Cfg) ->
     SockType = proplists:get_value(listener_type, Cfg),
-    Bin = rand_bytes(),
-
     Sock = open(SockType),
 
-    send(Sock, Bin),
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>,
+               mountpoint => <<"ct/">>
+              },
+    Password = <<"123456">>,
 
-    {ok, Bin} = recv(Sock, byte_size(Bin), 5000),
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
 
-    %% pubsub echo
-    emqx:subscribe(<<"t/#">>),
-    emqx:publish(emqx_message:make(<<"t/dn">>, <<"echo">>)),
-    First = receive {_, _, X} -> X#message.payload end,
-    First = receive {_, _, Y} -> Y#message.payload end,
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
 
+    SubBin = frame_subscribe(<<"t/#">>, 1),
+    SubAckBin = frame_suback(0),
+
+    send(Sock, SubBin),
+    {ok, SubAckBin} = recv(Sock, 5000),
+
+    emqx:publish(emqx_message:make(<<"ct/t/dn">>, <<"echo">>)),
+    PubBin1 = frame_publish(<<"t/dn">>, 0, <<"echo">>),
+    {ok, PubBin1} = recv(Sock, 5000),
+
+    PubBin2 = frame_publish(<<"t/up">>, 0, <<"echo">>),
+    PubAckBin = frame_puback(0),
+
+    emqx:subscribe(<<"ct/t/up">>),
+
+    send(Sock, PubBin2),
+    {ok, PubAckBin} = recv(Sock, 5000),
+
+    receive
+        {deliver, _, _} -> ok
+    after 1000 ->
+          error(echo_not_running)
+    end,
     close(Sock).
 
+t_auth_deny(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>
+              },
+    Password = <<"123456">>,
+
+    ok = meck:new(emqx_access_control, [passthrough, no_history, no_link]),
+    ok = meck:expect(emqx_access_control, authenticate,
+                     fun(_) -> {error, ?RC_NOT_AUTHORIZED} end),
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(1),
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    SockType =/= udp andalso begin
+        {error, closed} = recv(Sock, 5000)
+    end,
+    meck:unload([emqx_access_control]).
+
+t_acl_deny(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>
+              },
+    Password = <<"123456">>,
+
+    ok = meck:new(emqx_access_control, [passthrough, no_history, no_link]),
+    ok = meck:expect(emqx_access_control, check_acl, fun(_, _, _) -> deny end),
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    SubBin = frame_subscribe(<<"t/#">>, 1),
+    SubAckBin = frame_suback(1),
+
+    send(Sock, SubBin),
+    {ok, SubAckBin} = recv(Sock, 5000),
+
+    emqx:publish(emqx_message:make(<<"t/dn">>, <<"echo">>)),
+
+    PubBin = frame_publish(<<"t/dn">>, 0, <<"echo">>),
+    PubBinFailedAck = frame_puback(1),
+    PubBinSuccesAck = frame_puback(0),
+
+    send(Sock, PubBin),
+    {ok, PubBinFailedAck} = recv(Sock, 5000),
+
+    meck:unload([emqx_access_control]),
+
+    send(Sock, PubBin),
+    {ok, PubBinSuccesAck} = recv(Sock, 5000),
+    close(Sock).
+
+t_keepalive_timeout(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>,
+               keepalive => 2
+              },
+    Password = <<"123456">>,
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    DisconnectBin = frame_disconnect(),
+    {ok, DisconnectBin} = recv(Sock, 10000),
+
+    SockType =/= udp andalso begin
+        {error, closed} = recv(Sock, 5000)
+    end, ok.
+
+t_hook_connected_disconnected(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>
+              },
+    Password = <<"123456">>,
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
+
+    Parent = self(),
+    HookFun1 = fun(_, _) -> Parent ! connected, ok end,
+    HookFun2 = fun(_, _, _) -> Parent ! disconnected, ok end,
+    emqx:hook('client.connected', HookFun1),
+    emqx:hook('client.disconnected', HookFun2),
+
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    receive
+        connected -> ok
+    after 1000 ->
+        error(hook_is_not_running)
+    end,
+
+    DisconnectBin = frame_disconnect(),
+    send(Sock, DisconnectBin),
+
+    receive
+        disconnected -> ok
+    after 1000 ->
+        error(hook_is_not_running)
+    end,
+
+    SockType =/= udp andalso begin
+        {error, closed} = recv(Sock, 5000)
+    end,
+    emqx:unhook('client.connected', HookFun1),
+    emqx:unhook('client.disconnected', HookFun2).
+
+t_hook_session_subscribed_unsubscribed(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>
+              },
+    Password = <<"123456">>,
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    Parent = self(),
+    HookFun1 = fun(_, _, _) -> Parent ! subscribed, ok end,
+    HookFun2 = fun(_, _, _) -> Parent ! unsubscribed, ok end,
+    emqx:hook('session.subscribed', HookFun1),
+    emqx:hook('session.unsubscribed', HookFun2),
+
+    SubBin = frame_subscribe(<<"t/#">>, 1),
+    SubAckBin = frame_suback(0),
+
+    send(Sock, SubBin),
+    {ok, SubAckBin} = recv(Sock, 5000),
+
+    receive
+        subscribed -> ok
+    after 1000 ->
+        error(hook_is_not_running)
+    end,
+
+    UnsubBin = frame_unsubscribe(<<"t/#">>),
+    UnsubAckBin = frame_unsuback(0),
+
+    send(Sock, UnsubBin),
+    {ok, UnsubAckBin} = recv(Sock, 5000),
+
+    receive
+        unsubscribed -> ok
+    after 1000 ->
+        error(hook_is_not_running)
+    end,
+
+    close(Sock),
+    emqx:unhook('session.subscribed', HookFun1),
+    emqx:unhook('session.unsubscribed', HookFun2).
+
+t_hook_message_delivered(Cfg) ->
+    SockType = proplists:get_value(listener_type, Cfg),
+    Sock = open(SockType),
+
+    Client = #{proto_name => <<"demo">>,
+               proto_ver => <<"v0.1">>,
+               clientid => <<"test_client_1">>
+              },
+    Password = <<"123456">>,
+
+    ConnBin = frame_connect(Client, Password),
+    ConnAckBin = frame_connack(0),
+
+    send(Sock, ConnBin),
+    {ok, ConnAckBin} = recv(Sock, 5000),
+
+    SubBin = frame_subscribe(<<"t/#">>, 1),
+    SubAckBin = frame_suback(0),
+
+    send(Sock, SubBin),
+    {ok, SubAckBin} = recv(Sock, 5000),
+
+    HookFun1 = fun(_, Msg) -> {ok, Msg#message{payload = <<"2">>}} end,
+    emqx:hook('message.delivered', HookFun1),
+
+    emqx:publish(emqx_message:make(<<"t/dn">>, <<"1">>)),
+    PubBin1 = frame_publish(<<"t/dn">>, 0, <<"2">>),
+    {ok, PubBin1} = recv(Sock, 5000),
+
+    close(Sock),
+    emqx:unhook('message.delivered', HookFun1).
+
 %%--------------------------------------------------------------------
 %% Utils
 
@@ -137,15 +379,15 @@ send({ssl, Sock}, Bin) ->
 send({dtls, Sock}, Bin) ->
     ssl:send(Sock, Bin).
 
-recv({tcp, Sock}, Size, Ts) ->
-    gen_tcp:recv(Sock, Size, Ts);
-recv({udp, Sock}, Size, Ts) ->
-    {ok, {_, _, Bin}} = gen_udp:recv(Sock, Size, Ts),
+recv({tcp, Sock}, Ts) ->
+    gen_tcp:recv(Sock, 0, Ts);
+recv({udp, Sock}, Ts) ->
+    {ok, {_, _, Bin}} = gen_udp:recv(Sock, 0, Ts),
     {ok, Bin};
-recv({ssl, Sock}, Size, Ts) ->
-    ssl:recv(Sock, Size, Ts);
-recv({dtls, Sock}, Size, Ts) ->
-    ssl:recv(Sock, Size, Ts).
+recv({ssl, Sock}, Ts) ->
+    ssl:recv(Sock, 0, Ts);
+recv({dtls, Sock}, Ts) ->
+    ssl:recv(Sock, 0, Ts).
 
 close({tcp, Sock}) ->
     gen_tcp:close(Sock);
diff --git a/apps/emqx_exproto/test/emqx_exproto_echo_svr.erl b/apps/emqx_exproto/test/emqx_exproto_echo_svr.erl
new file mode 100644
index 000000000..3742a29a8
--- /dev/null
+++ b/apps/emqx_exproto/test/emqx_exproto_echo_svr.erl
@@ -0,0 +1,249 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_exproto_echo_svr).
+
+-behavior(emqx_exproto_v_1_connection_handler_bhvr).
+
+-export([ start/0
+        , stop/1
+        ]).
+
+-export([ frame_connect/2
+        , frame_connack/1
+        , frame_publish/3
+        , frame_puback/1
+        , frame_subscribe/2
+        , frame_suback/1
+        , frame_unsubscribe/1
+        , frame_unsuback/1
+        , frame_disconnect/0
+        ]).
+
+-export([ on_socket_created/2
+        , on_received_bytes/2
+        , on_socket_closed/2
+        , on_timer_timeout/2
+        , on_received_messages/2
+        ]).
+
+-define(HTTP, #{grpc_opts => #{service_protos => [emqx_exproto_pb],
+                               services => #{'emqx.exproto.v1.ConnectionHandler' => ?MODULE}},
+                listen_opts => #{port => 9001,
+                                 socket_options => []},
+                pool_opts => #{size => 8},
+                transport_opts => #{ssl => false}}).
+
+-define(CLIENT, emqx_exproto_v_1_connection_adapter_client).
+-define(send(Req), ?CLIENT:send(Req, #{channel => ct_test_channel})).
+-define(close(Req), ?CLIENT:close(Req, #{channel => ct_test_channel})).
+-define(authenticate(Req), ?CLIENT:authenticate(Req, #{channel => ct_test_channel})).
+-define(start_timer(Req), ?CLIENT:start_timer(Req, #{channel => ct_test_channel})).
+-define(publish(Req), ?CLIENT:publish(Req, #{channel => ct_test_channel})).
+-define(subscribe(Req), ?CLIENT:subscribe(Req, #{channel => ct_test_channel})).
+-define(unsubscribe(Req), ?CLIENT:unsubscribe(Req, #{channel => ct_test_channel})).
+
+-define(TYPE_CONNECT, 1).
+-define(TYPE_CONNACK, 2).
+-define(TYPE_PUBLISH, 3).
+-define(TYPE_PUBACK, 4).
+-define(TYPE_SUBSCRIBE, 5).
+-define(TYPE_SUBACK, 6).
+-define(TYPE_UNSUBSCRIBE, 7).
+-define(TYPE_UNSUBACK, 8).
+-define(TYPE_DISCONNECT, 9).
+
+%%--------------------------------------------------------------------
+%% APIs
+%%--------------------------------------------------------------------
+
+start() ->
+    application:ensure_all_started(grpc),
+    [start_channel(), start_server()].
+
+start_channel() ->
+    grpc_client_sup:create_channel_pool(ct_test_channel, "http://127.0.0.1:9100", #{}).
+
+start_server() ->
+    Services = #{protos => [emqx_exproto_pb],
+                 services => #{'emqx.exproto.v1.ConnectionHandler' => ?MODULE}
+                },
+    Options = [],
+    grpc:start_server(?MODULE, 9001, Services, Options).
+
+stop([_ChannPid, _SvrPid]) ->
+    grpc:stop_server(?MODULE),
+    grpc_client_sup:stop_channel_pool(ct_test_channel).
+
+%%--------------------------------------------------------------------
+%% Protocol Adapter callbacks
+%%--------------------------------------------------------------------
+
+-spec on_socket_created(emqx_exproto_pb:socket_created_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_socket_created(Req, Md) ->
+    io:format("~p: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_socket_closed(emqx_exproto_pb:socket_closed_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_socket_closed(Req, Md) ->
+    io:format("~p: ~0p~n", [?FUNCTION_NAME, Req]),
+    {ok, #{}, Md}.
+
+-spec on_received_bytes(emqx_exproto_pb:received_bytes_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_received_bytes(Req = #{conn := Conn, bytes := Bytes}, Md) ->
+    io:format("~p: ~0p~n", [?FUNCTION_NAME, Req]),
+    #{<<"type">> := Type} = Params = emqx_json:decode(Bytes, [return_maps]),
+    _ = handle_in(Conn, Type, Params),
+    {ok, #{}, Md}.
+
+-spec on_timer_timeout(emqx_exproto_pb:timer_timeout_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_timer_timeout(Req = #{conn := Conn, type := 'KEEPALIVE'}, Md) ->
+    io:format("~p: ~0p~n", [?FUNCTION_NAME, Req]),
+    handle_out(Conn, ?TYPE_DISCONNECT),
+    ?close(#{conn => Conn}),
+    {ok, #{}, Md}.
+
+-spec on_received_messages(emqx_exproto_pb:received_messages_request(), grpc:metadata())
+    -> {ok, emqx_exproto_pb:empty_success(), grpc:metadata()}
+     | {error, grpc_cowboy_h:error_response()}.
+on_received_messages(Req = #{conn := Conn, messages := Messages}, Md) ->
+    io:format("~p: ~0p~n", [?FUNCTION_NAME, Req]),
+    lists:foreach(fun(Message) ->
+        handle_out(Conn, ?TYPE_PUBLISH, Message)
+    end, Messages),
+    {ok, #{}, Md}.
+
+%%--------------------------------------------------------------------
+%% The Protocol Example:
+%%  CONN:
+%%   {"type": 1, "clientinfo": {...}}
+%%
+%%  CONNACK:
+%%   {"type": 2, "code": 0}
+%%
+%%  PUBLISH:
+%%   {"type": 3, "topic": "xxx", "payload": "", "qos": 0}
+%%
+%%  PUBACK:
+%%   {"type": 4, "code": 0}
+%%
+%%  SUBSCRIBE:
+%%   {"type": 5, "topic": "xxx", "qos": 1}
+%%
+%%  SUBACK:
+%%   {"type": 6, "code": 0}
+%%
+%%  DISCONNECT:
+%%   {"type": 7, "code": 1}
+%%--------------------------------------------------------------------
+
+handle_in(Conn, ?TYPE_CONNECT, #{<<"clientinfo">> := ClientInfo, <<"password">> := Password}) ->
+    NClientInfo = maps:from_list([{binary_to_atom(K, utf8), V} || {K, V} <- maps:to_list(ClientInfo)]),
+    case ?authenticate(#{conn => Conn, clientinfo => NClientInfo, password => Password}) of
+        {ok, #{code := 'SUCCESS'}, _} ->
+            case maps:get(keepalive, NClientInfo, 0) of
+                0 -> ok;
+                Intv ->
+                    io:format("Try call start_timer with ~ps", [Intv]),
+                    ?start_timer(#{conn => Conn, type => 'KEEPALIVE', interval => Intv})
+            end,
+            handle_out(Conn, ?TYPE_CONNACK, 0);
+        _ ->
+            handle_out(Conn, ?TYPE_CONNACK, 1),
+            ?close(#{conn => Conn})
+    end;
+handle_in(Conn, ?TYPE_PUBLISH, #{<<"topic">> := Topic,
+                                 <<"qos">> := Qos,
+                                 <<"payload">> := Payload}) ->
+    case ?publish(#{conn => Conn, topic => Topic, qos => Qos, payload => Payload}) of
+        {ok, #{code := 'SUCCESS'}, _} ->
+            handle_out(Conn, ?TYPE_PUBACK, 0);
+        _ ->
+            handle_out(Conn, ?TYPE_PUBACK, 1)
+    end;
+handle_in(Conn, ?TYPE_SUBSCRIBE, #{<<"qos">> := Qos, <<"topic">> := Topic}) ->
+    case ?subscribe(#{conn => Conn, topic => Topic, qos => Qos}) of
+        {ok, #{code := 'SUCCESS'}, _} ->
+            handle_out(Conn, ?TYPE_SUBACK, 0);
+        _ ->
+            handle_out(Conn, ?TYPE_SUBACK, 1)
+    end;
+handle_in(Conn, ?TYPE_UNSUBSCRIBE, #{<<"topic">> := Topic}) ->
+    case ?unsubscribe(#{conn => Conn, topic => Topic}) of
+        {ok, #{code := 'SUCCESS'}, _} ->
+            handle_out(Conn, ?TYPE_UNSUBACK, 0);
+        _ ->
+            handle_out(Conn, ?TYPE_UNSUBACK, 1)
+    end;
+
+handle_in(Conn, ?TYPE_DISCONNECT, _) ->
+    ?close(#{conn => Conn}).
+
+handle_out(Conn, ?TYPE_CONNACK, Code) ->
+    ?send(#{conn => Conn, bytes => frame_connack(Code)});
+handle_out(Conn, ?TYPE_PUBACK, Code) ->
+    ?send(#{conn => Conn, bytes => frame_puback(Code)});
+handle_out(Conn, ?TYPE_SUBACK, Code) ->
+    ?send(#{conn => Conn, bytes => frame_suback(Code)});
+handle_out(Conn, ?TYPE_UNSUBACK, Code) ->
+    ?send(#{conn => Conn, bytes => frame_unsuback(Code)});
+handle_out(Conn, ?TYPE_PUBLISH, #{qos := Qos, topic := Topic, payload := Payload}) ->
+    ?send(#{conn => Conn, bytes => frame_publish(Topic, Qos, Payload)}).
+
+handle_out(Conn, ?TYPE_DISCONNECT) ->
+    ?send(#{conn => Conn, bytes => frame_disconnect()}).
+
+%%--------------------------------------------------------------------
+%% Frame
+
+frame_connect(ClientInfo, Password) ->
+    emqx_json:encode(#{type => ?TYPE_CONNECT,
+                       clientinfo => ClientInfo,
+                       password => Password}).
+frame_connack(Code) ->
+    emqx_json:encode(#{type => ?TYPE_CONNACK, code => Code}).
+
+frame_publish(Topic, Qos, Payload) ->
+    emqx_json:encode(#{type => ?TYPE_PUBLISH,
+                       topic => Topic,
+                       qos => Qos,
+                       payload => Payload}).
+
+frame_puback(Code) ->
+    emqx_json:encode(#{type => ?TYPE_PUBACK, code => Code}).
+
+frame_subscribe(Topic, Qos) ->
+    emqx_json:encode(#{type => ?TYPE_SUBSCRIBE, topic => Topic, qos => Qos}).
+
+frame_suback(Code) ->
+    emqx_json:encode(#{type => ?TYPE_SUBACK, code => Code}).
+
+frame_unsubscribe(Topic) ->
+    emqx_json:encode(#{type => ?TYPE_UNSUBSCRIBE, topic => Topic}).
+
+frame_unsuback(Code) ->
+    emqx_json:encode(#{type => ?TYPE_UNSUBACK, code => Code}).
+
+frame_disconnect() ->
+    emqx_json:encode(#{type => ?TYPE_DISCONNECT}).
diff --git a/apps/emqx_prometheus/rebar.config b/apps/emqx_prometheus/rebar.config
index a47380479..6e61fd467 100644
--- a/apps/emqx_prometheus/rebar.config
+++ b/apps/emqx_prometheus/rebar.config
@@ -1,6 +1,6 @@
 {deps,
  [{prometheus, {git, "https://github.com/emqx/prometheus.erl", {tag, "v3.1.1"}}},
-  {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.1"}}}
+  {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.2"}}}
  ]}.
 
 {edoc_opts, [{preprocess, true}]}.
diff --git a/apps/emqx_retainer/rebar.config b/apps/emqx_retainer/rebar.config
index d53cedc61..9557780e8 100644
--- a/apps/emqx_retainer/rebar.config
+++ b/apps/emqx_retainer/rebar.config
@@ -19,6 +19,6 @@
  [{test,
    [{deps,
      [{emqx_ct_helpers, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "1.2.2"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}]}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}]}
    ]}
  ]}.
diff --git a/apps/emqx_retainer/src/emqx_retainer.erl b/apps/emqx_retainer/src/emqx_retainer.erl
index 3531d7ecb..3d8206077 100644
--- a/apps/emqx_retainer/src/emqx_retainer.erl
+++ b/apps/emqx_retainer/src/emqx_retainer.erl
@@ -37,6 +37,9 @@
 
 -export([clean/1]).
 
+%% for emqx_pool task func
+-export([dispatch/2]).
+
 %% gen_server callbacks
 -export([ init/1
         , handle_call/3
@@ -64,7 +67,7 @@ on_session_subscribed(_, _, #{share := ShareName}) when ShareName =/= undefined
     ok;
 on_session_subscribed(_, Topic, #{rh := Rh, is_new := IsNew}) ->
     case Rh =:= 0 orelse (Rh =:= 1 andalso IsNew) of
-        true -> emqx_pool:async_submit(fun dispatch/2, [self(), Topic]);
+        true -> emqx_pool:async_submit(fun ?MODULE:dispatch/2, [self(), Topic]);
         _ -> ok
     end.
 
diff --git a/apps/emqx_rule_engine/include/rule_actions.hrl b/apps/emqx_rule_engine/include/rule_actions.hrl
new file mode 100644
index 000000000..a1532da9e
--- /dev/null
+++ b/apps/emqx_rule_engine/include/rule_actions.hrl
@@ -0,0 +1,11 @@
+-compile({parse_transform, emqx_rule_actions_trans}).
+
+-type selected_data() :: map().
+-type env_vars() :: map().
+-type bindings() :: list(#{atom() => term()}).
+
+-define(BINDING_KEYS, '__bindings__').
+
+-define(bound_v(Key, ENVS0),
+    maps:get(Key,
+        maps:get(?BINDING_KEYS, ENVS0, #{}))).
diff --git a/apps/emqx_rule_engine/include/rule_engine.hrl b/apps/emqx_rule_engine/include/rule_engine.hrl
index 9d5db258b..9d01fefad 100644
--- a/apps/emqx_rule_engine/include/rule_engine.hrl
+++ b/apps/emqx_rule_engine/include/rule_engine.hrl
@@ -111,7 +111,8 @@
 -record(action_instance_params,
         { id :: action_instance_id()
         , params :: #{} %% the params got after initializing the action
-        , apply :: fun((Data::map(), Envs::map()) -> any()) %% the func got after initializing the action
+        , apply :: fun((Data::map(), Envs::map()) -> any())
+                 | {M::module(), F::atom(), Args::list()} %% the func got after initializing the action
         }).
 
 %% Arithmetic operators
diff --git a/apps/emqx_rule_engine/rebar.config b/apps/emqx_rule_engine/rebar.config
index b3e084c56..0a9686593 100644
--- a/apps/emqx_rule_engine/rebar.config
+++ b/apps/emqx_rule_engine/rebar.config
@@ -1,7 +1,7 @@
 {minimum_otp_vsn, "21.0"}.
 
 {deps,
- [{minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.1"}}},
+ [{minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.2"}}},
   {rulesql, {git, "https://github.com/emqx/rulesql", {tag, "0.1.2"}}},
   {getopt, "1.0.1"}
  ]}.
diff --git a/apps/emqx_rule_engine/src/emqx_rule_actions.erl b/apps/emqx_rule_engine/src/emqx_rule_actions.erl
index e024f0cfa..b49a0b2c1 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_actions.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_actions.erl
@@ -18,6 +18,7 @@
 -module(emqx_rule_actions).
 
 -include("rule_engine.hrl").
+-include("rule_actions.hrl").
 -include_lib("emqx/include/emqx.hrl").
 -include_lib("emqx/include/logger.hrl").
 
@@ -47,7 +48,7 @@
                 order => 3,
                 type => string,
                 input => textarea,
-                required => true,
+                required => false,
                 default => <<"${payload}">>,
                 title => #{en => <<"Payload Template">>,
                            zh => <<"消息内容模板"/utf8>>},
@@ -84,7 +85,7 @@
                category => debug,
                for => '$any',
                types => [],
-               create => on_action_do_nothing,
+               create => on_action_create_do_nothing,
                params => #{},
                title => #{en => <<"Do Nothing (debug)">>,
                           zh => <<"空动作 (调试)"/utf8>>},
@@ -92,79 +93,120 @@
                                 zh => <<"此动作什么都不做，并且不会失败 (用以调试)"/utf8>>}
               }).
 
--type(action_fun() :: fun((SelectedData::map(), Envs::map()) -> Result::any())).
-
--export_type([action_fun/0]).
-
 -export([on_resource_create/2]).
 
+%% callbacks for rule engine
 -export([ on_action_create_inspect/2
         , on_action_create_republish/2
+        , on_action_create_do_nothing/2
+        ]).
+
+-export([ on_action_inspect/2
+        , on_action_republish/2
         , on_action_do_nothing/2
         ]).
 
-%%------------------------------------------------------------------------------
-%% Default actions for the Rule Engine
-%%------------------------------------------------------------------------------
 
 -spec(on_resource_create(binary(), map()) -> map()).
 on_resource_create(_Name, Conf) ->
     Conf.
 
--spec(on_action_create_inspect(action_instance_id(), Params :: map()) -> action_fun()).
-on_action_create_inspect(_Id, Params) ->
-    fun(Selected, Envs) ->
-        io:format("[inspect]~n"
-                  "\tSelected Data: ~p~n"
-                  "\tEnvs: ~p~n"
-                  "\tAction Init Params: ~p~n", [Selected, Envs, Params])
-    end.
+%%------------------------------------------------------------------------------
+%% Action 'inspect'
+%%------------------------------------------------------------------------------
+-spec on_action_create_inspect(action_instance_id(), Params :: map())
+    -> NewParams :: map().
+on_action_create_inspect(Id, Params) ->
+    Params.
 
-%% A Demo Action.
--spec(on_action_create_republish(action_instance_id(), #{binary() := emqx_topic:topic()})
-      -> action_fun()).
-on_action_create_republish(Id, #{<<"target_topic">> := TargetTopic, <<"target_qos">> := TargetQoS, <<"payload_tmpl">> := PayloadTmpl}) ->
+-spec on_action_inspect(selected_data(), env_vars()) -> any().
+on_action_inspect(Selected, Envs) ->
+    io:format("[inspect]~n"
+              "\tSelected Data: ~p~n"
+              "\tEnvs: ~p~n"
+              "\tAction Init Params: ~p~n", [Selected, Envs, ?bound_v('Params', Envs)]),
+    emqx_rule_metrics:inc_actions_success(?bound_v('Id', Envs)).
+
+
+%%------------------------------------------------------------------------------
+%% Action 'republish'
+%%------------------------------------------------------------------------------
+-spec on_action_create_republish(action_instance_id(), Params :: map())
+      -> NewParams :: map().
+on_action_create_republish(Id, Params = #{
+        <<"target_topic">> := TargetTopic,
+        <<"target_qos">> := TargetQoS,
+        <<"payload_tmpl">> := PayloadTmpl
+       }) ->
     TopicTks = emqx_rule_utils:preproc_tmpl(TargetTopic),
     PayloadTks = emqx_rule_utils:preproc_tmpl(PayloadTmpl),
-    fun (_Selected, Envs = #{headers := #{republish_by := ActId},
-                             topic := Topic}) when ActId =:= Id ->
-            ?LOG(error, "[republish] recursively republish detected, msg topic: ~p, target topic: ~p",
-                 [Topic, TargetTopic]),
-            error({recursive_republish, Envs});
-        (Selected, _Envs = #{qos := QoS, flags := Flags, timestamp := Timestamp}) ->
-            ?LOG(debug, "[republish] republish to: ~p, Payload: ~p",
-                [TargetTopic, Selected]),
-            increase_and_publish(
-              #message{
-                id = emqx_guid:gen(),
-                qos = if TargetQoS =:= -1 -> QoS; true -> TargetQoS end,
-                from = Id,
-                flags = Flags,
-                headers = #{republish_by => Id},
-                topic = emqx_rule_utils:proc_tmpl(TopicTks, Selected),
-                payload = emqx_rule_utils:proc_tmpl(PayloadTks, Selected),
-                timestamp = Timestamp
-              });
-        %% in case this is not a "message.publish" request
-        (Selected, _Envs) ->
-            ?LOG(debug, "[republish] republish to: ~p, Payload: ~p",
-                [TargetTopic, Selected]),
-            increase_and_publish(
-              #message{
-                 id = emqx_guid:gen(),
-                 qos = if TargetQoS =:= -1 -> 0; true -> TargetQoS end,
-                 from = Id,
-                 flags = #{dup => false, retain => false},
-                 headers = #{republish_by => Id},
-                 topic = emqx_rule_utils:proc_tmpl(TopicTks, Selected),
-                 payload = emqx_rule_utils:proc_tmpl(PayloadTks, Selected),
-                 timestamp = erlang:system_time(millisecond)
-              })
-    end.
+    Params.
 
-increase_and_publish(Msg) ->
-    emqx_metrics:inc_msg(Msg),
-    emqx_broker:safe_publish(Msg).
+-spec on_action_republish(selected_data(), env_vars()) -> any().
+on_action_republish(_Selected, Envs = #{
+            topic := Topic,
+            headers := #{republish_by := ActId},
+            ?BINDING_KEYS := #{'Id' := ActId}
+        }) ->
+    ?LOG(error, "[republish] recursively republish detected, msg topic: ~p, target topic: ~p",
+        [Topic, ?bound_v('TargetTopic', Envs)]),
+    emqx_rule_metrics:inc_actions_error(?bound_v('Id', Envs));
 
-on_action_do_nothing(_, _) ->
-    fun(_, _) -> ok end.
+on_action_republish(Selected, _Envs = #{
+            qos := QoS, flags := Flags, timestamp := Timestamp,
+            ?BINDING_KEYS := #{
+                'Id' := ActId,
+                'TargetTopic' := TargetTopic,
+                'TargetQoS' := TargetQoS,
+                'TopicTks' := TopicTks,
+                'PayloadTks' := PayloadTks
+            }}) ->
+    ?LOG(debug, "[republish] republish to: ~p, Payload: ~p",
+        [TargetTopic, Selected]),
+    increase_and_publish(ActId,
+        #message{
+            id = emqx_guid:gen(),
+            qos = if TargetQoS =:= -1 -> QoS; true -> TargetQoS end,
+            from = ActId,
+            flags = Flags,
+            headers = #{republish_by => ActId},
+            topic = emqx_rule_utils:proc_tmpl(TopicTks, Selected),
+            payload = emqx_rule_utils:proc_tmpl(PayloadTks, Selected),
+            timestamp = Timestamp
+        });
+
+%% in case this is not a "message.publish" request
+on_action_republish(Selected, _Envs = #{
+            ?BINDING_KEYS := #{
+                'Id' := ActId,
+                'TargetTopic' := TargetTopic,
+                'TargetQoS' := TargetQoS,
+                'TopicTks' := TopicTks,
+                'PayloadTks' := PayloadTks
+            }}) ->
+    ?LOG(debug, "[republish] republish to: ~p, Payload: ~p",
+        [TargetTopic, Selected]),
+    increase_and_publish(ActId,
+        #message{
+            id = emqx_guid:gen(),
+            qos = if TargetQoS =:= -1 -> 0; true -> TargetQoS end,
+            from = ActId,
+            flags = #{dup => false, retain => false},
+            headers = #{republish_by => ActId},
+            topic = emqx_rule_utils:proc_tmpl(TopicTks, Selected),
+            payload = emqx_rule_utils:proc_tmpl(PayloadTks, Selected),
+            timestamp = erlang:system_time(millisecond)
+        }).
+
+increase_and_publish(ActId, Msg) ->
+    emqx_broker:safe_publish(Msg),
+    emqx_rule_metrics:inc_actions_success(ActId),
+    emqx_metrics:inc_msg(Msg).
+
+-spec on_action_create_do_nothing(action_instance_id(), Params :: map())
+      -> NewParams :: map().
+on_action_create_do_nothing(ActId, Params) when is_binary(ActId) ->
+    Params.
+
+on_action_do_nothing(Selected, Envs) when is_map(Selected) ->
+    emqx_rule_metrics:inc_actions_success(?bound_v('ActId', Envs)).
diff --git a/apps/emqx_rule_engine/src/emqx_rule_actions_trans.erl b/apps/emqx_rule_engine/src/emqx_rule_actions_trans.erl
new file mode 100644
index 000000000..9ee21385b
--- /dev/null
+++ b/apps/emqx_rule_engine/src/emqx_rule_actions_trans.erl
@@ -0,0 +1,70 @@
+-module(emqx_rule_actions_trans).
+
+-include_lib("syntax_tools/include/merl.hrl").
+
+-export([parse_transform/2]).
+
+parse_transform(Forms, _Options) ->
+  trans(Forms, []).
+
+trans([], ResAST) ->
+  lists:reverse(ResAST);
+trans([{eof, L} | AST], ResAST) ->
+  lists:reverse([{eof, L} | ResAST]) ++ AST;
+trans([{function, LineNo, FuncName, Arity, Clauses} | AST], ResAST) ->
+  NewClauses = trans_func_clauses(atom_to_list(FuncName), Clauses),
+  trans(AST, [{function, LineNo, FuncName, Arity, NewClauses} | ResAST]);
+trans([Form | AST], ResAST) ->
+  trans(AST, [Form | ResAST]).
+
+trans_func_clauses("on_action_create_" ++ _ = _FuncName , Clauses) ->
+  %io:format("~n[[transing function: ~p]]~n", [_FuncName]),
+  %io:format("~n-----old clauses:~n", []), merl:print(Clauses),
+  NewClauses = [
+    begin
+      Bindings = lists:flatten(get_vars(Args) ++ get_vars(Body, lefth)),
+      Body2 = append_to_result(Bindings, Body),
+      {clause, LineNo, Args, Guards, Body2}
+    end || {clause, LineNo, Args, Guards, Body} <- Clauses],
+  %io:format("~n-----new clauses: ~n"), merl:print(NewClauses),
+  NewClauses;
+trans_func_clauses(_FuncName, Clauses) ->
+  %io:format("~n[[discarding function: ~p]]~n", [_FuncName]),
+  Clauses.
+
+get_vars(Exprs) ->
+  get_vars(Exprs, all).
+get_vars(Exprs, Type) ->
+  do_get_vars(Exprs, [], Type).
+
+do_get_vars([], Vars, _Type) -> Vars;
+do_get_vars([Line | Expr], Vars, all) ->
+  do_get_vars(Expr, [syntax_vars(erl_syntax:form_list([Line])) | Vars], all);
+do_get_vars([Line | Expr], Vars, lefth) ->
+  do_get_vars(Expr,
+    case (Line) of
+      ?Q("_@LeftV = _@@_") -> Vars ++ syntax_vars(LeftV);
+      _ -> Vars
+    end, lefth).
+
+syntax_vars(Line) ->
+  sets:to_list(erl_syntax_lib:variables(Line)).
+
+%% append bindings to the return value as the first tuple element.
+%% e.g. if the original result is R, then the new result will be {[binding()], R}.
+append_to_result(Bindings, Exprs) ->
+  erl_syntax:revert_forms(do_append_to_result(to_keyword(Bindings), Exprs, [])).
+
+do_append_to_result(KeyWordVars, [Line], Res) ->
+  case Line of
+    ?Q("_@LeftV = _@RightV") ->
+      lists:reverse([?Q("{[_@KeyWordVars], _@LeftV}"), Line | Res]);
+    _ ->
+      lists:reverse([?Q("{[_@KeyWordVars], _@Line}") | Res])
+  end;
+do_append_to_result(KeyWordVars, [Line | Exprs], Res) ->
+  do_append_to_result(KeyWordVars, Exprs, [Line | Res]).
+
+to_keyword(Vars) ->
+  [erl_syntax:tuple([erl_syntax:atom(Var), merl:var(Var)])
+   || Var <- Vars].
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src
index 36551e73b..90ff40f4f 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src
@@ -1,44 +1,8 @@
-%% -*-: erlang -*-
-
-{"4.2.3",
- [
-   {"4.2.0", [
-     {load_module, emqx_rule_events, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_maps, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []}
-   ]},
-   {"4.2.1", [
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_maps, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []}
-   ]},
-   {"4.2.2", [
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []}
-   ]}
- ],
- [
-   {"4.2.0", [
-     {load_module, emqx_rule_events, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_maps, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []}
-   ]},
-   {"4.2.1", [
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_maps, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []}
-   ]},
-   {"4.2.2", [
-     {load_module, emqx_rule_actions, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_engine, brutal_purge, soft_purge, []},
-     {load_module, emqx_rule_funcs, brutal_purge, soft_purge, []}
-   ]}
- ]
+{VSN,
+  [
+    {<<".*">>, []}
+  ],
+  [
+    {<<".*">>, []}
+  ]
 }.
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.erl b/apps/emqx_rule_engine/src/emqx_rule_engine.erl
index 8384ef4db..1b74a00a0 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine.erl
@@ -20,10 +20,9 @@
 -include_lib("emqx/include/logger.hrl").
 
 -export([ load_providers/0
-        , load_provider/1
         , unload_providers/0
-        , unload_provider/1
         , refresh_resources/0
+        , refresh_resource/1
         , refresh_rule/1
         , refresh_rules/0
         , refresh_actions/1
@@ -174,6 +173,7 @@ create_rule(Params = #{rawsql := Sql, actions := Actions}) ->
                          enabled = Enabled,
                          description = maps:get(description, Params, "")},
             ok = emqx_rule_registry:add_rule(Rule),
+            ok = emqx_rule_metrics:create_rule_metrics(RuleId),
             {ok, Rule};
         Error -> error(Error)
     end.
@@ -198,7 +198,7 @@ delete_rule(RuleId) ->
                 ok = emqx_rule_registry:remove_rule(Rule)
             catch
                 Error:Reason:ST ->
-                    ?LOG(error, "clear_rule rule failed: ~p", [{Error, Reason, ST}]),
+                    ?LOG(error, "clear_rule ~p failed: ~p", [RuleId, {Error, Reason, ST}]),
                     refresh_actions(Actions, fun(_) -> true end)
             end;
         not_found ->
@@ -300,6 +300,9 @@ refresh_resources() ->
             <- emqx_rule_registry:get_resources()],
     ok.
 
+refresh_resource(Type) when is_atom(Type) ->
+    [refresh_resource(Resource)
+     || Resource <- emqx_rule_registry:get_resources_by_type(Type)];
 refresh_resource(#resource{id = ResId, config = Config, type = Type}) ->
     {ok, #resource_type{on_create = {M, F}}} = emqx_rule_registry:find_resource_type(Type),
     cluster_call(init_resource, [M, F, ResId, Config]).
@@ -317,7 +320,8 @@ refresh_rules() ->
             <- emqx_rule_registry:get_rules()],
     ok.
 
-refresh_rule(#rule{actions = Actions}) ->
+refresh_rule(#rule{id = RuleId, actions = Actions}) ->
+    ok = emqx_rule_metrics:create_rule_metrics(RuleId),
     refresh_actions(Actions, fun(_) -> true end).
 
 -spec(refresh_resource_status() -> ok).
@@ -436,14 +440,20 @@ cluster_call(Func, Args) ->
 init_resource(Module, OnCreate, ResId, Config) ->
     Params = ?RAISE(Module:OnCreate(ResId, Config),
                     {{init_resource_failure, node()}, {{Module, OnCreate}, {_REASON_,_ST_}}}),
-    emqx_rule_registry:add_resource_params(#resource_params{id = ResId, params = Params}).
+    emqx_rule_registry:add_resource_params(#resource_params{id = ResId, params = Params, status = #{is_alive => true}}).
 
 init_action(Module, OnCreate, ActionInstId, Params) ->
+    ok = emqx_rule_metrics:create_metrics(ActionInstId),
     case ?RAISE(Module:OnCreate(ActionInstId, Params), {{init_action_failure, node()}, {{Module,OnCreate},{_REASON_,_ST_}}}) of
-        {Apply, NewParams} ->
+        {Apply, NewParams} when is_function(Apply) -> %% BACKW: =< e4.2.2
             ok = emqx_rule_registry:add_action_instance_params(
                 #action_instance_params{id = ActionInstId, params = NewParams, apply = Apply});
-        Apply ->
+        {Bindings, NewParams} when is_list(Bindings) ->
+            ok = emqx_rule_registry:add_action_instance_params(
+            #action_instance_params{
+                id = ActionInstId, params = NewParams,
+                apply = #{mod => Module, bindings => maps:from_list(Bindings)}});
+        Apply when is_function(Apply) -> %% BACKW: =< e4.2.2
             ok = emqx_rule_registry:add_action_instance_params(
                 #action_instance_params{id = ActionInstId, params = Params, apply = Apply})
     end.
@@ -462,7 +472,7 @@ clear_resource(Module, Destroy, ResId) ->
 
 clear_rule(#rule{id = RuleId, actions = Actions}) ->
     clear_actions(Actions),
-    emqx_rule_metrics:clear(RuleId),
+    emqx_rule_metrics:clear_rule_metrics(RuleId),
     ok.
 
 clear_actions(Actions) ->
@@ -474,17 +484,21 @@ clear_actions(Actions) ->
         end, Actions).
 
 clear_action(_Module, undefined, ActionInstId) ->
-    emqx_rule_metrics:clear(ActionInstId),
+    emqx_rule_metrics:clear_metrics(ActionInstId),
     ok = emqx_rule_registry:remove_action_instance_params(ActionInstId);
 clear_action(Module, Destroy, ActionInstId) ->
-    emqx_rule_metrics:clear(ActionInstId),
-    case emqx_rule_registry:get_action_instance_params(ActionInstId) of
-        {ok, #action_instance_params{params = Params}} ->
-            ?RAISE(Module:Destroy(ActionInstId, Params),{{destroy_action_failure, node()},
-                                           {{Module, Destroy}, {_REASON_,_ST_}}}),
-            ok = emqx_rule_registry:remove_action_instance_params(ActionInstId);
-        not_found ->
-            ok
+    case erlang:function_exported(Module, Destroy, 2) of
+        true ->
+            emqx_rule_metrics:clear_metrics(ActionInstId),
+            case emqx_rule_registry:get_action_instance_params(ActionInstId) of
+                {ok, #action_instance_params{params = Params}} ->
+                    ?RAISE(Module:Destroy(ActionInstId, Params),{{destroy_action_failure, node()},
+                                                {{Module, Destroy}, {_REASON_,_ST_}}}),
+                    ok = emqx_rule_registry:remove_action_instance_params(ActionInstId);
+                not_found ->
+                    ok
+            end;
+        false -> ok
     end.
 
 fetch_resource_status(Module, OnStatus, ResId) ->
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine_api.erl b/apps/emqx_rule_engine/src/emqx_rule_engine_api.erl
index f38ff4b10..a09d526ae 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine_api.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine_api.erl
@@ -297,7 +297,17 @@ do_create_resource(Create, Params) ->
     end.
 
 list_resources(#{}, _Params) ->
-    return_all(emqx_rule_registry:get_resources()).
+    Data0 = lists:foldr(fun maybe_record_to_map/2, [], emqx_rule_registry:get_resources()),
+    Data = lists:map(fun(Res = #{id := Id}) ->
+               Status = lists:all(fun(Node) ->
+                            case emqx_rpc:call(Node, emqx_rule_registry, find_resource_params, [Id]) of
+                                {ok, #resource_params{status = #{is_alive := true}}} -> true;
+                                _ -> false
+                            end
+                        end, ekka_mnesia:running_nodes()),
+               maps:put(status, Status, Res)
+           end, Data0),
+    return({ok, Data}).
 
 list_resources_by_type(#{type := Type}, _Params) ->
     return_all(emqx_rule_registry:get_resources_by_type(Type)).
@@ -309,7 +319,7 @@ show_resource(#{id := Id}, _Params) ->
                 [begin
                     {ok, St} = rpc:call(Node, emqx_rule_engine, get_resource_status, [Id]),
                     maps:put(node, Node, St)
-                end || Node <- [node()| nodes()]],
+                end || Node <- ekka_mnesia:running_nodes()],
             return({ok, maps:put(status, Status, record_to_map(R))});
         not_found ->
             return({error, 404, <<"Not Found">>})
@@ -538,8 +548,8 @@ sort_by(Pos, TplList) ->
 
 get_rule_metrics(Id) ->
     [maps:put(node, Node, rpc:call(Node, emqx_rule_metrics, get_rule_metrics, [Id]))
-     || Node <- [node()| nodes()]].
+     || Node <- ekka_mnesia:running_nodes()].
 
 get_action_metrics(Id) ->
     [maps:put(node, Node, rpc:call(Node, emqx_rule_metrics, get_action_metrics, [Id]))
-     || Node <- [node()| nodes()]].
+     || Node <- ekka_mnesia:running_nodes()].
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine_app.erl b/apps/emqx_rule_engine/src/emqx_rule_engine_app.erl
index 2d1aa54f5..b244f8323 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine_app.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine_app.erl
@@ -28,6 +28,7 @@
 
 start(_Type, _Args) ->
     {ok, Sup} = emqx_rule_engine_sup:start_link(),
+    _ = emqx_rule_engine_sup:start_locker(),
     ok = emqx_rule_engine:load_providers(),
     ok = emqx_rule_engine:refresh_resources(),
     ok = emqx_rule_engine:refresh_rules(),
diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine_sup.erl b/apps/emqx_rule_engine/src/emqx_rule_engine_sup.erl
index e550e4f6c..43de01593 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_engine_sup.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_engine_sup.erl
@@ -22,6 +22,8 @@
 
 -export([start_link/0]).
 
+-export([start_locker/0]).
+
 -export([init/1]).
 
 start_link() ->
@@ -45,3 +47,11 @@ init([]) ->
                 modules => [emqx_rule_metrics]},
     {ok, {{one_for_all, 10, 100}, [Registry, Metrics]}}.
 
+start_locker() ->
+    Locker = #{id => emqx_rule_locker,
+               start => {emqx_rule_locker, start_link, []},
+               restart => permanent,
+               shutdown => 5000,
+               type => worker,
+               modules => [emqx_rule_locker]},
+    supervisor:start_child(?MODULE, Locker).
diff --git a/apps/emqx_rule_engine/src/emqx_rule_funcs.erl b/apps/emqx_rule_engine/src/emqx_rule_funcs.erl
index 6795f1522..ed2e53efa 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_funcs.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_funcs.erl
@@ -233,7 +233,7 @@ payload() ->
 
 payload(Path) ->
     fun(#{payload := Payload}) when erlang:is_map(Payload) ->
-            map_get(Path, Payload);
+            emqx_rule_maps:nested_get(map_path(Path), Payload);
        (_) -> undefined
     end.
 
@@ -607,10 +607,52 @@ map_get(Key, Map) ->
     map_get(Key, Map, undefined).
 
 map_get(Key, Map, Default) ->
-    emqx_rule_maps:nested_get(map_path(Key), Map, Default).
+    case maps:find(Key, Map) of
+        {ok, Val} -> Val;
+        error when is_atom(Key) ->
+            %% the map may have an equivalent binary-form key
+            BinKey = emqx_rule_utils:bin(Key),
+            case maps:find(BinKey, Map) of
+                {ok, Val} -> Val;
+                error -> Default
+            end;
+        error when is_binary(Key) ->
+            try %% the map may have an equivalent atom-form key
+                AtomKey = list_to_existing_atom(binary_to_list(Key)),
+                case maps:find(AtomKey, Map) of
+                    {ok, Val} -> Val;
+                    error -> Default
+                end
+            catch error:badarg ->
+                Default
+            end;
+        error ->
+            Default
+    end.
 
 map_put(Key, Val, Map) ->
-    emqx_rule_maps:nested_put(map_path(Key), Val, Map).
+    case maps:find(Key, Map) of
+        {ok, _} -> maps:put(Key, Val, Map);
+        error when is_atom(Key) ->
+            %% the map may have an equivalent binary-form key
+            BinKey = emqx_rule_utils:bin(Key),
+            case maps:find(BinKey, Map) of
+                {ok, _} -> maps:put(BinKey, Val, Map);
+                error -> maps:put(Key, Val, Map)
+            end;
+        error when is_binary(Key) ->
+            try %% the map may have an equivalent atom-form key
+                AtomKey = list_to_existing_atom(binary_to_list(Key)),
+                case maps:find(AtomKey, Map) of
+                    {ok, _} -> maps:put(AtomKey, Val, Map);
+                    error -> maps:put(Key, Val, Map)
+                end
+            catch error:badarg ->
+                maps:put(Key, Val, Map)
+            end;
+        error ->
+            maps:put(Key, Val, Map)
+    end.
 
 mget(Key, Map) ->
     mget(Key, Map, undefined).
diff --git a/apps/emqx_rule_engine/src/emqx_rule_locker.erl b/apps/emqx_rule_engine/src/emqx_rule_locker.erl
new file mode 100644
index 000000000..40451a0d8
--- /dev/null
+++ b/apps/emqx_rule_engine/src/emqx_rule_locker.erl
@@ -0,0 +1,34 @@
+%%--------------------------------------------------------------------
+%% Copyright (c) 2020 EMQ Technologies Co., Ltd. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%--------------------------------------------------------------------
+
+-module(emqx_rule_locker).
+
+-export([start_link/0]).
+
+-export([ lock/1
+        , unlock/1
+        ]).
+
+start_link() ->
+    ekka_locker:start_link(?MODULE).
+
+-spec(lock(binary()) -> ekka_locker:lock_result()).
+lock(Id) ->
+    ekka_locker:acquire(?MODULE, Id, local).
+
+-spec(unlock(binary()) -> {boolean(), [node()]}).
+unlock(Id) ->
+    ekka_locker:release(?MODULE, Id, local).
diff --git a/apps/emqx_rule_engine/src/emqx_rule_maps.erl b/apps/emqx_rule_engine/src/emqx_rule_maps.erl
index 27c08dd12..7ccd16c0c 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_maps.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_maps.erl
@@ -28,19 +28,17 @@
 nested_get(Key, Data) ->
     nested_get(Key, Data, undefined).
 
-nested_get({var, Key}, Data, Default) when is_map(Data) orelse is_list(Data) ->
+nested_get({var, Key}, Data, Default) ->
     general_map_get({key, Key}, Data, Data, Default);
 nested_get({path, Path}, Data, Default) when is_map(Data) orelse is_list(Data),
                                              is_list(Path) ->
     do_nested_get(Path, Data, Data, Default);
-nested_get(Key, JsonStr, Default) when is_binary(JsonStr) ->
-    try emqx_json:decode(JsonStr, [return_maps]) of
+nested_get(Key, Data, Default) when not is_map(Data) ->
+    try emqx_json:decode(Data, [return_maps]) of
         Json -> nested_get(Key, Json, Default)
     catch
         _:_ -> Default
-    end;
-nested_get(_Key, _InvalidData, Default) ->
-    Default.
+    end.
 
 do_nested_get([Key|More], Data, OrgData, Default) ->
     case general_map_get(Key, Data, OrgData, undefined) of
@@ -83,12 +81,6 @@ general_map_put(Key, Val, Map, OrgData) ->
             (_) -> do_put(Key, Val, Map, OrgData)
         end).
 
-general_find(Key, JsonStr, _OrgData, Handler) when is_binary(JsonStr) ->
-    try emqx_json:decode(JsonStr, [return_maps]) of
-        Json -> general_find(Key, Json, _OrgData, Handler)
-    catch
-        _:_ -> Handler(not_found)
-    end;
 general_find({key, Key}, Map, _OrgData, Handler) when is_map(Map) ->
     case maps:find(Key, Map) of
         {ok, Val} -> Handler({found, {{key, Key}, Val}});
diff --git a/apps/emqx_rule_engine/src/emqx_rule_metrics.erl b/apps/emqx_rule_engine/src/emqx_rule_metrics.erl
index 3c1ec9c0f..c24954f94 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_metrics.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_metrics.erl
@@ -25,14 +25,38 @@
         , stop/0
         ]).
 
+-export([ get_rules_matched/1
+        , get_actions_taken/1
+        , get_actions_success/1
+        , get_actions_error/1
+        , get_actions_exception/1
+        , get_actions_retry/1
+        ]).
+
+-export([ inc_rules_matched/1
+        , inc_rules_matched/2
+        , inc_actions_taken/1
+        , inc_actions_taken/2
+        , inc_actions_success/1
+        , inc_actions_success/2
+        , inc_actions_error/1
+        , inc_actions_error/2
+        , inc_actions_exception/1
+        , inc_actions_exception/2
+        , inc_actions_retry/1
+        , inc_actions_retry/2
+        ]).
+
 -export([ inc/2
         , inc/3
         , get/2
         , get_overall/1
         , get_rule_speed/1
         , get_overall_rule_speed/0
-        , create/1
-        , clear/1
+        , create_rule_metrics/1
+        , create_metrics/1
+        , clear_rule_metrics/1
+        , clear_metrics/1
         , overall_metrics/0
         ]).
 
@@ -45,6 +69,7 @@
         , handle_call/3
         , handle_info/2
         , handle_cast/2
+        , code_change/3
         , terminate/2
         ]).
 
@@ -81,16 +106,20 @@
 %%------------------------------------------------------------------------------
 %% APIs
 %%------------------------------------------------------------------------------
--spec(create(rule_id()) -> Ref :: reference()).
-create(<<"rule:", _/binary>> = Id) ->
-    gen_server:call(?MODULE, {create_rule_metrics, Id});
-create(Id) ->
+-spec(create_rule_metrics(rule_id()) -> Ref :: reference()).
+create_rule_metrics(Id) ->
+    gen_server:call(?MODULE, {create_rule_metrics, Id}).
+
+-spec(create_metrics(rule_id()) -> Ref :: reference()).
+create_metrics(Id) ->
     gen_server:call(?MODULE, {create_metrics, Id}).
 
--spec(clear(rule_id()) -> ok).
-clear(<<"rule:", _/binary>> = Id) ->
-    gen_server:call(?MODULE, {delete_rule_metrics, Id});
-clear(Id) ->
+-spec(clear_rule_metrics(rule_id()) -> ok).
+clear_rule_metrics(Id) ->
+    gen_server:call(?MODULE, {delete_rule_metrics, Id}).
+
+-spec(clear_metrics(rule_id()) -> ok).
+clear_metrics(Id) ->
     gen_server:call(?MODULE, {delete_metrics, Id}).
 
 -spec(get(rule_id(), atom()) -> number()).
@@ -115,7 +144,7 @@ get_overall_rule_speed() ->
 -spec(get_rule_metrics(rule_id()) -> map()).
 get_rule_metrics(Id) ->
     #{max := Max, current := Current, last5m := Last5M} = get_rule_speed(Id),
-    #{matched => get(Id, 'rules.matched'),
+    #{matched => get_rules_matched(Id),
       speed => Current,
       speed_max => Max,
       speed_last5m => Last5M
@@ -123,26 +152,70 @@ get_rule_metrics(Id) ->
 
 -spec(get_action_metrics(action_instance_id()) -> map()).
 get_action_metrics(Id) ->
-    #{success => get(Id, 'actions.success'),
-      failed => get(Id, 'actions.failure')
+    #{success => get_actions_success(Id),
+      failed => get_actions_error(Id) + get_actions_exception(Id),
+      taken => get_actions_taken(Id)
      }.
 
 -spec(inc(rule_id(), atom()) -> ok).
 inc(Id, Metric) ->
     inc(Id, Metric, 1).
 inc(Id, Metric, Val) ->
-    case couters_ref(Id) of
-        not_found ->
-            counters:add(create(Id), metrics_idx(Metric), Val);
-        Ref ->
-            counters:add(Ref, metrics_idx(Metric), Val)
-    end,
+    counters:add(couters_ref(Id), metrics_idx(Metric), Val),
     inc_overall(Metric, Val).
 
 -spec(inc_overall(rule_id(), atom()) -> ok).
 inc_overall(Metric, Val) ->
     emqx_metrics:inc(Metric, Val).
 
+inc_rules_matched(Id) ->
+    inc_rules_matched(Id, 1).
+inc_rules_matched(Id, Val) ->
+    inc(Id, 'rules.matched', Val).
+
+inc_actions_taken(Id) ->
+    inc_actions_taken(Id, 1).
+inc_actions_taken(Id, Val) ->
+    inc(Id, 'actions.taken', Val).
+
+inc_actions_success(Id) ->
+    inc_actions_success(Id, 1).
+inc_actions_success(Id, Val) ->
+    inc(Id, 'actions.success', Val).
+
+inc_actions_error(Id) ->
+    inc_actions_error(Id, 1).
+inc_actions_error(Id, Val) ->
+    inc(Id, 'actions.error', Val).
+
+inc_actions_exception(Id) ->
+    inc_actions_exception(Id, 1).
+inc_actions_exception(Id, Val) ->
+    inc(Id, 'actions.exception', Val).
+
+inc_actions_retry(Id) ->
+    inc_actions_retry(Id, 1).
+inc_actions_retry(Id, Val) ->
+    inc(Id, 'actions.retry', Val).
+
+get_rules_matched(Id) ->
+    get(Id, 'rules.matched').
+
+get_actions_taken(Id) ->
+    get(Id, 'actions.taken').
+
+get_actions_success(Id) ->
+    get(Id, 'actions.success').
+
+get_actions_error(Id) ->
+    get(Id, 'actions.error').
+
+get_actions_exception(Id) ->
+    get(Id, 'actions.exception').
+
+get_actions_retry(Id) ->
+    get(Id, 'actions.retry').
+
 start_link() ->
     gen_server:start_link({local, ?MODULE}, ?MODULE, [], []).
 
@@ -205,7 +278,7 @@ handle_info(ticking, State = #state{rule_speeds = RuleSpeeds0,
                                        overall_rule_speed = OverallRuleSpeed0}) ->
     RuleSpeeds = maps:map(
                     fun(Id, RuleSpeed) ->
-                        calculate_speed(get(Id, 'rules.matched'), RuleSpeed)
+                        calculate_speed(get_rules_matched(Id), RuleSpeed)
                     end, RuleSpeeds0),
     OverallRuleSpeed = calculate_speed(get_overall('rules.matched'), OverallRuleSpeed0),
     async_refresh_resource_status(),
@@ -216,6 +289,50 @@ handle_info(ticking, State = #state{rule_speeds = RuleSpeeds0,
 handle_info(_Info, State) ->
     {noreply, State}.
 
+code_change({down, Vsn}, State = #state{metric_ids = MIDs}, _Extra)
+        when Vsn =:= "4.2.0";
+             Vsn =:= "4.2.1" ->
+    emqx_metrics:ensure('actions.failure'),
+    emqx_metrics:set('actions.failure',
+                     emqx_metrics:val('actions.error')
+                     + emqx_metrics:val('actions.exception')),
+    [begin
+        Matched = get_rules_matched(Id),
+        Succ = get_actions_success(Id),
+        Error = get_actions_error(Id),
+        Except = get_actions_exception(Id),
+        ok = delete_counters(Id),
+        ok = create_counters(Id),
+        inc_rules_matched(Id, Matched),
+        inc_actions_success(Id, Succ),
+        inc_actions_error(Id, Error + Except)
+    end || Id <- sets:to_list(MIDs)],
+    {ok, State};
+
+code_change(Vsn, State = #state{metric_ids = MIDs}, _Extra)
+        when Vsn =:= "4.2.0";
+             Vsn =:= "4.2.1" ->
+    [emqx_metrics:ensure(Name)
+     || Name <-
+        ['actions.error', 'actions.taken',
+         'actions.exception', 'actions.retry'
+        ]],
+    emqx_metrics:set('actions.error', emqx_metrics:val('actions.failure')),
+    [begin
+        Matched = get_rules_matched(Id),
+        Succ = get_actions_success(Id),
+        Error = get_actions_error(Id),
+        ok = delete_counters(Id),
+        ok = create_counters(Id),
+        inc_rules_matched(Id, Matched),
+        inc_actions_success(Id, Succ),
+        inc_actions_error(Id, Error)
+    end || Id <- sets:to_list(MIDs)],
+    {ok, State};
+
+code_change(_OldVsn, State, _Extra) ->
+    {ok, State}.
+
 terminate(_Reason, #state{metric_ids = MIDs}) ->
     [delete_counters(Id) || Id <- sets:to_list(MIDs)],
     persistent_term:erase(?MODULE).
@@ -231,9 +348,12 @@ async_refresh_resource_status() ->
     spawn(emqx_rule_engine, refresh_resource_status, []).
 
 create_counters(Id) ->
-    CRef = counters:new(max_counters_size(), [write_concurrency]),
-    ok = persistent_term:put(?CRefID(Id), CRef),
-    CRef.
+    case couters_ref(Id) of
+        not_found ->
+            ok = persistent_term:put(?CRefID(Id),
+                    counters:new(max_counters_size(), [write_concurrency]));
+        _Ref -> ok
+    end.
 
 delete_counters(Id) ->
     persistent_term:erase(?CRefID(Id)),
@@ -287,12 +407,21 @@ precision(Float, N) ->
 %% Metrics Definitions
 %%------------------------------------------------------------------------------
 
-max_counters_size() -> 4.
+max_counters_size() -> 7.
 
-metrics_idx('rules.matched') ->      1;
-metrics_idx('actions.success') ->   2;
-metrics_idx('actions.failure') ->   3;
-metrics_idx(_) ->                   4.
+metrics_idx('rules.matched') ->       1;
+metrics_idx('actions.success') ->     2;
+metrics_idx('actions.error') ->       3;
+metrics_idx('actions.taken') ->       4;
+metrics_idx('actions.exception') ->   5;
+metrics_idx('actions.retry') ->       6;
+metrics_idx(_) ->                     7.
 
 overall_metrics() ->
-    ['rules.matched', 'actions.success', 'actions.failure'].
+    [ 'rules.matched'
+    , 'actions.success'
+    , 'actions.error'
+    , 'actions.taken'
+    , 'actions.exception'
+    , 'actions.retry'
+    ].
diff --git a/apps/emqx_rule_engine/src/emqx_rule_runtime.erl b/apps/emqx_rule_engine/src/emqx_rule_runtime.erl
index ff094d74c..7b40a12fc 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_runtime.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_runtime.erl
@@ -38,7 +38,7 @@
 -define(ephemeral_alias(TYPE, NAME),
     iolist_to_binary(io_lib:format("_v_~s_~p_~p", [TYPE, NAME, erlang:system_time()]))).
 
--define(ActionMaxRetry, 1).
+-define(ActionMaxRetry, 3).
 
 %%------------------------------------------------------------------------------
 %% Apply rules
@@ -227,19 +227,21 @@ take_actions(Actions, Selected, Envs, OnFailed) ->
     [take_action(ActInst, Selected, Envs, OnFailed, ?ActionMaxRetry)
      || ActInst <- Actions].
 
-take_action(#action_instance{id = Id, fallbacks = Fallbacks} = ActInst,
+take_action(#action_instance{id = Id, name = ActName, fallbacks = Fallbacks} = ActInst,
             Selected, Envs, OnFailed, RetryN) when RetryN >= 0 ->
     try
         {ok, #action_instance_params{apply = Apply}}
             = emqx_rule_registry:get_action_instance_params(Id),
-        Result = Apply(Selected, Envs),
-        emqx_rule_metrics:inc(Id, 'actions.success'),
-        Result
+        emqx_rule_metrics:inc_actions_taken(Id),
+        apply_action_func(Selected, Envs, Apply, ActName)
     catch
-        error:{badfun, Func}:_Stack ->
-            ?LOG(warning, "Action ~p maybe outdated, refresh it and try again."
-                          "Func: ~p", [Id, Func]),
-            _ = emqx_rule_engine:refresh_actions([ActInst]),
+        error:{badfun, _Func}:_ST ->
+            %?LOG(warning, "Action ~p maybe outdated, refresh it and try again."
+            %              "Func: ~p~nST:~0p", [Id, Func, ST]),
+            trans_action_on(Id, fun() ->
+                    emqx_rule_engine:refresh_actions([ActInst])
+            end, 5000),
+            emqx_rule_metrics:inc_actions_retry(Id),
             take_action(ActInst, Selected, Envs, OnFailed, RetryN-1);
         Error:Reason:Stack ->
             handle_action_failure(OnFailed, Id, Fallbacks, Selected, Envs, {Error, Reason, Stack})
@@ -248,13 +250,46 @@ take_action(#action_instance{id = Id, fallbacks = Fallbacks} = ActInst,
 take_action(#action_instance{id = Id, fallbacks = Fallbacks}, Selected, Envs, OnFailed, _RetryN) ->
     handle_action_failure(OnFailed, Id, Fallbacks, Selected, Envs, {max_try_reached, ?ActionMaxRetry}).
 
+apply_action_func(Data, Envs, #{mod := Mod, bindings := Bindings}, Name) ->
+    %% TODO: Build the Func Name when creating the action
+    Func = cbk_on_action_triggered(Name),
+    Mod:Func(Data, Envs#{'__bindings__' => Bindings});
+apply_action_func(Data, Envs, Func, _Name) when is_function(Func) ->
+    erlang:apply(Func, [Data, Envs]).
+
+cbk_on_action_triggered(Name) ->
+    list_to_atom("on_action_" ++ atom_to_list(Name)).
+
+trans_action_on(Id, Callback, Timeout) ->
+    case emqx_rule_locker:lock(Id) of
+        true -> try Callback() after emqx_rule_locker:unlock(Id) end;
+        _ ->
+            wait_action_on(Id, Timeout div 10)
+    end.
+
+wait_action_on(_, 0) ->
+    {error, timeout};
+wait_action_on(Id, RetryN) ->
+    timer:sleep(10),
+    case emqx_rule_registry:get_action_instance_params(Id) of
+        not_found ->
+            {error, not_found};
+        {ok, #action_instance_params{apply = Apply}} ->
+            case catch apply_action_func(baddata, #{}, Apply, tryit) of
+                {'EXIT', {{badfun, _}, _}} ->
+                    wait_action_on(Id, RetryN-1);
+                _ ->
+                    ok
+            end
+    end.
+
 handle_action_failure(continue, Id, Fallbacks, Selected, Envs, Reason) ->
-    emqx_rule_metrics:inc(Id, 'actions.failure'),
+    emqx_rule_metrics:inc_actions_exception(Id),
     ?LOG(error, "Take action ~p failed, continue next action, reason: ~0p", [Id, Reason]),
     take_actions(Fallbacks, Selected, Envs, continue),
     failed;
 handle_action_failure(stop, Id, Fallbacks, Selected, Envs, Reason) ->
-    emqx_rule_metrics:inc(Id, 'actions.failure'),
+    emqx_rule_metrics:inc_actions_exception(Id),
     ?LOG(error, "Take action ~p failed, skip all actions, reason: ~0p", [Id, Reason]),
     take_actions(Fallbacks, Selected, Envs, continue),
     error({take_action_failed, {Id, Reason}}).
diff --git a/apps/emqx_rule_engine/src/emqx_rule_sqlparser.erl b/apps/emqx_rule_engine/src/emqx_rule_sqlparser.erl
index 49c2264a1..03a2e816e 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_sqlparser.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_sqlparser.erl
@@ -103,12 +103,3 @@ select_from(#select{from = From}) ->
 select_where(#select{where = Where}) ->
     Where.
 
-fixed_columns() ->
-    ?COLUMNS('message.publish') ++
-    ?COLUMNS('message.acked') ++
-    ?COLUMNS('message.dropped') ++
-    ?COLUMNS('client.connected') ++
-    ?COLUMNS('client.disconnected') ++
-    ?COLUMNS('session.subscribed') ++
-    ?COLUMNS('session.unsubscribed') ++
-    [<<"item">>].
diff --git a/apps/emqx_rule_engine/src/emqx_rule_sqltester.erl b/apps/emqx_rule_engine/src/emqx_rule_sqltester.erl
index b77093da6..aeb1bf588 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_sqltester.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_sqltester.erl
@@ -44,6 +44,8 @@ test(#{<<"rawsql">> := Sql, <<"ctx">> := Context}) ->
 test_rule(Sql, Select, Context, EventTopics) ->
     RuleId = iolist_to_binary(["test_rule", emqx_rule_id:gen()]),
     ActInstId = iolist_to_binary(["test_action", emqx_rule_id:gen()]),
+    ok = emqx_rule_metrics:create_rule_metrics(RuleId),
+    ok = emqx_rule_metrics:create_metrics(ActInstId),
     Rule = #rule{
         id = RuleId,
         rawsql = Sql,
@@ -63,7 +65,10 @@ test_rule(Sql, Select, Context, EventTopics) ->
                 #action_instance_params{id = ActInstId,
                                         params = #{},
                                         apply = sql_test_action()}),
-        emqx_rule_runtime:apply_rule(Rule, FullContext)
+        R = emqx_rule_runtime:apply_rule(Rule, FullContext),
+        emqx_rule_metrics:clear_rule_metrics(RuleId),
+        emqx_rule_metrics:clear_metrics(ActInstId),
+        R
     of
         {ok, Data} -> {ok, flatten(Data)};
         {error, nomatch} -> {error, nomatch}
diff --git a/apps/emqx_rule_engine/src/emqx_rule_utils.erl b/apps/emqx_rule_engine/src/emqx_rule_utils.erl
index 68ae5b479..e4e2f5af5 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_utils.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_utils.erl
@@ -19,8 +19,14 @@
 %% preprocess and process tempalte string with place holders
 -export([ preproc_tmpl/1
         , proc_tmpl/2
+        , proc_tmpl/3
+        , preproc_cmd/1
+        , proc_cmd/2
+        , proc_cmd/3
         , preproc_sql/1
-        , preproc_sql/2]).
+        , preproc_sql/2
+        , proc_sql/2
+        ]).
 
 %% type converting
 -export([ str/1
@@ -53,9 +59,13 @@
 
 -define(EX_PLACE_HOLDER, "(\\$\\{[a-zA-Z0-9\\._]+\\})").
 
+-define(EX_WITHE_CHARS, "\\s"). %% Space and CRLF
+
 -type(uri_string() :: iodata()).
 
--type(tmpl_token() :: list({var, fun()} | {str, binary()})).
+-type(tmpl_token() :: list({var, binary()} | {str, binary()})).
+
+-type(tmpl_cmd() :: list(tmpl_token())).
 
 -type(prepare_statement() :: binary()).
 
@@ -70,9 +80,8 @@ preproc_tmpl(Str) ->
 preproc_tmpl([], Acc) ->
     lists:reverse(Acc);
 preproc_tmpl([[Str, Phld]| Tokens], Acc) ->
-    GetVarFun = fun(Data) -> get_phld_var(Phld, Data) end,
     preproc_tmpl(Tokens,
-        put_head(var, GetVarFun,
+        put_head(var, parse_nested(unwrap(Phld)),
             put_head(str, Str, Acc)));
 preproc_tmpl([[Str]| Tokens], Acc) ->
     preproc_tmpl(Tokens, put_head(str, Str, Acc)).
@@ -81,13 +90,35 @@ put_head(_Type, <<>>, List) -> List;
 put_head(Type, Term, List) ->
     [{Type, Term} | List].
 
--spec(proc_tmpl(tmpl_token(), binary()) -> binary()).
+-spec(proc_tmpl(tmpl_token(), map()) -> binary()).
 proc_tmpl(Tokens, Data) ->
+    proc_tmpl(Tokens, Data, #{return => full_binary}).
+
+proc_tmpl(Tokens, Data, Opts = #{return := full_binary}) ->
+    Trans = maps:get(var_trans, Opts, fun bin/1),
     list_to_binary(
-        lists:map(
-            fun ({str, Str}) -> Str;
-                ({var, GetVal}) -> bin(GetVal(Data))
-            end, Tokens)).
+        proc_tmpl(Tokens, Data, #{return => rawlist, var_trans => Trans}));
+
+proc_tmpl(Tokens, Data, Opts = #{return := rawlist}) ->
+    Trans = maps:get(var_trans, Opts, undefined),
+    lists:map(
+        fun ({str, Str}) -> Str;
+            ({var, Phld}) when is_function(Trans) ->
+                Trans(get_phld_var(Phld, Data));
+            ({var, Phld}) ->
+                get_phld_var(Phld, Data)
+        end, Tokens).
+
+
+-spec(preproc_cmd(binary()) -> tmpl_cmd()).
+preproc_cmd(Str) ->
+    SubStrList = re:split(Str, ?EX_WITHE_CHARS, [{return,binary},trim]),
+    [preproc_tmpl(SubStr) || SubStr <- SubStrList].
+
+proc_cmd(Tokens, Data) ->
+    proc_cmd(Tokens, Data, #{return => full_binary}).
+proc_cmd(Tokens, Data, Opts) ->
+    [proc_tmpl(Tks, Data, Opts) || Tks <- Tokens].
 
 %% preprocess SQL with place holders
 -spec(preproc_sql(Sql::binary()) -> {prepare_statement(), prepare_params()}).
@@ -98,21 +129,25 @@ preproc_sql(Sql) ->
 preproc_sql(Sql, ReplaceWith) ->
     case re:run(Sql, ?EX_PLACE_HOLDER, [{capture, all_but_first, binary}, global]) of
         {match, PlaceHolders} ->
-            {repalce_with(Sql, ReplaceWith),
-             fun(Data) ->
-                [sql_data(get_phld_var(Phld, Data))
-                 || Phld <- [hd(PH) || PH <- PlaceHolders]]
-             end};
+            PhKs = [parse_nested(unwrap(Phld)) || [Phld | _] <- PlaceHolders],
+            {replace_with(Sql, ReplaceWith), [{var, Phld} || Phld <- PhKs]};
         nomatch ->
-            {Sql, fun(_) -> [] end}
+            {Sql, []}
     end.
 
-get_phld_var(Phld, Data) ->
-    emqx_rule_maps:nested_get(parse_nested(unwrap(Phld)), Data).
+-spec(proc_sql(tmpl_token(), map()) -> list()).
+proc_sql(Tokens, Data) ->
+    proc_tmpl(Tokens, Data, #{return => rawlist, var_trans => fun sql_data/1}).
 
-repalce_with(Tmpl, '?') ->
+%% backward compatibility for hot upgrading from =< e4.2.1
+get_phld_var(Fun, Data) when is_function(Fun) ->
+    Fun(Data);
+get_phld_var(Phld, Data) ->
+    emqx_rule_maps:nested_get(Phld, Data).
+
+replace_with(Tmpl, '?') ->
     re:replace(Tmpl, ?EX_PLACE_HOLDER, "?", [{return, binary}, global]);
-repalce_with(Tmpl, '$n') ->
+replace_with(Tmpl, '$n') ->
     Parts = re:split(Tmpl, ?EX_PLACE_HOLDER, [{return, binary}, trim, group]),
     {Res, _} =
         lists:foldl(
diff --git a/apps/emqx_rule_engine/src/emqx_rule_validator.erl b/apps/emqx_rule_engine/src/emqx_rule_validator.erl
index 76c5ea19c..8e0ab82b8 100644
--- a/apps/emqx_rule_engine/src/emqx_rule_validator.erl
+++ b/apps/emqx_rule_engine/src/emqx_rule_validator.erl
@@ -25,7 +25,7 @@
 -type(params_spec() :: #{atom() => term()}).
 -type(params() :: #{binary() => term()}).
 
--define(DATA_TYPES, [string, number, float, boolean, object, array, file]).
+-define(DATA_TYPES, [string, password, number, float, boolean, object, array, file, cfgselect]).
 
 %%------------------------------------------------------------------------------
 %% APIs
@@ -72,6 +72,8 @@ validate_type(Val, file, _Spec) ->
     ok = validate_file(Val);
 validate_type(Val, string, Spec) ->
     ok = validate_string(Val, reg_exp(maps:get(format, Spec, any)));
+validate_type(Val, password, Spec) ->
+    ok = validate_string(Val, reg_exp(maps:get(format, Spec, any)));
 validate_type(Val, number, Spec) ->
     ok = validate_number(Val, maps:get(range, Spec, any));
 validate_type(Val, boolean, _Spec) ->
@@ -79,6 +81,8 @@ validate_type(Val, boolean, _Spec) ->
 validate_type(Val, array, Spec) ->
     [do_validate_param(V, maps:get(items, Spec)) || V <- Val],
     ok;
+validate_type(_Val, cfgselect, _Spec) ->
+    ok;
 validate_type(Val, object, Spec) ->
     ok = validate_object(Val, maps:get(schema, Spec, any)).
 
@@ -112,6 +116,8 @@ validate_boolean(true) -> ok;
 validate_boolean(false) -> ok;
 validate_boolean(Val) -> error({invalid_data_type, {boolean, Val}}).
 
+validate_file(Val) when is_map(Val) -> ok;
+validate_file(Val) when is_list(Val) -> ok;
 validate_file(Val) when is_binary(Val) -> ok;
 validate_file(Val) -> error({invalid_data_type, {file, Val}}).
 
diff --git a/apps/emqx_rule_engine/test/emqx_rule_engine_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_engine_SUITE.erl
index 348ef046f..e097e578b 100644
--- a/apps/emqx_rule_engine/test/emqx_rule_engine_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_engine_SUITE.erl
@@ -349,7 +349,7 @@ t_republish_action(_Config) ->
     end,
     emqtt:stop(Client),
     emqx_rule_registry:remove_rule(Id),
-    ?assertEqual(2, emqx_metrics:val('messages.qos0.received') - Qos0Received ),
+    ?assertEqual(2, emqx_metrics:val('messages.qos0.received') - Qos0Received),
     ?assertEqual(2, emqx_metrics:val('messages.received') - Received),
     ok.
 
@@ -358,13 +358,14 @@ t_republish_action(_Config) ->
 %%------------------------------------------------------------------------------
 
 t_crud_rule_api(_Config) ->
-    {ok, #{code := 0, data := Rule = #{id := RuleID}}} =
+    {ok, #{code := 0, data := Rule}} =
         emqx_rule_engine_api:create_rule(#{},
                 [{<<"name">>, <<"debug-rule">>},
                  {<<"rawsql">>, <<"select * from \"t/a\"">>},
                  {<<"actions">>, [[{<<"name">>,<<"inspect">>},
                                    {<<"params">>,[{<<"arg1">>,1}]}]]},
                  {<<"description">>, <<"debug rule">>}]),
+    RuleID = maps:get(id, Rule),
     %ct:pal("RCreated : ~p", [Rule]),
 
     {ok, #{code := 0, data := Rules}} = emqx_rule_engine_api:list_rules(#{},[]),
@@ -378,10 +379,10 @@ t_crud_rule_api(_Config) ->
     {ok, #{code := 0, data := Rule2}} = emqx_rule_engine_api:update_rule(#{id => RuleID},
                 [{<<"rawsql">>, <<"select * from \"t/b\"">>}]),
 
-    {ok, #{code := 0, data := Rule3 = #{rawsql := SQL}}} = emqx_rule_engine_api:show_rule(#{id => RuleID}, []),
+    {ok, #{code := 0, data := Rule3}} = emqx_rule_engine_api:show_rule(#{id => RuleID}, []),
     %ct:pal("RShow : ~p", [Rule1]),
     ?assertEqual(Rule3, Rule2),
-    ?assertEqual(<<"select * from \"t/b\"">>, SQL),
+    ?assertEqual(<<"select * from \"t/b\"">>, maps:get(rawsql, Rule3)),
 
     {ok, #{code := 0, data := Rule4}} = emqx_rule_engine_api:update_rule(#{id => RuleID},
                 [{<<"actions">>,
@@ -396,17 +397,16 @@ t_crud_rule_api(_Config) ->
                     ]]
                  }]),
 
-    {ok, #{code := 0, data := Rule5 = #{actions := Actions}}}
-        = emqx_rule_engine_api:show_rule(#{id => RuleID}, []),
+    {ok, #{code := 0, data := Rule5}} = emqx_rule_engine_api:show_rule(#{id => RuleID}, []),
     %ct:pal("RShow : ~p", [Rule1]),
     ?assertEqual(Rule5, Rule4),
-    ?assertMatch([#{name := republish }], Actions),
+    ?assertMatch([#{name := republish }], maps:get(actions, Rule5)),
 
     ?assertMatch({ok, #{code := 0}}, emqx_rule_engine_api:delete_rule(#{id => RuleID}, [])),
 
     NotFound = emqx_rule_engine_api:show_rule(#{id => RuleID}, []),
     %ct:pal("Show After Deleted: ~p", [NotFound]),
-    ?assertMatch({ok, #{code := 404, message := _}}, NotFound),
+    ?assertMatch({ok, #{code := 404, message := _Message}}, NotFound),
     ok.
 
 t_list_actions_api(_Config) ->
@@ -416,27 +416,27 @@ t_list_actions_api(_Config) ->
     ok.
 
 t_show_action_api(_Config) ->
-    ?assertMatch({ok, #{code := 0, data := #{name := 'inspect'}}},
-                 emqx_rule_engine_api:show_action(#{name => 'inspect'},[])),
+    {ok, #{code := 0, data := Actions}} = emqx_rule_engine_api:show_action(#{name => 'inspect'},[]),
+    ?assertEqual('inspect', maps:get(name, Actions)),
     ok.
 
 t_crud_resources_api(_Config) ->
-    {ok, #{code := 0, data := #{id := ResId}}} =
+    {ok, #{code := 0, data := Resources1}} =
         emqx_rule_engine_api:create_resource(#{},
             [{<<"name">>, <<"Simple Resource">>},
              {<<"type">>, <<"built_in">>},
              {<<"config">>, [{<<"a">>, 1}]},
              {<<"description">>, <<"Simple Resource">>}]),
+    ResId = maps:get(id, Resources1),
     {ok, #{code := 0, data := Resources}} = emqx_rule_engine_api:list_resources(#{},[]),
     ?assert(length(Resources) > 0),
 
-    ?assertMatch({ok, #{code := 0, data := #{id := ResId}}},
-                 emqx_rule_engine_api:show_resource(#{id => ResId},[])),
+    {ok, #{code := 0, data := Resources2}} = emqx_rule_engine_api:show_resource(#{id => ResId},[]),
+    ?assertEqual(ResId, maps:get(id, Resources2)),
 
     ?assertMatch({ok, #{code := 0}}, emqx_rule_engine_api:delete_resource(#{id => ResId},#{})),
 
-    ?assertMatch({ok, #{code := 404}},
-                 emqx_rule_engine_api:show_resource(#{id => ResId},[])),
+    ?assertMatch({ok, #{code := 404}}, emqx_rule_engine_api:show_resource(#{id => ResId},[])),
     ok.
 
 t_list_resource_types_api(_Config) ->
@@ -445,9 +445,9 @@ t_list_resource_types_api(_Config) ->
     ok.
 
 t_show_resource_type_api(_Config) ->
-    RShow = emqx_rule_engine_api:show_resource_type(#{name => 'built_in'},[]),
+    {ok, #{code := 0, data := RShow}} = emqx_rule_engine_api:show_resource_type(#{name => 'built_in'},[]),
     %ct:pal("RShow : ~p", [RShow]),
-    ?assertMatch({ok, #{code := 0, data := #{name := built_in}} }, RShow),
+    ?assertEqual(built_in, maps:get(name, RShow)),
     ok.
 
 %%------------------------------------------------------------------------------
@@ -565,6 +565,7 @@ t_add_get_remove_rule(_Config) ->
     ok.
 
 t_add_get_remove_rules(_Config) ->
+    emqx_rule_registry:remove_rules(emqx_rule_registry:get_rules()),
     ok = emqx_rule_registry:add_rules(
             [make_simple_rule(<<"rule-debug-1">>),
              make_simple_rule(<<"rule-debug-2">>)]),
@@ -802,6 +803,29 @@ message_acked(_Client) ->
     verify_event('message.acked'),
     ok.
 
+t_mfa_action(_Config) ->
+    ok = emqx_rule_registry:add_action(
+            #action{name = 'mfa-action', app = ?APP,
+                    module = ?MODULE, on_create = mfa_action,
+                    types=[], params_spec = #{},
+                    title = #{en => <<"MFA callback action">>},
+                    description = #{en => <<"MFA callback action">>}}),
+    SQL = "SELECT * FROM \"t1\"",
+    {ok, #rule{id = Id}} = emqx_rule_engine:create_rule(
+                    #{id => <<"rule:t_mfa_action">>,
+                      rawsql => SQL,
+                      actions => [#{id => <<"action:mfa-test">>, name => 'mfa-action', args => #{}}],
+                      description => <<"Debug rule">>}),
+    {ok, Client} = emqtt:start_link([{username, <<"emqx">>}]),
+    {ok, _} = emqtt:connect(Client),
+    emqtt:publish(Client, <<"t1">>, <<"{\"id\": 1, \"name\": \"ha\"}">>, 0),
+    emqtt:stop(Client),
+    ct:sleep(500),
+    ?assertEqual(1, persistent_term:get(<<"action:mfa-test">>, 0)),
+    emqx_rule_registry:remove_rule(Id),
+    emqx_rule_registry:remove_action('mfa-action'),
+    ok.
+
 t_match_atom_and_binary(_Config) ->
     ok = emqx_rule_engine:load_providers(),
     TopicRule = create_simple_repub_rule(
@@ -1974,6 +1998,14 @@ hook_metrics_action(_Id, _Params) ->
         ct:pal("applying hook_metrics_action: ~p", [Data]),
         ets:insert(events_record_tab, {EventName, Data})
     end.
+
+mfa_action(Id, _Params) ->
+    persistent_term:put(Id, 0),
+    {?MODULE, mfa_action_do, [Id]}.
+
+mfa_action_do(_Data, _Envs, K) ->
+    persistent_term:put(K, 1).
+
 crash_action(_Id, _Params) ->
     fun(Data, _Envs) ->
         ct:pal("applying crash action, Data: ~p", [Data]),
@@ -2252,7 +2284,7 @@ start_apps() ->
     [start_apps(App, SchemaFile, ConfigFile) ||
         {App, SchemaFile, ConfigFile}
             <- [{emqx, deps_path(emqx, "priv/emqx.schema"),
-                       deps_path(emqx, "etc/emqx.conf")},
+                       deps_path(emqx, "etc/gen.emqx.conf")},
                 {emqx_rule_engine, local_path("priv/emqx_rule_engine.schema"),
                                    local_path("etc/emqx_rule_engine.conf")}]].
 
diff --git a/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl
index 582eb5832..98e62f415 100644
--- a/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_funcs_SUITE.erl
@@ -489,15 +489,11 @@ t_contains(_) ->
 
 t_map_get(_) ->
     ?assertEqual(1, apply_func(map_get, [<<"a">>, #{a => 1}])),
-    ?assertEqual(undefined, apply_func(map_get, [<<"a">>, #{}])),
-    ?assertEqual(1, apply_func(map_get, [<<"a.b">>, #{a => #{b => 1}}])),
-    ?assertEqual(undefined, apply_func(map_get, [<<"a.c">>, #{a => #{b => 1}}])).
+    ?assertEqual(undefined, apply_func(map_get, [<<"a">>, #{}])).
 
 t_map_put(_) ->
     ?assertEqual(#{<<"a">> => 1}, apply_func(map_put, [<<"a">>, 1, #{}])),
-    ?assertEqual(#{a => 2}, apply_func(map_put, [<<"a">>, 2, #{a => 1}])),
-    ?assertEqual(#{<<"a">> => #{<<"b">> => 1}}, apply_func(map_put, [<<"a.b">>, 1, #{}])),
-    ?assertEqual(#{a => #{b => 1, <<"c">> => 1}}, apply_func(map_put, [<<"a.c">>, 1, #{a => #{b => 1}}])).
+    ?assertEqual(#{a => 2}, apply_func(map_put, [<<"a">>, 2, #{a => 1}])).
 
  t_mget(_) ->
     ?assertEqual(1, apply_func(map_get, [<<"a">>, #{a => 1}])),
diff --git a/apps/emqx_rule_engine/test/emqx_rule_maps_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_maps_SUITE.erl
index 812de1ef0..2a7ccb9f6 100644
--- a/apps/emqx_rule_engine/test/emqx_rule_maps_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_maps_SUITE.erl
@@ -43,9 +43,6 @@ t_nested_put_map(_) ->
     ?assertEqual(#{a => 1}, nested_put(?path([a]), 1, #{})),
     ?assertEqual(#{a => a}, nested_put(?path([a]), a, #{})),
     ?assertEqual(#{a => 1}, nested_put(?path([a]), 1, not_map)),
-    ?assertMatch(#{payload := #{<<"msg">> := <<"v">>}},
-        nested_put(?path([<<"payload">>, <<"msg">>]), <<"v">>,
-                   #{payload => <<"{\n  \"msg\": \"hello\"\n}">>})),
     ?assertEqual(#{a => #{b => b}}, nested_put(?path([a,b]), b, #{})),
     ?assertEqual(#{a => #{b => #{c => c}}}, nested_put(?path([a,b,c]), c, #{})),
     ?assertEqual(#{<<"k">> => v1}, nested_put(?path([k]), v1, #{<<"k">> => v0})),
@@ -94,9 +91,6 @@ t_nested_put_mix_map_index(_) ->
 
 t_nested_get_map(_) ->
     ?assertEqual(undefined, nested_get(?path([a]), not_map)),
-    ?assertEqual(<<"hello">>, nested_get(?path([msg]), <<"{\n  \"msg\": \"hello\"\n}">>)),
-    ?assertEqual(<<"hello">>, nested_get(?path([<<"msg">>]), <<"{\n  \"msg\": \"hello\"\n}">>)),
-    ?assertEqual(<<"hello">>, nested_get(?path([<<"payload">>, <<"msg">>]), #{payload => <<"{\n  \"msg\": \"hello\"\n}">>})),
     ?assertEqual(#{a => 1}, nested_get(?path([]), #{a => 1})),
     ?assertEqual(#{b => c}, nested_get(?path([a]), #{a => #{b => c}})),
     ?assertEqual(undefined, nested_get(?path([a,b,c]), not_map)),
diff --git a/apps/emqx_rule_engine/test/emqx_rule_metrics_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_metrics_SUITE.erl
index e95d297eb..c006f704c 100644
--- a/apps/emqx_rule_engine/test/emqx_rule_metrics_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_metrics_SUITE.erl
@@ -34,6 +34,7 @@ groups() ->
         [ t_action
         , t_rule
         , t_clear
+        , t_no_creation
         ]},
     {speed, [sequence],
         [ rule_speed
@@ -59,43 +60,59 @@ init_per_testcase(_, Config) ->
 end_per_testcase(_, _Config) ->
     ok.
 
+t_no_creation(_) ->
+    ?assertError(_, emqx_rule_metrics:inc_actions_taken(<<"action:0">>)).
+
 t_action(_) ->
-    ?assertEqual(0, emqx_rule_metrics:get(<<"action:1">>, 'actions.success')),
-    ?assertEqual(0, emqx_rule_metrics:get(<<"action:1">>, 'actions.failure')),
-    ?assertEqual(0, emqx_rule_metrics:get(<<"action:2">>, 'actions.success')),
-    ok = emqx_rule_metrics:inc(<<"action:1">>, 'actions.success'),
-    ok = emqx_rule_metrics:inc(<<"action:1">>, 'actions.failure'),
-    ok = emqx_rule_metrics:inc(<<"action:2">>, 'actions.success'),
-    ok = emqx_rule_metrics:inc(<<"action:2">>, 'actions.success'),
-    ?assertEqual(1, emqx_rule_metrics:get(<<"action:1">>, 'actions.success')),
-    ?assertEqual(1, emqx_rule_metrics:get(<<"action:1">>, 'actions.failure')),
-    ?assertEqual(2, emqx_rule_metrics:get(<<"action:2">>, 'actions.success')),
-    ?assertEqual(0, emqx_rule_metrics:get(<<"action:3">>, 'actions.success')),
-    ?assertEqual(3, emqx_rule_metrics:get_overall('actions.success')),
-    ?assertEqual(1, emqx_rule_metrics:get_overall('actions.failure')).
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:1">>)),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_exception(<<"action:1">>)),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:2">>)),
+    ok = emqx_rule_metrics:create_metrics(<<"action:1">>),
+    ok = emqx_rule_metrics:create_metrics(<<"action:2">>),
+    ok = emqx_rule_metrics:inc_actions_taken(<<"action:1">>),
+    ok = emqx_rule_metrics:inc_actions_exception(<<"action:1">>),
+    ok = emqx_rule_metrics:inc_actions_taken(<<"action:2">>),
+    ok = emqx_rule_metrics:inc_actions_taken(<<"action:2">>),
+    ?assertEqual(1, emqx_rule_metrics:get_actions_taken(<<"action:1">>)),
+    ?assertEqual(1, emqx_rule_metrics:get_actions_exception(<<"action:1">>)),
+    ?assertEqual(2, emqx_rule_metrics:get_actions_taken(<<"action:2">>)),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:3">>)),
+    ?assertEqual(3, emqx_rule_metrics:get_overall('actions.taken')),
+    ?assertEqual(1, emqx_rule_metrics:get_overall('actions.exception')),
+    ok = emqx_rule_metrics:clear_metrics(<<"action:1">>),
+    ok = emqx_rule_metrics:clear_metrics(<<"action:2">>),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:1">>)),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:2">>)).
 
 t_rule(_) ->
+    ok = emqx_rule_metrics:create_rule_metrics(<<"rule:1">>),
+    ok = emqx_rule_metrics:create_rule_metrics(<<"rule2">>),
     ok = emqx_rule_metrics:inc(<<"rule:1">>, 'rules.matched'),
-    ok = emqx_rule_metrics:inc(<<"rule:2">>, 'rules.matched'),
-    ok = emqx_rule_metrics:inc(<<"rule:2">>, 'rules.matched'),
+    ok = emqx_rule_metrics:inc(<<"rule2">>, 'rules.matched'),
+    ok = emqx_rule_metrics:inc(<<"rule2">>, 'rules.matched'),
     ?assertEqual(1, emqx_rule_metrics:get(<<"rule:1">>, 'rules.matched')),
-    ?assertEqual(2, emqx_rule_metrics:get(<<"rule:2">>, 'rules.matched')),
-    ?assertEqual(0, emqx_rule_metrics:get(<<"rule:3">>, 'rules.matched')),
-    ?assertEqual(3, emqx_rule_metrics:get_overall('rules.matched')).
+    ?assertEqual(2, emqx_rule_metrics:get(<<"rule2">>, 'rules.matched')),
+    ?assertEqual(0, emqx_rule_metrics:get(<<"rule3">>, 'rules.matched')),
+    ?assertEqual(3, emqx_rule_metrics:get_overall('rules.matched')),
+    ok = emqx_rule_metrics:clear_rule_metrics(<<"rule:1">>),
+    ok = emqx_rule_metrics:clear_rule_metrics(<<"rule2">>).
 
 t_clear(_) ->
-    ok = emqx_rule_metrics:inc(<<"action:1">>, 'actions.success'),
-    ?assertEqual(1, emqx_rule_metrics:get(<<"action:1">>, 'actions.success')),
-    ok = emqx_rule_metrics:clear(<<"action:1">>),
-    ?assertEqual(0, emqx_rule_metrics:get(<<"action:1">>, 'actions.success')).
+    ok = emqx_rule_metrics:create_metrics(<<"action:1">>),
+    ok = emqx_rule_metrics:inc_actions_taken(<<"action:1">>),
+    ?assertEqual(1, emqx_rule_metrics:get_actions_taken(<<"action:1">>)),
+    ok = emqx_rule_metrics:clear_metrics(<<"action:1">>),
+    ?assertEqual(0, emqx_rule_metrics:get_actions_taken(<<"action:1">>)).
 
 rule_speed(_) ->
-    ok = emqx_rule_metrics:inc(<<"rule:1">>, 'rules.matched'),
-    ok = emqx_rule_metrics:inc(<<"rule:1">>, 'rules.matched'),
+    ok = emqx_rule_metrics:create_rule_metrics(<<"rule1">>),
+    ok = emqx_rule_metrics:create_rule_metrics(<<"rule:2">>),
+    ok = emqx_rule_metrics:inc(<<"rule1">>, 'rules.matched'),
+    ok = emqx_rule_metrics:inc(<<"rule1">>, 'rules.matched'),
     ok = emqx_rule_metrics:inc(<<"rule:2">>, 'rules.matched'),
-    ?assertEqual(2, emqx_rule_metrics:get(<<"rule:1">>, 'rules.matched')),
+    ?assertEqual(2, emqx_rule_metrics:get(<<"rule1">>, 'rules.matched')),
     ct:sleep(1000),
-    ?LET(#{max := Max, current := Current}, emqx_rule_metrics:get_rule_speed(<<"rule:1">>),
+    ?LET(#{max := Max, current := Current}, emqx_rule_metrics:get_rule_speed(<<"rule1">>),
          {?assert(Max =< 2),
           ?assert(Current =< 2)}),
     ct:pal("===== Speed: ~p~n", [emqx_rule_metrics:get_overall_rule_speed()]),
@@ -103,7 +120,7 @@ rule_speed(_) ->
          {?assert(Max =< 3),
           ?assert(Current =< 3)}),
     ct:sleep(2100),
-    ?LET(#{max := Max, current := Current, last5m := Last5Min}, emqx_rule_metrics:get_rule_speed(<<"rule:1">>),
+    ?LET(#{max := Max, current := Current, last5m := Last5Min}, emqx_rule_metrics:get_rule_speed(<<"rule1">>),
          {?assert(Max =< 2),
           ?assert(Current == 0),
           ?assert(Last5Min =< 0.67)}),
@@ -115,7 +132,9 @@ rule_speed(_) ->
     ?LET(#{max := Max, current := Current, last5m := Last5Min}, emqx_rule_metrics:get_overall_rule_speed(),
          {?assert(Max =< 3),
           ?assert(Current == 0),
-          ?assert(Last5Min == 0)}).
+          ?assert(Last5Min == 0)}),
+    ok = emqx_rule_metrics:clear_rule_metrics(<<"rule1">>),
+    ok = emqx_rule_metrics:clear_rule_metrics(<<"rule:2">>).
 
 % t_create(_) ->
 %     error('TODO').
diff --git a/apps/emqx_rule_engine/test/emqx_rule_utils_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_utils_SUITE.erl
index 73cedfb8f..f6f71ba68 100644
--- a/apps/emqx_rule_engine/test/emqx_rule_utils_SUITE.erl
+++ b/apps/emqx_rule_engine/test/emqx_rule_utils_SUITE.erl
@@ -25,13 +25,6 @@
 
 all() -> emqx_ct:all(?MODULE).
 
-t_preproc_sql(_) ->
-    Selected = #{a => <<"1">>, b => 1, c => 1.0, d => #{d1 => <<"hi">>}},
-    {PrepareStatement, GetPrepareParams} = emqx_rule_utils:preproc_sql(<<"a:${a},b:${b},c:${c},d:${d}">>, '?'),
-    ?assertEqual(<<"a:?,b:?,c:?,d:?">>, PrepareStatement),
-    ?assertEqual([<<"1">>,1,1.0,<<"{\"d1\":\"hi\"}">>],
-                 GetPrepareParams(Selected)).
-
 t_http_connectivity(_) ->
     {ok, Socket} = gen_tcp:listen(?PORT, []),
     ok = emqx_rule_utils:http_connectivity("http://127.0.0.1:"++emqx_rule_utils:str(?PORT), 1000),
@@ -84,3 +77,36 @@ t_proc_tmpl(_) ->
     Tks = emqx_rule_utils:preproc_tmpl(<<"a:${a},b:${b},c:${c},d:${d}">>),
     ?assertEqual(<<"a:1,b:1,c:1.0,d:{\"d1\":\"hi\"}">>,
                  emqx_rule_utils:proc_tmpl(Tks, Selected)).
+
+t_proc_tmpl1(_) ->
+    Selected = #{a => <<"1">>, b => 1, c => 1.0, d => #{d1 => <<"hi">>}},
+    Tks = emqx_rule_utils:preproc_tmpl(<<"a:$a,b:b},c:{c},d:${d">>),
+    ?assertEqual(<<"a:$a,b:b},c:{c},d:${d">>,
+                 emqx_rule_utils:proc_tmpl(Tks, Selected)).
+
+t_proc_cmd(_) ->
+    Selected = #{v0 => <<"x">>, v1 => <<"1">>, v2 => #{d1 => <<"hi">>}},
+    Tks = emqx_rule_utils:preproc_cmd(<<"hset name a:${v0} ${v1} b ${v2} ">>),
+    ?assertEqual([<<"hset">>, <<"name">>,
+                  <<"a:x">>, <<"1">>,
+                  <<"b">>, <<"{\"d1\":\"hi\"}">>],
+                 emqx_rule_utils:proc_cmd(Tks, Selected)).
+
+t_preproc_sql(_) ->
+    Selected = #{a => <<"1">>, b => 1, c => 1.0, d => #{d1 => <<"hi">>}},
+    {PrepareStatement, ParamsTokens} = emqx_rule_utils:preproc_sql(<<"a:${a},b:${b},c:${c},d:${d}">>, '?'),
+    ?assertEqual(<<"a:?,b:?,c:?,d:?">>, PrepareStatement),
+    ?assertEqual([<<"1">>,1,1.0,<<"{\"d1\":\"hi\"}">>],
+                 emqx_rule_utils:proc_sql(ParamsTokens, Selected)).
+
+t_preproc_sql1(_) ->
+    Selected = #{a => <<"1">>, b => 1, c => 1.0, d => #{d1 => <<"hi">>}},
+    {PrepareStatement, ParamsTokens} = emqx_rule_utils:preproc_sql(<<"a:${a},b:${b},c:${c},d:${d}">>, '$n'),
+    ?assertEqual(<<"a:$1,b:$2,c:$3,d:$4">>, PrepareStatement),
+    ?assertEqual([<<"1">>,1,1.0,<<"{\"d1\":\"hi\"}">>],
+                 emqx_rule_utils:proc_sql(ParamsTokens, Selected)).
+t_preproc_sql2(_) ->
+    Selected = #{a => <<"1">>, b => 1, c => 1.0, d => #{d1 => <<"hi">>}},
+    {PrepareStatement, ParamsTokens} = emqx_rule_utils:preproc_sql(<<"a:$a,b:b},c:{c},d:${d">>, '?'),
+    ?assertEqual(<<"a:$a,b:b},c:{c},d:${d">>, PrepareStatement),
+    ?assertEqual([], emqx_rule_utils:proc_sql(ParamsTokens, Selected)).
diff --git a/apps/emqx_web_hook/rebar.config b/apps/emqx_web_hook/rebar.config
index 9da7778de..f0e99e681 100644
--- a/apps/emqx_web_hook/rebar.config
+++ b/apps/emqx_web_hook/rebar.config
@@ -25,7 +25,7 @@
     {deps,
      [{emqx_ct_helper, {git, "https://github.com/emqx/emqx-ct-helpers", {tag, "1.3.0"}}},
       {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}},
-      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.0"}}}
+      {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3"}}}
      ]}
    ]}
  ]}.
diff --git a/apps/emqx_web_hook/src/emqx_web_hook.appup.src b/apps/emqx_web_hook/src/emqx_web_hook.appup.src
index 55f99d668..dcf0d8cdd 100644
--- a/apps/emqx_web_hook/src/emqx_web_hook.appup.src
+++ b/apps/emqx_web_hook/src/emqx_web_hook.appup.src
@@ -1,36 +1,9 @@
 %% -*-: erlang -*-
-
-{"4.2.3",
- [
-   {"4.2.2", [
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, []},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]},
-   {"4.2.1", [
-     {load_module, emqx_web_hook, brutal_purge, soft_purge, []},
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, [emqx_rule_engine]},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]},
-   {"4.2.0", [
-     {load_module, emqx_web_hook, brutal_purge, soft_purge, []},
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, [emqx_rule_engine]},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]}
- ],
- [
-   {"4.2.2", [
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, []},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]},
-   {"4.2.1", [
-     {load_module, emqx_web_hook, brutal_purge, soft_purge, []},
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, [emqx_rule_engine]},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]},
-   {"4.2.0", [
-     {load_module, emqx_web_hook, brutal_purge, soft_purge, []},
-     {load_module, emqx_web_hook_actions, brutal_purge, soft_purge, [emqx_rule_engine]},
-     {apply, {emqx_rule_engine, load_providers, []}}
-   ]}
- ]
+{VSN,
+  [
+    {<<".*">>, []}
+  ],
+  [
+    {<<".*">>, []}
+  ]
 }.
diff --git a/apps/emqx_web_hook/src/emqx_web_hook_actions.erl b/apps/emqx_web_hook/src/emqx_web_hook_actions.erl
index 2b0cac618..dd07d10a7 100644
--- a/apps/emqx_web_hook/src/emqx_web_hook_actions.erl
+++ b/apps/emqx_web_hook/src/emqx_web_hook_actions.erl
@@ -19,6 +19,7 @@
 
 -include_lib("emqx/include/emqx.hrl").
 -include_lib("emqx/include/logger.hrl").
+-include_lib("emqx_rule_engine/include/rule_actions.hrl").
 
 -define(RESOURCE_TYPE_WEBHOOK, 'web_hook').
 -define(RESOURCE_CONFIG_SPEC, #{
@@ -132,6 +133,7 @@
         ]).
 
 -export([ on_action_create_data_to_webserver/2
+        , on_action_data_to_webserver/2
         ]).
 
 %%------------------------------------------------------------------------------
@@ -165,15 +167,25 @@ on_resource_destroy(_ResId, _Params) ->
 
 %% An action that forwards publish messages to a remote web server.
 -spec(on_action_create_data_to_webserver(Id::binary(), #{url() := string()}) -> action_fun()).
-on_action_create_data_to_webserver(_Id, Params) ->
+on_action_create_data_to_webserver(Id, Params) ->
     #{url := Url, headers := Headers, method := Method, content_type := ContentType, payload_tmpl := PayloadTmpl, path := Path}
         = parse_action_params(Params),
-    PayloadTks = emqx_rule_utils:preproc_tmpl(PayloadTmpl),
     PathTks = emqx_rule_utils:preproc_tmpl(Path),
-    fun(Selected, _Envs) ->
-        FullUrl = Url ++ emqx_rule_utils:proc_tmpl(PathTks, Selected),
-        http_request(FullUrl, Headers, Method, ContentType, format_msg(PayloadTks, Selected))
-    end.
+    PayloadTks = emqx_rule_utils:preproc_tmpl(PayloadTmpl),
+    Params.
+
+on_action_data_to_webserver(Selected, _Envs =
+                            #{?BINDING_KEYS := #{
+                                'Id' := Id,
+                                'Url' := Url,
+                                'Headers' := Headers,
+                                'Method' := Method,
+                                'ContentType' := ContentType,
+                                'PathTks' := PathTks,
+                                'PayloadTks' := PayloadTks
+                            }}) ->
+    FullUrl = Url ++ emqx_rule_utils:proc_tmpl(PathTks, Selected),
+    http_request(Id, FullUrl, Headers, Method, ContentType, format_msg(PayloadTks, Selected)).
 
 format_msg([], Data) ->
     emqx_json:encode(Data);
@@ -190,14 +202,15 @@ create_req(get, Url, Headers, _, _) ->
 create_req(_, Url, Headers, ContentType, Body) ->
   {(Url), (Headers), binary_to_list(ContentType), (Body)}.
 
-http_request(Url, Headers, Method, ContentType, Params) ->
+http_request(ActId, Url, Headers, Method, ContentType, Params) ->
   logger:debug("[WebHook Action] ~s to ~s, headers: ~p, content-type: ~p, body: ~p", [Method, Url, Headers, ContentType, Params]),
   case do_http_request(Method, create_req(Method, Url, Headers, ContentType, Params),
     [{timeout, 5000}], [], 0) of
-    {ok, _} -> ok;
+    {ok, _} ->
+          emqx_rule_metrics:inc_actions_success(ActId);
     {error, Reason} ->
       logger:error("[WebHook Action] HTTP request error: ~p", [Reason]),
-      error({http_request_error, Reason})
+      emqx_rule_metrics:inc_actions_error(ActId)
   end.
 
 do_http_request(Method, Req, HTTPOpts, Opts, Times) ->