Sponsored
Сoins.game
100 free spins for registration. Spin now!
Everyday giveaways up to 100 ETH, Lucky Spins. Deposit BONUS 300% and Cashbacks!
BC.GAME
The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
Stake
200% Bonus, Instant Withdrawals, 100K Daily Giveaways, BEST VIP Club Claim Bonus!
20+ Cryptos, 3000+ Slots, Daily & Monthly Bonuses, Exclusive Sports Promos - Provably Fair!
Sponsored
BC.GAME
- The Best ETH Casino Claim Now!
5000+ Slots & Live Casino Games, 50+cryptos. Register with Etherscan and get 760% deposit bonus. Win Big$, withdraw it fast.
CryptoSlots
25 Free Spins + ETH Slots, $1M Jackpot, Bonus Draws Play Now
Win big, play instantly, withdraw fast. Provably fair, 100% original games, anonymous ETH play.
CryptoWins
$15 free + 200% Welcome Bonus | Play ETH Casino Games Claim Now!
1,200+ games, live BidCoin Auctions, huge jackpots. TRIPLE your deposit & play in 30 seconds!
projectsentience.ethLatest 25 from a total of 292 transactions
| Transaction Hash |
Method
|
Block
|
From
|
|
To
|
||||
|---|---|---|---|---|---|---|---|---|---|
| Mint_unsheth_wit... | 19001359 | 771 days ago | IN | 2.5 ETH | 0.00637507 | ||||
| Mint_unsheth_wit... | 18987765 | 773 days ago | IN | 7.7 ETH | 0.00704425 | ||||
| Mint_unsheth_wit... | 18982352 | 774 days ago | IN | 5.4 ETH | 0.00919639 | ||||
| Mint_unsheth_wit... | 18873760 | 789 days ago | IN | 1.43401448 ETH | 0.00552509 | ||||
| Deposit_lsd | 18840752 | 794 days ago | IN | 0 ETH | 0.01401712 | ||||
| Mint_unsheth_wit... | 18766039 | 804 days ago | IN | 0.01 ETH | 0.01680078 | ||||
| Deposit_lsd | 18584236 | 830 days ago | IN | 0 ETH | 0.02157158 | ||||
| Mint_unsheth_wit... | 18584051 | 830 days ago | IN | 1.45 ETH | 0.01137029 | ||||
| Mint_unsheth_wit... | 18543334 | 835 days ago | IN | 0.02630551 ETH | 0.0209311 | ||||
| Mint_unsheth_wit... | 18520234 | 839 days ago | IN | 0.73 ETH | 0.0106209 | ||||
| Mint_unsheth_wit... | 18480093 | 844 days ago | IN | 1 ETH | 0.01465972 | ||||
| Mint_unsheth_wit... | 18455338 | 848 days ago | IN | 0.08 ETH | 0.00449989 | ||||
| Deposit_lsd | 18452427 | 848 days ago | IN | 0 ETH | 0.00413012 | ||||
| Mint_unsheth_wit... | 18447449 | 849 days ago | IN | 4 ETH | 0.00456634 | ||||
| Mint_unsheth_wit... | 18435805 | 851 days ago | IN | 0.2 ETH | 0.01465315 | ||||
| Deposit_lsd | 18435718 | 851 days ago | IN | 0 ETH | 0.0122535 | ||||
| Mint_unsheth_wit... | 18426791 | 852 days ago | IN | 2 ETH | 0.0056774 | ||||
| Deposit_lsd | 18426597 | 852 days ago | IN | 0 ETH | 0.00565487 | ||||
| Deposit_lsd | 18426534 | 852 days ago | IN | 0 ETH | 0.00546652 | ||||
| Mint_unsheth_wit... | 18426373 | 852 days ago | IN | 0.06153192 ETH | 0.00528797 | ||||
| Deposit_lsd | 18425373 | 852 days ago | IN | 0 ETH | 0.00500236 | ||||
| Mint_unsheth_wit... | 18424127 | 852 days ago | IN | 1 ETH | 0.00608609 | ||||
| Mint_unsheth_wit... | 18404099 | 855 days ago | IN | 0.2 ETH | 0.00479381 | ||||
| Mint_unsheth_wit... | 18398887 | 856 days ago | IN | 0.341 ETH | 0.00414805 | ||||
| Mint_unsheth_wit... | 18397514 | 856 days ago | IN | 0.255 ETH | 0.0034665 |
Latest 25 internal transactions (View All)
Advanced mode:
| Parent Transaction Hash | Method | Block |
From
|
|
To
|
||
|---|---|---|---|---|---|---|---|
| Deposit | 19001359 | 771 days ago | 2.5 ETH | ||||
| Deposit | 18987765 | 773 days ago | 7.7 ETH | ||||
| Deposit | 18982352 | 774 days ago | 5.4 ETH | ||||
| Deposit | 18873760 | 789 days ago | 1.43401448 ETH | ||||
| Deposit | 18766039 | 804 days ago | 0.01 ETH | ||||
| Deposit | 18584051 | 830 days ago | 1.45 ETH | ||||
| Deposit | 18543334 | 835 days ago | 0.02630551 ETH | ||||
| Deposit | 18520234 | 839 days ago | 0.73 ETH | ||||
| Deposit | 18480093 | 844 days ago | 1 ETH | ||||
| Deposit | 18455338 | 848 days ago | 0.08 ETH | ||||
| Deposit | 18447449 | 849 days ago | 4 ETH | ||||
| Deposit | 18435805 | 851 days ago | 0.2 ETH | ||||
| Deposit | 18426791 | 852 days ago | 2 ETH | ||||
| Deposit | 18426373 | 852 days ago | 0.06153192 ETH | ||||
| Deposit | 18424127 | 852 days ago | 1 ETH | ||||
| Transfer | 18404099 | 855 days ago | 0.2 ETH | ||||
| Transfer | 18398887 | 856 days ago | 0.341 ETH | ||||
| Transfer | 18397514 | 856 days ago | 0.255 ETH | ||||
| Transfer | 18396626 | 856 days ago | 0.5 ETH | ||||
| Transfer | 18395986 | 856 days ago | 0.033 ETH | ||||
| Transfer | 18395316 | 856 days ago | 0.03 ETH | ||||
| Transfer | 18395267 | 856 days ago | 0.03 ETH | ||||
| Transfer | 18395202 | 856 days ago | 0.025 ETH | ||||
| Transfer | 18395129 | 856 days ago | 0.0322 ETH | ||||
| Transfer | 18390001 | 857 days ago | 0.18 ETH |
Loading...
Loading
Loading...
Loading
Cross-Chain Transactions
Loading...
Loading
Contract Name:
unshETHZapv2
Compiler Version
v0.8.18+commit.87f61d96
Optimization Enabled:
Yes with 9999 runs
Other Settings:
default evmVersion
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.11;
import "communal/ReentrancyGuard.sol";
import "communal/SafeERC20.sol";
import "local/interfaces/ISwapRouter.sol";
import "communal/TransferHelper.sol";
interface ILSDVaultV2 {
function deposit(address lsd, uint256 amount) external;
function depositNoCapCheck(address lsd, uint256 amount) external;
function swapperAddress() external returns(address);
}
interface IunshETH {
function timelock_address() external view returns (address);
}
interface IVdAmm {
function getDepositFee(uint256 lsdAmountIn, address lsd) external returns(uint256, uint256);
}
interface FRXETH {
function submitAndDeposit(address recipient) payable external;
}
interface SFRXETH {
function deposit(uint256 assets, address receiver) external;
}
interface RETH {
function swapTo(uint256 _uniswapPortion, uint256 _balancerPortion, uint256 _minTokensOut, uint256 _idealTokensOut) payable external;
}
interface IANKRDeposits {
function stakeAndClaimAethC() payable external;
}
interface ISWETH {
function deposit() payable external;
}
interface IRocketDepositPool {
function deposit() external payable;
}
interface IRocketSettings {
function getDepositEnabled() external view returns (bool);
}
interface IWETH is IERC20{
function deposit() payable external;
function withdraw(uint wad) external;
}
interface IWStETH is IERC20{
function wrap(uint256 _stETHAmount) external;
}
contract unshETHZapv2 is ReentrancyGuard {
using SafeERC20 for IERC20;
uint256 public constant MAX_PATH_ID = 10;
address public constant wstETHAddress = 0x7f39C581F595B53c5cb19bD0b3f8dA6c935E2Ca0;
address public constant frxETHMinterAddress = 0xbAFA44EFE7901E04E39Dad13167D089C559c1138;
address public constant frxETHAddress = 0x5E8422345238F34275888049021821E8E08CAa1f;
address public constant sfrxETHAddress = 0xac3E018457B222d93114458476f3E3416Abbe38F;
address public constant rETHAddress = 0xae78736Cd615f374D3085123A210448E74Fc6393;
address public constant cbETHAddress = 0xBe9895146f7AF43049ca1c1AE358B0541Ea49704;
address public constant usdtAddress = 0xdAC17F958D2ee523a2206206994597C13D831ec7;
address public constant wethAddress = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
address public constant stEthAddress = 0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84;
address public constant ankrETHAddress = 0xE95A203B1a91a908F9B9CE46459d101078c2c3cb;
address public constant ankrDepositsAddress = 0x84db6eE82b7Cf3b47E8F19270abdE5718B936670;
address public constant swETHAddress = 0xf951E335afb289353dc249e82926178EaC7DEd78;
address public constant rocketDepositPoolAddress = 0xDD3f50F8A6CafbE9b31a427582963f465E745AF8;
address public constant rocketSettingsAddress = 0x781693a15E1fA7c743A299f4F0242cdF5489A0D9;
address public immutable lsdVaultAddressV2; // 0x00..;
address public immutable unshETHAddressV2; //0x00...;
ISwapRouter public uniswapRouterV3 = ISwapRouter(address(0xE592427A0AEce92De3Edee1F18E0157C05861564));
uint24 public constant POOLFEE = 500; // pool fee to use uniswapv3. for now its set to 0.05% as default
address public vdAmmAddress;
mapping (uint256 => address) public swapPathIdToAddress;
event DepositLsd(address indexed sender, address lsdAddress, uint256 depositAmount, uint256 depositFee, uint256 protocolFee, uint256 unshETHMinted);
event DepositEth(address indexed sender, uint256 ethAmount, uint256 pathId);
/*
============================================================================
Constructor
============================================================================
*/
constructor(address _unshETHAddressV2) {
unshETHAddressV2 = _unshETHAddressV2;
lsdVaultAddressV2 = IunshETH(unshETHAddressV2).timelock_address();
vdAmmAddress = ILSDVaultV2(lsdVaultAddressV2).swapperAddress();
//give infinite approval for the lsd vault to spend the wstETH, sfrxETH, rETH, and cbETH
TransferHelper.safeApprove(wstETHAddress, lsdVaultAddressV2, type(uint256).max);
TransferHelper.safeApprove(sfrxETHAddress, lsdVaultAddressV2, type(uint256).max);
TransferHelper.safeApprove(rETHAddress, lsdVaultAddressV2, type(uint256).max);
TransferHelper.safeApprove(cbETHAddress, lsdVaultAddressV2, type(uint256).max);
TransferHelper.safeApprove(wethAddress, lsdVaultAddressV2, type(uint256).max);
//give infinite approval for the lsd vault to spend the ankrETH and swETH
TransferHelper.safeApprove(ankrETHAddress, lsdVaultAddressV2, type(uint256).max);
TransferHelper.safeApprove(swETHAddress, lsdVaultAddressV2, type(uint256).max);
//approve weth and uniswap to facilitate swapping into lsds
TransferHelper.safeApprove(wethAddress, address(uniswapRouterV3), type(uint256).max);
//approvals to facilitate wrapping of frxETH and stETH
TransferHelper.safeApprove(frxETHAddress, sfrxETHAddress, type(uint256).max);
TransferHelper.safeApprove(wstETHAddress, stEthAddress, type(uint256).max);
//set up swap path ids
// pathIdToAddress[0] = wstETHAddress; // 0 -> mint wstETH
// pathIdToAddress[1] = sfrxETHAddress; // 1 -> mint sfrxETH
swapPathIdToAddress[2] = cbETHAddress; // 2 -> swap for cbETH
swapPathIdToAddress[3] = rETHAddress; // 3 -> swap for rETH
swapPathIdToAddress[4] = wstETHAddress; // 4 -> swap for wstETH
swapPathIdToAddress[5] = frxETHAddress; // 5 -> swap for frxETH (sfrxETH not liquid)
// pathIdToAddress[6] = rETHAddress; // 6 -> mint rETH
// pathIdToAddress[7] = wethAddress; // 7 -> mint wETH
// pathIdToAddress[8] = ankrETHAddress; // 8 -> mint ankrETH
// pathIdToAddress[9] = swETHAddress; // 9 -> mint swETH
swapPathIdToAddress[10] = swETHAddress; // 10 -> swap for swETH.. //no swap path for ankrETH as limited liquidity on uniswap
}
/*
============================================================================
ETH -> LSD deposit functions
============================================================================
*/
function _mint_sfrxETH(uint256 ethAmount) internal {
// Mint sfrxETH
FRXETH(frxETHMinterAddress).submitAndDeposit{value:ethAmount}(address(this));
// Get balance of sfrxETH minted
uint256 sfrxETHBalance = IERC20(sfrxETHAddress).balanceOf(address(this));
// Check to see that the balance minted is greater than 0
require(sfrxETHBalance > 0, 'sfrxETH minting failed');
// Call LSDVault to mint unshETH
_deposit_lsd(sfrxETHAddress, sfrxETHBalance);
}
function _mint_wstETH(uint256 ethAmount) internal {
// Mint wstETH
(bool success, )= address(wstETHAddress).call{value:ethAmount}("");
// Check the success of the wstETH mint
require(success, "wstETH minting failed");
// Get balance of wstETH minted
uint256 wstETHBalance = IERC20(wstETHAddress).balanceOf(address(this));
// Call LSDVault to mint unshETH
_deposit_lsd(wstETHAddress, wstETHBalance);
}
function rETH_deposits_enabled() public view returns(bool) {
return IRocketSettings(rocketSettingsAddress).getDepositEnabled();
}
function _mint_rETH(uint256 ethAmount) internal {
//Check if deposits are open, then if yes (and under weight cap) mint
require(rETH_deposits_enabled(), "rETH deposit is not enabled");
IRocketDepositPool(rocketDepositPoolAddress).deposit{value: ethAmount}();
// Get the balance of rETH minted
uint256 rETHBalance = IERC20(rETHAddress).balanceOf(address(this));
// Call LSDVault to mint unshETH
_deposit_lsd(rETHAddress, rETHBalance);
}
function _mint_wETH(uint256 ethAmount) internal {
IWETH(wethAddress).deposit{value: ethAmount}();
_deposit_lsd(wethAddress, ethAmount);
}
function _mint_ankrETH(uint256 ethAmount) internal {
// Mint ankrETH
IANKRDeposits(ankrDepositsAddress).stakeAndClaimAethC{value:ethAmount}();
// Get balance of ankrETH minted
uint256 ankrETHBalance = IERC20(ankrETHAddress).balanceOf(address(this));
// Call LSDVault to mint unshETH
_deposit_lsd(ankrETHAddress, ankrETHBalance);
}
function _mint_swETH(uint256 ethAmount) internal {
// Mint swETH
ISWETH(swETHAddress).deposit{value:ethAmount}();
// Get balance of swETH minted
uint256 swETHBalance = IERC20(swETHAddress).balanceOf(address(this));
// Call LSDVault to mint unshETH
_deposit_lsd(swETHAddress, swETHBalance);
}
function deposit_stEth(uint256 stETHAmount) external nonReentrant {
// Deposit stETH into wstETH
IWStETH(wstETHAddress).wrap(stETHAmount);
// Get the wrapped balance
uint256 wstETHAmount = IERC20(wstETHAddress).balanceOf(address(this));
// Deposit into lsd vault
_deposit_lsd(wstETHAddress, wstETHAmount);
}
function _deposit_frxEth(uint256 frxETHAmount) internal {
// Deposit frxETH into sfrxETH
SFRXETH(sfrxETHAddress).deposit(frxETHAmount, address(this));
// Get the wrapped balance
uint256 sfrxETHAmount = IERC20(sfrxETHAddress).balanceOf(address(this));
// Deposit into lsd vault
_deposit_lsd(sfrxETHAddress, sfrxETHAmount);
}
/*
============================================================================
Direct LSD deposit functions
============================================================================
*/
function deposit_lsd(address lsdAddress, uint256 amount) external {
// Assume user has approved token
TransferHelper.safeTransferFrom(lsdAddress, msg.sender, address(this), amount);
_deposit_lsd(lsdAddress, amount);
}
function _deposit_lsd(address lsdAddress, uint256 amount) internal {
uint256 depositFee;
uint256 protocolFee;
if(vdAmmAddress != address(0)) {
(depositFee, protocolFee) = IVdAmm(vdAmmAddress).getDepositFee(amount, lsdAddress);
}
uint256 amountToMint = amount - depositFee;
uint256 unshETHFee = depositFee - protocolFee;
if(protocolFee > 0) {
// Transfer protocol fee to vdAmmAddress
TransferHelper.safeTransfer(lsdAddress, vdAmmAddress, protocolFee);
}
if(depositFee > 0) {
// Transfer unshETH fee to lsdVault
TransferHelper.safeTransfer(lsdAddress, lsdVaultAddressV2, unshETHFee);
}
// Call LSDVault to mint unshETH
ILSDVaultV2(lsdVaultAddressV2).deposit(lsdAddress, amountToMint);
// Send unshETH to the msg.sender
uint256 unshETHMinted = IERC20(unshETHAddressV2).balanceOf(address(this));
TransferHelper.safeTransfer(unshETHAddressV2, msg.sender, unshETHMinted);
emit DepositLsd(msg.sender, lsdAddress, amountToMint, depositFee, protocolFee, unshETHMinted);
}
/*
============================================================================
Mint with ETH - primary zap function
============================================================================
*/
function mint_unsheth_with_eth(uint256 amountOutMin, uint256 pathId) external payable nonReentrant {
// Validate the path
require(pathId <= MAX_PATH_ID, "Invalid path");
if (pathId <= 1 || (pathId >= 6 && pathId <= 9)) {
_ETH_to_unsheth_mintPaths(msg.value, pathId);
} else {
IWETH(wethAddress).deposit{value: msg.value}();
uint256 wethAmount = IERC20(wethAddress).balanceOf(address(this));
_weth_to_unsheth_swapPaths(wethAmount, amountOutMin, pathId);
}
emit DepositEth(msg.sender, msg.value, pathId);
}
function _ETH_to_unsheth_mintPaths(uint256 ethAmount, uint256 pathId) internal {
if(pathId == 0) {
_mint_wstETH(ethAmount);
} else if(pathId == 1) {
_mint_sfrxETH(ethAmount);
} else if(pathId == 6) {
_mint_rETH(ethAmount);
} else if(pathId == 7) {
_mint_wETH(ethAmount);
} else if (pathId == 8) {
_mint_ankrETH(ethAmount);
} else if (pathId == 9) {
_mint_swETH(ethAmount);
}
}
function _weth_to_unsheth_swapPaths(uint256 wethAmount, uint256 amountOutMin, uint256 pathId) internal {
require(swapPathIdToAddress[pathId] != address(0), "swap path not supported");
require(amountOutMin > 0, "amountOutMin must be greater than 0");
if (pathId == 5) {
//swap weth to frxETH (sfrxETH not liquid)
uint256 frxEthAmountOut = _swap_weth_lsd(wethAmount, amountOutMin, frxETHAddress);
//mint unshETH with frxETH->sfrxETH
_deposit_frxEth(frxEthAmountOut);
} else {
address lsdAddress = swapPathIdToAddress[pathId];
//swap weth to lsd
uint256 lsdAmountOut = _swap_weth_lsd(wethAmount, amountOutMin, lsdAddress);
//mint unshETH with lsd
_deposit_lsd(lsdAddress, lsdAmountOut);
}
}
function _swap_weth_lsd(uint256 _wethAmount, uint256 _amountOutMin, address _lsdAddress) internal returns(uint256) {
ISwapRouter.ExactInputSingleParams memory params = ISwapRouter.ExactInputSingleParams({
tokenIn: wethAddress,
tokenOut: _lsdAddress,
fee: POOLFEE,
recipient: address(this),
deadline: block.timestamp + 3600,
amountIn: _wethAmount,
amountOutMinimum: _amountOutMin,
sqrtPriceLimitX96: 0
});
uint256 lsdAmountOut = uniswapRouterV3.exactInputSingle(params);
return(lsdAmountOut);
}
/*
============================================================================
Other functions
============================================================================
*/
function updateVdAmmAddress() external {
vdAmmAddress = ILSDVaultV2(lsdVaultAddressV2).swapperAddress();
}
//Allow receiving eth to the contract
receive() external payable {}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address payable) {
return payable(msg.sender);
}
function _msgData() internal view virtual returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11 <0.9.0;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.delegatecall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address payable) {
return payable(msg.sender);
}
function _msgData() internal view virtual returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
import "./Context.sol";
import "./SafeMath.sol";
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a >= b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow, so we distribute
return (a / 2) + (b / 2) + ((a % 2 + b % 2) / 2);
}
// babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method)
function sqrt(uint y) internal pure returns (uint z) {
if (y > 3) {
z = y;
uint x = y / 2 + 1;
while (x < z) {
z = x;
x = (y / x + x) / 2;
}
} else if (y != 0) {
z = 1;
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.6.11;
// https://docs.synthetix.io/contracts/Owned
contract Owned {
address public owner;
address public nominatedOwner;
constructor (address _owner) public {
require(_owner != address(0), "Owner address cannot be 0");
owner = _owner;
emit OwnerChanged(address(0), _owner);
}
function nominateNewOwner(address _owner) external onlyOwner {
nominatedOwner = _owner;
emit OwnerNominated(_owner);
}
function acceptOwnership() external {
require(msg.sender == nominatedOwner, "You must be nominated before you can accept ownership");
emit OwnerChanged(owner, nominatedOwner);
owner = nominatedOwner;
nominatedOwner = address(0);
}
modifier onlyOwner {
require(msg.sender == owner, "Only the contract owner may perform this action");
_;
}
event OwnerNominated(address newOwner);
event OwnerChanged(address oldOwner, address newOwner);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor () internal {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
import "./IERC20.sol";
import "./SafeMath.sol";
import "./Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using SafeMath for uint256;
using Address for address;
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(IERC20 token, address spender, uint256 value) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
// solhint-disable-next-line max-line-length
require((value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).add(value);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 newAllowance = token.allowance(address(this), spender).sub(value, "SafeERC20: decreased allowance below zero");
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) { // Return data is optional
// solhint-disable-next-line max-line-length
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
// helper methods for interacting with ERC20 tokens and sending ETH that do not consistently return true/false
library TransferHelper {
function safeApprove(address token, address to, uint value) internal {
// bytes4(keccak256(bytes('approve(address,uint256)')));
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x095ea7b3, to, value));
require(success && (data.length == 0 || abi.decode(data, (bool))), 'TransferHelper: APPROVE_FAILED');
}
function safeTransfer(address token, address to, uint value) internal {
// bytes4(keccak256(bytes('transfer(address,uint256)')));
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(0xa9059cbb, to, value));
require(success && (data.length == 0 || abi.decode(data, (bool))), 'TransferHelper: TRANSFER_FAILED');
}
function safeTransferFrom(address token, address from, address to, uint value) internal {
// bytes4(keccak256(bytes('transferFrom(address,address,uint256)')));
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(0x23b872dd, from, to, value));
require(success && (data.length == 0 || abi.decode(data, (bool))), 'TransferHelper: TRANSFER_FROM_FAILED');
}
function safeTransferETH(address to, uint value) internal {
(bool success,) = to.call{value:value}(new bytes(0));
require(success, 'TransferHelper: ETH_TRANSFER_FAILED');
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
import "../Common/Context.sol";
import "./IERC20.sol";
import "../Math/SafeMath.sol";
import "../Utils/Address.sol";
// Due to compiling issues, _name, _symbol, and _decimals were removed
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20Mintable}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20Custom is Context, IERC20 {
using SafeMath for uint256;
mapping (address => uint256) internal _balances;
mapping (address => mapping (address => uint256)) internal _allowances;
uint256 private _totalSupply;
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.approve(address spender, uint256 amount)
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal virtual {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public virtual {
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for `accounts`'s tokens of at least
* `amount`.
*/
function burnFrom(address account, uint256 amount) public virtual {
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Destroys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See {_burn} and {_approve}.
*/
function _burnFrom(address account, uint256 amount) internal virtual {
_burn(account, amount);
_approve(account, _msgSender(), _allowances[account][_msgSender()].sub(amount, "ERC20: burn amount exceeds allowance"));
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of `from`'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of `from`'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:using-hooks.adoc[Using Hooks].
*/
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual { }
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
import "../Common/Context.sol";
import "../Math/SafeMath.sol";
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see {ERC20Detailed}.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.4.22 <0.9.0;
library console {
address constant CONSOLE_ADDRESS = address(0x000000000000000000636F6e736F6c652e6c6f67);
function _sendLogPayload(bytes memory payload) private view {
uint256 payloadLength = payload.length;
address consoleAddress = CONSOLE_ADDRESS;
/// @solidity memory-safe-assembly
assembly {
let payloadStart := add(payload, 32)
let r := staticcall(gas(), consoleAddress, payloadStart, payloadLength, 0, 0)
}
}
function log() internal view {
_sendLogPayload(abi.encodeWithSignature("log()"));
}
function logInt(int p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(int)", p0));
}
function logUint(uint p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint)", p0));
}
function logString(string memory p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string)", p0));
}
function logBool(bool p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool)", p0));
}
function logAddress(address p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address)", p0));
}
function logBytes(bytes memory p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes)", p0));
}
function logBytes1(bytes1 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes1)", p0));
}
function logBytes2(bytes2 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes2)", p0));
}
function logBytes3(bytes3 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes3)", p0));
}
function logBytes4(bytes4 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes4)", p0));
}
function logBytes5(bytes5 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes5)", p0));
}
function logBytes6(bytes6 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes6)", p0));
}
function logBytes7(bytes7 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes7)", p0));
}
function logBytes8(bytes8 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes8)", p0));
}
function logBytes9(bytes9 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes9)", p0));
}
function logBytes10(bytes10 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes10)", p0));
}
function logBytes11(bytes11 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes11)", p0));
}
function logBytes12(bytes12 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes12)", p0));
}
function logBytes13(bytes13 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes13)", p0));
}
function logBytes14(bytes14 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes14)", p0));
}
function logBytes15(bytes15 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes15)", p0));
}
function logBytes16(bytes16 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes16)", p0));
}
function logBytes17(bytes17 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes17)", p0));
}
function logBytes18(bytes18 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes18)", p0));
}
function logBytes19(bytes19 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes19)", p0));
}
function logBytes20(bytes20 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes20)", p0));
}
function logBytes21(bytes21 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes21)", p0));
}
function logBytes22(bytes22 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes22)", p0));
}
function logBytes23(bytes23 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes23)", p0));
}
function logBytes24(bytes24 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes24)", p0));
}
function logBytes25(bytes25 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes25)", p0));
}
function logBytes26(bytes26 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes26)", p0));
}
function logBytes27(bytes27 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes27)", p0));
}
function logBytes28(bytes28 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes28)", p0));
}
function logBytes29(bytes29 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes29)", p0));
}
function logBytes30(bytes30 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes30)", p0));
}
function logBytes31(bytes31 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes31)", p0));
}
function logBytes32(bytes32 p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bytes32)", p0));
}
function log(uint p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint)", p0));
}
function log(string memory p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string)", p0));
}
function log(bool p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool)", p0));
}
function log(address p0) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address)", p0));
}
function log(uint p0, uint p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint)", p0, p1));
}
function log(uint p0, string memory p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string)", p0, p1));
}
function log(uint p0, bool p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool)", p0, p1));
}
function log(uint p0, address p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address)", p0, p1));
}
function log(string memory p0, uint p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint)", p0, p1));
}
function log(string memory p0, string memory p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string)", p0, p1));
}
function log(string memory p0, bool p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool)", p0, p1));
}
function log(string memory p0, address p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address)", p0, p1));
}
function log(bool p0, uint p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint)", p0, p1));
}
function log(bool p0, string memory p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string)", p0, p1));
}
function log(bool p0, bool p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool)", p0, p1));
}
function log(bool p0, address p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address)", p0, p1));
}
function log(address p0, uint p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint)", p0, p1));
}
function log(address p0, string memory p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string)", p0, p1));
}
function log(address p0, bool p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool)", p0, p1));
}
function log(address p0, address p1) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address)", p0, p1));
}
function log(uint p0, uint p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,uint)", p0, p1, p2));
}
function log(uint p0, uint p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,string)", p0, p1, p2));
}
function log(uint p0, uint p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,bool)", p0, p1, p2));
}
function log(uint p0, uint p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,address)", p0, p1, p2));
}
function log(uint p0, string memory p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,uint)", p0, p1, p2));
}
function log(uint p0, string memory p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,string)", p0, p1, p2));
}
function log(uint p0, string memory p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,bool)", p0, p1, p2));
}
function log(uint p0, string memory p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,address)", p0, p1, p2));
}
function log(uint p0, bool p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,uint)", p0, p1, p2));
}
function log(uint p0, bool p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,string)", p0, p1, p2));
}
function log(uint p0, bool p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,bool)", p0, p1, p2));
}
function log(uint p0, bool p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,address)", p0, p1, p2));
}
function log(uint p0, address p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,uint)", p0, p1, p2));
}
function log(uint p0, address p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,string)", p0, p1, p2));
}
function log(uint p0, address p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,bool)", p0, p1, p2));
}
function log(uint p0, address p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,address)", p0, p1, p2));
}
function log(string memory p0, uint p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,uint)", p0, p1, p2));
}
function log(string memory p0, uint p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,string)", p0, p1, p2));
}
function log(string memory p0, uint p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,bool)", p0, p1, p2));
}
function log(string memory p0, uint p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,address)", p0, p1, p2));
}
function log(string memory p0, string memory p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,uint)", p0, p1, p2));
}
function log(string memory p0, string memory p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,string)", p0, p1, p2));
}
function log(string memory p0, string memory p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,bool)", p0, p1, p2));
}
function log(string memory p0, string memory p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,address)", p0, p1, p2));
}
function log(string memory p0, bool p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,uint)", p0, p1, p2));
}
function log(string memory p0, bool p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,string)", p0, p1, p2));
}
function log(string memory p0, bool p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,bool)", p0, p1, p2));
}
function log(string memory p0, bool p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,address)", p0, p1, p2));
}
function log(string memory p0, address p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,uint)", p0, p1, p2));
}
function log(string memory p0, address p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,string)", p0, p1, p2));
}
function log(string memory p0, address p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,bool)", p0, p1, p2));
}
function log(string memory p0, address p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,address)", p0, p1, p2));
}
function log(bool p0, uint p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,uint)", p0, p1, p2));
}
function log(bool p0, uint p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,string)", p0, p1, p2));
}
function log(bool p0, uint p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,bool)", p0, p1, p2));
}
function log(bool p0, uint p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,address)", p0, p1, p2));
}
function log(bool p0, string memory p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,uint)", p0, p1, p2));
}
function log(bool p0, string memory p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,string)", p0, p1, p2));
}
function log(bool p0, string memory p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,bool)", p0, p1, p2));
}
function log(bool p0, string memory p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,address)", p0, p1, p2));
}
function log(bool p0, bool p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,uint)", p0, p1, p2));
}
function log(bool p0, bool p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,string)", p0, p1, p2));
}
function log(bool p0, bool p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,bool)", p0, p1, p2));
}
function log(bool p0, bool p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,address)", p0, p1, p2));
}
function log(bool p0, address p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,uint)", p0, p1, p2));
}
function log(bool p0, address p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,string)", p0, p1, p2));
}
function log(bool p0, address p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,bool)", p0, p1, p2));
}
function log(bool p0, address p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,address)", p0, p1, p2));
}
function log(address p0, uint p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,uint)", p0, p1, p2));
}
function log(address p0, uint p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,string)", p0, p1, p2));
}
function log(address p0, uint p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,bool)", p0, p1, p2));
}
function log(address p0, uint p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,address)", p0, p1, p2));
}
function log(address p0, string memory p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,uint)", p0, p1, p2));
}
function log(address p0, string memory p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,string)", p0, p1, p2));
}
function log(address p0, string memory p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,bool)", p0, p1, p2));
}
function log(address p0, string memory p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,address)", p0, p1, p2));
}
function log(address p0, bool p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,uint)", p0, p1, p2));
}
function log(address p0, bool p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,string)", p0, p1, p2));
}
function log(address p0, bool p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,bool)", p0, p1, p2));
}
function log(address p0, bool p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,address)", p0, p1, p2));
}
function log(address p0, address p1, uint p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,uint)", p0, p1, p2));
}
function log(address p0, address p1, string memory p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,string)", p0, p1, p2));
}
function log(address p0, address p1, bool p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,bool)", p0, p1, p2));
}
function log(address p0, address p1, address p2) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,address)", p0, p1, p2));
}
function log(uint p0, uint p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,uint,uint)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,uint,string)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,uint,bool)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,uint,address)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,string,uint)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,string,string)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,string,bool)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,string,address)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,bool,uint)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,bool,string)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,bool,bool)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,bool,address)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,address,uint)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,address,string)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,address,bool)", p0, p1, p2, p3));
}
function log(uint p0, uint p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,uint,address,address)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,uint,uint)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,uint,string)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,uint,bool)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,uint,address)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,string,uint)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,string,string)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,string,bool)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,string,address)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,bool,uint)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,bool,string)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,bool,bool)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,bool,address)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,address,uint)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,address,string)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,address,bool)", p0, p1, p2, p3));
}
function log(uint p0, string memory p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,string,address,address)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,uint,uint)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,uint,string)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,uint,bool)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,uint,address)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,string,uint)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,string,string)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,string,bool)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,string,address)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,bool,uint)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,bool,string)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,bool,bool)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,bool,address)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,address,uint)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,address,string)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,address,bool)", p0, p1, p2, p3));
}
function log(uint p0, bool p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,bool,address,address)", p0, p1, p2, p3));
}
function log(uint p0, address p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,uint,uint)", p0, p1, p2, p3));
}
function log(uint p0, address p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,uint,string)", p0, p1, p2, p3));
}
function log(uint p0, address p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,uint,bool)", p0, p1, p2, p3));
}
function log(uint p0, address p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,uint,address)", p0, p1, p2, p3));
}
function log(uint p0, address p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,string,uint)", p0, p1, p2, p3));
}
function log(uint p0, address p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,string,string)", p0, p1, p2, p3));
}
function log(uint p0, address p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,string,bool)", p0, p1, p2, p3));
}
function log(uint p0, address p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,string,address)", p0, p1, p2, p3));
}
function log(uint p0, address p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,bool,uint)", p0, p1, p2, p3));
}
function log(uint p0, address p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,bool,string)", p0, p1, p2, p3));
}
function log(uint p0, address p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,bool,bool)", p0, p1, p2, p3));
}
function log(uint p0, address p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,bool,address)", p0, p1, p2, p3));
}
function log(uint p0, address p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,address,uint)", p0, p1, p2, p3));
}
function log(uint p0, address p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,address,string)", p0, p1, p2, p3));
}
function log(uint p0, address p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,address,bool)", p0, p1, p2, p3));
}
function log(uint p0, address p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(uint,address,address,address)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,uint,uint)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,uint,string)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,uint,bool)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,uint,address)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,string,uint)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,string,string)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,string,bool)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,string,address)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,bool,uint)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,bool,string)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,bool,bool)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,bool,address)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,address,uint)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,address,string)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,address,bool)", p0, p1, p2, p3));
}
function log(string memory p0, uint p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,uint,address,address)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,uint,uint)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,uint,string)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,uint,bool)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,uint,address)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,string,uint)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,string,string)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,string,bool)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,string,address)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,bool,uint)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,bool,string)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,bool,bool)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,bool,address)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,address,uint)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,address,string)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,address,bool)", p0, p1, p2, p3));
}
function log(string memory p0, string memory p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,string,address,address)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,uint,uint)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,uint,string)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,uint,bool)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,uint,address)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,string,uint)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,string,string)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,string,bool)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,string,address)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,bool,uint)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,bool,string)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,bool,bool)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,bool,address)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,address,uint)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,address,string)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,address,bool)", p0, p1, p2, p3));
}
function log(string memory p0, bool p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,bool,address,address)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,uint,uint)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,uint,string)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,uint,bool)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,uint,address)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,string,uint)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,string,string)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,string,bool)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,string,address)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,bool,uint)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,bool,string)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,bool,bool)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,bool,address)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,address,uint)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,address,string)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,address,bool)", p0, p1, p2, p3));
}
function log(string memory p0, address p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(string,address,address,address)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,uint,uint)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,uint,string)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,uint,bool)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,uint,address)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,string,uint)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,string,string)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,string,bool)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,string,address)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,bool,uint)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,bool,string)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,bool,bool)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,bool,address)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,address,uint)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,address,string)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,address,bool)", p0, p1, p2, p3));
}
function log(bool p0, uint p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,uint,address,address)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,uint,uint)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,uint,string)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,uint,bool)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,uint,address)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,string,uint)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,string,string)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,string,bool)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,string,address)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,bool,uint)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,bool,string)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,bool,bool)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,bool,address)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,address,uint)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,address,string)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,address,bool)", p0, p1, p2, p3));
}
function log(bool p0, string memory p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,string,address,address)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,uint,uint)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,uint,string)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,uint,bool)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,uint,address)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,string,uint)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,string,string)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,string,bool)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,string,address)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,bool,uint)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,bool,string)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,bool,bool)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,bool,address)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,address,uint)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,address,string)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,address,bool)", p0, p1, p2, p3));
}
function log(bool p0, bool p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,bool,address,address)", p0, p1, p2, p3));
}
function log(bool p0, address p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,uint,uint)", p0, p1, p2, p3));
}
function log(bool p0, address p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,uint,string)", p0, p1, p2, p3));
}
function log(bool p0, address p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,uint,bool)", p0, p1, p2, p3));
}
function log(bool p0, address p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,uint,address)", p0, p1, p2, p3));
}
function log(bool p0, address p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,string,uint)", p0, p1, p2, p3));
}
function log(bool p0, address p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,string,string)", p0, p1, p2, p3));
}
function log(bool p0, address p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,string,bool)", p0, p1, p2, p3));
}
function log(bool p0, address p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,string,address)", p0, p1, p2, p3));
}
function log(bool p0, address p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,bool,uint)", p0, p1, p2, p3));
}
function log(bool p0, address p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,bool,string)", p0, p1, p2, p3));
}
function log(bool p0, address p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,bool,bool)", p0, p1, p2, p3));
}
function log(bool p0, address p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,bool,address)", p0, p1, p2, p3));
}
function log(bool p0, address p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,address,uint)", p0, p1, p2, p3));
}
function log(bool p0, address p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,address,string)", p0, p1, p2, p3));
}
function log(bool p0, address p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,address,bool)", p0, p1, p2, p3));
}
function log(bool p0, address p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(bool,address,address,address)", p0, p1, p2, p3));
}
function log(address p0, uint p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,uint,uint)", p0, p1, p2, p3));
}
function log(address p0, uint p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,uint,string)", p0, p1, p2, p3));
}
function log(address p0, uint p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,uint,bool)", p0, p1, p2, p3));
}
function log(address p0, uint p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,uint,address)", p0, p1, p2, p3));
}
function log(address p0, uint p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,string,uint)", p0, p1, p2, p3));
}
function log(address p0, uint p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,string,string)", p0, p1, p2, p3));
}
function log(address p0, uint p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,string,bool)", p0, p1, p2, p3));
}
function log(address p0, uint p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,string,address)", p0, p1, p2, p3));
}
function log(address p0, uint p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,bool,uint)", p0, p1, p2, p3));
}
function log(address p0, uint p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,bool,string)", p0, p1, p2, p3));
}
function log(address p0, uint p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,bool,bool)", p0, p1, p2, p3));
}
function log(address p0, uint p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,bool,address)", p0, p1, p2, p3));
}
function log(address p0, uint p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,address,uint)", p0, p1, p2, p3));
}
function log(address p0, uint p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,address,string)", p0, p1, p2, p3));
}
function log(address p0, uint p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,address,bool)", p0, p1, p2, p3));
}
function log(address p0, uint p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,uint,address,address)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,uint,uint)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,uint,string)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,uint,bool)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,uint,address)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,string,uint)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,string,string)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,string,bool)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,string,address)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,bool,uint)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,bool,string)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,bool,bool)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,bool,address)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,address,uint)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,address,string)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,address,bool)", p0, p1, p2, p3));
}
function log(address p0, string memory p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,string,address,address)", p0, p1, p2, p3));
}
function log(address p0, bool p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,uint,uint)", p0, p1, p2, p3));
}
function log(address p0, bool p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,uint,string)", p0, p1, p2, p3));
}
function log(address p0, bool p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,uint,bool)", p0, p1, p2, p3));
}
function log(address p0, bool p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,uint,address)", p0, p1, p2, p3));
}
function log(address p0, bool p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,string,uint)", p0, p1, p2, p3));
}
function log(address p0, bool p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,string,string)", p0, p1, p2, p3));
}
function log(address p0, bool p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,string,bool)", p0, p1, p2, p3));
}
function log(address p0, bool p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,string,address)", p0, p1, p2, p3));
}
function log(address p0, bool p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,bool,uint)", p0, p1, p2, p3));
}
function log(address p0, bool p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,bool,string)", p0, p1, p2, p3));
}
function log(address p0, bool p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,bool,bool)", p0, p1, p2, p3));
}
function log(address p0, bool p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,bool,address)", p0, p1, p2, p3));
}
function log(address p0, bool p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,address,uint)", p0, p1, p2, p3));
}
function log(address p0, bool p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,address,string)", p0, p1, p2, p3));
}
function log(address p0, bool p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,address,bool)", p0, p1, p2, p3));
}
function log(address p0, bool p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,bool,address,address)", p0, p1, p2, p3));
}
function log(address p0, address p1, uint p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,uint,uint)", p0, p1, p2, p3));
}
function log(address p0, address p1, uint p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,uint,string)", p0, p1, p2, p3));
}
function log(address p0, address p1, uint p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,uint,bool)", p0, p1, p2, p3));
}
function log(address p0, address p1, uint p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,uint,address)", p0, p1, p2, p3));
}
function log(address p0, address p1, string memory p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,string,uint)", p0, p1, p2, p3));
}
function log(address p0, address p1, string memory p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,string,string)", p0, p1, p2, p3));
}
function log(address p0, address p1, string memory p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,string,bool)", p0, p1, p2, p3));
}
function log(address p0, address p1, string memory p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,string,address)", p0, p1, p2, p3));
}
function log(address p0, address p1, bool p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,bool,uint)", p0, p1, p2, p3));
}
function log(address p0, address p1, bool p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,bool,string)", p0, p1, p2, p3));
}
function log(address p0, address p1, bool p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,bool,bool)", p0, p1, p2, p3));
}
function log(address p0, address p1, bool p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,bool,address)", p0, p1, p2, p3));
}
function log(address p0, address p1, address p2, uint p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,address,uint)", p0, p1, p2, p3));
}
function log(address p0, address p1, address p2, string memory p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,address,string)", p0, p1, p2, p3));
}
function log(address p0, address p1, address p2, bool p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,address,bool)", p0, p1, p2, p3));
}
function log(address p0, address p1, address p2, address p3) internal view {
_sendLogPayload(abi.encodeWithSignature("log(address,address,address,address)", p0, p1, p2, p3));
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
import "../Utils/EnumerableSet.sol";
import "../Utils/Address.sol";
import "../Common/Context.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it.
*/
abstract contract AccessControl is Context {
using EnumerableSet for EnumerableSet.AddressSet;
using Address for address;
struct RoleData {
EnumerableSet.AddressSet members;
bytes32 adminRole;
}
mapping (bytes32 => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00; //bytes32(uint256(0x4B437D01b575618140442A4975db38850e3f8f5f) << 96);
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted signaling this.
*
* _Available since v3.1._
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call, an admin role
* bearer except when using {_setupRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view returns (bool) {
return _roles[role].members.contains(account);
}
/**
* @dev Returns the number of accounts that have `role`. Can be used
* together with {getRoleMember} to enumerate all bearers of a role.
*/
function getRoleMemberCount(bytes32 role) public view returns (uint256) {
return _roles[role].members.length();
}
/**
* @dev Returns one of the accounts that have `role`. `index` must be a
* value between 0 and {getRoleMemberCount}, non-inclusive.
*
* Role bearers are not sorted in any particular way, and their ordering may
* change at any point.
*
* WARNING: When using {getRoleMember} and {getRoleMemberCount}, make sure
* you perform all queries on the same block. See the following
* https://forum.openzeppelin.com/t/iterating-over-elements-on-enumerableset-in-openzeppelin-contracts/2296[forum post]
* for more information.
*/
function getRoleMember(bytes32 role, uint256 index) public view returns (address) {
return _roles[role].members.at(index);
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) public virtual {
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to grant");
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) public virtual {
require(hasRole(_roles[role].adminRole, _msgSender()), "AccessControl: sender must be an admin to revoke");
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `account`.
*/
function renounceRole(bytes32 role, address account) public virtual {
require(account == _msgSender(), "AccessControl: can only renounce roles for self");
_revokeRole(role, account);
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event. Note that unlike {grantRole}, this function doesn't perform any
* checks on the calling account.
*
* [WARNING]
* ====
* This function should only be called from the constructor when setting
* up the initial roles for the system.
*
* Using this function in any other way is effectively circumventing the admin
* system imposed by {AccessControl}.
* ====
*/
function _setupRole(bytes32 role, address account) internal virtual {
_grantRole(role, account);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
emit RoleAdminChanged(role, _roles[role].adminRole, adminRole);
_roles[role].adminRole = adminRole;
}
function _grantRole(bytes32 role, address account) private {
if (_roles[role].members.add(account)) {
emit RoleGranted(role, account, _msgSender());
}
}
function _revokeRole(bytes32 role, address account) private {
if (_roles[role].members.remove(account)) {
emit RoleRevoked(role, account, _msgSender());
}
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (interfaces/IERC20.sol) pragma solidity ^0.8.0; import "../token/ERC20/IERC20.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (security/ReentrancyGuard.sol)
pragma solidity ^0.8.0;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor() {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be _NOT_ENTERED
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/extensions/draft-ERC20Permit.sol)
pragma solidity ^0.8.0;
import "./draft-IERC20Permit.sol";
import "../ERC20.sol";
import "../../../utils/cryptography/ECDSA.sol";
import "../../../utils/cryptography/EIP712.sol";
import "../../../utils/Counters.sol";
/**
* @dev Implementation of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on `{IERC20-approve}`, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* _Available since v3.4._
*/
abstract contract ERC20Permit is ERC20, IERC20Permit, EIP712 {
using Counters for Counters.Counter;
mapping(address => Counters.Counter) private _nonces;
// solhint-disable-next-line var-name-mixedcase
bytes32 private constant _PERMIT_TYPEHASH =
keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
/**
* @dev In previous versions `_PERMIT_TYPEHASH` was declared as `immutable`.
* However, to ensure consistency with the upgradeable transpiler, we will continue
* to reserve a slot.
* @custom:oz-renamed-from _PERMIT_TYPEHASH
*/
// solhint-disable-next-line var-name-mixedcase
bytes32 private _PERMIT_TYPEHASH_DEPRECATED_SLOT;
/**
* @dev Initializes the {EIP712} domain separator using the `name` parameter, and setting `version` to `"1"`.
*
* It's a good idea to use the same `name` that is defined as the ERC20 token name.
*/
constructor(string memory name) EIP712(name, "1") {}
/**
* @dev See {IERC20Permit-permit}.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public virtual override {
require(block.timestamp <= deadline, "ERC20Permit: expired deadline");
bytes32 structHash = keccak256(abi.encode(_PERMIT_TYPEHASH, owner, spender, value, _useNonce(owner), deadline));
bytes32 hash = _hashTypedDataV4(structHash);
address signer = ECDSA.recover(hash, v, r, s);
require(signer == owner, "ERC20Permit: invalid signature");
_approve(owner, spender, value);
}
/**
* @dev See {IERC20Permit-nonces}.
*/
function nonces(address owner) public view virtual override returns (uint256) {
return _nonces[owner].current();
}
/**
* @dev See {IERC20Permit-DOMAIN_SEPARATOR}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view override returns (bytes32) {
return _domainSeparatorV4();
}
/**
* @dev "Consume a nonce": return the current value and increment.
*
* _Available since v4.1._
*/
function _useNonce(address owner) internal virtual returns (uint256 current) {
Counters.Counter storage nonce = _nonces[owner];
current = nonce.current();
nonce.increment();
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (token/ERC20/extensions/ERC20Burnable.sol)
pragma solidity ^0.8.0;
import "../ERC20.sol";
import "../../../utils/Context.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public virtual {
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `amount`.
*/
function burnFrom(address account, uint256 amount) public virtual {
_spendAllowance(account, _msgSender(), amount);
_burn(account, amount);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Counters.sol)
pragma solidity ^0.8.0;
/**
* @title Counters
* @author Matt Condon (@shrugs)
* @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number
* of elements in a mapping, issuing ERC721 ids, or counting request ids.
*
* Include with `using Counters for Counters.Counter;`
*/
library Counters {
struct Counter {
// This variable should never be directly accessed by users of the library: interactions must be restricted to
// the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add
// this feature: see https://github.com/ethereum/solidity/issues/4637
uint256 _value; // default: 0
}
function current(Counter storage counter) internal view returns (uint256) {
return counter._value;
}
function increment(Counter storage counter) internal {
unchecked {
counter._value += 1;
}
}
function decrement(Counter storage counter) internal {
uint256 value = counter._value;
require(value > 0, "Counter: decrement overflow");
unchecked {
counter._value = value - 1;
}
}
function reset(Counter storage counter) internal {
counter._value = 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/EIP712.sol)
pragma solidity ^0.8.0;
import "./ECDSA.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* _Available since v3.4._
*/
abstract contract EIP712 {
/* solhint-disable var-name-mixedcase */
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 private immutable _CACHED_DOMAIN_SEPARATOR;
uint256 private immutable _CACHED_CHAIN_ID;
address private immutable _CACHED_THIS;
bytes32 private immutable _HASHED_NAME;
bytes32 private immutable _HASHED_VERSION;
bytes32 private immutable _TYPE_HASH;
/* solhint-enable var-name-mixedcase */
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
bytes32 hashedName = keccak256(bytes(name));
bytes32 hashedVersion = keccak256(bytes(version));
bytes32 typeHash = keccak256(
"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
);
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
_CACHED_CHAIN_ID = block.chainid;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(typeHash, hashedName, hashedVersion);
_CACHED_THIS = address(this);
_TYPE_HASH = typeHash;
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view returns (bytes32) {
if (address(this) == _CACHED_THIS && block.chainid == _CACHED_CHAIN_ID) {
return _CACHED_DOMAIN_SEPARATOR;
} else {
return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
}
}
function _buildDomainSeparator(
bytes32 typeHash,
bytes32 nameHash,
bytes32 versionHash
) private view returns (bytes32) {
return keccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10**64) {
value /= 10**64;
result += 64;
}
if (value >= 10**32) {
value /= 10**32;
result += 32;
}
if (value >= 10**16) {
value /= 10**16;
result += 16;
}
if (value >= 10**8) {
value /= 10**8;
result += 8;
}
if (value >= 10**4) {
value /= 10**4;
result += 4;
}
if (value >= 10**2) {
value /= 10**2;
result += 2;
}
if (value >= 10**1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result * 8) < value ? 1 : 0);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/math/SignedSafeMath.sol)
pragma solidity ^0.8.0;
/**
* @dev Wrappers over Solidity's arithmetic operations.
*
* NOTE: `SignedSafeMath` is no longer needed starting with Solidity 0.8. The compiler
* now has built in overflow checking.
*/
library SignedSafeMath {
/**
* @dev Returns the multiplication of two signed integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/
function mul(int256 a, int256 b) internal pure returns (int256) {
return a * b;
}
/**
* @dev Returns the integer division of two signed integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator.
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(int256 a, int256 b) internal pure returns (int256) {
return a / b;
}
/**
* @dev Returns the subtraction of two signed integers, reverting on
* overflow.
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(int256 a, int256 b) internal pure returns (int256) {
return a - b;
}
/**
* @dev Returns the addition of two signed integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(int256 a, int256 b) internal pure returns (int256) {
return a + b;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20.sol";
import "./extensions/IERC20Metadata.sol";
import "../../utils/Context.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20, IERC20Metadata {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
constructor(string memory name_, string memory symbol_) {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
}
_balances[to] += amount;
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
_balances[account] += amount;
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
}
_totalSupply -= amount;
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address.functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Tool to verifies that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/ERC165.sol)
pragma solidity ^0.8.0;
import "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*
* Alternatively, {ERC165Storage} provides an easier to use but more expensive implementation.
*/
abstract contract ERC165 is IERC165 {
/**
* @dev See {IERC165-supportsInterface}.
*/
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/introspection/IERC165.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[EIP].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[EIP section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.13;
/// Common mathematical functions used in both SD59x18 and UD60x18. Note that these global functions do not
/// always operate with SD59x18 and UD60x18 numbers.
/*//////////////////////////////////////////////////////////////////////////
CUSTOM ERRORS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Emitted when the ending result in the fixed-point version of `mulDiv` would overflow uint256.
error PRBMath__MulDiv18Overflow(uint256 x, uint256 y);
/// @notice Emitted when the ending result in `mulDiv` would overflow uint256.
error PRBMath__MulDivOverflow(uint256 x, uint256 y, uint256 denominator);
/// @notice Emitted when attempting to run `mulDiv` with one of the inputs `type(int256).min`.
error PRBMath__MulDivSignedInputTooSmall();
/// @notice Emitted when the ending result in the signed version of `mulDiv` would overflow int256.
error PRBMath__MulDivSignedOverflow(int256 x, int256 y);
/*//////////////////////////////////////////////////////////////////////////
CONSTANTS
//////////////////////////////////////////////////////////////////////////*/
/// @dev How many trailing decimals can be represented.
uint256 constant UNIT = 1e18;
/// @dev Largest power of two that is a divisor of `UNIT`.
uint256 constant UNIT_LPOTD = 262144;
/// @dev The `UNIT` number inverted mod 2^256.
uint256 constant UNIT_INVERSE = 78156646155174841979727994598816262306175212592076161876661_508869554232690281;
/*//////////////////////////////////////////////////////////////////////////
FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Finds the zero-based index of the first one in the binary representation of x.
/// @dev See the note on msb in the "Find First Set" Wikipedia article https://en.wikipedia.org/wiki/Find_first_set
///
/// Each of the steps in this implementation is equivalent to this high-level code:
///
/// ```solidity
/// if (x >= 2 ** 128) {
/// x >>= 128;
/// result += 128;
/// }
/// ```
///
/// Where 128 is swapped with each respective power of two factor. See the full high-level implementation here:
/// https://gist.github.com/paulrberg/f932f8693f2733e30c4d479e8e980948
///
/// A list of the Yul instructions used below:
/// - "gt" is "greater than"
/// - "or" is the OR bitwise operator
/// - "shl" is "shift left"
/// - "shr" is "shift right"
///
/// @param x The uint256 number for which to find the index of the most significant bit.
/// @return result The index of the most significant bit as an uint256.
function msb(uint256 x) pure returns (uint256 result) {
// 2^128
assembly {
let factor := shl(7, gt(x, 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^64
assembly {
let factor := shl(6, gt(x, 0xFFFFFFFFFFFFFFFF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^32
assembly {
let factor := shl(5, gt(x, 0xFFFFFFFF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^16
assembly {
let factor := shl(4, gt(x, 0xFFFF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^8
assembly {
let factor := shl(3, gt(x, 0xFF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^4
assembly {
let factor := shl(2, gt(x, 0xF))
x := shr(factor, x)
result := or(result, factor)
}
// 2^2
assembly {
let factor := shl(1, gt(x, 0x3))
x := shr(factor, x)
result := or(result, factor)
}
// 2^1
// No need to shift x any more.
assembly {
let factor := gt(x, 0x1)
result := or(result, factor)
}
}
/// @notice Calculates floor(x*y÷denominator) with full precision.
///
/// @dev Credits to Remco Bloemen under MIT license https://xn--2-umb.com/21/muldiv.
///
/// Requirements:
/// - The denominator cannot be zero.
/// - The result must fit within uint256.
///
/// Caveats:
/// - This function does not work with fixed-point numbers.
///
/// @param x The multiplicand as an uint256.
/// @param y The multiplier as an uint256.
/// @param denominator The divisor as an uint256.
/// @return result The result as an uint256.
function mulDiv(uint256 x, uint256 y, uint256 denominator) pure returns (uint256 result) {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
unchecked {
return prod0 / denominator;
}
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (prod1 >= denominator) {
revert PRBMath__MulDivOverflow(x, y, denominator);
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using the mulmod Yul instruction.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
unchecked {
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 lpotdod = denominator & (~denominator + 1);
assembly {
// Divide denominator by lpotdod.
denominator := div(denominator, lpotdod)
// Divide [prod1 prod0] by lpotdod.
prod0 := div(prod0, lpotdod)
// Flip lpotdod such that it is 2^256 / lpotdod. If lpotdod is zero, then it becomes one.
lpotdod := add(div(sub(0, lpotdod), lpotdod), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * lpotdod;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
}
}
/// @notice Calculates floor(x*y÷1e18) with full precision.
///
/// @dev Variant of `mulDiv` with constant folding, i.e. in which the denominator is always 1e18. Before returning the
/// final result, we add 1 if `(x * y) % UNIT >= HALF_UNIT`. Without this adjustment, 6.6e-19 would be truncated to 0
/// instead of being rounded to 1e-18. See "Listing 6" and text above it at https://accu.org/index.php/journals/1717.
///
/// Requirements:
/// - The result must fit within uint256.
///
/// Caveats:
/// - The body is purposely left uncommented; to understand how this works, see the NatSpec comments in `mulDiv`.
/// - It is assumed that the result can never be `type(uint256).max` when x and y solve the following two equations:
/// 1. x * y = type(uint256).max * UNIT
/// 2. (x * y) % UNIT >= UNIT / 2
///
/// @param x The multiplicand as an unsigned 60.18-decimal fixed-point number.
/// @param y The multiplier as an unsigned 60.18-decimal fixed-point number.
/// @return result The result as an unsigned 60.18-decimal fixed-point number.
function mulDiv18(uint256 x, uint256 y) pure returns (uint256 result) {
uint256 prod0;
uint256 prod1;
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
if (prod1 >= UNIT) {
revert PRBMath__MulDiv18Overflow(x, y);
}
uint256 remainder;
assembly {
remainder := mulmod(x, y, UNIT)
}
if (prod1 == 0) {
unchecked {
return prod0 / UNIT;
}
}
assembly {
result := mul(
or(
div(sub(prod0, remainder), UNIT_LPOTD),
mul(sub(prod1, gt(remainder, prod0)), add(div(sub(0, UNIT_LPOTD), UNIT_LPOTD), 1))
),
UNIT_INVERSE
)
}
}
/// @notice Calculates floor(x*y÷denominator) with full precision.
///
/// @dev An extension of `mulDiv` for signed numbers. Works by computing the signs and the absolute values separately.
///
/// Requirements:
/// - None of the inputs can be `type(int256).min`.
/// - The result must fit within int256.
///
/// @param x The multiplicand as an int256.
/// @param y The multiplier as an int256.
/// @param denominator The divisor as an int256.
/// @return result The result as an int256.
function mulDivSigned(int256 x, int256 y, int256 denominator) pure returns (int256 result) {
if (x == type(int256).min || y == type(int256).min || denominator == type(int256).min) {
revert PRBMath__MulDivSignedInputTooSmall();
}
// Get hold of the absolute values of x, y and the denominator.
uint256 absX;
uint256 absY;
uint256 absD;
unchecked {
absX = x < 0 ? uint256(-x) : uint256(x);
absY = y < 0 ? uint256(-y) : uint256(y);
absD = denominator < 0 ? uint256(-denominator) : uint256(denominator);
}
// Compute the absolute value of (x*y)÷denominator. The result must fit within int256.
uint256 rAbs = mulDiv(absX, absY, absD);
if (rAbs > uint256(type(int256).max)) {
revert PRBMath__MulDivSignedOverflow(x, y);
}
// Get the signs of x, y and the denominator.
uint256 sx;
uint256 sy;
uint256 sd;
assembly {
// This works thanks to two's complement.
// "sgt" stands for "signed greater than" and "sub(0,1)" is max uint256.
sx := sgt(x, sub(0, 1))
sy := sgt(y, sub(0, 1))
sd := sgt(denominator, sub(0, 1))
}
// XOR over sx, sy and sd. What this does is to check whether there are 1 or 3 negative signs in the inputs.
// If there are, the result should be negative. Otherwise, it should be positive.
unchecked {
result = sx ^ sy ^ sd == 0 ? -int256(rAbs) : int256(rAbs);
}
}
/// @notice Calculates the binary exponent of x using the binary fraction method.
/// @dev Has to use 192.64-bit fixed-point numbers.
/// See https://ethereum.stackexchange.com/a/96594/24693.
/// @param x The exponent as an unsigned 192.64-bit fixed-point number.
/// @return result The result as an unsigned 60.18-decimal fixed-point number.
function prbExp2(uint256 x) pure returns (uint256 result) {
unchecked {
// Start from 0.5 in the 192.64-bit fixed-point format.
result = 0x800000000000000000000000000000000000000000000000;
// Multiply the result by root(2, 2^-i) when the bit at position i is 1. None of the intermediary results overflows
// because the initial result is 2^191 and all magic factors are less than 2^65.
if (x & 0xFF00000000000000 > 0) {
if (x & 0x8000000000000000 > 0) {
result = (result * 0x16A09E667F3BCC909) >> 64;
}
if (x & 0x4000000000000000 > 0) {
result = (result * 0x1306FE0A31B7152DF) >> 64;
}
if (x & 0x2000000000000000 > 0) {
result = (result * 0x1172B83C7D517ADCE) >> 64;
}
if (x & 0x1000000000000000 > 0) {
result = (result * 0x10B5586CF9890F62A) >> 64;
}
if (x & 0x800000000000000 > 0) {
result = (result * 0x1059B0D31585743AE) >> 64;
}
if (x & 0x400000000000000 > 0) {
result = (result * 0x102C9A3E778060EE7) >> 64;
}
if (x & 0x200000000000000 > 0) {
result = (result * 0x10163DA9FB33356D8) >> 64;
}
if (x & 0x100000000000000 > 0) {
result = (result * 0x100B1AFA5ABCBED61) >> 64;
}
}
if (x & 0xFF000000000000 > 0) {
if (x & 0x80000000000000 > 0) {
result = (result * 0x10058C86DA1C09EA2) >> 64;
}
if (x & 0x40000000000000 > 0) {
result = (result * 0x1002C605E2E8CEC50) >> 64;
}
if (x & 0x20000000000000 > 0) {
result = (result * 0x100162F3904051FA1) >> 64;
}
if (x & 0x10000000000000 > 0) {
result = (result * 0x1000B175EFFDC76BA) >> 64;
}
if (x & 0x8000000000000 > 0) {
result = (result * 0x100058BA01FB9F96D) >> 64;
}
if (x & 0x4000000000000 > 0) {
result = (result * 0x10002C5CC37DA9492) >> 64;
}
if (x & 0x2000000000000 > 0) {
result = (result * 0x1000162E525EE0547) >> 64;
}
if (x & 0x1000000000000 > 0) {
result = (result * 0x10000B17255775C04) >> 64;
}
}
if (x & 0xFF0000000000 > 0) {
if (x & 0x800000000000 > 0) {
result = (result * 0x1000058B91B5BC9AE) >> 64;
}
if (x & 0x400000000000 > 0) {
result = (result * 0x100002C5C89D5EC6D) >> 64;
}
if (x & 0x200000000000 > 0) {
result = (result * 0x10000162E43F4F831) >> 64;
}
if (x & 0x100000000000 > 0) {
result = (result * 0x100000B1721BCFC9A) >> 64;
}
if (x & 0x80000000000 > 0) {
result = (result * 0x10000058B90CF1E6E) >> 64;
}
if (x & 0x40000000000 > 0) {
result = (result * 0x1000002C5C863B73F) >> 64;
}
if (x & 0x20000000000 > 0) {
result = (result * 0x100000162E430E5A2) >> 64;
}
if (x & 0x10000000000 > 0) {
result = (result * 0x1000000B172183551) >> 64;
}
}
if (x & 0xFF00000000 > 0) {
if (x & 0x8000000000 > 0) {
result = (result * 0x100000058B90C0B49) >> 64;
}
if (x & 0x4000000000 > 0) {
result = (result * 0x10000002C5C8601CC) >> 64;
}
if (x & 0x2000000000 > 0) {
result = (result * 0x1000000162E42FFF0) >> 64;
}
if (x & 0x1000000000 > 0) {
result = (result * 0x10000000B17217FBB) >> 64;
}
if (x & 0x800000000 > 0) {
result = (result * 0x1000000058B90BFCE) >> 64;
}
if (x & 0x400000000 > 0) {
result = (result * 0x100000002C5C85FE3) >> 64;
}
if (x & 0x200000000 > 0) {
result = (result * 0x10000000162E42FF1) >> 64;
}
if (x & 0x100000000 > 0) {
result = (result * 0x100000000B17217F8) >> 64;
}
}
if (x & 0xFF00000000 > 0) {
if (x & 0x80000000 > 0) {
result = (result * 0x10000000058B90BFC) >> 64;
}
if (x & 0x40000000 > 0) {
result = (result * 0x1000000002C5C85FE) >> 64;
}
if (x & 0x20000000 > 0) {
result = (result * 0x100000000162E42FF) >> 64;
}
if (x & 0x10000000 > 0) {
result = (result * 0x1000000000B17217F) >> 64;
}
if (x & 0x8000000 > 0) {
result = (result * 0x100000000058B90C0) >> 64;
}
if (x & 0x4000000 > 0) {
result = (result * 0x10000000002C5C860) >> 64;
}
if (x & 0x2000000 > 0) {
result = (result * 0x1000000000162E430) >> 64;
}
if (x & 0x1000000 > 0) {
result = (result * 0x10000000000B17218) >> 64;
}
}
if (x & 0xFF0000 > 0) {
if (x & 0x800000 > 0) {
result = (result * 0x1000000000058B90C) >> 64;
}
if (x & 0x400000 > 0) {
result = (result * 0x100000000002C5C86) >> 64;
}
if (x & 0x200000 > 0) {
result = (result * 0x10000000000162E43) >> 64;
}
if (x & 0x100000 > 0) {
result = (result * 0x100000000000B1721) >> 64;
}
if (x & 0x80000 > 0) {
result = (result * 0x10000000000058B91) >> 64;
}
if (x & 0x40000 > 0) {
result = (result * 0x1000000000002C5C8) >> 64;
}
if (x & 0x20000 > 0) {
result = (result * 0x100000000000162E4) >> 64;
}
if (x & 0x10000 > 0) {
result = (result * 0x1000000000000B172) >> 64;
}
}
if (x & 0xFF00 > 0) {
if (x & 0x8000 > 0) {
result = (result * 0x100000000000058B9) >> 64;
}
if (x & 0x4000 > 0) {
result = (result * 0x10000000000002C5D) >> 64;
}
if (x & 0x2000 > 0) {
result = (result * 0x1000000000000162E) >> 64;
}
if (x & 0x1000 > 0) {
result = (result * 0x10000000000000B17) >> 64;
}
if (x & 0x800 > 0) {
result = (result * 0x1000000000000058C) >> 64;
}
if (x & 0x400 > 0) {
result = (result * 0x100000000000002C6) >> 64;
}
if (x & 0x200 > 0) {
result = (result * 0x10000000000000163) >> 64;
}
if (x & 0x100 > 0) {
result = (result * 0x100000000000000B1) >> 64;
}
}
if (x & 0xFF > 0) {
if (x & 0x80 > 0) {
result = (result * 0x10000000000000059) >> 64;
}
if (x & 0x40 > 0) {
result = (result * 0x1000000000000002C) >> 64;
}
if (x & 0x20 > 0) {
result = (result * 0x10000000000000016) >> 64;
}
if (x & 0x10 > 0) {
result = (result * 0x1000000000000000B) >> 64;
}
if (x & 0x8 > 0) {
result = (result * 0x10000000000000006) >> 64;
}
if (x & 0x4 > 0) {
result = (result * 0x10000000000000003) >> 64;
}
if (x & 0x2 > 0) {
result = (result * 0x10000000000000001) >> 64;
}
if (x & 0x1 > 0) {
result = (result * 0x10000000000000001) >> 64;
}
}
// We're doing two things at the same time:
//
// 1. Multiply the result by 2^n + 1, where "2^n" is the integer part and the one is added to account for
// the fact that we initially set the result to 0.5. This is accomplished by subtracting from 191
// rather than 192.
// 2. Convert the result to the unsigned 60.18-decimal fixed-point format.
//
// This works because 2^(191-ip) = 2^ip / 2^191, where "ip" is the integer part "2^n".
result *= UNIT;
result >>= (191 - (x >> 64));
}
}
/// @notice Calculates the square root of x, rounding down if x is not a perfect square.
/// @dev Uses the Babylonian method https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method.
/// Credits to OpenZeppelin for the explanations in code comments below.
///
/// Caveats:
/// - This function does not work with fixed-point numbers.
///
/// @param x The uint256 number for which to calculate the square root.
/// @return result The result as an uint256.
function prbSqrt(uint256 x) pure returns (uint256 result) {
if (x == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of x.
//
// We know that the "msb" (most significant bit) of x is a power of 2 such that we have:
//
// $$
// msb(x) <= x <= 2*msb(x)$
// $$
//
// We write $msb(x)$ as $2^k$ and we get:
//
// $$
// k = log_2(x)
// $$
//
// Thus we can write the initial inequality as:
//
// $$
// 2^{log_2(x)} <= x <= 2*2^{log_2(x)+1} \\
// sqrt(2^k) <= sqrt(x) < sqrt(2^{k+1}) \\
// 2^{k/2} <= sqrt(x) < 2^{(k+1)/2} <= 2^{(k/2)+1}
// $$
//
// Consequently, $2^{log_2(x) /2}` is a good first approximation of sqrt(x) with at least one correct bit.
uint256 xAux = uint256(x);
result = 1;
if (xAux >= 2 ** 128) {
xAux >>= 128;
result <<= 64;
}
if (xAux >= 2 ** 64) {
xAux >>= 64;
result <<= 32;
}
if (xAux >= 2 ** 32) {
xAux >>= 32;
result <<= 16;
}
if (xAux >= 2 ** 16) {
xAux >>= 16;
result <<= 8;
}
if (xAux >= 2 ** 8) {
xAux >>= 8;
result <<= 4;
}
if (xAux >= 2 ** 4) {
xAux >>= 4;
result <<= 2;
}
if (xAux >= 2 ** 2) {
result <<= 1;
}
// At this point, `result` is an estimation with at least one bit of precision. We know the true value has at
// most 128 bits, since it is the square root of a uint256. Newton's method converges quadratically (precision
// doubles at every iteration). We thus need at most 7 iteration to turn our partial result with one bit of
// precision into the expected uint128 result.
unchecked {
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
result = (result + x / result) >> 1;
// Round down the result in case x is not a perfect square.
uint256 roundedDownResult = x / result;
if (result >= roundedDownResult) {
result = roundedDownResult;
}
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.8.13;
import { msb, mulDiv, mulDiv18, prbExp2, prbSqrt } from "./Core.sol";
/// @notice The unsigned 60.18-decimal fixed-point number representation, which can have up to 60 digits and up to 18 decimals.
/// The values of this are bound by the minimum and the maximum values permitted by the Solidity type uint256.
type UD60x18 is uint256;
/*//////////////////////////////////////////////////////////////////////////
CUSTOM ERRORS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Emitted when adding two numbers overflows UD60x18.
error PRBMathUD60x18__AddOverflow(uint256 x, UD60x18 y);
/// @notice Emitted when ceiling a number overflows UD60x18.
error PRBMathUD60x18__CeilOverflow(UD60x18 x);
/// @notice Emitted when taking the natural exponent of a base greater than 133.084258667509499441.
error PRBMathUD60x18__ExpInputTooBig(UD60x18 x);
/// @notice Emitted when taking the binary exponent of a base greater than 192.
error PRBMathUD60x18__Exp2InputTooBig(UD60x18 x);
/// @notice Emitted when taking the geometric mean of two numbers and multiplying them overflows UD60x18.
error PRBMathUD60x18__GmOverflow(UD60x18 x, UD60x18 y);
/// @notice Emitted when taking the logarithm of a number less than 1.
error PRBMathUD60x18__LogInputTooSmall(UD60x18 x);
/// @notice Emitted when calculating the square root overflows UD60x18.
error PRBMathUD60x18__SqrtOverflow(UD60x18 x);
/// @notice Emitted when subtracting one number from another underflows UD60x18.
error PRBMathUD60x18__SubUnderflow(UD60x18 x, UD60x18 y);
/// @notice Emitted when converting a basic integer to the fixed-point format overflows UD60x18.
error PRBMathUD60x18__ToUD60x18Overflow(uint256 x);
/*//////////////////////////////////////////////////////////////////////////
CONSTANTS
//////////////////////////////////////////////////////////////////////////*/
/// NOTICE: the "u" prefix stands for "unwrapped".
/// @dev Euler's number as an UD60x18 number.
UD60x18 constant E = UD60x18.wrap(2_718281828459045235);
/// @dev Half the UNIT number.
uint256 constant uHALF_UNIT = 0.5e18;
UD60x18 constant HALF_UNIT = UD60x18.wrap(uHALF_UNIT);
/// @dev log2(10) as an UD60x18 number.
uint256 constant uLOG2_10 = 3_321928094887362347;
UD60x18 constant LOG2_10 = UD60x18.wrap(uLOG2_10);
/// @dev log2(e) as an UD60x18 number.
uint256 constant uLOG2_E = 1_442695040888963407;
UD60x18 constant LOG2_E = UD60x18.wrap(uLOG2_E);
/// @dev The maximum value an UD60x18 number can have.
uint256 constant uMAX_UD60x18 = 115792089237316195423570985008687907853269984665640564039457_584007913129639935;
UD60x18 constant MAX_UD60x18 = UD60x18.wrap(uMAX_UD60x18);
/// @dev The maximum whole value an UD60x18 number can have.
uint256 constant uMAX_WHOLE_UD60x18 = 115792089237316195423570985008687907853269984665640564039457_000000000000000000;
UD60x18 constant MAX_WHOLE_UD60x18 = UD60x18.wrap(uMAX_WHOLE_UD60x18);
/// @dev PI as an UD60x18 number.
UD60x18 constant PI = UD60x18.wrap(3_141592653589793238);
/// @dev The unit amount which implies how many trailing decimals can be represented.
uint256 constant uUNIT = 1e18;
UD60x18 constant UNIT = UD60x18.wrap(uUNIT);
/// @dev Zero as an UD60x18 number.
UD60x18 constant ZERO = UD60x18.wrap(0);
/*//////////////////////////////////////////////////////////////////////////
MATHEMATICAL FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
using { avg, ceil, div, exp, exp2, floor, frac, gm, inv, ln, log10, log2, mul, pow, powu, sqrt } for UD60x18 global;
/// @notice Calculates the arithmetic average of x and y, rounding down.
///
/// @dev Based on the formula:
///
/// $$
/// avg(x, y) = (x & y) + ((xUint ^ yUint) / 2)
/// $$
//
/// In English, what this formula does is:
///
/// 1. AND x and y.
/// 2. Calculate half of XOR x and y.
/// 3. Add the two results together.
///
/// This technique is known as SWAR, which stands for "SIMD within a register". You can read more about it here:
/// https://devblogs.microsoft.com/oldnewthing/20220207-00/?p=106223
///
/// @param x The first operand as an UD60x18 number.
/// @param y The second operand as an UD60x18 number.
/// @return result The arithmetic average as an UD60x18 number.
function avg(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
uint256 yUint = unwrap(y);
unchecked {
result = wrap((xUint & yUint) + ((xUint ^ yUint) >> 1));
}
}
/// @notice Yields the smallest whole UD60x18 number greater than or equal to x.
///
/// @dev This is optimized for fractional value inputs, because for every whole value there are "1e18 - 1" fractional
/// counterparts. See https://en.wikipedia.org/wiki/Floor_and_ceiling_functions.
///
/// Requirements:
/// - x must be less than or equal to `MAX_WHOLE_UD60x18`.
///
/// @param x The UD60x18 number to ceil.
/// @param result The least number greater than or equal to x, as an UD60x18 number.
function ceil(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
if (xUint > uMAX_WHOLE_UD60x18) {
revert PRBMathUD60x18__CeilOverflow(x);
}
assembly {
// Equivalent to "x % UNIT" but faster.
let remainder := mod(x, uUNIT)
// Equivalent to "UNIT - remainder" but faster.
let delta := sub(uUNIT, remainder)
// Equivalent to "x + delta * (remainder > 0 ? 1 : 0)" but faster.
result := add(x, mul(delta, gt(remainder, 0)))
}
}
/// @notice Divides two UD60x18 numbers, returning a new UD60x18 number. Rounds towards zero.
///
/// @dev Uses `mulDiv` to enable overflow-safe multiplication and division.
///
/// Requirements:
/// - The denominator cannot be zero.
///
/// @param x The numerator as an UD60x18 number.
/// @param y The denominator as an UD60x18 number.
/// @param result The quotient as an UD60x18 number.
function div(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(mulDiv(unwrap(x), uUNIT, unwrap(y)));
}
/// @notice Calculates the natural exponent of x.
///
/// @dev Based on the formula:
///
/// $$
/// e^x = 2^{x * log_2{e}}
/// $$
///
/// Requirements:
/// - All from `log2`.
/// - x must be less than 133.084258667509499441.
///
/// @param x The exponent as an UD60x18 number.
/// @return result The result as an UD60x18 number.
function exp(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
// Without this check, the value passed to `exp2` would be greater than 192.
if (xUint >= 133_084258667509499441) {
revert PRBMathUD60x18__ExpInputTooBig(x);
}
unchecked {
// We do the fixed-point multiplication inline rather than via the `mul` function to save gas.
uint256 doubleUnitProduct = xUint * uLOG2_E;
result = exp2(wrap(doubleUnitProduct / uUNIT));
}
}
/// @notice Calculates the binary exponent of x using the binary fraction method.
///
/// @dev See https://ethereum.stackexchange.com/q/79903/24693.
///
/// Requirements:
/// - x must be 192 or less.
/// - The result must fit within `MAX_UD60x18`.
///
/// @param x The exponent as an UD60x18 number.
/// @return result The result as an UD60x18 number.
function exp2(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
// Numbers greater than or equal to 2^192 don't fit within the 192.64-bit format.
if (xUint >= 192e18) {
revert PRBMathUD60x18__Exp2InputTooBig(x);
}
// Convert x to the 192.64-bit fixed-point format.
uint256 x_192x64 = (xUint << 64) / uUNIT;
// Pass x to the `prbExp2` function, which uses the 192.64-bit fixed-point number representation.
result = wrap(prbExp2(x_192x64));
}
/// @notice Yields the greatest whole UD60x18 number less than or equal to x.
/// @dev Optimized for fractional value inputs, because for every whole value there are (1e18 - 1) fractional counterparts.
/// See https://en.wikipedia.org/wiki/Floor_and_ceiling_functions.
/// @param x The UD60x18 number to floor.
/// @param result The greatest integer less than or equal to x, as an UD60x18 number.
function floor(UD60x18 x) pure returns (UD60x18 result) {
assembly {
// Equivalent to "x % UNIT" but faster.
let remainder := mod(x, uUNIT)
// Equivalent to "x - remainder * (remainder > 0 ? 1 : 0)" but faster.
result := sub(x, mul(remainder, gt(remainder, 0)))
}
}
/// @notice Yields the excess beyond the floor of x.
/// @dev Based on the odd function definition https://en.wikipedia.org/wiki/Fractional_part.
/// @param x The UD60x18 number to get the fractional part of.
/// @param result The fractional part of x as an UD60x18 number.
function frac(UD60x18 x) pure returns (UD60x18 result) {
assembly {
result := mod(x, uUNIT)
}
}
/// @notice Calculates the geometric mean of x and y, i.e. $$sqrt(x * y)$$, rounding down.
///
/// @dev Requirements:
/// - x * y must fit within `MAX_UD60x18`, lest it overflows.
///
/// @param x The first operand as an UD60x18 number.
/// @param y The second operand as an UD60x18 number.
/// @return result The result as an UD60x18 number.
function gm(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
uint256 yUint = unwrap(y);
if (xUint == 0 || yUint == 0) {
return ZERO;
}
unchecked {
// Checking for overflow this way is faster than letting Solidity do it.
uint256 xyUint = xUint * yUint;
if (xyUint / xUint != yUint) {
revert PRBMathUD60x18__GmOverflow(x, y);
}
// We don't need to multiply the result by `UNIT` here because the x*y product had picked up a factor of `UNIT`
// during multiplication. See the comments in the `prbSqrt` function.
result = wrap(prbSqrt(xyUint));
}
}
/// @notice Calculates 1 / x, rounding toward zero.
///
/// @dev Requirements:
/// - x cannot be zero.
///
/// @param x The UD60x18 number for which to calculate the inverse.
/// @return result The inverse as an UD60x18 number.
function inv(UD60x18 x) pure returns (UD60x18 result) {
unchecked {
// 1e36 is UNIT * UNIT.
result = wrap(1e36 / unwrap(x));
}
}
/// @notice Calculates the natural logarithm of x.
///
/// @dev Based on the formula:
///
/// $$
/// ln{x} = log_2{x} / log_2{e}$$.
/// $$
///
/// Requirements:
/// - All from `log2`.
///
/// Caveats:
/// - All from `log2`.
/// - This doesn't return exactly 1 for 2.718281828459045235, for that more fine-grained precision is needed.
///
/// @param x The UD60x18 number for which to calculate the natural logarithm.
/// @return result The natural logarithm as an UD60x18 number.
function ln(UD60x18 x) pure returns (UD60x18 result) {
unchecked {
// We do the fixed-point multiplication inline to save gas. This is overflow-safe because the maximum value
// that `log2` can return is 196.205294292027477728.
result = wrap((unwrap(log2(x)) * uUNIT) / uLOG2_E);
}
}
/// @notice Calculates the common logarithm of x.
///
/// @dev First checks if x is an exact power of ten and it stops if yes. If it's not, calculates the common
/// logarithm based on the formula:
///
/// $$
/// log_{10}{x} = log_2{x} / log_2{10}
/// $$
///
/// Requirements:
/// - All from `log2`.
///
/// Caveats:
/// - All from `log2`.
///
/// @param x The UD60x18 number for which to calculate the common logarithm.
/// @return result The common logarithm as an UD60x18 number.
function log10(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
if (xUint < uUNIT) {
revert PRBMathUD60x18__LogInputTooSmall(x);
}
// Note that the `mul` in this assembly block is the assembly multiplication operation, not the UD60x18 `mul`.
// prettier-ignore
assembly {
switch x
case 1 { result := mul(uUNIT, sub(0, 18)) }
case 10 { result := mul(uUNIT, sub(1, 18)) }
case 100 { result := mul(uUNIT, sub(2, 18)) }
case 1000 { result := mul(uUNIT, sub(3, 18)) }
case 10000 { result := mul(uUNIT, sub(4, 18)) }
case 100000 { result := mul(uUNIT, sub(5, 18)) }
case 1000000 { result := mul(uUNIT, sub(6, 18)) }
case 10000000 { result := mul(uUNIT, sub(7, 18)) }
case 100000000 { result := mul(uUNIT, sub(8, 18)) }
case 1000000000 { result := mul(uUNIT, sub(9, 18)) }
case 10000000000 { result := mul(uUNIT, sub(10, 18)) }
case 100000000000 { result := mul(uUNIT, sub(11, 18)) }
case 1000000000000 { result := mul(uUNIT, sub(12, 18)) }
case 10000000000000 { result := mul(uUNIT, sub(13, 18)) }
case 100000000000000 { result := mul(uUNIT, sub(14, 18)) }
case 1000000000000000 { result := mul(uUNIT, sub(15, 18)) }
case 10000000000000000 { result := mul(uUNIT, sub(16, 18)) }
case 100000000000000000 { result := mul(uUNIT, sub(17, 18)) }
case 1000000000000000000 { result := 0 }
case 10000000000000000000 { result := uUNIT }
case 100000000000000000000 { result := mul(uUNIT, 2) }
case 1000000000000000000000 { result := mul(uUNIT, 3) }
case 10000000000000000000000 { result := mul(uUNIT, 4) }
case 100000000000000000000000 { result := mul(uUNIT, 5) }
case 1000000000000000000000000 { result := mul(uUNIT, 6) }
case 10000000000000000000000000 { result := mul(uUNIT, 7) }
case 100000000000000000000000000 { result := mul(uUNIT, 8) }
case 1000000000000000000000000000 { result := mul(uUNIT, 9) }
case 10000000000000000000000000000 { result := mul(uUNIT, 10) }
case 100000000000000000000000000000 { result := mul(uUNIT, 11) }
case 1000000000000000000000000000000 { result := mul(uUNIT, 12) }
case 10000000000000000000000000000000 { result := mul(uUNIT, 13) }
case 100000000000000000000000000000000 { result := mul(uUNIT, 14) }
case 1000000000000000000000000000000000 { result := mul(uUNIT, 15) }
case 10000000000000000000000000000000000 { result := mul(uUNIT, 16) }
case 100000000000000000000000000000000000 { result := mul(uUNIT, 17) }
case 1000000000000000000000000000000000000 { result := mul(uUNIT, 18) }
case 10000000000000000000000000000000000000 { result := mul(uUNIT, 19) }
case 100000000000000000000000000000000000000 { result := mul(uUNIT, 20) }
case 1000000000000000000000000000000000000000 { result := mul(uUNIT, 21) }
case 10000000000000000000000000000000000000000 { result := mul(uUNIT, 22) }
case 100000000000000000000000000000000000000000 { result := mul(uUNIT, 23) }
case 1000000000000000000000000000000000000000000 { result := mul(uUNIT, 24) }
case 10000000000000000000000000000000000000000000 { result := mul(uUNIT, 25) }
case 100000000000000000000000000000000000000000000 { result := mul(uUNIT, 26) }
case 1000000000000000000000000000000000000000000000 { result := mul(uUNIT, 27) }
case 10000000000000000000000000000000000000000000000 { result := mul(uUNIT, 28) }
case 100000000000000000000000000000000000000000000000 { result := mul(uUNIT, 29) }
case 1000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 30) }
case 10000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 31) }
case 100000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 32) }
case 1000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 33) }
case 10000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 34) }
case 100000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 35) }
case 1000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 36) }
case 10000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 37) }
case 100000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 38) }
case 1000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 39) }
case 10000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 40) }
case 100000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 41) }
case 1000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 42) }
case 10000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 43) }
case 100000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 44) }
case 1000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 45) }
case 10000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 46) }
case 100000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 47) }
case 1000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 48) }
case 10000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 49) }
case 100000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 50) }
case 1000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 51) }
case 10000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 52) }
case 100000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 53) }
case 1000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 54) }
case 10000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 55) }
case 100000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 56) }
case 1000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 57) }
case 10000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 58) }
case 100000000000000000000000000000000000000000000000000000000000000000000000000000 { result := mul(uUNIT, 59) }
default {
result := uMAX_UD60x18
}
}
if (unwrap(result) == uMAX_UD60x18) {
unchecked {
// Do the fixed-point division inline to save gas.
result = wrap((unwrap(log2(x)) * uUNIT) / uLOG2_10);
}
}
}
/// @notice Calculates the binary logarithm of x.
///
/// @dev Based on the iterative approximation algorithm.
/// https://en.wikipedia.org/wiki/Binary_logarithm#Iterative_approximation
///
/// Requirements:
/// - x must be greater than or equal to UNIT, otherwise the result would be negative.
///
/// Caveats:
/// - The results are nor perfectly accurate to the last decimal, due to the lossy precision of the iterative approximation.
///
/// @param x The UD60x18 number for which to calculate the binary logarithm.
/// @return result The binary logarithm as an UD60x18 number.
function log2(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
if (xUint < uUNIT) {
revert PRBMathUD60x18__LogInputTooSmall(x);
}
unchecked {
// Calculate the integer part of the logarithm, add it to the result and finally calculate y = x * 2^(-n).
uint256 n = msb(xUint / uUNIT);
// This is the integer part of the logarithm as an UD60x18 number. The operation can't overflow because n
// n is maximum 255 and UNIT is 1e18.
uint256 resultUint = n * uUNIT;
// This is $y = x * 2^{-n}$.
uint256 y = xUint >> n;
// If y is 1, the fractional part is zero.
if (y == uUNIT) {
return wrap(resultUint);
}
// Calculate the fractional part via the iterative approximation.
// The "delta.rshift(1)" part is equivalent to "delta /= 2", but shifting bits is faster.
uint256 DOUBLE_UNIT = 2e18;
for (uint256 delta = uHALF_UNIT; delta > 0; delta >>= 1) {
y = (y * y) / uUNIT;
// Is y^2 > 2 and so in the range [2,4)?
if (y >= DOUBLE_UNIT) {
// Add the 2^{-m} factor to the logarithm.
resultUint += delta;
// Corresponds to z/2 on Wikipedia.
y >>= 1;
}
}
result = wrap(resultUint);
}
}
/// @notice Multiplies two UD60x18 numbers together, returning a new UD60x18 number.
/// @dev See the documentation for the `Core/mulDiv18` function.
/// @param x The multiplicand as an UD60x18 number.
/// @param y The multiplier as an UD60x18 number.
/// @return result The product as an UD60x18 number.
function mul(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(mulDiv18(unwrap(x), unwrap(y)));
}
/// @notice Raises x to the power of y.
///
/// @dev Based on the formula:
///
/// $$
/// x^y = 2^{log_2{x} * y}
/// $$
///
/// Requirements:
/// - All from `exp2`, `log2` and `mul`.
///
/// Caveats:
/// - All from `exp2`, `log2` and `mul`.
/// - Assumes 0^0 is 1.
///
/// @param x Number to raise to given power y, as an UD60x18 number.
/// @param y Exponent to raise x to, as an UD60x18 number.
/// @return result x raised to power y, as an UD60x18 number.
function pow(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
uint256 yUint = unwrap(y);
if (xUint == 0) {
result = yUint == 0 ? UNIT : ZERO;
} else {
if (yUint == uUNIT) {
result = x;
} else {
result = exp2(mul(log2(x), y));
}
}
}
/// @notice Raises x (an UD60x18 number) to the power y (unsigned basic integer) using the famous algorithm
/// "exponentiation by squaring".
///
/// @dev See https://en.wikipedia.org/wiki/Exponentiation_by_squaring
///
/// Requirements:
/// - The result must fit within `MAX_UD60x18`.
///
/// Caveats:
/// - All from "Core/mulDiv18".
/// - Assumes 0^0 is 1.
///
/// @param x The base as an UD60x18 number.
/// @param y The exponent as an uint256.
/// @return result The result as an UD60x18 number.
function powu(UD60x18 x, uint256 y) pure returns (UD60x18 result) {
// Calculate the first iteration of the loop in advance.
uint256 xUint = unwrap(x);
uint256 resultUint = y & 1 > 0 ? xUint : uUNIT;
// Equivalent to "for(y /= 2; y > 0; y /= 2)" but faster.
for (y >>= 1; y > 0; y >>= 1) {
xUint = mulDiv18(xUint, xUint);
// Equivalent to "y % 2 == 1" but faster.
if (y & 1 > 0) {
resultUint = mulDiv18(resultUint, xUint);
}
}
result = wrap(resultUint);
}
/// @notice Calculates the square root of x, rounding down.
/// @dev Uses the Babylonian method https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method.
///
/// Requirements:
/// - x must be less than `MAX_UD60x18` divided by `UNIT`.
///
/// @param x The UD60x18 number for which to calculate the square root.
/// @return result The result as an UD60x18 number.
function sqrt(UD60x18 x) pure returns (UD60x18 result) {
uint256 xUint = unwrap(x);
unchecked {
if (xUint > uMAX_UD60x18 / uUNIT) {
revert PRBMathUD60x18__SqrtOverflow(x);
}
// Multiply x by `UNIT` to account for the factor of `UNIT` that is picked up when multiplying two UD60x18
// numbers together (in this case, the two numbers are both the square root).
result = wrap(prbSqrt(xUint * uUNIT));
}
}
/*//////////////////////////////////////////////////////////////////////////
CONVERSION FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Converts an UD60x18 number to a simple integer by dividing it by `UNIT`. Rounds towards zero in the process.
/// @dev Rounds down in the process.
/// @param x The UD60x18 number to convert.
/// @return result The same number in basic integer form.
function fromUD60x18(UD60x18 x) pure returns (uint256 result) {
result = unwrap(x) / uUNIT;
}
/// @notice Converts a simple integer to UD60x18 by multiplying it by `UNIT`.
///
/// @dev Requirements:
/// - x must be less than or equal to `MAX_UD60x18` divided by `UNIT`.
///
/// @param x The basic integer to convert.
/// @param result The same number converted to UD60x18.
function toUD60x18(uint256 x) pure returns (UD60x18 result) {
if (x > uMAX_UD60x18 / uUNIT) {
revert PRBMathUD60x18__ToUD60x18Overflow(x);
}
unchecked {
result = wrap(x * uUNIT);
}
}
/// @notice Wraps an unsigned integer into the UD60x18 type.
function ud(uint256 x) pure returns (UD60x18 result) {
result = wrap(x);
}
/// @notice Wraps an unsigned integer into the UD60x18 type.
/// @dev Alias for the "ud" function defined above.
function ud60x18(uint256 x) pure returns (UD60x18 result) {
result = wrap(x);
}
/// @notice Unwraps an UD60x18 number into the underlying unsigned integer.
function unwrap(UD60x18 x) pure returns (uint256 result) {
result = UD60x18.unwrap(x);
}
/// @notice Wraps an unsigned integer into the UD60x18 type.
function wrap(uint256 x) pure returns (UD60x18 result) {
result = UD60x18.wrap(x);
}
/*//////////////////////////////////////////////////////////////////////////
GLOBAL-SCOPED HELPER FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
using {
add,
and,
eq,
gt,
gte,
isZero,
lshift,
lt,
lte,
mod,
neq,
or,
rshift,
sub,
uncheckedAdd,
uncheckedSub,
xor
} for UD60x18 global;
/// @notice Implements the checked addition operation (+) in the UD60x18 type.
function add(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(unwrap(x) + unwrap(y));
}
/// @notice Implements the AND (&) bitwise operation in the UD60x18 type.
function and(UD60x18 x, uint256 bits) pure returns (UD60x18 result) {
result = wrap(unwrap(x) & bits);
}
/// @notice Implements the equal operation (==) in the UD60x18 type.
function eq(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) == unwrap(y);
}
/// @notice Implements the greater than operation (>) in the UD60x18 type.
function gt(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) > unwrap(y);
}
/// @notice Implements the greater than or equal to operation (>=) in the UD60x18 type.
function gte(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) >= unwrap(y);
}
/// @notice Implements a zero comparison check function in the UD60x18 type.
function isZero(UD60x18 x) pure returns (bool result) {
// This wouldn't work if x could be negative.
result = unwrap(x) == 0;
}
/// @notice Implements the left shift operation (<<) in the UD60x18 type.
function lshift(UD60x18 x, uint256 bits) pure returns (UD60x18 result) {
result = wrap(unwrap(x) << bits);
}
/// @notice Implements the lower than operation (<) in the UD60x18 type.
function lt(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) < unwrap(y);
}
/// @notice Implements the lower than or equal to operation (<=) in the UD60x18 type.
function lte(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) <= unwrap(y);
}
/// @notice Implements the checked modulo operation (%) in the UD60x18 type.
function mod(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(unwrap(x) % unwrap(y));
}
/// @notice Implements the not equal operation (!=) in the UD60x18 type
function neq(UD60x18 x, UD60x18 y) pure returns (bool result) {
result = unwrap(x) != unwrap(y);
}
/// @notice Implements the OR (|) bitwise operation in the UD60x18 type.
function or(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(unwrap(x) | unwrap(y));
}
/// @notice Implements the right shift operation (>>) in the UD60x18 type.
function rshift(UD60x18 x, uint256 bits) pure returns (UD60x18 result) {
result = wrap(unwrap(x) >> bits);
}
/// @notice Implements the checked subtraction operation (-) in the UD60x18 type.
function sub(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(unwrap(x) - unwrap(y));
}
/// @notice Implements the unchecked addition operation (+) in the UD60x18 type.
function uncheckedAdd(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
unchecked {
result = wrap(unwrap(x) + unwrap(y));
}
}
/// @notice Implements the unchecked subtraction operation (-) in the UD60x18 type.
function uncheckedSub(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
unchecked {
result = wrap(unwrap(x) - unwrap(y));
}
}
/// @notice Implements the XOR (^) bitwise operation in the UD60x18 type.
function xor(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
result = wrap(unwrap(x) ^ unwrap(y));
}
/*//////////////////////////////////////////////////////////////////////////
FILE-SCOPED HELPER FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
using { uncheckedDiv, uncheckedMul } for UD60x18;
/// @notice Implements the unchecked standard division operation in the UD60x18 type.
function uncheckedDiv(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
unchecked {
result = wrap(unwrap(x) / unwrap(y));
}
}
/// @notice Implements the unchecked standard multiplication operation in the UD60x18 type.
function uncheckedMul(UD60x18 x, UD60x18 y) pure returns (UD60x18 result) {
unchecked {
result = wrap(unwrap(x) * unwrap(y));
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "./ILayerZeroUserApplicationConfig.sol";
interface ILayerZeroEndpoint is ILayerZeroUserApplicationConfig {
// @notice send a LayerZero message to the specified address at a LayerZero endpoint.
// @param _dstChainId - the destination chain identifier
// @param _destination - the address on destination chain (in bytes). address length/format may vary by chains
// @param _payload - a custom bytes payload to send to the destination contract
// @param _refundAddress - if the source transaction is cheaper than the amount of value passed, refund the additional amount to this address
// @param _zroPaymentAddress - the address of the ZRO token holder who would pay for the transaction
// @param _adapterParams - parameters for custom functionality. e.g. receive airdropped native gas from the relayer on destination
function send(uint16 _dstChainId, bytes calldata _destination, bytes calldata _payload, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) external payable;
// @notice used by the messaging library to publish verified payload
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source contract (as bytes) at the source chain
// @param _dstAddress - the address on destination chain
// @param _nonce - the unbound message ordering nonce
// @param _gasLimit - the gas limit for external contract execution
// @param _payload - verified payload to send to the destination contract
function receivePayload(uint16 _srcChainId, bytes calldata _srcAddress, address _dstAddress, uint64 _nonce, uint _gasLimit, bytes calldata _payload) external;
// @notice get the inboundNonce of a lzApp from a source chain which could be EVM or non-EVM chain
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
function getInboundNonce(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (uint64);
// @notice get the outboundNonce from this source chain which, consequently, is always an EVM
// @param _srcAddress - the source chain contract address
function getOutboundNonce(uint16 _dstChainId, address _srcAddress) external view returns (uint64);
// @notice gets a quote in source native gas, for the amount that send() requires to pay for message delivery
// @param _dstChainId - the destination chain identifier
// @param _userApplication - the user app address on this EVM chain
// @param _payload - the custom message to send over LayerZero
// @param _payInZRO - if false, user app pays the protocol fee in native token
// @param _adapterParam - parameters for the adapter service, e.g. send some dust native token to dstChain
function estimateFees(uint16 _dstChainId, address _userApplication, bytes calldata _payload, bool _payInZRO, bytes calldata _adapterParam) external view returns (uint nativeFee, uint zroFee);
// @notice get this Endpoint's immutable source identifier
function getChainId() external view returns (uint16);
// @notice the interface to retry failed message on this Endpoint destination
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
// @param _payload - the payload to be retried
function retryPayload(uint16 _srcChainId, bytes calldata _srcAddress, bytes calldata _payload) external;
// @notice query if any STORED payload (message blocking) at the endpoint.
// @param _srcChainId - the source chain identifier
// @param _srcAddress - the source chain contract address
function hasStoredPayload(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (bool);
// @notice query if the _libraryAddress is valid for sending msgs.
// @param _userApplication - the user app address on this EVM chain
function getSendLibraryAddress(address _userApplication) external view returns (address);
// @notice query if the _libraryAddress is valid for receiving msgs.
// @param _userApplication - the user app address on this EVM chain
function getReceiveLibraryAddress(address _userApplication) external view returns (address);
// @notice query if the non-reentrancy guard for send() is on
// @return true if the guard is on. false otherwise
function isSendingPayload() external view returns (bool);
// @notice query if the non-reentrancy guard for receive() is on
// @return true if the guard is on. false otherwise
function isReceivingPayload() external view returns (bool);
// @notice get the configuration of the LayerZero messaging library of the specified version
// @param _version - messaging library version
// @param _chainId - the chainId for the pending config change
// @param _userApplication - the contract address of the user application
// @param _configType - type of configuration. every messaging library has its own convention.
function getConfig(uint16 _version, uint16 _chainId, address _userApplication, uint _configType) external view returns (bytes memory);
// @notice get the send() LayerZero messaging library version
// @param _userApplication - the contract address of the user application
function getSendVersion(address _userApplication) external view returns (uint16);
// @notice get the lzReceive() LayerZero messaging library version
// @param _userApplication - the contract address of the user application
function getReceiveVersion(address _userApplication) external view returns (uint16);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
interface ILayerZeroReceiver {
// @notice LayerZero endpoint will invoke this function to deliver the message on the destination
// @param _srcChainId - the source endpoint identifier
// @param _srcAddress - the source sending contract address from the source chain
// @param _nonce - the ordered message nonce
// @param _payload - the signed payload is the UA bytes has encoded to be sent
function lzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) external;
}// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
interface ILayerZeroUserApplicationConfig {
// @notice set the configuration of the LayerZero messaging library of the specified version
// @param _version - messaging library version
// @param _chainId - the chainId for the pending config change
// @param _configType - type of configuration. every messaging library has its own convention.
// @param _config - configuration in the bytes. can encode arbitrary content.
function setConfig(uint16 _version, uint16 _chainId, uint _configType, bytes calldata _config) external;
// @notice set the send() LayerZero messaging library version to _version
// @param _version - new messaging library version
function setSendVersion(uint16 _version) external;
// @notice set the lzReceive() LayerZero messaging library version to _version
// @param _version - new messaging library version
function setReceiveVersion(uint16 _version) external;
// @notice Only when the UA needs to resume the message flow in blocking mode and clear the stored payload
// @param _srcChainId - the chainId of the source chain
// @param _srcAddress - the contract address of the source contract at the source chain
function forceResumeReceive(uint16 _srcChainId, bytes calldata _srcAddress) external;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
interface IStargateReceiver {
function sgReceive(
uint16 _chainId,
bytes memory _srcAddress,
uint256 _nonce,
address _token,
uint256 amountLD,
bytes memory payload
) external;
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
pragma abicoder v2;
interface IStargateRouter {
struct lzTxObj {
uint256 dstGasForCall;
uint256 dstNativeAmount;
bytes dstNativeAddr;
}
function addLiquidity(
uint256 _poolId,
uint256 _amountLD,
address _to
) external;
function swap(
uint16 _dstChainId,
uint256 _srcPoolId,
uint256 _dstPoolId,
address payable _refundAddress,
uint256 _amountLD,
uint256 _minAmountLD,
lzTxObj memory _lzTxParams,
bytes calldata _to,
bytes calldata _payload
) external payable;
function redeemRemote(
uint16 _dstChainId,
uint256 _srcPoolId,
uint256 _dstPoolId,
address payable _refundAddress,
uint256 _amountLP,
uint256 _minAmountLD,
bytes calldata _to,
lzTxObj memory _lzTxParams
) external payable;
function instantRedeemLocal(
uint16 _srcPoolId,
uint256 _amountLP,
address _to
) external returns (uint256);
function redeemLocal(
uint16 _dstChainId,
uint256 _srcPoolId,
uint256 _dstPoolId,
address payable _refundAddress,
uint256 _amountLP,
bytes calldata _to,
lzTxObj memory _lzTxParams
) external payable;
function sendCredits(
uint16 _dstChainId,
uint256 _srcPoolId,
uint256 _dstPoolId,
address payable _refundAddress
) external payable;
function quoteLayerZeroFee(
uint16 _dstChainId,
uint8 _functionType,
bytes calldata _toAddress,
bytes calldata _transferAndCallPayload,
lzTxObj memory _lzTxParams
) external view returns (uint256, uint256);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "openzeppelin/contracts/access/Ownable.sol";
import "../interfaces/ILayerZeroReceiver.sol";
import "../interfaces/ILayerZeroUserApplicationConfig.sol";
import "../interfaces/ILayerZeroEndpoint.sol";
import "../util/BytesLib.sol";
/*
* a generic LzReceiver implementation
*/
abstract contract LzApp is Ownable, ILayerZeroReceiver, ILayerZeroUserApplicationConfig {
using BytesLib for bytes;
// ua can not send payload larger than this by default, but it can be changed by the ua owner
uint constant public DEFAULT_PAYLOAD_SIZE_LIMIT = 10000;
ILayerZeroEndpoint public immutable lzEndpoint;
mapping(uint16 => bytes) public trustedRemoteLookup;
mapping(uint16 => mapping(uint16 => uint)) public minDstGasLookup;
mapping(uint16 => uint) public payloadSizeLimitLookup;
address public precrime;
event SetPrecrime(address precrime);
event SetTrustedRemote(uint16 _remoteChainId, bytes _path);
event SetTrustedRemoteAddress(uint16 _remoteChainId, bytes _remoteAddress);
event SetMinDstGas(uint16 _dstChainId, uint16 _type, uint _minDstGas);
constructor(address _endpoint) {
lzEndpoint = ILayerZeroEndpoint(_endpoint);
}
function lzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public virtual override {
// lzReceive must be called by the endpoint for security
require(_msgSender() == address(lzEndpoint), "LzApp: invalid endpoint caller");
bytes memory trustedRemote = trustedRemoteLookup[_srcChainId];
// if will still block the message pathway from (srcChainId, srcAddress). should not receive message from untrusted remote.
require(_srcAddress.length == trustedRemote.length && trustedRemote.length > 0 && keccak256(_srcAddress) == keccak256(trustedRemote), "LzApp: invalid source sending contract");
_blockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
// abstract function - the default behaviour of LayerZero is blocking. See: NonblockingLzApp if you dont need to enforce ordered messaging
function _blockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual;
function _lzSend(uint16 _dstChainId, bytes memory _payload, address payable _refundAddress, address _zroPaymentAddress, bytes memory _adapterParams, uint _nativeFee) internal virtual {
bytes memory trustedRemote = trustedRemoteLookup[_dstChainId];
require(trustedRemote.length != 0, "LzApp: destination chain is not a trusted source");
_checkPayloadSize(_dstChainId, _payload.length);
lzEndpoint.send{value: _nativeFee}(_dstChainId, trustedRemote, _payload, _refundAddress, _zroPaymentAddress, _adapterParams);
}
function _checkGasLimit(uint16 _dstChainId, uint16 _type, bytes memory _adapterParams, uint _extraGas) internal view virtual {
uint providedGasLimit = _getGasLimit(_adapterParams);
uint minGasLimit = minDstGasLookup[_dstChainId][_type] + _extraGas;
require(minGasLimit > 0, "LzApp: minGasLimit not set");
require(providedGasLimit >= minGasLimit, "LzApp: gas limit is too low");
}
function _getGasLimit(bytes memory _adapterParams) internal pure virtual returns (uint gasLimit) {
require(_adapterParams.length >= 34, "LzApp: invalid adapterParams");
assembly {
gasLimit := mload(add(_adapterParams, 34))
}
}
function _checkPayloadSize(uint16 _dstChainId, uint _payloadSize) internal view virtual {
uint payloadSizeLimit = payloadSizeLimitLookup[_dstChainId];
if (payloadSizeLimit == 0) { // use default if not set
payloadSizeLimit = DEFAULT_PAYLOAD_SIZE_LIMIT;
}
require(_payloadSize <= payloadSizeLimit, "LzApp: payload size is too large");
}
//---------------------------UserApplication config----------------------------------------
function getConfig(uint16 _version, uint16 _chainId, address, uint _configType) external view returns (bytes memory) {
return lzEndpoint.getConfig(_version, _chainId, address(this), _configType);
}
// generic config for LayerZero user Application
function setConfig(uint16 _version, uint16 _chainId, uint _configType, bytes calldata _config) external override onlyOwner {
lzEndpoint.setConfig(_version, _chainId, _configType, _config);
}
function setSendVersion(uint16 _version) external override onlyOwner {
lzEndpoint.setSendVersion(_version);
}
function setReceiveVersion(uint16 _version) external override onlyOwner {
lzEndpoint.setReceiveVersion(_version);
}
function forceResumeReceive(uint16 _srcChainId, bytes calldata _srcAddress) external override onlyOwner {
lzEndpoint.forceResumeReceive(_srcChainId, _srcAddress);
}
// _path = abi.encodePacked(remoteAddress, localAddress)
// this function set the trusted path for the cross-chain communication
function setTrustedRemote(uint16 _srcChainId, bytes calldata _path) external onlyOwner {
trustedRemoteLookup[_srcChainId] = _path;
emit SetTrustedRemote(_srcChainId, _path);
}
function setTrustedRemoteAddress(uint16 _remoteChainId, bytes calldata _remoteAddress) external onlyOwner {
trustedRemoteLookup[_remoteChainId] = abi.encodePacked(_remoteAddress, address(this));
emit SetTrustedRemoteAddress(_remoteChainId, _remoteAddress);
}
function getTrustedRemoteAddress(uint16 _remoteChainId) external view returns (bytes memory) {
bytes memory path = trustedRemoteLookup[_remoteChainId];
require(path.length != 0, "LzApp: no trusted path record");
return path.slice(0, path.length - 20); // the last 20 bytes should be address(this)
}
function setPrecrime(address _precrime) external onlyOwner {
precrime = _precrime;
emit SetPrecrime(_precrime);
}
function setMinDstGas(uint16 _dstChainId, uint16 _packetType, uint _minGas) external onlyOwner {
require(_minGas > 0, "LzApp: invalid minGas");
minDstGasLookup[_dstChainId][_packetType] = _minGas;
emit SetMinDstGas(_dstChainId, _packetType, _minGas);
}
// if the size is 0, it means default size limit
function setPayloadSizeLimit(uint16 _dstChainId, uint _size) external onlyOwner {
payloadSizeLimitLookup[_dstChainId] = _size;
}
//--------------------------- VIEW FUNCTION ----------------------------------------
function isTrustedRemote(uint16 _srcChainId, bytes calldata _srcAddress) external view returns (bool) {
bytes memory trustedSource = trustedRemoteLookup[_srcChainId];
return keccak256(trustedSource) == keccak256(_srcAddress);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "./LzApp.sol";
import "../util/ExcessivelySafeCall.sol";
/*
* the default LayerZero messaging behaviour is blocking, i.e. any failed message will block the channel
* this abstract class try-catch all fail messages and store locally for future retry. hence, non-blocking
* NOTE: if the srcAddress is not configured properly, it will still block the message pathway from (srcChainId, srcAddress)
*/
abstract contract NonblockingLzApp is LzApp {
using ExcessivelySafeCall for address;
constructor(address _endpoint) LzApp(_endpoint) {}
mapping(uint16 => mapping(bytes => mapping(uint64 => bytes32))) public failedMessages;
event MessageFailed(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes _payload, bytes _reason);
event RetryMessageSuccess(uint16 _srcChainId, bytes _srcAddress, uint64 _nonce, bytes32 _payloadHash);
// overriding the virtual function in LzReceiver
function _blockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual override {
(bool success, bytes memory reason) = address(this).excessivelySafeCall(gasleft(), 150, abi.encodeWithSelector(this.nonblockingLzReceive.selector, _srcChainId, _srcAddress, _nonce, _payload));
// try-catch all errors/exceptions
if (!success) {
_storeFailedMessage(_srcChainId, _srcAddress, _nonce, _payload, reason);
}
}
function _storeFailedMessage(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload, bytes memory _reason) internal virtual {
failedMessages[_srcChainId][_srcAddress][_nonce] = keccak256(_payload);
emit MessageFailed(_srcChainId, _srcAddress, _nonce, _payload, _reason);
}
function nonblockingLzReceive(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public virtual {
// only internal transaction
require(_msgSender() == address(this), "NonblockingLzApp: caller must be LzApp");
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
}
//@notice override this function
function _nonblockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual;
function retryMessage(uint16 _srcChainId, bytes calldata _srcAddress, uint64 _nonce, bytes calldata _payload) public payable virtual {
// assert there is message to retry
bytes32 payloadHash = failedMessages[_srcChainId][_srcAddress][_nonce];
require(payloadHash != bytes32(0), "NonblockingLzApp: no stored message");
require(keccak256(_payload) == payloadHash, "NonblockingLzApp: invalid payload");
// clear the stored message
failedMessages[_srcChainId][_srcAddress][_nonce] = bytes32(0);
// execute the message. revert if it fails again
_nonblockingLzReceive(_srcChainId, _srcAddress, _nonce, _payload);
emit RetryMessageSuccess(_srcChainId, _srcAddress, _nonce, payloadHash);
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../OFTCore.sol";
import "openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
contract ProxyOFT is OFTCore {
using SafeERC20 for IERC20;
IERC20 internal immutable innerToken;
constructor(address _lzEndpoint, address _token) OFTCore(_lzEndpoint) {
innerToken = IERC20(_token);
}
function circulatingSupply() public view virtual override returns (uint) {
unchecked {
return innerToken.totalSupply() - innerToken.balanceOf(address(this));
}
}
function token() public view virtual override returns (address) {
return address(innerToken);
}
function _debitFrom(address _from, uint16, bytes memory, uint _amount) internal virtual override returns(uint) {
require(_from == _msgSender(), "ProxyOFT: owner is not send caller");
uint before = innerToken.balanceOf(address(this));
innerToken.safeTransferFrom(_from, address(this), _amount);
return innerToken.balanceOf(address(this)) - before;
}
function _creditTo(uint16, address _toAddress, uint _amount) internal virtual override returns(uint) {
uint before = innerToken.balanceOf(_toAddress);
innerToken.safeTransfer(_toAddress, _amount);
return innerToken.balanceOf(_toAddress) - before;
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "./IOFTCore.sol";
import "openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @dev Interface of the OFT standard
*/
interface IOFT is IOFTCore, IERC20 {
}// SPDX-License-Identifier: MIT
pragma solidity >=0.5.0;
import "openzeppelin/contracts/utils/introspection/IERC165.sol";
/**
* @dev Interface of the IOFT core standard
*/
interface IOFTCore is IERC165 {
/**
* @dev estimate send token `_tokenId` to (`_dstChainId`, `_toAddress`)
* _dstChainId - L0 defined chain id to send tokens too
* _toAddress - dynamic bytes array which contains the address to whom you are sending tokens to on the dstChain
* _amount - amount of the tokens to transfer
* _useZro - indicates to use zro to pay L0 fees
* _adapterParam - flexible bytes array to indicate messaging adapter services in L0
*/
function estimateSendFee(uint16 _dstChainId, bytes calldata _toAddress, uint _amount, bool _useZro, bytes calldata _adapterParams) external view returns (uint nativeFee, uint zroFee);
/**
* @dev send `_amount` amount of token to (`_dstChainId`, `_toAddress`) from `_from`
* `_from` the owner of token
* `_dstChainId` the destination chain identifier
* `_toAddress` can be any size depending on the `dstChainId`.
* `_amount` the quantity of tokens in wei
* `_refundAddress` the address LayerZero refunds if too much message fee is sent
* `_zroPaymentAddress` set to address(0x0) if not paying in ZRO (LayerZero Token)
* `_adapterParams` is a flexible bytes array to indicate messaging adapter services
*/
function sendFrom(address _from, uint16 _dstChainId, bytes calldata _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) external payable;
/**
* @dev returns the circulating amount of tokens on current chain
*/
function circulatingSupply() external view returns (uint);
/**
* @dev returns the address of the ERC20 token
*/
function token() external view returns (address);
/**
* @dev Emitted when `_amount` tokens are moved from the `_sender` to (`_dstChainId`, `_toAddress`)
* `_nonce` is the outbound nonce
*/
event SendToChain(uint16 indexed _dstChainId, address indexed _from, bytes _toAddress, uint _amount);
/**
* @dev Emitted when `_amount` tokens are received from `_srcChainId` into the `_toAddress` on the local chain.
* `_nonce` is the inbound nonce.
*/
event ReceiveFromChain(uint16 indexed _srcChainId, address indexed _to, uint _amount);
event SetUseCustomAdapterParams(bool _useCustomAdapterParams);
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "openzeppelin/contracts/token/ERC20/ERC20.sol";
import "openzeppelin/contracts/utils/introspection/IERC165.sol";
import "./IOFT.sol";
import "./OFTCore.sol";
// override decimal() function is needed
contract OFT is OFTCore, ERC20, IOFT {
constructor(string memory _name, string memory _symbol, address _lzEndpoint) ERC20(_name, _symbol) OFTCore(_lzEndpoint) {}
function supportsInterface(bytes4 interfaceId) public view virtual override(OFTCore, IERC165) returns (bool) {
return interfaceId == type(IOFT).interfaceId || interfaceId == type(IERC20).interfaceId || super.supportsInterface(interfaceId);
}
function token() public view virtual override returns (address) {
return address(this);
}
function circulatingSupply() public view virtual override returns (uint) {
return totalSupply();
}
function _debitFrom(address _from, uint16, bytes memory, uint _amount) internal virtual override returns(uint) {
address spender = _msgSender();
if (_from != spender) _spendAllowance(_from, spender, _amount);
_burn(_from, _amount);
return _amount;
}
function _creditTo(uint16, address _toAddress, uint _amount) internal virtual override returns(uint) {
_mint(_toAddress, _amount);
return _amount;
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../../lzApp/NonblockingLzApp.sol";
import "./IOFTCore.sol";
import "openzeppelin/contracts/utils/introspection/ERC165.sol";
abstract contract OFTCore is NonblockingLzApp, ERC165, IOFTCore {
using BytesLib for bytes;
uint public constant NO_EXTRA_GAS = 0;
// packet type
uint16 public constant PT_SEND = 0;
bool public useCustomAdapterParams;
constructor(address _lzEndpoint) NonblockingLzApp(_lzEndpoint) {}
function supportsInterface(bytes4 interfaceId) public view virtual override(ERC165, IERC165) returns (bool) {
return interfaceId == type(IOFTCore).interfaceId || super.supportsInterface(interfaceId);
}
function estimateSendFee(uint16 _dstChainId, bytes calldata _toAddress, uint _amount, bool _useZro, bytes calldata _adapterParams) public view virtual override returns (uint nativeFee, uint zroFee) {
// mock the payload for sendFrom()
bytes memory payload = abi.encode(PT_SEND, _toAddress, _amount);
return lzEndpoint.estimateFees(_dstChainId, address(this), payload, _useZro, _adapterParams);
}
function sendFrom(address _from, uint16 _dstChainId, bytes calldata _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes calldata _adapterParams) public payable virtual override {
_send(_from, _dstChainId, _toAddress, _amount, _refundAddress, _zroPaymentAddress, _adapterParams);
}
function setUseCustomAdapterParams(bool _useCustomAdapterParams) public virtual onlyOwner {
useCustomAdapterParams = _useCustomAdapterParams;
emit SetUseCustomAdapterParams(_useCustomAdapterParams);
}
function _nonblockingLzReceive(uint16 _srcChainId, bytes memory _srcAddress, uint64 _nonce, bytes memory _payload) internal virtual override {
uint16 packetType;
assembly {
packetType := mload(add(_payload, 32))
}
if (packetType == PT_SEND) {
_sendAck(_srcChainId, _srcAddress, _nonce, _payload);
} else {
revert("OFTCore: unknown packet type");
}
}
function _send(address _from, uint16 _dstChainId, bytes memory _toAddress, uint _amount, address payable _refundAddress, address _zroPaymentAddress, bytes memory _adapterParams) internal virtual {
_checkAdapterParams(_dstChainId, PT_SEND, _adapterParams, NO_EXTRA_GAS);
uint amount = _debitFrom(_from, _dstChainId, _toAddress, _amount);
bytes memory lzPayload = abi.encode(PT_SEND, _toAddress, amount);
_lzSend(_dstChainId, lzPayload, _refundAddress, _zroPaymentAddress, _adapterParams, msg.value);
emit SendToChain(_dstChainId, _from, _toAddress, amount);
}
function _sendAck(uint16 _srcChainId, bytes memory, uint64, bytes memory _payload) internal virtual {
(, bytes memory toAddressBytes, uint amount) = abi.decode(_payload, (uint16, bytes, uint));
address to = toAddressBytes.toAddress(0);
amount = _creditTo(_srcChainId, to, amount);
emit ReceiveFromChain(_srcChainId, to, amount);
}
function _checkAdapterParams(uint16 _dstChainId, uint16 _pkType, bytes memory _adapterParams, uint _extraGas) internal virtual {
if (useCustomAdapterParams) {
_checkGasLimit(_dstChainId, _pkType, _adapterParams, _extraGas);
} else {
require(_adapterParams.length == 0, "OFTCore: _adapterParams must be empty.");
}
}
function _debitFrom(address _from, uint16 _dstChainId, bytes memory _toAddress, uint _amount) internal virtual returns(uint);
function _creditTo(uint16 _srcChainId, address _toAddress, uint _amount) internal virtual returns(uint);
}// SPDX-License-Identifier: Unlicense
/*
* @title Solidity Bytes Arrays Utils
* @author Gonçalo Sá <goncalo.sa@consensys.net>
*
* @dev Bytes tightly packed arrays utility library for ethereum contracts written in Solidity.
* The library lets you concatenate, slice and type cast bytes arrays both in memory and storage.
*/
pragma solidity >=0.8.0 <0.9.0;
library BytesLib {
function concat(
bytes memory _preBytes,
bytes memory _postBytes
)
internal
pure
returns (bytes memory)
{
bytes memory tempBytes;
assembly {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// Store the length of the first bytes array at the beginning of
// the memory for tempBytes.
let length := mload(_preBytes)
mstore(tempBytes, length)
// Maintain a memory counter for the current write location in the
// temp bytes array by adding the 32 bytes for the array length to
// the starting location.
let mc := add(tempBytes, 0x20)
// Stop copying when the memory counter reaches the length of the
// first bytes array.
let end := add(mc, length)
for {
// Initialize a copy counter to the start of the _preBytes data,
// 32 bytes into its memory.
let cc := add(_preBytes, 0x20)
} lt(mc, end) {
// Increase both counters by 32 bytes each iteration.
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// Write the _preBytes data into the tempBytes memory 32 bytes
// at a time.
mstore(mc, mload(cc))
}
// Add the length of _postBytes to the current length of tempBytes
// and store it as the new length in the first 32 bytes of the
// tempBytes memory.
length := mload(_postBytes)
mstore(tempBytes, add(length, mload(tempBytes)))
// Move the memory counter back from a multiple of 0x20 to the
// actual end of the _preBytes data.
mc := end
// Stop copying when the memory counter reaches the new combined
// length of the arrays.
end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
// Update the free-memory pointer by padding our last write location
// to 32 bytes: add 31 bytes to the end of tempBytes to move to the
// next 32 byte block, then round down to the nearest multiple of
// 32. If the sum of the length of the two arrays is zero then add
// one before rounding down to leave a blank 32 bytes (the length block with 0).
mstore(0x40, and(
add(add(end, iszero(add(length, mload(_preBytes)))), 31),
not(31) // Round down to the nearest 32 bytes.
))
}
return tempBytes;
}
function concatStorage(bytes storage _preBytes, bytes memory _postBytes) internal {
assembly {
// Read the first 32 bytes of _preBytes storage, which is the length
// of the array. (We don't need to use the offset into the slot
// because arrays use the entire slot.)
let fslot := sload(_preBytes.slot)
// Arrays of 31 bytes or less have an even value in their slot,
// while longer arrays have an odd value. The actual length is
// the slot divided by two for odd values, and the lowest order
// byte divided by two for even values.
// If the slot is even, bitwise and the slot with 255 and divide by
// two to get the length. If the slot is odd, bitwise and the slot
// with -1 and divide by two.
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
let newlength := add(slength, mlength)
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
switch add(lt(slength, 32), lt(newlength, 32))
case 2 {
// Since the new array still fits in the slot, we just need to
// update the contents of the slot.
// uint256(bytes_storage) = uint256(bytes_storage) + uint256(bytes_memory) + new_length
sstore(
_preBytes.slot,
// all the modifications to the slot are inside this
// next block
add(
// we can just add to the slot contents because the
// bytes we want to change are the LSBs
fslot,
add(
mul(
div(
// load the bytes from memory
mload(add(_postBytes, 0x20)),
// zero all bytes to the right
exp(0x100, sub(32, mlength))
),
// and now shift left the number of bytes to
// leave space for the length in the slot
exp(0x100, sub(32, newlength))
),
// increase length by the double of the memory
// bytes length
mul(mlength, 2)
)
)
)
}
case 1 {
// The stored value fits in the slot, but the combined value
// will exceed it.
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes.slot, add(mul(newlength, 2), 1))
// The contents of the _postBytes array start 32 bytes into
// the structure. Our first read should obtain the `submod`
// bytes that can fit into the unused space in the last word
// of the stored array. To get this, we read 32 bytes starting
// from `submod`, so the data we read overlaps with the array
// contents by `submod` bytes. Masking the lowest-order
// `submod` bytes allows us to add that value directly to the
// stored value.
let submod := sub(32, slength)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(
sc,
add(
and(
fslot,
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00
),
and(mload(mc), mask)
)
)
for {
mc := add(mc, 0x20)
sc := add(sc, 1)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
default {
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
// Start copying to the last used word of the stored array.
let sc := add(keccak256(0x0, 0x20), div(slength, 32))
// save new length
sstore(_preBytes.slot, add(mul(newlength, 2), 1))
// Copy over the first `submod` bytes of the new data as in
// case 1 above.
let slengthmod := mod(slength, 32)
let mlengthmod := mod(mlength, 32)
let submod := sub(32, slengthmod)
let mc := add(_postBytes, submod)
let end := add(_postBytes, mlength)
let mask := sub(exp(0x100, submod), 1)
sstore(sc, add(sload(sc), and(mload(mc), mask)))
for {
sc := add(sc, 1)
mc := add(mc, 0x20)
} lt(mc, end) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
sstore(sc, mload(mc))
}
mask := exp(0x100, sub(mc, end))
sstore(sc, mul(div(mload(mc), mask), mask))
}
}
}
function slice(
bytes memory _bytes,
uint256 _start,
uint256 _length
)
internal
pure
returns (bytes memory)
{
require(_length + 31 >= _length, "slice_overflow");
require(_bytes.length >= _start + _length, "slice_outOfBounds");
bytes memory tempBytes;
assembly {
switch iszero(_length)
case 0 {
// Get a location of some free memory and store it in tempBytes as
// Solidity does for memory variables.
tempBytes := mload(0x40)
// The first word of the slice result is potentially a partial
// word read from the original array. To read it, we calculate
// the length of that partial word and start copying that many
// bytes into the array. The first word we copy will start with
// data we don't care about, but the last `lengthmod` bytes will
// land at the beginning of the contents of the new array. When
// we're done copying, we overwrite the full first word with
// the actual length of the slice.
let lengthmod := and(_length, 31)
// The multiplication in the next line is necessary
// because when slicing multiples of 32 bytes (lengthmod == 0)
// the following copy loop was copying the origin's length
// and then ending prematurely not copying everything it should.
let mc := add(add(tempBytes, lengthmod), mul(0x20, iszero(lengthmod)))
let end := add(mc, _length)
for {
// The multiplication in the next line has the same exact purpose
// as the one above.
let cc := add(add(add(_bytes, lengthmod), mul(0x20, iszero(lengthmod))), _start)
} lt(mc, end) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
mstore(mc, mload(cc))
}
mstore(tempBytes, _length)
//update free-memory pointer
//allocating the array padded to 32 bytes like the compiler does now
mstore(0x40, and(add(mc, 31), not(31)))
}
//if we want a zero-length slice let's just return a zero-length array
default {
tempBytes := mload(0x40)
//zero out the 32 bytes slice we are about to return
//we need to do it because Solidity does not garbage collect
mstore(tempBytes, 0)
mstore(0x40, add(tempBytes, 0x20))
}
}
return tempBytes;
}
function toAddress(bytes memory _bytes, uint256 _start) internal pure returns (address) {
require(_bytes.length >= _start + 20, "toAddress_outOfBounds");
address tempAddress;
assembly {
tempAddress := div(mload(add(add(_bytes, 0x20), _start)), 0x1000000000000000000000000)
}
return tempAddress;
}
function toUint8(bytes memory _bytes, uint256 _start) internal pure returns (uint8) {
require(_bytes.length >= _start + 1 , "toUint8_outOfBounds");
uint8 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x1), _start))
}
return tempUint;
}
function toUint16(bytes memory _bytes, uint256 _start) internal pure returns (uint16) {
require(_bytes.length >= _start + 2, "toUint16_outOfBounds");
uint16 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x2), _start))
}
return tempUint;
}
function toUint32(bytes memory _bytes, uint256 _start) internal pure returns (uint32) {
require(_bytes.length >= _start + 4, "toUint32_outOfBounds");
uint32 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x4), _start))
}
return tempUint;
}
function toUint64(bytes memory _bytes, uint256 _start) internal pure returns (uint64) {
require(_bytes.length >= _start + 8, "toUint64_outOfBounds");
uint64 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x8), _start))
}
return tempUint;
}
function toUint96(bytes memory _bytes, uint256 _start) internal pure returns (uint96) {
require(_bytes.length >= _start + 12, "toUint96_outOfBounds");
uint96 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0xc), _start))
}
return tempUint;
}
function toUint128(bytes memory _bytes, uint256 _start) internal pure returns (uint128) {
require(_bytes.length >= _start + 16, "toUint128_outOfBounds");
uint128 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x10), _start))
}
return tempUint;
}
function toUint256(bytes memory _bytes, uint256 _start) internal pure returns (uint256) {
require(_bytes.length >= _start + 32, "toUint256_outOfBounds");
uint256 tempUint;
assembly {
tempUint := mload(add(add(_bytes, 0x20), _start))
}
return tempUint;
}
function toBytes32(bytes memory _bytes, uint256 _start) internal pure returns (bytes32) {
require(_bytes.length >= _start + 32, "toBytes32_outOfBounds");
bytes32 tempBytes32;
assembly {
tempBytes32 := mload(add(add(_bytes, 0x20), _start))
}
return tempBytes32;
}
function equal(bytes memory _preBytes, bytes memory _postBytes) internal pure returns (bool) {
bool success = true;
assembly {
let length := mload(_preBytes)
// if lengths don't match the arrays are not equal
switch eq(length, mload(_postBytes))
case 1 {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
let mc := add(_preBytes, 0x20)
let end := add(mc, length)
for {
let cc := add(_postBytes, 0x20)
// the next line is the loop condition:
// while(uint256(mc < end) + cb == 2)
} eq(add(lt(mc, end), cb), 2) {
mc := add(mc, 0x20)
cc := add(cc, 0x20)
} {
// if any of these checks fails then arrays are not equal
if iszero(eq(mload(mc), mload(cc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
function equalStorage(
bytes storage _preBytes,
bytes memory _postBytes
)
internal
view
returns (bool)
{
bool success = true;
assembly {
// we know _preBytes_offset is 0
let fslot := sload(_preBytes.slot)
// Decode the length of the stored array like in concatStorage().
let slength := div(and(fslot, sub(mul(0x100, iszero(and(fslot, 1))), 1)), 2)
let mlength := mload(_postBytes)
// if lengths don't match the arrays are not equal
switch eq(slength, mlength)
case 1 {
// slength can contain both the length and contents of the array
// if length < 32 bytes so let's prepare for that
// v. http://solidity.readthedocs.io/en/latest/miscellaneous.html#layout-of-state-variables-in-storage
if iszero(iszero(slength)) {
switch lt(slength, 32)
case 1 {
// blank the last byte which is the length
fslot := mul(div(fslot, 0x100), 0x100)
if iszero(eq(fslot, mload(add(_postBytes, 0x20)))) {
// unsuccess:
success := 0
}
}
default {
// cb is a circuit breaker in the for loop since there's
// no said feature for inline assembly loops
// cb = 1 - don't breaker
// cb = 0 - break
let cb := 1
// get the keccak hash to get the contents of the array
mstore(0x0, _preBytes.slot)
let sc := keccak256(0x0, 0x20)
let mc := add(_postBytes, 0x20)
let end := add(mc, mlength)
// the next line is the loop condition:
// while(uint256(mc < end) + cb == 2)
for {} eq(add(lt(mc, end), cb), 2) {
sc := add(sc, 1)
mc := add(mc, 0x20)
} {
if iszero(eq(sload(sc), mload(mc))) {
// unsuccess:
success := 0
cb := 0
}
}
}
}
}
default {
// unsuccess:
success := 0
}
}
return success;
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.7.6;
library ExcessivelySafeCall {
uint256 constant LOW_28_MASK =
0x00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff;
/// @notice Use when you _really_ really _really_ don't trust the called
/// contract. This prevents the called contract from causing reversion of
/// the caller in as many ways as we can.
/// @dev The main difference between this and a solidity low-level call is
/// that we limit the number of bytes that the callee can cause to be
/// copied to caller memory. This prevents stupid things like malicious
/// contracts returning 10,000,000 bytes causing a local OOG when copying
/// to memory.
/// @param _target The address to call
/// @param _gas The amount of gas to forward to the remote contract
/// @param _maxCopy The maximum number of bytes of returndata to copy
/// to memory.
/// @param _calldata The data to send to the remote contract
/// @return success and returndata, as `.call()`. Returndata is capped to
/// `_maxCopy` bytes.
function excessivelySafeCall(
address _target,
uint256 _gas,
uint16 _maxCopy,
bytes memory _calldata
) internal returns (bool, bytes memory) {
// set up for assembly call
uint256 _toCopy;
bool _success;
bytes memory _returnData = new bytes(_maxCopy);
// dispatch message to recipient
// by assembly calling "handle" function
// we call via assembly to avoid memcopying a very large returndata
// returned by a malicious contract
assembly {
_success := call(
_gas, // gas
_target, // recipient
0, // ether value
add(_calldata, 0x20), // inloc
mload(_calldata), // inlen
0, // outloc
0 // outlen
)
// limit our copy to 256 bytes
_toCopy := returndatasize()
if gt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytes
mstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]
returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/// @notice Use when you _really_ really _really_ don't trust the called
/// contract. This prevents the called contract from causing reversion of
/// the caller in as many ways as we can.
/// @dev The main difference between this and a solidity low-level call is
/// that we limit the number of bytes that the callee can cause to be
/// copied to caller memory. This prevents stupid things like malicious
/// contracts returning 10,000,000 bytes causing a local OOG when copying
/// to memory.
/// @param _target The address to call
/// @param _gas The amount of gas to forward to the remote contract
/// @param _maxCopy The maximum number of bytes of returndata to copy
/// to memory.
/// @param _calldata The data to send to the remote contract
/// @return success and returndata, as `.call()`. Returndata is capped to
/// `_maxCopy` bytes.
function excessivelySafeStaticCall(
address _target,
uint256 _gas,
uint16 _maxCopy,
bytes memory _calldata
) internal view returns (bool, bytes memory) {
// set up for assembly call
uint256 _toCopy;
bool _success;
bytes memory _returnData = new bytes(_maxCopy);
// dispatch message to recipient
// by assembly calling "handle" function
// we call via assembly to avoid memcopying a very large returndata
// returned by a malicious contract
assembly {
_success := staticcall(
_gas, // gas
_target, // recipient
add(_calldata, 0x20), // inloc
mload(_calldata), // inlen
0, // outloc
0 // outlen
)
// limit our copy to 256 bytes
_toCopy := returndatasize()
if gt(_toCopy, _maxCopy) {
_toCopy := _maxCopy
}
// Store the length of the copied bytes
mstore(_returnData, _toCopy)
// copy the bytes from returndata[0:_toCopy]
returndatacopy(add(_returnData, 0x20), 0, _toCopy)
}
return (_success, _returnData);
}
/**
* @notice Swaps function selectors in encoded contract calls
* @dev Allows reuse of encoded calldata for functions with identical
* argument types but different names. It simply swaps out the first 4 bytes
* for the new selector. This function modifies memory in place, and should
* only be used with caution.
* @param _newSelector The new 4-byte selector
* @param _buf The encoded contract args
*/
function swapSelector(bytes4 _newSelector, bytes memory _buf)
internal
pure
{
require(_buf.length >= 4);
uint256 _mask = LOW_28_MASK;
assembly {
// load the first word of
let _word := mload(add(_buf, 0x20))
// mask out the top 4 bytes
// /x
_word := and(_word, _mask)
_word := or(_newSelector, _word)
mstore(add(_buf, 0x20), _word)
}
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.6.11;
// https://docs.synthetix.io/contracts/Owned
contract Owned {
address public owner;
address public nominatedOwner;
constructor (address _owner) public {
require(_owner != address(0), "Owner address cannot be 0");
owner = _owner;
emit OwnerChanged(address(0), _owner);
}
function nominateNewOwner(address _owner) external onlyOwner {
nominatedOwner = _owner;
emit OwnerNominated(_owner);
}
function acceptOwnership() external {
require(msg.sender == nominatedOwner, "You must be nominated before you can accept ownership");
emit OwnerChanged(owner, nominatedOwner);
owner = nominatedOwner;
nominatedOwner = address(0);
}
modifier onlyOwner {
require(msg.sender == owner, "Only the contract owner may perform this action");
_;
}
event OwnerNominated(address newOwner);
event OwnerChanged(address oldOwner, address newOwner);
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11 <0.9.0;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize, which returns 0 for contracts in
// construction, since the code is only stored at the end of the
// constructor execution.
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly { size := extcodesize(account) }
return size > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.call{ value: value }(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) {
require(isContract(target), "Address: static call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.staticcall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
require(isContract(target), "Address: delegate call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.delegatecall(data);
return _verifyCallResult(success, returndata, errorMessage);
}
function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) {
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}// SPDX-License-Identifier: MIT
pragma solidity >=0.6.11;
/**
* @dev Library for managing
* https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets] of primitive
* types.
*
* Sets have the following properties:
*
* - Elements are added, removed, and checked for existence in constant time
* (O(1)).
* - Elements are enumerated in O(n). No guarantees are made on the ordering.
*
* ```
* contract Example {
* // Add the library methods
* using EnumerableSet for EnumerableSet.AddressSet;
*
* // Declare a set state variable
* EnumerableSet.AddressSet private mySet;
* }
* ```
*
* As of v3.0.0, only sets of type `address` (`AddressSet`) and `uint256`
* (`UintSet`) are supported.
*/
library EnumerableSet {
// To implement this library for multiple types with as little code
// repetition as possible, we write it in terms of a generic Set type with
// bytes32 values.
// The Set implementation uses private functions, and user-facing
// implementations (such as AddressSet) are just wrappers around the
// underlying Set.
// This means that we can only create new EnumerableSets for types that fit
// in bytes32.
struct Set {
// Storage of set values
bytes32[] _values;
// Position of the value in the `values` array, plus 1 because index 0
// means a value is not in the set.
mapping (bytes32 => uint256) _indexes;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function _add(Set storage set, bytes32 value) private returns (bool) {
if (!_contains(set, value)) {
set._values.push(value);
// The value is stored at length-1, but we add 1 to all indexes
// and use 0 as a sentinel value
set._indexes[value] = set._values.length;
return true;
} else {
return false;
}
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function _remove(Set storage set, bytes32 value) private returns (bool) {
// We read and store the value's index to prevent multiple reads from the same storage slot
uint256 valueIndex = set._indexes[value];
if (valueIndex != 0) { // Equivalent to contains(set, value)
// To delete an element from the _values array in O(1), we swap the element to delete with the last one in
// the array, and then remove the last element (sometimes called as 'swap and pop').
// This modifies the order of the array, as noted in {at}.
uint256 toDeleteIndex = valueIndex - 1;
uint256 lastIndex = set._values.length - 1;
// When the value to delete is the last one, the swap operation is unnecessary. However, since this occurs
// so rarely, we still do the swap anyway to avoid the gas cost of adding an 'if' statement.
bytes32 lastvalue = set._values[lastIndex];
// Move the last value to the index where the value to delete is
set._values[toDeleteIndex] = lastvalue;
// Update the index for the moved value
set._indexes[lastvalue] = toDeleteIndex + 1; // All indexes are 1-based
// Delete the slot where the moved value was stored
set._values.pop();
// Delete the index for the deleted slot
delete set._indexes[value];
return true;
} else {
return false;
}
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function _contains(Set storage set, bytes32 value) private view returns (bool) {
return set._indexes[value] != 0;
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function _length(Set storage set) private view returns (uint256) {
return set._values.length;
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function _at(Set storage set, uint256 index) private view returns (bytes32) {
require(set._values.length > index, "EnumerableSet: index out of bounds");
return set._values[index];
}
// AddressSet
struct AddressSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(AddressSet storage set, address value) internal returns (bool) {
return _add(set._inner, bytes32(bytes20(value)));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(AddressSet storage set, address value) internal returns (bool) {
return _remove(set._inner, bytes32(bytes20(value)));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(AddressSet storage set, address value) internal view returns (bool) {
return _contains(set._inner, bytes32(bytes20(value)));
}
/**
* @dev Returns the number of values in the set. O(1).
*/
function length(AddressSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(AddressSet storage set, uint256 index) internal view returns (address) {
return address(bytes20(_at(set._inner, index)));
}
// UintSet
struct UintSet {
Set _inner;
}
/**
* @dev Add a value to a set. O(1).
*
* Returns true if the value was added to the set, that is if it was not
* already present.
*/
function add(UintSet storage set, uint256 value) internal returns (bool) {
return _add(set._inner, bytes32(value));
}
/**
* @dev Removes a value from a set. O(1).
*
* Returns true if the value was removed from the set, that is if it was
* present.
*/
function remove(UintSet storage set, uint256 value) internal returns (bool) {
return _remove(set._inner, bytes32(value));
}
/**
* @dev Returns true if the value is in the set. O(1).
*/
function contains(UintSet storage set, uint256 value) internal view returns (bool) {
return _contains(set._inner, bytes32(value));
}
/**
* @dev Returns the number of values on the set. O(1).
*/
function length(UintSet storage set) internal view returns (uint256) {
return _length(set._inner);
}
/**
* @dev Returns the value stored at position `index` in the set. O(1).
*
* Note that there are no guarantees on the ordering of values inside the
* array, and it may change when more values are added or removed.
*
* Requirements:
*
* - `index` must be strictly less than {length}.
*/
function at(UintSet storage set, uint256 index) internal view returns (uint256) {
return uint256(_at(set._inner, index));
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/OFT.sol";
import "layerzerolabs/contracts/interfaces/IStargateRouter.sol";
import "communal/Owned.sol";
import "communal/TransferHelper.sol";
interface ISGETH is IERC20{
function deposit() payable external;
}
contract ARBUnshethMinter is Owned {
address public immutable stargateRouterAddress; // address of the stargate router
address public immutable sgethAddress; // address of the sgeth token - 0x82cbecf39bee528b5476fe6d1550af59a9db6fc0
uint16 public immutable dstChainId; // Stargate/LayerZero chainId
uint16 public immutable srcPoolId; // stargate poolId - *must* be the poolId for the qty asset
uint16 public immutable dstPoolId; // stargate destination poolId
address public sgReceiverAddress; // destination contract. it must implement sgReceive()
bool paused = false;
constructor(
address _owner, //address of the user deploying this contract
address _stargateRouterAddress, //address of the stargate router on Arbitrum - 0x53Bf833A5d6c4ddA888F69c22C88C9f356a41614 as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
address _sgReceiver, //address of the sgReceiver deployed on ETH
uint16 _dstChainId, //101 - as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet'
uint16 _srcPoolId, // 13 - as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
uint16 _dstPoolId, // 13 - as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet,
address _sgethAddress // 0x82cbecf39bee528b5476fe6d1550af59a9db6fc0
) Owned(_owner){
stargateRouterAddress = _stargateRouterAddress;
sgReceiverAddress = _sgReceiver;
dstChainId = _dstChainId;
srcPoolId = _srcPoolId;
dstPoolId = _dstPoolId;
sgethAddress = _sgethAddress;
TransferHelper.safeApprove(sgethAddress, stargateRouterAddress, type(uint256).max);
}
modifier onlyWhenUnpaused {
require(paused == false, "Contract is paused");
_;
}
// owner function that sets the pause parameter
function setPaused(bool _paused) public onlyOwner {
paused = _paused;
}
function changeSgReceiver(address _sgReceiver) public onlyOwner {
require(_sgReceiver!= address(0), "sgReceiver cannot be zero address");
sgReceiverAddress = _sgReceiver;
}
// mint_unsheth function that sends ETH to the sgReceiver on Mainnet contract to mint unshETH tokens
function mint_unsheth(
uint256 amount, // the amount of ETH
uint256 min_amount_stargate, // the minimum amount of ETH to receive on stargate,
uint256 min_amount_unshethZap, // the minimum amount of unshETH to receive from the unshETH Zap
uint256 dstGasForCall, // the amount of gas to send to the sgReceive contract
uint256 dstNativeAmount, // leftover eth that will get airdropped to the sgReceive contract
uint256 unsheth_path // the path that the unsheth Zap will take to mint unshETH
) external payable onlyWhenUnpaused {
// ensure the msg.value is greather than the amount of ETH being sent
require(msg.value > amount, "Not enough ETH provided as msg.value");
// deposit the ETH into the sgeth contract
ISGETH(sgethAddress).deposit{value:amount}();
//calculate the fee that will be used to pay for the swap
uint256 feeAmount = msg.value - amount;
bytes memory data = abi.encode(msg.sender, min_amount_unshethZap, unsheth_path);
// Encode payload data to send to destination contract, which it will handle with sgReceive()
IStargateRouter(stargateRouterAddress).swap{value:feeAmount}( //call estimateGasFees to get the msg.value
dstChainId, // the destination chain id - ETH
srcPoolId, // the source Stargate poolId
dstPoolId, // the destination Stargate poolId
payable(msg.sender), // refund address. if msg.sender pays too much gas, return extra ETH to this address
amount, // total tokens to send to destination chain
min_amount_stargate, // min amount allowed out
IStargateRouter.lzTxObj(dstGasForCall, dstNativeAmount, abi.encodePacked(sgReceiverAddress)), // default lzTxObj
abi.encodePacked(sgReceiverAddress), // destination address, the sgReceive() implementer
data // bytes payload which sgReceive() will parse into an address that the unshETH will be sent too.
);
}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.6.11;
pragma experimental ABIEncoderV2;
// ====================================================================
// | ______ _______ |
// | / _____________ __ __ / ____(_____ ____ _____ ________ |
// | / /_ / ___/ __ `| |/_/ / /_ / / __ \/ __ `/ __ \/ ___/ _ \ |
// | / __/ / / / /_/ _> < / __/ / / / / / /_/ / / / / /__/ __/ |
// | /_/ /_/ \__,_/_/|_| /_/ /_/_/ /_/\__,_/_/ /_/\___/\___/ |
// | |
// ====================================================================
// =========================== CommunalFarm ===========================
// ====================================================================
// Multiple tokens with different reward rates can be emitted
// Multiple teams can set the reward rates for their token(s)
// Apes together strong
// Frax Finance: https://github.com/FraxFinance
// Primary Author(s)
// Travis Moore: https://github.com/FortisFortuna
// Reviewer(s) / Contributor(s)
// Jason Huan: https://github.com/jasonhuan
// Sam Kazemian: https://github.com/samkazemian
// Saddle Team: https://github.com/saddle-finance
// Fei Team: https://github.com/fei-protocol
// Alchemix Team: https://github.com/alchemix-finance
// Liquity Team: https://github.com/liquity
// Originally inspired by Synthetix.io, but heavily modified by the Frax team
// https://raw.githubusercontent.com/Synthetixio/synthetix/develop/contracts/StakingRewards.sol
import "communal/Math.sol";
import "communal/SafeMath.sol";
import "communal/SafeERC20.sol";
import 'communal/TransferHelper.sol';
import "communal/ReentrancyGuard.sol";
// Inheritance
import "communal/Owned.sol";
contract CommunalFarm is Owned, ReentrancyGuard {
using SafeMath for uint256;
using SafeERC20 for IERC20;
/* ========== STATE VARIABLES ========== */
// Instances
IERC20 public stakingToken;
// Constant for various precisions
uint256 private constant MULTIPLIER_PRECISION = 1e18;
// Time tracking
uint256 public periodFinish;
uint256 public lastUpdateTime;
// Lock time and multiplier settings
uint256 public lock_max_multiplier = uint256(3e18); // E18. 1x = e18
uint256 public lock_time_for_max_multiplier = 1 * 30 * 86400; // 30 days
uint256 public lock_time_min = 86400; // 1 * 86400 (1 day)
// Reward addresses, rates, and managers
mapping(address => address) public rewardManagers; // token addr -> manager addr
address[] public rewardTokens;
uint256[] public rewardRates;
string[] public rewardSymbols;
mapping(address => uint256) public rewardTokenAddrToIdx; // token addr -> token index
// Reward period
uint256 public rewardsDuration = 30 * 86400; // 30 * 86400 (30 days)
// Reward tracking
uint256[] private rewardsPerTokenStored;
mapping(address => mapping(uint256 => uint256)) private userRewardsPerTokenPaid; // staker addr -> token id -> paid amount
mapping(address => mapping(uint256 => uint256)) private rewards; // staker addr -> token id -> reward amount
mapping(address => uint256) private lastRewardClaimTime; // staker addr -> timestamp
// Balance tracking
uint256 private _total_liquidity_locked;
uint256 private _total_combined_weight;
mapping(address => uint256) private _locked_liquidity;
mapping(address => uint256) private _combined_weights;
// Stake tracking
mapping(address => LockedStake[]) private lockedStakes;
// Greylisting of bad addresses
mapping(address => bool) public greylist; //how long until this one is offensive too?
// Administrative booleans
bool public stakesUnlocked; // Release locked stakes in case of emergency
bool public withdrawalsPaused; // For emergencies
bool public rewardsCollectionPaused; // For emergencies
bool public stakingPaused; // For emergencies
/* ========== STRUCTS ========== */
struct LockedStake {
bytes32 kek_id;
uint256 start_timestamp;
uint256 liquidity;
uint256 ending_timestamp;
uint256 lock_multiplier; // 6 decimals of precision. 1x = 1000000
}
/* ========== MODIFIERS ========== */
modifier onlyByOwner() {
require(msg.sender == owner, "Not the owner");
_;
}
modifier onlyTknMgrs(address reward_token_address) {
require(msg.sender == owner || isTokenManagerFor(msg.sender, reward_token_address), "Not owner or tkn mgr");
_;
}
modifier notStakingPaused() {
require(stakingPaused == false, "Staking paused");
_;
}
modifier updateRewardAndBalance(address account, bool sync_too) {
_updateRewardAndBalance(account, sync_too);
_;
}
/* ========== CONSTRUCTOR ========== */
constructor (
address _owner,
address _stakingToken,
string[] memory _rewardSymbols,
address[] memory _rewardTokens,
address[] memory _rewardManagers,
uint256[] memory _rewardRates
) Owned(_owner){
stakingToken = IERC20(_stakingToken);
rewardTokens = _rewardTokens;
rewardRates = _rewardRates;
rewardSymbols = _rewardSymbols;
for (uint256 i = 0; i < _rewardTokens.length; i++){
// For fast token address -> token ID lookups later
rewardTokenAddrToIdx[_rewardTokens[i]] = i;
// Initialize the stored rewards
rewardsPerTokenStored.push(0);
// Initialize the reward managers
rewardManagers[_rewardTokens[i]] = _rewardManagers[i];
}
// Other booleans
stakesUnlocked = false;
// Initialization
lastUpdateTime = block.timestamp;
periodFinish = block.timestamp.add(rewardsDuration);
}
/* ========== VIEWS ========== */
// Total locked liquidity tokens
function totalLiquidityLocked() external view returns (uint256) {
return _total_liquidity_locked;
}
// Locked liquidity for a given account
function lockedLiquidityOf(address account) external view returns (uint256) {
return _locked_liquidity[account];
}
// Total 'balance' used for calculating the percent of the pool the account owns
// Takes into account the locked stake time multiplier
function totalCombinedWeight() external view returns (uint256) {
return _total_combined_weight;
}
// Combined weight for a specific account
function combinedWeightOf(address account) external view returns (uint256) {
return _combined_weights[account];
}
// Calculated the combined weight for an account
function calcCurCombinedWeight(address account) public view
returns (
uint256 old_combined_weight,
uint256 new_combined_weight
)
{
// Get the old combined weight
old_combined_weight = _combined_weights[account];
// Loop through the locked stakes, first by getting the liquidity * lock_multiplier portion
new_combined_weight = 0;
for (uint256 i = 0; i < lockedStakes[account].length; i++) {
LockedStake memory thisStake = lockedStakes[account][i];
uint256 lock_multiplier = thisStake.lock_multiplier;
// If the lock is expired
if (thisStake.ending_timestamp <= block.timestamp) {
// If the lock expired in the time since the last claim, the weight needs to be proportionately averaged this time
if (lastRewardClaimTime[account] < thisStake.ending_timestamp){
uint256 time_before_expiry = (thisStake.ending_timestamp).sub(lastRewardClaimTime[account]);
uint256 time_after_expiry = (block.timestamp).sub(thisStake.ending_timestamp);
// Get the weighted-average lock_multiplier
uint256 numerator = ((lock_multiplier).mul(time_before_expiry)).add(((MULTIPLIER_PRECISION).mul(time_after_expiry)));
lock_multiplier = numerator.div(time_before_expiry.add(time_after_expiry));
}
// Otherwise, it needs to just be 1x
else {
lock_multiplier = MULTIPLIER_PRECISION;
}
}
uint256 liquidity = thisStake.liquidity;
uint256 combined_boosted_amount = liquidity.mul(lock_multiplier).div(MULTIPLIER_PRECISION);
new_combined_weight = new_combined_weight.add(combined_boosted_amount);
}
}
// All the locked stakes for a given account
function lockedStakesOf(address account) external view returns (LockedStake[] memory) {
return lockedStakes[account];
}
// All the locked stakes for a given account
function getRewardSymbols() external view returns (string[] memory) {
return rewardSymbols;
}
// All the reward tokens
function getAllRewardTokens() external view returns (address[] memory) {
return rewardTokens;
}
// All the reward rates
function getAllRewardRates() external view returns (uint256[] memory) {
return rewardRates;
}
// Multiplier amount, given the length of the lock
function lockMultiplier(uint256 secs) public view returns (uint256) {
uint256 lock_multiplier =
uint256(MULTIPLIER_PRECISION).add(
secs
.mul(lock_max_multiplier.sub(MULTIPLIER_PRECISION))
.div(lock_time_for_max_multiplier)
);
if (lock_multiplier > lock_max_multiplier) lock_multiplier = lock_max_multiplier;
return lock_multiplier;
}
// Last time the reward was applicable
function lastTimeRewardApplicable() internal view returns (uint256) {
return Math.min(block.timestamp, periodFinish);
}
// Amount of reward tokens per LP token
function rewardsPerToken() public view returns (uint256[] memory newRewardsPerTokenStored) {
if (_total_liquidity_locked == 0 || _total_combined_weight == 0) {
return rewardsPerTokenStored;
}
else {
newRewardsPerTokenStored = new uint256[](rewardTokens.length);
for (uint256 i = 0; i < rewardsPerTokenStored.length; i++){
newRewardsPerTokenStored[i] = rewardsPerTokenStored[i].add(
lastTimeRewardApplicable().sub(lastUpdateTime).mul(rewardRates[i]).mul(1e18).div(_total_combined_weight)
);
}
return newRewardsPerTokenStored;
}
}
// Amount of reward tokens an account has earned / accrued
// Note: In the edge-case of one of the account's stake expiring since the last claim, this will
// return a slightly inflated number
function earned(address account) public view returns (uint256[] memory new_earned) {
uint256[] memory reward_arr = rewardsPerToken();
new_earned = new uint256[](rewardTokens.length);
if (_combined_weights[account] == 0){
for (uint256 i = 0; i < rewardTokens.length; i++){
new_earned[i] = 0;
}
}
else {
for (uint256 i = 0; i < rewardTokens.length; i++){
new_earned[i] = (_combined_weights[account])
.mul(reward_arr[i].sub(userRewardsPerTokenPaid[account][i]))
.div(1e18)
.add(rewards[account][i]);
}
}
}
// Total reward tokens emitted in the given period
function getRewardForDuration() external view returns (uint256[] memory rewards_per_duration_arr) {
rewards_per_duration_arr = new uint256[](rewardRates.length);
for (uint256 i = 0; i < rewardRates.length; i++){
rewards_per_duration_arr[i] = rewardRates[i].mul(rewardsDuration);
}
}
// See if the caller_addr is a manager for the reward token
function isTokenManagerFor(address caller_addr, address reward_token_addr) public view returns (bool){
if (caller_addr == owner) return true; // Contract owner
else if (rewardManagers[reward_token_addr] == caller_addr) return true; // Reward manager
return false;
}
/* ========== MUTATIVE FUNCTIONS ========== */
function _updateRewardAndBalance(address account, bool sync_too) internal {
// Need to retro-adjust some things if the period hasn't been renewed, then start a new one
if (sync_too){
sync();
}
if (account != address(0)) {
// To keep the math correct, the user's combined weight must be recomputed
(
uint256 old_combined_weight,
uint256 new_combined_weight
) = calcCurCombinedWeight(account);
// Calculate the earnings first
_syncEarned(account);
// Update the user's and the global combined weights
if (new_combined_weight >= old_combined_weight) {
uint256 weight_diff = new_combined_weight.sub(old_combined_weight);
_total_combined_weight = _total_combined_weight.add(weight_diff);
_combined_weights[account] = old_combined_weight.add(weight_diff);
} else {
uint256 weight_diff = old_combined_weight.sub(new_combined_weight);
_total_combined_weight = _total_combined_weight.sub(weight_diff);
_combined_weights[account] = old_combined_weight.sub(weight_diff);
}
}
}
function _syncEarned(address account) internal {
if (account != address(0)) {
// Calculate the earnings
uint256[] memory earned_arr = earned(account);
// Update the rewards array
for (uint256 i = 0; i < earned_arr.length; i++){
rewards[account][i] = earned_arr[i];
}
// Update the rewards paid array
for (uint256 i = 0; i < earned_arr.length; i++){
userRewardsPerTokenPaid[account][i] = rewardsPerTokenStored[i];
}
}
}
// Two different stake functions are needed because of delegateCall and msg.sender issues
function stakeLocked(uint256 liquidity, uint256 secs) nonReentrant public {
_stakeLocked(msg.sender, msg.sender, liquidity, secs, block.timestamp);
}
// If this were not internal, and source_address had an infinite approve, this could be exploitable
// (pull funds from source_address and stake for an arbitrary staker_address)
function _stakeLocked(
address staker_address,
address source_address,
uint256 liquidity,
uint256 secs,
uint256 start_timestamp
) internal updateRewardAndBalance(staker_address, true) {
require(!stakingPaused, "Staking paused");
require(liquidity > 0, "Must stake more than zero");
require(greylist[staker_address] == false, "Address has been greylisted");
require(secs >= lock_time_min, "Minimum stake time not met");
require(secs <= lock_time_for_max_multiplier,"Trying to lock for too long");
uint256 lock_multiplier = lockMultiplier(secs);
bytes32 kek_id = keccak256(abi.encodePacked(staker_address, start_timestamp, liquidity, _locked_liquidity[staker_address]));
lockedStakes[staker_address].push(LockedStake(
kek_id,
start_timestamp,
liquidity,
start_timestamp.add(secs),
lock_multiplier
));
// Pull the tokens from the source_address
//TODO: do we even need this if we're dealing with Sushi LP not saddle?
TransferHelper.safeTransferFrom(address(stakingToken), source_address, address(this), liquidity);
// Update liquidities
_total_liquidity_locked = _total_liquidity_locked.add(liquidity);
_locked_liquidity[staker_address] = _locked_liquidity[staker_address].add(liquidity);
// Need to call to update the combined weights
_updateRewardAndBalance(staker_address, false);
// Needed for edge case if the staker only claims once, and after the lock expired
if (lastRewardClaimTime[staker_address] == 0) lastRewardClaimTime[staker_address] = block.timestamp;
emit StakeLocked(staker_address, liquidity, secs, kek_id, source_address);
}
// Two different withdrawLocked functions are needed because of delegateCall and msg.sender issues
function withdrawLocked(bytes32 kek_id) nonReentrant public {
require(withdrawalsPaused == false, "Withdrawals paused");
_withdrawLocked(msg.sender, msg.sender, kek_id);
}
// No withdrawer == msg.sender check needed since this is only internally callable and the checks are done in the wrapper
// functions like withdraw()
function _withdrawLocked(address staker_address, address destination_address, bytes32 kek_id) internal {
// Collect rewards first and then update the balances
_getReward(staker_address, destination_address);
LockedStake memory thisStake;
thisStake.liquidity = 0;
uint theArrayIndex;
for (uint256 i = 0; i < lockedStakes[staker_address].length; i++){
if (kek_id == lockedStakes[staker_address][i].kek_id){
thisStake = lockedStakes[staker_address][i];
theArrayIndex = i;
break;
}
}
require(thisStake.kek_id == kek_id, "Stake not found");
require(block.timestamp >= thisStake.ending_timestamp || stakesUnlocked == true, "Stake is still locked!");
uint256 liquidity = thisStake.liquidity;
if (liquidity > 0) {
// Update liquidities
_total_liquidity_locked = _total_liquidity_locked.sub(liquidity);
_locked_liquidity[staker_address] = _locked_liquidity[staker_address].sub(liquidity);
// Remove the stake from the array
delete lockedStakes[staker_address][theArrayIndex];
// Need to call to update the combined weights
_updateRewardAndBalance(staker_address, false);
// Give the tokens to the destination_address
// Should throw if insufficient balance
stakingToken.transfer(destination_address, liquidity);
emit WithdrawLocked(staker_address, liquidity, kek_id, destination_address);
}
}
// Two different getReward functions are needed because of delegateCall and msg.sender issues
function getReward() external nonReentrant returns (uint256[] memory) {
require(rewardsCollectionPaused == false,"Rewards collection paused");
return _getReward(msg.sender, msg.sender);
}
// No withdrawer == msg.sender check needed since this is only internally callable
function _getReward(address rewardee, address destination_address) internal updateRewardAndBalance(rewardee, true) returns (uint256[] memory rewards_before) {
// Update the rewards array and distribute rewards
rewards_before = new uint256[](rewardTokens.length);
for (uint256 i = 0; i < rewardTokens.length; i++){
rewards_before[i] = rewards[rewardee][i];
rewards[rewardee][i] = 0;
//use SafeERC20.transfer
IERC20(rewardTokens[i]).transfer(destination_address, rewards_before[i]);
emit RewardPaid(rewardee, rewards_before[i], rewardTokens[i], destination_address);
}
lastRewardClaimTime[rewardee] = block.timestamp;
}
// If the period expired, renew it
function retroCatchUp() internal {
// Failsafe check
require(block.timestamp > periodFinish, "Period has not expired yet!");
// Ensure the provided reward amount is not more than the balance in the contract.
// This keeps the reward rate in the right range, preventing overflows due to
// very high values of rewardRate in the earned and rewardsPerToken functions;
// Reward + leftover must be less than 2^256 / 10^18 to avoid overflow.
uint256 num_periods_elapsed = uint256(block.timestamp.sub(periodFinish)) / rewardsDuration; // Floor division to the nearest period
// Make sure there are enough tokens to renew the reward period
for (uint256 i = 0; i < rewardTokens.length; i++){
require(rewardRates[i].mul(rewardsDuration).mul(num_periods_elapsed + 1) <= IERC20(rewardTokens[i]).balanceOf(address(this)), string(abi.encodePacked("Not enough reward tokens available: ", rewardTokens[i])) );
}
// uint256 old_lastUpdateTime = lastUpdateTime;
// uint256 new_lastUpdateTime = block.timestamp;
// lastUpdateTime = periodFinish;
periodFinish = periodFinish.add((num_periods_elapsed.add(1)).mul(rewardsDuration));
_updateStoredRewardsAndTime();
emit RewardsPeriodRenewed(address(stakingToken));
}
function _updateStoredRewardsAndTime() internal {
// Get the rewards
uint256[] memory rewards_per_token = rewardsPerToken();
// Update the rewardsPerTokenStored
for (uint256 i = 0; i < rewardsPerTokenStored.length; i++){
rewardsPerTokenStored[i] = rewards_per_token[i];
}
// Update the last stored time
lastUpdateTime = lastTimeRewardApplicable();
}
function sync() public {
if (block.timestamp > periodFinish) {
retroCatchUp();
}
else {
_updateStoredRewardsAndTime();
}
}
/* ========== RESTRICTED FUNCTIONS ========== */
// Added to support recovering LP Rewards and other mistaken tokens from other systems to be distributed to holders
function recoverERC20(address tokenAddress, uint256 tokenAmount) external onlyTknMgrs(tokenAddress) {
// Cannot rug the staking / LP tokens
require(tokenAddress != address(stakingToken), "Cannot rug staking / LP tokens");
// Check if the desired token is a reward token
bool isRewardToken = false;
for (uint256 i = 0; i < rewardTokens.length; i++){
if (rewardTokens[i] == tokenAddress) {
isRewardToken = true;
break;
}
}
// Only the reward managers can take back their reward tokens
if (isRewardToken && rewardManagers[tokenAddress] == msg.sender){
IERC20(tokenAddress).transfer(msg.sender, tokenAmount);
emit Recovered(msg.sender, tokenAddress, tokenAmount);
return;
}
// Other tokens, like airdrops or accidental deposits, can be withdrawn by the owner
else if (!isRewardToken && (msg.sender == owner)){
IERC20(tokenAddress).transfer(msg.sender, tokenAmount);
emit Recovered(msg.sender, tokenAddress, tokenAmount);
return;
}
// If none of the above conditions are true
else {
revert("No valid tokens to recover");
}
}
function setRewardsDuration(uint256 _rewardsDuration) external onlyByOwner {
require(_rewardsDuration >= 86400, "Rewards duration too short");
require(
periodFinish == 0 || block.timestamp > periodFinish,
"Reward period incomplete"
);
rewardsDuration = _rewardsDuration;
emit RewardsDurationUpdated(rewardsDuration);
}
function setMultipliers(uint256 _lock_max_multiplier) external onlyByOwner {
require(_lock_max_multiplier >= uint256(1e18), "Multiplier must be greater than or equal to 1e18");
lock_max_multiplier = _lock_max_multiplier;
emit LockedStakeMaxMultiplierUpdated(lock_max_multiplier);
}
function setLockedStakeTimeForMinAndMaxMultiplier(uint256 _lock_time_for_max_multiplier, uint256 _lock_time_min) external onlyByOwner {
require(_lock_time_for_max_multiplier >= 1, "Mul max time must be >= 1");
require(_lock_time_min >= 1, "Mul min time must be >= 1");
lock_time_for_max_multiplier = _lock_time_for_max_multiplier;
lock_time_min = _lock_time_min;
emit LockedStakeTimeForMaxMultiplier(lock_time_for_max_multiplier);
emit LockedStakeMinTime(_lock_time_min);
}
function greylistAddress(address _address) external onlyByOwner {
greylist[_address] = !(greylist[_address]);
}
function unlockStakes() external onlyByOwner {
stakesUnlocked = !stakesUnlocked;
}
function toggleStaking() external onlyByOwner {
stakingPaused = !stakingPaused;
}
function toggleWithdrawals() external onlyByOwner {
withdrawalsPaused = !withdrawalsPaused;
}
function toggleRewardsCollection() external onlyByOwner {
rewardsCollectionPaused = !rewardsCollectionPaused;
}
// The owner or the reward token managers can set reward rates
function setRewardRate(address reward_token_address, uint256 new_rate, bool sync_too) external onlyTknMgrs(reward_token_address) {
rewardRates[rewardTokenAddrToIdx[reward_token_address]] = new_rate;
if (sync_too){
sync();
}
}
// The owner or the reward token managers can change managers
function changeTokenManager(address reward_token_address, address new_manager_address) external onlyTknMgrs(reward_token_address) {
rewardManagers[reward_token_address] = new_manager_address;
}
/* ========== EVENTS ========== */
event StakeLocked(address indexed user, uint256 amount, uint256 secs, bytes32 kek_id, address source_address);
event WithdrawLocked(address indexed user, uint256 amount, bytes32 kek_id, address destination_address);
event RewardPaid(address indexed user, uint256 reward, address token_address, address destination_address);
event RewardsDurationUpdated(uint256 newDuration);
event Recovered(address destination_address, address token, uint256 amount);
event RewardsPeriodRenewed(address token);
event LockedStakeMaxMultiplierUpdated(uint256 multiplier);
event LockedStakeTimeForMaxMultiplier(uint256 secs);
event LockedStakeMinTime(uint256 secs);
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.18;
//An oracle that provides prices for different LSDs
//NOTE: This is the rate quoted by the LSDs contracts, no pricing of market impact and liquidity risk is calculated
interface IsfrxETH { function pricePerShare() external view returns (uint256); }
interface IrETH { function getExchangeRate() external view returns (uint256); }
interface IWStETH { function tokensPerStEth() external view returns (uint256); }
interface IcbETH { function exchangeRate() external view returns (uint256); }
interface IankrETH { function sharesToBonds(uint256) external view returns (uint256); }
interface IswETH { function swETHToETHRate() external view returns (uint256); }
contract Darknet {
address public constant sfrxETHAddress = 0xac3E018457B222d93114458476f3E3416Abbe38F;
address public constant rETHAddress = 0xae78736Cd615f374D3085123A210448E74Fc6393;
address public constant wstETHAddress = 0x7f39C581F595B53c5cb19bD0b3f8dA6c935E2Ca0;
address public constant cbETHAddress = 0xBe9895146f7AF43049ca1c1AE358B0541Ea49704;
address public constant wethAddress = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
address public constant ankrETHAddress = 0xE95A203B1a91a908F9B9CE46459d101078c2c3cb;
address public constant swETHAddress = 0xf951E335afb289353dc249e82926178EaC7DEd78;
constructor() {}
function checkPrice(address lsd) public view returns (uint256) {
if (lsd == wethAddress) return 1e18;
if (lsd == wstETHAddress) return IWStETH(wstETHAddress).tokensPerStEth();
if (lsd == sfrxETHAddress) return IsfrxETH(sfrxETHAddress).pricePerShare();
if (lsd == rETHAddress) return IrETH(rETHAddress).getExchangeRate();
if (lsd == cbETHAddress) return IcbETH(cbETHAddress).exchangeRate();
if (lsd == ankrETHAddress) return IankrETH(ankrETHAddress).sharesToBonds(1e18);
if (lsd == swETHAddress) return IswETH(swETHAddress).swETHToETHRate();
else revert();
}
}pragma solidity ^0.8.18;
contract Darknet2 {
mapping(address => bytes4) public router;
mapping(address => bool) private hasArgs;
address public constant wethAddress = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
/* ============ Constructor ============ */
constructor(
address[] memory _lsds,
bytes4[] memory _links,
bool[] memory _hasArgs
) {
require(_lsds.length == _links.length && _lsds.length == _hasArgs.length, "Array length mismatch");
for (uint256 i = 0; i < _lsds.length; i++) {
router[_lsds[i]] = _links[i];
if (_hasArgs[i]) {
hasArgs[_lsds[i]] = true;
}
}
}
function checkPrice(address lsd) public view returns (uint256) {
if(lsd == wethAddress) {
return 1e18;
}
bytes4 fn_sig = router[lsd];
bool success;
bytes memory response;
if (hasArgs[lsd]) {
(success, response) = lsd.staticcall(abi.encodePacked(fn_sig, uint256(1e18)));
} else {
(success, response) = lsd.staticcall(abi.encodePacked(fn_sig));
}
require(success, "Static call failed");
uint256 price = abi.decode(response, (uint256));
return price;
}
}//SPDX-License-Identifier: Unlicense
pragma solidity ^0.8.0;
import "openzeppelin-contracts/contracts/token/ERC20/ERC20.sol";
import "openzeppelin-contracts/contracts/token/ERC20/IERC20.sol";
import "openzeppelin-contracts/contracts/token/ERC20/extensions/draft-ERC20Permit.sol";
import "openzeppelin-contracts/contracts/token/ERC20/extensions/ERC20Burnable.sol";
import "communal/Owned.sol";
/// @title Parent contract for frxETH.sol
/** @notice Combines Openzeppelin's ERC20Permit and ERC20Burnable with Synthetix's Owned.
Also includes a list of authorized minters */
/// @dev frxETH adheres to EIP-712/EIP-2612 and can use permits
contract ERC20PermitPermissionedMint is ERC20Permit, ERC20Burnable, Owned {
// Core
address public timelock_address;
// Minters
address[] public minters_array; // Allowed to mint
mapping(address => bool) public minters; // Mapping is also used for faster verification
/* ========== CONSTRUCTOR ========== */
constructor(
address _creator_address,
address _timelock_address,
string memory _name,
string memory _symbol
)
ERC20(_name, _symbol)
ERC20Permit(_name)
Owned(_creator_address)
{
timelock_address = _timelock_address;
}
/* ========== MODIFIERS ========== */
modifier onlyByOwnGov() {
require(msg.sender == timelock_address || msg.sender == owner, "Not owner or timelock");
_;
}
modifier onlyMinters() {
require(minters[msg.sender] == true, "Only minters");
_;
}
/* ========== RESTRICTED FUNCTIONS ========== */
// Used by minters when user redeems
function minter_burn_from(address b_address, uint256 b_amount) public onlyMinters {
super.burnFrom(b_address, b_amount);
emit TokenMinterBurned(b_address, msg.sender, b_amount);
}
// This function is what other minters will call to mint new tokens
function minter_mint(address m_address, uint256 m_amount) public onlyMinters {
super._mint(m_address, m_amount);
emit TokenMinterMinted(msg.sender, m_address, m_amount);
}
// Adds whitelisted minters
function addMinter(address minter_address) public onlyByOwnGov {
require(minter_address != address(0), "Zero address detected");
require(minters[minter_address] == false, "Address already exists");
minters[minter_address] = true;
minters_array.push(minter_address);
emit MinterAdded(minter_address);
}
// Remove a minter
function removeMinter(address minter_address) public onlyByOwnGov {
require(minter_address != address(0), "Zero address detected");
require(minters[minter_address] == true, "Address nonexistant");
// Delete from the mapping
delete minters[minter_address];
// 'Delete' from the array by setting the address to 0x0
for (uint i = 0; i < minters_array.length; i++){
if (minters_array[i] == minter_address) {
minters_array[i] = address(0); // This will leave a null in the array and keep the indices the same
break;
}
}
emit MinterRemoved(minter_address);
}
function setTimelock(address _timelock_address) public onlyByOwnGov {
require(_timelock_address != address(0), "Zero address detected");
timelock_address = _timelock_address;
emit TimelockChanged(_timelock_address);
}
/* ========== EVENTS ========== */
event TokenMinterBurned(address indexed from, address indexed to, uint256 amount);
event TokenMinterMinted(address indexed from, address indexed to, uint256 amount);
event MinterAdded(address minter_address);
event MinterRemoved(address minter_address);
event TimelockChanged(address timelock_address);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.8.13;
pragma experimental ABIEncoderV2;
// ┬ ┬┌┐┌┌─┐┬ ┬╔═╗╔╦╗╦ ╦
// │ ││││└─┐├─┤║╣ ║ ╠═╣
// └─┘┘└┘└─┘┴ ┴╚═╝ ╩ ╩ ╩
// =======================
// EuclideanFarm.sol
/// @title Modified StakingRewards from Frax/Synthetix with a "coordination multiplier"
/// @author @EIP-A1tair
/// @notice Allows users to stake unshETH and earn USH, with a multiplier
/// based on how well the pool confirms to a target ratio of tokens
/// @dev Uses Euclidean distance to calculate the "coordination ratio"
import "communal/Math.sol";
import "communal/SafeMath.sol";
import "communal/SafeERC20.sol";
import 'communal/TransferHelper.sol';
import "communal/ReentrancyGuard.sol";
// Inheritance
import "communal/Owned.sol";
import "forge-std/console.sol";
import { UD60x18, ud, fromUD60x18, unwrap, mulDiv18, add, sub, mul, div, mulDiv, inv, powu, exp } from "@prb/math/UD60x18.sol";
// just do everything in signed, the casting ugliness isn't worth the aids
// import { UD60x18, ud, fromUD60x18, mul, div, sqrt, inv, powu } from "@prb/math/UD60x18.sol";
interface ILSDRegistry {
function vaultAddress() external view returns (address);
//ratios should be in the form of [0.25e18, 0.25e18, 0.25e18, 0.25e18] for 4 LSDs
function targetRatio() external view returns (uint256[] calldata);
function lsdAddresses() external view returns (address[] calldata);
function shanghaiTime() external view returns (uint256);
function nonce() external view returns (uint256);
}
interface ILSDVault {
function balanceInUnderlying() external view returns (uint256);
function stakedETHperunshETH() external view returns (uint256);
}
interface IDarknet {
function checkPrice(address lsd) external view returns(uint256);
}
contract EuclideanFarm is Owned, ReentrancyGuard {
using SafeMath for uint256;
using SafeERC20 for IERC20;
/* ========== STATE VARIABLES ========== */
// Instances
IERC20 public stakingToken;
// Constant for various precisions
uint256 private constant MULTIPLIER_PRECISION = 1e18;
// Time tracking
uint256 public periodFinish;
uint256 public lastUpdateTime;
// Lock time and multiplier settings
uint256 public lock_max_multiplier = uint256(3e18); // E18. 1x = e18
uint256 public lock_time_for_max_multiplier; //set this to rewardsDuration - 6 hours at initialization
uint256 public lock_time_min; //set this at initialization
// Coordination multipliers
uint256 public max_cord_multiplier = uint256(3e18);
uint256 public min_cord_multiplier = uint256(1e18);
uint256 public nonce = 0;
uint256 public max_nonce = 2; //no more than 2 changes to targetRatio
// uint256 public lastRatioUpdate;
// uint256 public min_cooldown = 21 days;
// uint256 public min_ratio_distance = 0.5e18;
//there is only one lockTime - needs to be equal to shanghaiTime
address public LSDRegistryAddress;
address public LSDVaultAddress;
uint256 public shanghaiTime;
// Reward addresses, rates, and managers
mapping(address => address) public rewardManagers; // token addr -> manager addr
address[] public rewardTokens;
uint256[] public rewardRates;
string[] public rewardSymbols;
mapping(address => uint256) public rewardTokenAddrToIdx; // token addr -> token index
// Reward period
uint256 public rewardsDuration; // from now until Shanghai
// Reward tracking
uint256[] private rewardsPerTokenStored;
mapping(address => mapping(uint256 => uint256)) private userRewardsPerTokenPaid; // staker addr -> token id -> paid amount
mapping(address => mapping(uint256 => uint256)) private rewards; // staker addr -> token id -> reward amount
mapping(address => uint256) private lastRewardClaimTime; // staker addr -> timestamp
// Balance tracking
uint256 private _total_liquidity_locked;
uint256 private _total_combined_weight;
mapping(address => uint256) private _locked_liquidity;
mapping(address => uint256) private _combined_weights;
// Stake tracking
mapping(address => LockedStake[]) private lockedStakes;
// Greylisting of bad addresses
mapping(address => bool) public greylist; //how long until this one is offensive too?
// Administrative booleans
bool public stakesUnlocked; // Release locked stakes in case of emergency
bool public withdrawalsPaused; // For emergencies
bool public rewardsCollectionPaused; // For emergencies
bool public stakingPaused; // For emergencies
//Price feed for LSDs for coordination multiplier calculations
address public darknetAddress;
/* ========== STRUCTS ========== */
struct LockedStake {
bytes32 kek_id;
uint256 start_timestamp;
uint256 liquidity;
uint256 ending_timestamp;
uint256 lock_multiplier; // 6 decimals of precision. 1x = 1000000
}
/* ========== MODIFIERS ========== */
modifier onlyByOwner() {
require(msg.sender == owner, "Not the owner");
_;
}
modifier onlyTknMgrs(address reward_token_address) {
require(msg.sender == owner || isTokenManagerFor(msg.sender, reward_token_address), "Not owner or tkn mgr");
_;
}
modifier notStakingPaused() {
require(stakingPaused == false, "Staking paused");
_;
}
modifier updateRewardAndBalance(address account, bool sync_too) {
_updateRewardAndBalance(account, sync_too);
_;
}
/* ========== CONSTRUCTOR ========== */
//this also needs to point to an LSDRegistry
constructor (
address _owner,
address _stakingToken,
address _LSDRegistry,
uint256 _shanghaiTime,
address _darknetAddress,
string[] memory _rewardSymbols,
address[] memory _rewardTokens,
address[] memory _rewardManagers,
uint256[] memory _rewardRates
) Owned(_owner){
//check that LSDRegistry is not 0x0
require(_LSDRegistry != address(0), "LSDRegistry is 0x0");
LSDRegistryAddress = _LSDRegistry;
LSDVaultAddress = ILSDRegistry(LSDRegistryAddress).vaultAddress();
//check that LSDRegistry's shanghaiTime matches the given shanghaiTime
require(_shanghaiTime == ILSDRegistry(LSDRegistryAddress).shanghaiTime(), "shanghaiTime mismatch");
shanghaiTime = _shanghaiTime;
stakingToken = IERC20(_stakingToken);
darknetAddress = _darknetAddress;
rewardTokens = _rewardTokens;
rewardRates = _rewardRates;
rewardSymbols = _rewardSymbols;
rewardsDuration = shanghaiTime - block.timestamp;
lock_time_for_max_multiplier = rewardsDuration - 24 hours;
for (uint256 i = 0; i < _rewardTokens.length; i++){
// For fast token address -> token ID lookups later
rewardTokenAddrToIdx[_rewardTokens[i]] = i;
// Initialize the stored rewards
rewardsPerTokenStored.push(0);
// Initialize the reward managers
rewardManagers[_rewardTokens[i]] = _rewardManagers[i];
}
// Other booleans
stakesUnlocked = false;
// Initialization
lastUpdateTime = block.timestamp;
periodFinish = block.timestamp.add(rewardsDuration);
}
/* ========== VIEWS ========== */
// Total locked liquidity tokens
function totalLiquidityLocked() external view returns (uint256) {
return _total_liquidity_locked;
}
// Locked liquidity for a given account
function lockedLiquidityOf(address account) external view returns (uint256) {
return _locked_liquidity[account];
}
// Total 'balance' used for calculating the percent of the pool the account owns
// Takes into account the locked stake time multiplier
function totalCombinedWeight() external view returns (uint256) {
return _total_combined_weight;
}
// Combined weight for a specific account
function combinedWeightOf(address account) external view returns (uint256) {
return _combined_weights[account];
}
// Calculated the combined weight for an account
function calcCurCombinedWeight(address account) public view
returns (
uint256 old_combined_weight,
uint256 new_combined_weight
)
{
// Get the old combined weight
old_combined_weight = _combined_weights[account];
// Loop through the locked stakes, first by getting the liquidity * lock_multiplier portion
new_combined_weight = 0;
for (uint256 i = 0; i < lockedStakes[account].length; i++) {
LockedStake memory thisStake = lockedStakes[account][i];
uint256 lock_multiplier = thisStake.lock_multiplier;
//add coordination multiplier here
uint256 cord_multiplier = coordinationMultiplier();
require(cord_multiplier != 0, "Multiplier error");
//set min_cord_multiplier < 1e18 if we want to shrink yield below base rate
if (cord_multiplier <= min_cord_multiplier){
cord_multiplier = min_cord_multiplier;
}
// If the lock is expired
if (thisStake.ending_timestamp <= block.timestamp) {
// If the lock expired in the time since the last claim, the weight needs to be proportionately averaged this time
if (lastRewardClaimTime[account] < thisStake.ending_timestamp){
uint256 time_before_expiry = (thisStake.ending_timestamp).sub(lastRewardClaimTime[account]);
uint256 time_after_expiry = (block.timestamp).sub(thisStake.ending_timestamp);
// Get the weighted-average lock_multiplier
uint256 numerator = ((lock_multiplier).mul(time_before_expiry)).add(((MULTIPLIER_PRECISION).mul(time_after_expiry)));
lock_multiplier = numerator.div(time_before_expiry.add(time_after_expiry));
}
// Otherwise, it needs to just be 1x
else {
lock_multiplier = MULTIPLIER_PRECISION;
}
}
uint256 liquidity = thisStake.liquidity;
uint256 combined_boosted_amount = liquidity.mul(lock_multiplier).div(MULTIPLIER_PRECISION);
uint256 coordination_boosted_amount = combined_boosted_amount.mul(cord_multiplier).div(MULTIPLIER_PRECISION);
new_combined_weight = new_combined_weight.add(coordination_boosted_amount);
}
}
// All the locked stakes for a given account
function lockedStakesOf(address account) external view returns (LockedStake[] memory) {
return lockedStakes[account];
}
// All the locked stakes for a given account
function getRewardSymbols() external view returns (string[] memory) {
return rewardSymbols;
}
// All the reward tokens
function getAllRewardTokens() external view returns (address[] memory) {
return rewardTokens;
}
// All the reward rates
function getAllRewardRates() external view returns (uint256[] memory) {
return rewardRates;
}
// Multiplier amount, given the length of the lock
function lockMultiplier(uint256 secs) public view returns (uint256) {
uint256 lock_multiplier =
uint256(MULTIPLIER_PRECISION).add(
secs
.mul(lock_max_multiplier.sub(MULTIPLIER_PRECISION))
.div(lock_time_for_max_multiplier)
);
if (lock_multiplier > lock_max_multiplier) lock_multiplier = lock_max_multiplier;
return lock_multiplier;
}
function sqrt(uint y) internal pure returns (uint z) {
if (y > 3) {
z = y;
uint x = y / 2 + 1;
while (x < z) {
z = x;
x = (y / x + x) / 2;
}
} else if (y != 0) {
z = 1;
}
// else z = 0 (default value)
}
function euclideanDistance(uint256[] memory _a, uint256[] memory _b) internal pure returns (uint256) {
require(_a.length == _b.length, "Array length mismatch");
int256 a;
int256 b;
uint256 sumSqDiff;
uint256 diff;
for (uint256 i = 0; i < _a.length; i++) {
a = int256(_a[i]/1e15);
b = int256(_b[i]/1e15);
diff = uint256(a > b ? a - b : b - a);
uint256 squareDiff = diff**2;
sumSqDiff += squareDiff;
}
return sqrt(sumSqDiff)*1e15;
}
function coordinationMultiplier() public view returns(uint256) {
//get ratios
//fetch the current targetRatio locally
//ratios should be in the form of [0.25e18, 0.25e18, 0.25e18, 0.25e18] for 4 LSDs
uint256[] memory targetRatio = ILSDRegistry(LSDRegistryAddress).targetRatio();
address[] memory lsdAddresses = ILSDRegistry(LSDRegistryAddress).lsdAddresses();
//make sure the lengths match
require(targetRatio.length == lsdAddresses.length, "targetRatio and lsdAddresses length mismatch");
uint256 tabs = lsdAddresses.length;
console.log(tabs);
uint256[] memory currentRatio = new uint256[](tabs);
console.log(currentRatio.length);
console.log(LSDVaultAddress);
uint256 totalETHbalance = ILSDVault(LSDVaultAddress).balanceInUnderlying();
console.log(totalETHbalance);
//get the current balances of all LSDs in vault in terms of underlying ETH to compute ratio
for (uint256 i = 0; i < tabs; i++) {
uint256 balance = IERC20(lsdAddresses[i]).balanceOf(LSDVaultAddress);
//convert to actual underlying amounts
uint256 rate = IDarknet(darknetAddress).checkPrice(lsdAddresses[i]);
uint256 ratio = mulDiv(balance, rate, totalETHbalance);
currentRatio[i] = ratio;
}
//from here onwards these operations cost ~50k gas
uint256 _x = euclideanDistance(targetRatio, currentRatio);
uint256 L = mulDiv18(_x, 2.5e18);
UD60x18 l_scaled = div(ud(L), ud(1.0e18));
UD60x18 e_L = exp(l_scaled);
UD60x18 hell = ud(3.0e18).sub(inv(e_L)).sub(ud(L));
UD60x18 hella = div(powu(hell, 3),ud(4.0e18));
return unwrap(hella.add(ud(1.0e18)));
}
// Last time the reward was applicable
function lastTimeRewardApplicable() internal view returns (uint256) {
return Math.min(block.timestamp, periodFinish);
}
// Amount of reward tokens per LP token
function rewardsPerToken() public view returns (uint256[] memory newRewardsPerTokenStored) {
if (_total_liquidity_locked == 0 || _total_combined_weight == 0) {
return rewardsPerTokenStored;
}
else {
newRewardsPerTokenStored = new uint256[](rewardTokens.length);
for (uint256 i = 0; i < rewardsPerTokenStored.length; i++){
newRewardsPerTokenStored[i] = rewardsPerTokenStored[i].add(
lastTimeRewardApplicable().sub(lastUpdateTime).mul(rewardRates[i]).mul(1e18).div(_total_combined_weight)
);
}
return newRewardsPerTokenStored;
}
}
// Amount of reward tokens an account has earned / accrued
// Note: In the edge-case of one of the account's stake expiring since the last claim, this will
// return a slightly inflated number
function earned(address account) public view returns (uint256[] memory new_earned) {
uint256[] memory reward_arr = rewardsPerToken();
new_earned = new uint256[](rewardTokens.length);
if (_combined_weights[account] == 0){
for (uint256 i = 0; i < rewardTokens.length; i++){
new_earned[i] = 0;
}
}
else {
for (uint256 i = 0; i < rewardTokens.length; i++){
new_earned[i] = (_combined_weights[account])
.mul(reward_arr[i].sub(userRewardsPerTokenPaid[account][i]))
.div(1e18)
.add(rewards[account][i]);
}
}
}
// Total reward tokens emitted in the given period
function getRewardForDuration() external view returns (uint256[] memory rewards_per_duration_arr) {
rewards_per_duration_arr = new uint256[](rewardRates.length);
for (uint256 i = 0; i < rewardRates.length; i++){
rewards_per_duration_arr[i] = rewardRates[i].mul(rewardsDuration);
}
}
// See if the caller_addr is a manager for the reward token
function isTokenManagerFor(address caller_addr, address reward_token_addr) public view returns (bool){
if (caller_addr == owner) return true; // Contract owner
else if (rewardManagers[reward_token_addr] == caller_addr) return true; // Reward manager
return false;
}
/* ========== MUTATIVE FUNCTIONS ========== */
function synchronize() external {
uint256 proposedNonce = ILSDRegistry(LSDRegistryAddress).nonce();
require(nonce != proposedNonce, "Already synchronized");
_synchronize();
}
function _synchronize() internal {
//set current coordination-boosted rate to the new min
uint256 current_boosted_rate = coordinationMultiplier()*rewardRates[0]/1e18; //only for USH rewards, change later if needed
rewardRates[0] = current_boosted_rate;
//update to the new target ratio
}
function _updateRewardAndBalance(address account, bool sync_too) internal {
// Need to retro-adjust some things if the period hasn't been renewed, then start a new one
if (sync_too){
sync();
}
if (account != address(0)) {
// To keep the math correct, the user's combined weight must be recomputed
(
uint256 old_combined_weight,
uint256 new_combined_weight
) = calcCurCombinedWeight(account);
// Calculate the earnings first
_syncEarned(account);
// Update the user's and the global combined weights
if (new_combined_weight >= old_combined_weight) {
uint256 weight_diff = new_combined_weight.sub(old_combined_weight);
_total_combined_weight = _total_combined_weight.add(weight_diff);
_combined_weights[account] = old_combined_weight.add(weight_diff);
} else {
uint256 weight_diff = old_combined_weight.sub(new_combined_weight);
_total_combined_weight = _total_combined_weight.sub(weight_diff);
_combined_weights[account] = old_combined_weight.sub(weight_diff);
}
}
}
function _syncEarned(address account) internal {
if (account != address(0)) {
// Calculate the earnings
uint256[] memory earned_arr = earned(account);
// Update the rewards array
for (uint256 i = 0; i < earned_arr.length; i++){
rewards[account][i] = earned_arr[i];
}
// Update the rewards paid array
for (uint256 i = 0; i < earned_arr.length; i++){
userRewardsPerTokenPaid[account][i] = rewardsPerTokenStored[i];
}
}
}
// Two different stake functions are needed because of delegateCall and msg.sender issues
function stakeLocked(uint256 liquidity) nonReentrant public {
_stakeLocked(msg.sender, msg.sender, liquidity, block.timestamp);
}
// If this were not internal, and source_address had an infinite approve, this could be exploitable
// (pull funds from source_address and stake for an arbitrary staker_address)
function _stakeLocked(
address staker_address,
address source_address,
uint256 liquidity,
uint256 start_timestamp
) internal updateRewardAndBalance(staker_address, true) {
require(!stakingPaused, "Staking paused");
require(liquidity > 0, "Must stake more than zero");
require(greylist[staker_address] == false, "Address has been greylisted");
// require(secs >= lock_time_min, "Minimum stake time not met");
// require(secs <= lock_time_for_max_multiplier,"Trying to lock for too long");
uint256 secs = shanghaiTime - block.timestamp;
uint256 lock_multiplier = lockMultiplier(secs);
bytes32 kek_id = keccak256(abi.encodePacked(staker_address, start_timestamp, liquidity, _locked_liquidity[staker_address]));
lockedStakes[staker_address].push(LockedStake(
kek_id,
start_timestamp,
liquidity,
shanghaiTime,//replaced start_timestamp.add(secs) w/ shanghaiTime
lock_multiplier
));
// Pull the tokens from the source_address
TransferHelper.safeTransferFrom(address(stakingToken), source_address, address(this), liquidity);
// Update liquidities
_total_liquidity_locked = _total_liquidity_locked.add(liquidity);
_locked_liquidity[staker_address] = _locked_liquidity[staker_address].add(liquidity);
// Need to call to update the combined weights
_updateRewardAndBalance(staker_address, false);
// Needed for edge case if the staker only claims once, and after the lock expired
if (lastRewardClaimTime[staker_address] == 0) lastRewardClaimTime[staker_address] = block.timestamp;
emit StakeLocked(staker_address, liquidity, secs, kek_id, source_address);
}
// Two different withdrawLocked functions are needed because of delegateCall and msg.sender issues
function withdrawLocked(bytes32 kek_id) nonReentrant public {
require(withdrawalsPaused == false, "Withdrawals paused");
_withdrawLocked(msg.sender, msg.sender, kek_id);
}
// No withdrawer == msg.sender check needed since this is only internally callable and the checks are done in the wrapper
// functions like withdraw()
function _withdrawLocked(address staker_address, address destination_address, bytes32 kek_id) internal {
// Collect rewards first and then update the balances
_getReward(staker_address, destination_address);
LockedStake memory thisStake;
thisStake.liquidity = 0;
uint theArrayIndex;
for (uint256 i = 0; i < lockedStakes[staker_address].length; i++){
if (kek_id == lockedStakes[staker_address][i].kek_id){
thisStake = lockedStakes[staker_address][i];
theArrayIndex = i;
break;
}
}
require(thisStake.kek_id == kek_id, "Stake not found");
require(block.timestamp >= thisStake.ending_timestamp || stakesUnlocked == true, "Stake is still locked!");
uint256 liquidity = thisStake.liquidity;
if (liquidity > 0) {
// Update liquidities
_total_liquidity_locked = _total_liquidity_locked.sub(liquidity);
_locked_liquidity[staker_address] = _locked_liquidity[staker_address].sub(liquidity);
// Remove the stake from the array
delete lockedStakes[staker_address][theArrayIndex];
// Need to call to update the combined weights
_updateRewardAndBalance(staker_address, false);
// Give the tokens to the destination_address
// Should throw if insufficient balance
stakingToken.transfer(destination_address, liquidity);
emit WithdrawLocked(staker_address, liquidity, kek_id, destination_address);
}
}
// Two different getReward functions are needed because of delegateCall and msg.sender issues
function getReward() external nonReentrant returns (uint256[] memory) {
require(rewardsCollectionPaused == false,"Rewards collection paused");
return _getReward(msg.sender, msg.sender);
}
// No withdrawer == msg.sender check needed since this is only internally callable
function _getReward(address rewardee, address destination_address) internal updateRewardAndBalance(rewardee, true) returns (uint256[] memory rewards_before) {
// Update the rewards array and distribute rewards
rewards_before = new uint256[](rewardTokens.length);
for (uint256 i = 0; i < rewardTokens.length; i++){
rewards_before[i] = rewards[rewardee][i];
rewards[rewardee][i] = 0;
//use SafeERC20.transfer
IERC20(rewardTokens[i]).transfer(destination_address, rewards_before[i]);
emit RewardPaid(rewardee, rewards_before[i], rewardTokens[i], destination_address);
}
lastRewardClaimTime[rewardee] = block.timestamp;
}
// If the period expired, DON'T renew it
function retroCatchUp() internal {
// Failsafe check
require(block.timestamp > periodFinish, "Period has not expired yet!");
// Ensure the provided reward amount is not more than the balance in the contract.
// This keeps the reward rate in the right range, preventing overflows due to
// very high values of rewardRate in the earned and rewardsPerToken functions;
// Reward + leftover must be less than 2^256 / 10^18 to avoid overflow.
// uint256 num_periods_elapsed = uint256(block.timestamp.sub(periodFinish)) / rewardsDuration; // Floor division to the nearest period
// // Make sure there are enough tokens to renew the reward period
// for (uint256 i = 0; i < rewardTokens.length; i++){
// require(rewardRates[i].mul(rewardsDuration).mul(num_periods_elapsed + 1) <= IERC20(rewardTokens[i]).balanceOf(address(this)), string(abi.encodePacked("Not enough reward tokens available: ", rewardTokens[i])) );
// }
// uint256 old_lastUpdateTime = lastUpdateTime;
// uint256 new_lastUpdateTime = block.timestamp;
// lastUpdateTime = periodFinish;
//periodFinish = periodFinish.add((num_periods_elapsed.add(1)).mul(rewardsDuration));
_updateStoredRewardsAndTime();
//emit RewardsPeriodRenewed(address(stakingToken));
}
function _updateStoredRewardsAndTime() internal {
// Get the rewards
uint256[] memory rewards_per_token = rewardsPerToken();
// Update the rewardsPerTokenStored
for (uint256 i = 0; i < rewardsPerTokenStored.length; i++){
rewardsPerTokenStored[i] = rewards_per_token[i];
}
// Update the last stored time
lastUpdateTime = lastTimeRewardApplicable();
}
function sync() public {
if (block.timestamp > periodFinish) {
retroCatchUp();
}
else {
_updateStoredRewardsAndTime();
}
}
/* ========== RESTRICTED FUNCTIONS ========== */
// Added to support recovering LP Rewards and other mistaken tokens from other systems to be distributed to holders
function recoverERC20(address tokenAddress, uint256 tokenAmount) external onlyTknMgrs(tokenAddress) {
// Cannot rug the staking / LP tokens
require(tokenAddress != address(stakingToken), "Cannot rug staking / LP tokens");
// Check if the desired token is a reward token
bool isRewardToken = false;
for (uint256 i = 0; i < rewardTokens.length; i++){
if (rewardTokens[i] == tokenAddress) {
isRewardToken = true;
break;
}
}
// Only the reward managers can take back their reward tokens
if (isRewardToken && rewardManagers[tokenAddress] == msg.sender){
IERC20(tokenAddress).transfer(msg.sender, tokenAmount);
emit Recovered(msg.sender, tokenAddress, tokenAmount);
return;
}
// Other tokens, like airdrops or accidental deposits, can be withdrawn by the owner
else if (!isRewardToken && (msg.sender == owner)){
IERC20(tokenAddress).transfer(msg.sender, tokenAmount);
emit Recovered(msg.sender, tokenAddress, tokenAmount);
return;
}
// If none of the above conditions are true
else {
revert("No valid tokens to recover");
}
}
function setRewardsDuration(uint256 _rewardsDuration) external onlyByOwner {
require(_rewardsDuration >= 86400, "Rewards duration too short");
require(
periodFinish == 0 || block.timestamp > periodFinish,
"Reward period incomplete"
);
rewardsDuration = _rewardsDuration;
emit RewardsDurationUpdated(rewardsDuration);
}
function setMultipliers(uint256 _lock_max_multiplier) external onlyByOwner {
require(_lock_max_multiplier >= uint256(1e18), "Multiplier must be greater than or equal to 1e18");
lock_max_multiplier = _lock_max_multiplier;
emit LockedStakeMaxMultiplierUpdated(lock_max_multiplier);
}
function setLockedStakeTimeForMinAndMaxMultiplier(uint256 _lock_time_for_max_multiplier, uint256 _lock_time_min) external onlyByOwner {
require(_lock_time_for_max_multiplier >= 1, "Mul max time must be >= 1");
require(_lock_time_min >= 1, "Mul min time must be >= 1");
lock_time_for_max_multiplier = _lock_time_for_max_multiplier;
lock_time_min = _lock_time_min;
emit LockedStakeTimeForMaxMultiplier(lock_time_for_max_multiplier);
emit LockedStakeMinTime(_lock_time_min);
}
function greylistAddress(address _address) external onlyByOwner {
greylist[_address] = !(greylist[_address]);
}
function unlockStakes() external onlyByOwner {
stakesUnlocked = !stakesUnlocked;
}
function toggleStaking() external onlyByOwner {
stakingPaused = !stakingPaused;
}
function toggleWithdrawals() external onlyByOwner {
withdrawalsPaused = !withdrawalsPaused;
}
function toggleRewardsCollection() external onlyByOwner {
rewardsCollectionPaused = !rewardsCollectionPaused;
}
// The owner or the reward token managers can set reward rates
function setRewardRate(address reward_token_address, uint256 new_rate, bool sync_too) external onlyTknMgrs(reward_token_address) {
rewardRates[rewardTokenAddrToIdx[reward_token_address]] = new_rate;
if (sync_too){
sync();
}
}
// The owner or the reward token managers can change managers
function changeTokenManager(address reward_token_address, address new_manager_address) external onlyTknMgrs(reward_token_address) {
rewardManagers[reward_token_address] = new_manager_address;
}
/* ========== EVENTS ========== */
event StakeLocked(address indexed user, uint256 amount, uint256 secs, bytes32 kek_id, address source_address);
event WithdrawLocked(address indexed user, uint256 amount, bytes32 kek_id, address destination_address);
event RewardPaid(address indexed user, uint256 reward, address token_address, address destination_address);
event RewardsDurationUpdated(uint256 newDuration);
event Recovered(address destination_address, address token, uint256 amount);
event RewardsPeriodRenewed(address token);
event LockedStakeMaxMultiplierUpdated(uint256 multiplier);
event LockedStakeTimeForMaxMultiplier(uint256 secs);
event LockedStakeMinTime(uint256 secs);
}// SPDX-License-Identifier: MIT
pragma solidity >0.8.10;
import "communal/SafeERC20.sol";
import "communal/Owned.sol";
import "local/interfaces/IvdUSH.sol";
import "communal/ReentrancyGuard.sol";
import "openzeppelin-contracts/contracts/utils/math/SignedSafeMath.sol";
// ================================================================
// |██╗ ██╗███╗ ██╗███████╗██╗ ██╗███████╗████████╗██╗ ██╗
// |██║ ██║████╗ ██║██╔════╝██║ ██║██╔════╝╚══██╔══╝██║ ██║
// |██║ ██║██╔██╗ ██║███████╗███████║█████╗ ██║ ███████║
// |██║ ██║██║╚██╗██║╚════██║██╔══██║██╔══╝ ██║ ██╔══██║
// |╚██████╔╝██║ ╚████║███████║██║ ██║███████╗ ██║ ██║ ██║
// | ╚═════╝ ╚═╝ ╚═══╝╚══════╝╚═╝ ╚═╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
// ================================================================
// ======================= GovernorsFarm =+++======================
// ================================================================
// Allows vdUSH users to enter the matrix and recieve USH rewards
// Users can claim their rewards at any time
// No staking needed, just enter the matrix and claim rewards
// No user deposits held in this contract!
//
// Author: unshETH team (github.com/unsheth)
// Heavily inspired by StakingRewards, MasterChef
//
interface IGovFarm {
function getAllUsers() external returns (address[] memory);
function lastClaimTimestamp(address user) external returns (uint);
}
contract GovernorsFarm is Owned, ReentrancyGuard {
using SafeERC20 for IERC20;
using SignedSafeMath for int256;
IERC20 public immutable USH;
IvdUSH public immutable vdUsh;
uint public vdLockPercentage; //percentage of rewards to lock as vdUSH
//check if an address has entered the matrix
mapping(address => bool) public isInMatrix;
address[] public users; //array of users in the matrix
uint public totalSupplyMultiplier; //total supply multiplier to adjust for vdush total supply calc on bnb chain
uint public ushPerSec;
mapping(address => uint) public initialEarned;
mapping(address => uint) public lastClaimTimestamp;
mapping(address => uint) public lastClaimVdUshBalance;
mapping(address => uint) public lastClaimTotalSupply;
struct Point {
int128 bias;
int128 slope; // # -dweight / dt
uint ts;
uint blk; // block
}
uint internal constant WEEK = 1 weeks;
event MatrixEntered(address indexed user);
event RewardsClaimed(address indexed user, uint ushClaimed, uint vdUSHClaimed);
event UshPerSecUpdated(uint _ushPerSec);
event TotalSupplyMultiplierUpdated(uint _totalSupplyMultiplier);
event vdLockPercentageUpdated(uint _vdLockPercentage);
//Constructor
constructor(address _owner, address _USH, address _vdUSH, uint _vdLockPercentage, uint _ushPerSec, uint _totalSupplyMultiplier, address _govFarmV1) Owned(_owner) {
USH = IERC20(_USH);
vdUsh = IvdUSH(_vdUSH);
vdLockPercentage = _vdLockPercentage; //set to 50e18 for 50%
ushPerSec = _ushPerSec;
totalSupplyMultiplier = _totalSupplyMultiplier;
USH.approve(address(vdUsh), type(uint).max); //for locking on behalf of users
//Seed values from V1Farm for migration
IGovFarm govFarmV1 = IGovFarm(_govFarmV1);
address[] memory v1Users = govFarmV1.getAllUsers();
//Gas efficient method to migrate users in v1 farm with no require checks or events
for(uint i = 0; i < v1Users.length; ) {
address user = v1Users[i];
isInMatrix[user] = true;
users.push(user);
lastClaimTimestamp[user] = govFarmV1.lastClaimTimestamp(user);
unchecked { ++i; }
}
}
/**
* @dev Allows a user with non zero vdUSH balance to enter the matrix and start earning farm rewards.
* The user's address is registered in a mapping.
* The user's last claim timestamp is set to the current block timestamp (rewards start from the moment they enter).
* @param user The address of the user entering the matrix.
*/
function enterMatrix(address user) external nonReentrant {
_enterMatrix(user);
}
function _enterMatrix(address user) internal {
require(!isInMatrix[user], "Already in matrix");
require(vdUsh.balanceOf(user) > 0, "Cannot enter the matrix without vdUSH");
isInMatrix[user] = true;
users.push(user);
lastClaimTimestamp[user] = block.timestamp;
emit MatrixEntered(user);
}
/**
* @dev Calculate user's earned USH and vdUSH rewards since last claim.
* User earned rewards are proportional to their share of total vdUSH at the time of claim.
* @param user The address of the user entering the matrix.
*/
function earned(address user) public view returns (uint, uint) {
uint lastClaimTimeStamp = lastClaimTimestamp[user];
uint secsSinceLastClaim = block.timestamp - lastClaimTimeStamp;
uint lastEpoch = vdUsh.user_point_epoch(user);
uint lastEpochTimestamp = vdUsh.user_point_history__ts(user, lastEpoch);
uint userVdUsh;
uint totalVdUsh;
userVdUsh = lastClaimVdUshBalance[user];
totalVdUsh = lastClaimTotalSupply[user];
//sampling:
//fyi we start at i=1, bc i=0 is the lastClaim which is already stored
for(uint i = 1; i < 53;) {
uint timestamp = lastClaimTimeStamp + i * 1 weeks;
//if 1 wk after last claim is after current block timestamp, break
if(timestamp > block.timestamp) {
userVdUsh += vdUsh.balanceOf(user);
totalVdUsh += vdUsh.totalSupply();
break;
}
//round down to nearest week if needed
if(timestamp > lastEpochTimestamp) {
timestamp = lastEpochTimestamp;
}
userVdUsh += vdUsh.balanceOfAtT(user, timestamp);
//calculate totalSupplyAtT internally due to versioning issue in ve-contracts
totalVdUsh += _totalSupplyAtT(timestamp);
unchecked{ ++i; }
}
uint averageVdUshShare = userVdUsh * 1e18 / totalVdUsh;
uint ushEarned = averageVdUshShare * secsSinceLastClaim * ushPerSec / 1e18 * totalSupplyMultiplier / 1e18;
uint lockedUsh = ushEarned * vdLockPercentage / 100e18;
uint claimableUsh = ushEarned - lockedUsh;
return (claimableUsh, lockedUsh);
}
/*
============================================================================
Calculations to get correct total supply at historical point T
============================================================================
*/
function _get_point_history(uint _epoch) internal view returns (Point memory) {
(int128 bias, int128 slope, uint ts, uint blk) = vdUsh.point_history(_epoch);
return Point(bias, slope, ts, blk);
}
function _totalSupplyAtT(uint t) internal view returns (uint) {
uint _epoch = vdUsh.epoch();
Point memory last_point = _get_point_history(_epoch);
return _supply_at(last_point, t);
}
function _supply_at(Point memory point, uint t) internal view returns (uint) {
Point memory last_point = point;
uint t_i = (last_point.ts / WEEK) * WEEK;
for (uint i = 0; i < 255; ++i) {
t_i += WEEK;
int128 d_slope = 0;
if (t_i > t) {
t_i = t;
} else {
d_slope = vdUsh.slope_changes(t_i);
}
last_point.bias -= last_point.slope * int128(int(t_i) - int(last_point.ts));
if (t_i == t) {
break;
}
last_point.slope += d_slope;
last_point.ts = t_i;
}
if (last_point.bias < 0) {
last_point.bias = 0;
}
return uint(uint128(last_point.bias));
}
/*
============================================================================
Claim
============================================================================
*/
function passGoAndCollect(address user) external nonReentrant {
uint claimableUsh;
uint lockedUsh;
(claimableUsh, lockedUsh) = earned(user);
require(lockedUsh > 0 || claimableUsh > 0, "Nothing to claim");
lastClaimTimestamp[user] = block.timestamp;
lastClaimVdUshBalance[user] = vdUsh.balanceOf(user);
lastClaimTotalSupply[user] = vdUsh.totalSupply();
//add to user's vdUSH if their lock hasn't expired
if(vdUsh.balanceOf(user) != 0) {
vdUsh.deposit_for(user, 0, 0, lockedUsh);
} else {
lockedUsh = 0;
}
//transfer remainder to user
USH.safeTransfer(user, claimableUsh);
initialEarned[user] = 0;
emit RewardsClaimed(user, claimableUsh, lockedUsh);
}
//view funcs
function getAllUsers() public view returns (address[] memory) {
return users;
}
function getVdUshTotalSupplyInFarm() public view returns (uint) {
uint totalVdUsh;
for(uint i = 0; i < users.length;) {
totalVdUsh += vdUsh.balanceOf(users[i]);
unchecked{ ++i; }
}
return totalVdUsh;
}
//owner funcs
function setUSHPerSec(uint _ushPerSec) external onlyOwner {
ushPerSec = _ushPerSec;
emit UshPerSecUpdated(_ushPerSec);
}
function setVdLockPercentage(uint _vdLockPercentage) external onlyOwner {
require(_vdLockPercentage <= 100e18, "Percentage too high");
vdLockPercentage = _vdLockPercentage;
emit vdLockPercentageUpdated(_vdLockPercentage);
}
function setTotalSupplyMultiplier(uint _totalSupplyMultiplier) external onlyOwner {
//make sure to set it in 1e18 terms
totalSupplyMultiplier = _totalSupplyMultiplier;
emit TotalSupplyMultiplierUpdated(_totalSupplyMultiplier);
}
function setTotalSupplyMultiplier_onChain() external onlyOwner {
totalSupplyMultiplier = vdUsh.totalSupply() * 1e18 / getVdUshTotalSupplyInFarm();
emit TotalSupplyMultiplierUpdated(totalSupplyMultiplier);
}
//emergency funcs
function recoverUSH(uint amount, address dst) external onlyOwner {
USH.safeTransfer(dst, amount);
}
// ⢠⣶⣿⣿⣶⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⣿⣿⠁⠀⠙⢿⣦⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠸⣿⣆⠀⠀⠈⢻⣷⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣾⡿⠿⠛⠻⠿⣿⣦⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣀⣤⣤⣤⣀⡀⠀
// ⠀⢻⣿⡆⠀⠀⠀⢻⣷⡀⠀⠀⠀⠀⠀⠀⢀⣴⣾⠿⠿⠿⣿⣿⠀⠀⠀⠀⠀⠈⢻⣷⡀⠀⠀⠀⠀⠀⢀⣠⣶⣿⠿⠛⠋⠉⠉⠻⣿⣦
// ⠀⠀⠻⣿⡄⠀⠀⠀⢿⣧⣠⣶⣾⠿⠿⠿⣿⡏⠀⠀⠀⠀⢹⣿⡀⠀⠀⠀⢸⣿⠈⢿⣷⠀⠀⠀⢀⣴⣿⠟⠉⠀⠀⠀⠀⠀⠀⠀⢸⣿
// ⠀⠀⠀⠹⣿⡄⠀⠀⠈⢿⣿⡏⠀⠀⠀⠀⢻⣷⠀⠀⠀⠀⠸⣿⡇⠀⠀⠀⠈⣿⠀⠘⢿⣧⣠⣶⡿⠋⠁⠀⠀⠀⠀⠀⠀⣀⣠⣤⣾⠟
// ⠀⠀⠀⠀⢻⣿⡄⠀⠀⠘⣿⣷⠀⠀⠀⠀⢸⣿⡀⠀⠀⠀⠀⣿⣷⠀⠀⠀⠀⣿⠀⢶⠿⠟⠛⠉⠀⠀⠀⠀⠀⢀⣤⣶⠿⠛⠋⠉⠁⠀
// ⠀⠀⠀⠀⠀⢿⣷⠀⠀⠀⠘⣿⡆⠀⠀⠀⠀⣿⡇⠀⠀⠀⠀⢹⣿⠀⠀⠀⠀⣿⡆⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⡿⠋⠁⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠘⣿⡇⠀⠀⠀⢸⣷⠀⠀⠀⠀⢿⣷⠀⠀⠀⠀⠈⣿⡇⠀⠀⠀⣿⡇⠀⠀⠀⠀⠀⠀⠀⣴⣿⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⢻⣿⠀⠀⠀⠀⢿⣇⠀⠀⠀⠸⣿⡄⠀⠀⠀⠀⣿⣷⠀⠀⠀⣿⡇⠀⠀⠀⠀⠀⠀⣼⡿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠘⣿⡇⠀⠀⠀⠸⣿⡀⠀⠀⠀⢿⣇⠀⠀⠀⠀⢸⣿⡀⠀⢠⣿⠇⠀⠀⠀⠀⠀⣼⡿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⢹⣿⠀⠀⠀⠀⢻⣧⠀⠀⠀⠸⣿⡄⠀⠀⠀⢘⣿⡿⠿⠟⠋⠀⠀⠀⠀⠀⣼⣿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠈⣿⣇⠀⠀⠀⠈⣿⣄⠀⢀⣠⣿⣿⣶⣶⣶⡾⠋⠀⠀⠀⠀⠀⠀⠀⠀⣰⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⢹⣿⡀⠀⠀⠀⠈⠻⠿⠟⠛⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⢻⣷⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣰⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢿⣧⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣾⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢻⣧⡀⠀⠀⠀⣀⠀⠀⠀⣴⣤⣄⣀⣀⣀⣠⣤⣾⣿⡿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠹⣿⣶⣶⣿⡿⠃⠀⠀⠉⠛⠻⠿⠿⠿⠿⢿⣿⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⣿⡏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢿⣇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠸⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
// ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⡿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.13;
interface IERC20{
function transferFrom(address from, address to, uint amount) external view returns(bool);
function approve() external view returns(uint256);
function decimals() external view returns(uint256);
function totalSupply() external view returns(uint256);
function balanceOf(address account) external view returns(uint256);
function transfer(address to, uint amount) external ;
function approve(address spender, uint256 amount) external returns (bool);
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.7.5;
/// @title Router token swapping functionality
/// @notice Functions for swapping tokens via Uniswap V3
interface ISwapRouter {
struct ExactInputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another token
/// @param params The parameters necessary for the swap, encoded as `ExactInputSingleParams` in calldata
/// @return amountOut The amount of the received token
function exactInputSingle(ExactInputSingleParams calldata params) external payable returns (uint256 amountOut);
struct ExactInputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountIn;
uint256 amountOutMinimum;
}
/// @notice Swaps `amountIn` of one token for as much as possible of another along the specified path
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactInputParams` in calldata
/// @return amountOut The amount of the received token
function exactInput(ExactInputParams calldata params) external payable returns (uint256 amountOut);
struct ExactOutputSingleParams {
address tokenIn;
address tokenOut;
uint24 fee;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
uint160 sqrtPriceLimitX96;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another token
/// @param params The parameters necessary for the swap, encoded as `ExactOutputSingleParams` in calldata
/// @return amountIn The amount of the input token
function exactOutputSingle(ExactOutputSingleParams calldata params) external payable returns (uint256 amountIn);
struct ExactOutputParams {
bytes path;
address recipient;
uint256 deadline;
uint256 amountOut;
uint256 amountInMaximum;
}
/// @notice Swaps as little as possible of one token for `amountOut` of another along the specified path (reversed)
/// @param params The parameters necessary for the multi-hop swap, encoded as `ExactOutputParams` in calldata
/// @return amountIn The amount of the input token
function exactOutput(ExactOutputParams calldata params) external payable returns (uint256 amountIn);
}pragma solidity ^0.8.13;
interface IvdUSH {
function totalSupply() external view returns(uint256);
function balanceOf(address account) external view returns(uint256);
function epoch() external view returns(uint256);
function locked(address account) external view returns(uint256);
function deposit_for(address _addr, uint _valueA, uint _valueB, uint _valueC) external;
function approve(address spender, uint256 amount) external returns (bool);
function balanceOfAtT(address account, uint256 ts) external view returns(uint256);
function point_history(uint256 _epoch) external view returns(int128 bias, int128 slope, uint ts, uint blk);
function user_point_epoch(address account) external view returns(uint256);
function user_point_history__ts(address _addr, uint _idx) external view returns (uint256);
function slope_changes(uint256 time) external view returns(int128);
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.11;
import "communal/ReentrancyGuard.sol";
import "communal/Owned.sol";
import "communal/SafeERC20.sol";
import "communal/TransferHelper.sol";
//import "forge-std/console.sol";
/*
* LSD Vault Contract:
* This contract is responsible for holding and managing the deposited LSDs. It mints unshETH to depositors.
*/
//Access control hierarchy
//owner = multisig: used for initial setup + admin functions + unlocking timelocked functions
//admin = team eoa: used for emergency functions and low level configs
//timelock = multisig can propose unlock + 72 hr delay: used for functions that affect user funds
interface IunshETH {
function minter_mint(address m_address, uint256 m_amount) external;
function minter_burn_from(address b_address, uint256 b_amount) external;
function timelock_address() external returns (address);
function addMinter(address minter_address) external;
function setTimelock(address _timelock_address) external;
function removeMinter(address minter_address) external;
}
interface ILSDVault {
function balanceInUnderlying() external view returns (uint256);
function exit(uint256 amount) external;
function shanghaiTime() external returns(uint256);
}
interface IDarknet {
function checkPrice(address lsd) external view returns (uint256);
}
contract LSDVault is Owned, ReentrancyGuard {
using SafeERC20 for IERC20;
/*
============================================================================
State Variables
============================================================================
*/
// address public admin;
uint256 public shanghaiTime = 1682007600; //timestamp for April 20, 2023 4:20:00PM UTC (~1 wk after ETH network upgrade)
address public constant v1VaultAddress = address(0xE76Ffee8722c21b390eebe71b67D95602f58237F);
address public unshETHAddress;
address public unshethZapAddress;
address public swapperAddress;
address public admin;
address public darknetAddress;
address[] public supportedLSDs;
mapping(address => uint256) public lsdIndex; //keep track of reverse mapping of supportedLSDs indices for fast lookup
struct LSDConfig {
uint256 targetWeightBps;
uint256 weightCapBps;
uint256 absoluteCapEth;
}
mapping(address => LSDConfig) public lsdConfigs;
bool public useWeightCaps;
bool public useAbsoluteCaps;
bool public includeV1VaultAssets;
mapping(address => bool) public isEnabled;
uint256 public constant _TIMELOCK = 3 days;
enum TimelockFunctions { MIGRATE, AMM, DARKNET, ZAP }
struct TimelockProposal {
address proposedAddress;
uint256 unlockTime;
}
mapping(TimelockFunctions => TimelockProposal) public timelock;
//Redeem fees in basis points, configurable by multisig
uint256 public redeemFee = 0;
uint256 public constant maxRedeemFee = 200; //max 200 basis points = 2% fee
bool public depositsPaused;
bool public migrated = false;
bool public ammEnabled = false;
bool public withdrawalsPaused = false;
uint256 public withdrawalUnpauseTime;
/*
============================================================================
Events
============================================================================
*/
event DepositPauseToggled(bool paused);
event ShanghaiTimeUpdated(uint256 newTime);
event UnshethAddressSet(address unshethAddress);
event UnshethZapAddressSet(address unshethZapAddress);
event AdminSet(address admin);
event LSDAdded(address lsd);
event LSDConfigSet(address lsd, LSDConfig config);
event LSDDisabled(address lsd);
event LSDEnabled(address lsd);
event AbsoluteCapsToggled(bool useAbsoluteCaps);
event WeightCapsToggled(bool useWeightCaps);
event IncludeV1VaultAssetsToggled(bool includeV1Assets);
event RedeemFeeUpdated(uint256 redeemFee);
event TimelockUpdateProposed(TimelockFunctions _fn, address _newAddress, uint256 _unlockTime);
event TimelockUpdateCanceled(TimelockFunctions _fn);
event TimelockUpdateCompleted(TimelockFunctions _fn);
event VdAmmDisabled(address swapper);
event WithdrawalsPaused(uint256 withdrawalUnpauseTime);
event WithdrawalsUnpaused();
/*
============================================================================
Constructor
============================================================================
*/
constructor(address _owner, address _darknetAddress, address _unshethAddress, address[] memory _lsds) Owned(_owner){
darknetAddress = _darknetAddress;
unshETHAddress = _unshethAddress;
depositsPaused = true;
for(uint256 i=0; i < _lsds.length; i = unchkIncr(i)) {
addLSD(_lsds[i]);
setLSDConfigs(_lsds[i], 2500, 5000, 2500e18); //initialize with 25% target, 50% max, 2500ETH absolute max
}
useWeightCaps = false;
useAbsoluteCaps = false;
includeV1VaultAssets = false;
}
/*
============================================================================
Function Modifiers
============================================================================
*/
modifier onlyZap {
require(msg.sender == unshethZapAddress, "Only the unsheth Zap contract may perform this action");
_;
}
modifier onlyOwnerOrAdmin {
require(msg.sender == owner || msg.sender == admin, "Only the owner or admin may perform this action");
_;
}
modifier postShanghai {
require(block.timestamp >= shanghaiTime + _TIMELOCK, "ShanghaiTime + Timelock has not passed" );
_;
}
modifier onlyWhenPaused {
require(depositsPaused, "Deposits must be paused before performing this action" );
_;
}
modifier timelockUnlocked(TimelockFunctions _fn) {
require(timelock[_fn].unlockTime != 0 && timelock[_fn].unlockTime <= block.timestamp, "Function is timelocked");
require(timelock[_fn].proposedAddress != address(0), "Cannot set zero address");
_;
}
//helper to perform lower gas unchecked increment in for loops
function unchkIncr(uint256 i) private pure returns(uint256) {
unchecked { return i+1; }
}
/*
============================================================================
Setup functions
============================================================================
*/
function setUnshethZap(address _unshethZapAddress) external onlyOwner {
require(unshethZapAddress == address(0), "UnshETH zap address already set" );
unshethZapAddress = _unshethZapAddress;
emit UnshethZapAddressSet(unshethZapAddress);
}
function setAdmin(address _admin) external onlyOwner {
admin = _admin;
emit AdminSet(admin);
}
/*
============================================================================
LSD configuration functions
============================================================================
*/
//Workflow to add new LSD: First addLSD, then setLSDConfigs, then configure it in darknet, then enableLSD
//New LSD is always added with zero weight and disabled
//Deposits must be paused before configuring, and should be enabled when done
function addLSD(address _lsd) public onlyOwner onlyWhenPaused {
require(lsdIndex[_lsd] == 0, "Lsd has already been added"); //fyi fails on the first lsd being duplicated since it has actual index 0
supportedLSDs.push(_lsd);
lsdIndex[_lsd] = supportedLSDs.length-1; //reverse mapping of supportedLSDs indices
isEnabled[_lsd] = false;
lsdConfigs[_lsd] = LSDConfig(0, 0, 0);
emit LSDAdded(_lsd);
}
function setLSDConfigs(address _lsd, uint256 _targetWeightBps, uint256 _maxWeightBps, uint256 _maxEthCap) public onlyOwner onlyWhenPaused {
require(_targetWeightBps <= _maxWeightBps, "Cannot set target above max weight");
require(_targetWeightBps <= 10000 && _maxWeightBps <= 10000, "Cannot set weight above 1");
lsdConfigs[_lsd] = LSDConfig(_targetWeightBps, _maxWeightBps, _maxEthCap);
emit LSDConfigSet(_lsd, lsdConfigs[_lsd]);
}
function enableLSD(address _lsd) public onlyOwner onlyWhenPaused {
require(IDarknet(darknetAddress).checkPrice(_lsd) > 0, "Configure lsd in darknet before enabling");
require(lsdConfigs[_lsd].targetWeightBps > 0 && lsdConfigs[_lsd].weightCapBps > 0 && lsdConfigs[_lsd].absoluteCapEth > 0, "Set weights before enabling");
isEnabled[_lsd] = true;
emit LSDEnabled(_lsd);
}
function enableAllLSDs() external onlyOwner onlyWhenPaused {
for(uint256 i=0; i<supportedLSDs.length; i=unchkIncr(i)) {
enableLSD(supportedLSDs[i]);
}
}
//Disabling resets configs to zero, need to set before re-enabling
function disableLSD(address _lsd) external onlyOwner onlyWhenPaused {
lsdConfigs[_lsd] = LSDConfig(0, 0, 0);
isEnabled[_lsd] = false;
emit LSDDisabled(_lsd);
}
function toggleWeightCaps() external onlyOwner {
useWeightCaps = !useWeightCaps;
emit WeightCapsToggled(useWeightCaps);
}
function toggleAbsoluteCaps() external onlyOwner {
useAbsoluteCaps = !useAbsoluteCaps;
emit AbsoluteCapsToggled(useAbsoluteCaps);
}
function toggleV1VaultAssetsForCaps() external onlyOwner {
includeV1VaultAssets = !includeV1VaultAssets;
emit IncludeV1VaultAssetsToggled(includeV1VaultAssets);
}
function unpauseDeposits() external onlyOwner onlyWhenPaused {
uint256 totalTargetWeightBps = 0;
for(uint256 i=0; i < supportedLSDs.length; i = unchkIncr(i)) {
uint256 targetWeightBps = lsdConfigs[supportedLSDs[i]].targetWeightBps;
if(targetWeightBps > 0) {
require(isEnabled[supportedLSDs[i]], "Need to enable LSD with non-zero target weight");
}
totalTargetWeightBps += targetWeightBps;
}
require(totalTargetWeightBps == 10000, "Total target weight should equal 1");
depositsPaused = false;
emit DepositPauseToggled(depositsPaused);
}
function isLsdEnabled(address lsd) public view returns(bool) {
return isEnabled[lsd];
}
function getLsdIndex(address lsd) public view returns(uint256) {
return lsdIndex[lsd];
}
//============================================================================
//Minting unshETH
//============================================================================
function deposit(address lsd, uint256 amount) external onlyZap nonReentrant {
_deposit(lsd, amount, true);
}
//Gas efficient function to mint unshETH while skipping cap checks
function depositNoCapCheck(address lsd, uint256 amount) external onlyZap nonReentrant {
_deposit(lsd, amount, false);
}
//takes a supported LSD and mints unshETH to the user in proportion
//this is an internal function, only callable by the approved ETH zap contract
function _deposit(address lsd, uint256 amount, bool checkAgainstCaps) private {
require(depositsPaused == false, "Deposits are paused");
require(migrated == false, "Already migrated, deposit to new vault");
require(isEnabled[lsd], "LSD is disabled");
if(checkAgainstCaps) {
uint256 balance = getCombinedVaultBalance(lsd);
if(useAbsoluteCaps) {
require(balance + amount <= getAbsoluteCap(lsd), "Deposit exceeds absolute cap");
}
if(useWeightCaps) {
require(balance + amount <= getWeightCap(lsd, amount), "Deposit exceeds weight based cap");
}
}
uint256 price = getPrice(lsd);
TransferHelper.safeTransferFrom(lsd, msg.sender, address(this), amount);
IunshETH(unshETHAddress).minter_mint(msg.sender, price*amount/1e18);
}
function getEthConversionRate(address lsd) public view returns(uint256) {
return IDarknet(darknetAddress).checkPrice(lsd);
}
function getPrice(address lsd) public view returns(uint256) {
uint256 rate = getEthConversionRate(lsd);
if(IERC20(unshETHAddress).totalSupply() == 0){
return rate;
}
else {
return 1e18* rate /stakedETHperunshETH();
}
}
function stakedETHperunshETH() public view returns (uint256) {
return 1e18*balanceInUnderlying()/IERC20(unshETHAddress).totalSupply();
}
function balanceInUnderlying() public view returns (uint256) {
uint256 underlyingBalance = 0;
for (uint256 i = 0; i < supportedLSDs.length; i = unchkIncr(i)) {
uint256 rate = getEthConversionRate(supportedLSDs[i]);
underlyingBalance += rate *IERC20(supportedLSDs[i]).balanceOf(address(this))/1e18;
}
return underlyingBalance;
}
function getAbsoluteCap(address lsd) public view returns(uint256) {
if(!useAbsoluteCaps) {
return type(uint256).max;
}
uint256 absoluteCap = 1e18*lsdConfigs[lsd].absoluteCapEth/getEthConversionRate(lsd);
return absoluteCap;
}
function getWeightCap(address lsd, uint256 marginalDeposit) public view returns(uint256) {
if(!useWeightCaps) {
return type(uint256).max;
}
uint256 weightCapBps = lsdConfigs[lsd].weightCapBps;
uint256 rate = getEthConversionRate(lsd);
uint256 marginalDepositInEth = marginalDeposit*rate/1e18;
uint256 v1VaultEthBalance = _getV1VaultEthBalance();
uint256 totalEthBalance = balanceInUnderlying() + v1VaultEthBalance + marginalDepositInEth;
uint256 weightCapInEth = totalEthBalance*weightCapBps/10000;
return 1e18*weightCapInEth/rate;
}
function getEffectiveCap(address lsd, uint256 marginalDeposit) public view returns(uint256) {
uint256 absoluteCap = getAbsoluteCap(lsd);
uint256 weightCap = getWeightCap(lsd, marginalDeposit);
if(weightCap < absoluteCap) {
return weightCap;
} else {
return absoluteCap;
}
}
function getTargetAmount(address lsd, uint256 marginalDeposit) public view returns(uint256) {
uint256 targetWeightBps = lsdConfigs[lsd].targetWeightBps;
uint256 rate = getEthConversionRate(lsd);
uint256 marginalDepositInEth = marginalDeposit*rate/1e18;
uint256 v1VaultEthBalance = _getV1VaultEthBalance();
uint256 totalEthBalance = balanceInUnderlying() + v1VaultEthBalance + marginalDepositInEth;
uint256 targetInEth = totalEthBalance* targetWeightBps /10000;
return 1e18*targetInEth/rate;
}
function _getV1VaultBalance(address lsd) internal view returns(uint256) {
uint256 v1VaultBalance = 0;
if(includeV1VaultAssets) {
v1VaultBalance = IERC20(lsd).balanceOf(v1VaultAddress);
}
return v1VaultBalance;
}
function _getV1VaultEthBalance() internal view returns(uint256) {
uint256 v1VaultEthBalance = 0;
if(includeV1VaultAssets) {
v1VaultEthBalance = ILSDVault(v1VaultAddress).balanceInUnderlying();
}
return v1VaultEthBalance;
}
function getCombinedVaultBalance(address lsd) public view returns(uint256) {
uint256 balance = IERC20(lsd).balanceOf(address(this));
return balance + _getV1VaultBalance(lsd);
}
//============================================================================
//Helper functions for UI / Zap / AMM
//============================================================================
function remainingRoomToCap(address lsd, uint256 marginalDeposit) public view returns(uint256) {
uint256 combinedBalance = getCombinedVaultBalance(lsd);
uint256 effectiveCap = getEffectiveCap(lsd, marginalDeposit);
if(combinedBalance > effectiveCap) {
return 0;
} else {
return (effectiveCap - combinedBalance);
}
}
function remainingRoomToCapInEthTerms(address lsd, uint256 marginalDepositEth) public view returns(uint256) {
uint256 rate = getEthConversionRate(lsd);
uint256 marginalDeposit = 1e18*marginalDepositEth/rate;
return remainingRoomToCap(lsd,marginalDeposit)*getEthConversionRate(lsd)/1e18;
}
function remainingRoomToTarget(address lsd, uint256 marginalDeposit) public view returns(uint256) {
uint256 combinedBalance = getCombinedVaultBalance(lsd);
uint256 target = getTargetAmount(lsd, marginalDeposit);
if(combinedBalance > target) {
return 0;
} else {
return (target - combinedBalance);
}
}
function remainingRoomToTargetInEthTerms(address lsd, uint256 marginalDepositEth) public view returns(uint256) {
uint256 rate = getEthConversionRate(lsd);
uint256 marginalDeposit = 1e18*marginalDepositEth/rate;
return remainingRoomToTarget(lsd,marginalDeposit)*rate/1e18;
}
//============================================================================
//Redeeming unshETH
//============================================================================
function setRedeemFee(uint256 _redeemFee) external onlyOwner {
require(_redeemFee <= maxRedeemFee, "Redeem fee too high");
redeemFee = _redeemFee;
emit RedeemFeeUpdated(redeemFee);
}
function exit(uint256 amount) external nonReentrant {
require(migrated == false, "Already migrated, use new vault to exit");
require(block.timestamp > shanghaiTime, "Cannot exit until shanghaiTime");
require(!withdrawalsPaused || block.timestamp > withdrawalUnpauseTime, "Withdrawals are paused");
require(IERC20(unshETHAddress).balanceOf(msg.sender) >= amount, "Insufficient unshETH");
uint256 shareOfUnsheth = 1e18*amount/IERC20(unshETHAddress).totalSupply();
uint256 fee = shareOfUnsheth*redeemFee/10000; //redeem fees are 100% retained by remaining unshETH holders
IunshETH(unshETHAddress).minter_burn_from(msg.sender, amount);
for (uint256 i = 0; i < supportedLSDs.length; i = unchkIncr(i)) {
uint256 lsdBalance = IERC20(supportedLSDs[i]).balanceOf(address(this));
uint256 amountPerLsd = (shareOfUnsheth-fee)*lsdBalance/1e18;
IERC20(supportedLSDs[i]).safeTransfer(msg.sender, amountPerLsd);
}
}
//============================================================================
//Timelock functions
//============================================================================
function createTimelockProposal(TimelockFunctions _fn, address _proposedAddress) public onlyOwner {
require(_proposedAddress != address(0), "Cannot propose zero address");
uint256 unlockTime = block.timestamp + _TIMELOCK;
timelock[_fn] = TimelockProposal(_proposedAddress, unlockTime);
emit TimelockUpdateProposed(_fn, _proposedAddress, unlockTime);
}
function cancelTimelockProposal(TimelockFunctions _fn) public onlyOwner {
timelock[_fn] = TimelockProposal(address(0), 0);
emit TimelockUpdateCanceled(_fn);
}
function _completeTimelockProposal(TimelockFunctions _fn) internal onlyOwner {
timelock[_fn] = TimelockProposal(address(0), 0);
emit TimelockUpdateCompleted(_fn);
}
function updateUnshethZapAddress() external onlyOwner timelockUnlocked(TimelockFunctions.ZAP) {
unshethZapAddress = timelock[TimelockFunctions.ZAP].proposedAddress;
_completeTimelockProposal(TimelockFunctions.ZAP);
}
function updateDarknetAddress() external onlyOwner timelockUnlocked(TimelockFunctions.DARKNET) {
darknetAddress = timelock[TimelockFunctions.DARKNET].proposedAddress;
_completeTimelockProposal(TimelockFunctions.DARKNET);
}
function migrateVault() external onlyOwner postShanghai timelockUnlocked(TimelockFunctions.MIGRATE) {
require(IunshETH(unshETHAddress).timelock_address() == address(this), "LSDVault cannot change unshETH minter");
address proposedVaultAddress = timelock[TimelockFunctions.MIGRATE].proposedAddress;
for (uint256 i = 0; i < supportedLSDs.length; i = unchkIncr(i)) {
uint256 balance = IERC20(supportedLSDs[i]).balanceOf(address(this));
IERC20(supportedLSDs[i]).safeTransfer(proposedVaultAddress, balance);
}
IunshETH unshETH = IunshETH(unshETHAddress);
unshETH.addMinter(proposedVaultAddress);
unshETH.setTimelock(proposedVaultAddress);
unshETH.removeMinter(address(this));
migrated = true;
_completeTimelockProposal(TimelockFunctions.MIGRATE);
}
function setVdAmm() external onlyOwner postShanghai timelockUnlocked(TimelockFunctions.AMM) {
//revoke approvals to current swapper
if(swapperAddress != address(0)) {
_setApprovals(swapperAddress, 0);
}
//give max approvals to proposed swapper
address proposedSwapper = timelock[TimelockFunctions.AMM].proposedAddress;
_setApprovals(proposedSwapper, type(uint256).max);
swapperAddress = proposedSwapper;
ammEnabled = true;
_completeTimelockProposal(TimelockFunctions.AMM);
}
function _setApprovals(address spender, uint256 limit) internal {
for (uint256 i = 0; i < supportedLSDs.length; i = unchkIncr(i)) {
TransferHelper.safeApprove(supportedLSDs[i], spender, limit);
}
}
//============================================================================
//Admin and emergency functions
//============================================================================
function updateShanghaiTime(uint256 _newTime) external onlyOwnerOrAdmin {
require(_newTime < shanghaiTime + 4 weeks, "Cannot extend more than 4 weeks" );
require(_newTime > block.timestamp, "Cannot set shanghaiTime in the past" );
shanghaiTime = _newTime;
emit ShanghaiTimeUpdated(shanghaiTime);
}
function pauseDeposits() external onlyOwnerOrAdmin {
require(depositsPaused == false, "Already paused" );
depositsPaused = true;
emit DepositPauseToggled(depositsPaused);
}
function pauseWithdrawals(uint256 _unpauseTime) external onlyOwnerOrAdmin {
//Max admin withdrawal pause is 1 day less than timelock (2 days), can't unpause again for 1 day after prev pause ends
require(_unpauseTime <= block.timestamp + _TIMELOCK - 1 days, "Cannot pause withdrawals too long");
require(block.timestamp >= withdrawalUnpauseTime + 1 days, "Need 1 day cooldown before pausing again");
withdrawalUnpauseTime = _unpauseTime;
withdrawalsPaused = true;
emit WithdrawalsPaused(withdrawalUnpauseTime);
}
function unpauseWithdrawals() external onlyOwnerOrAdmin {
withdrawalsPaused = false;
emit WithdrawalsUnpaused();
}
function disableVdAmm() external onlyOwnerOrAdmin {
require(swapperAddress != address(0), "Vdamm is not set");
_setApprovals(swapperAddress, 0);
emit VdAmmDisabled(swapperAddress);
}
}pragma solidity ^0.8.18;
interface IOwned {
function acceptOwnership() external;
function owner() external view returns (address);
}
contract RenouncedOwner {
event OwnershipRenounced(address ownedContract);
function acceptAndRenounce(address _contract) external {
IOwned(_contract).acceptOwnership();
require(IOwned(_contract).owner() == address(this), "Ownership not renounced");
emit OwnershipRenounced(_contract);
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/interfaces/IStargateReceiver.sol";
import "layerzerolabs/contracts/token/oft/IOFTCore.sol";
import "communal/SafeERC20.sol";
import "communal/Owned.sol";
import "communal/TransferHelper.sol";
interface IunshethZap {
function mint_unsheth_with_eth(uint256 amountOutMin, uint256 pathId) external payable;
}
interface IStargateRouter {
function clearCachedSwap(uint16 _srcChainId, bytes calldata _srcAddress, uint256 nonce) external;
function cachedSwapLookup(uint16 _srcChainId, bytes calldata _srcAddress, uint256 nonce) external view returns (address token, uint256 amountLD, address to, bytes memory payload);
}
interface ISGETH is IERC20{
function deposit() payable external;
function withdraw(uint wad) external;
}
contract SGReceiver is IStargateReceiver, Owned {
address public immutable stargateRouterAddress;
address public unshethZapAddress;
address public immutable sgethAddress;
address public immutable unshethAddress;
address public immutable proxyUnshethAddress;
address public zroAddress = address(0);
uint256 public unsheth_gas_cost;
mapping(uint256 => mapping(uint256 => bool)) public nonceHandled;
mapping(uint16 => bool) public sgethChainIds;
//adapter params
uint256 public adapter_version = 2;
uint256 public adapter_gasLimit = 200000;
uint256 public adapter_airdrop = 0;
using SafeERC20 for IERC20;
//to see chain ids and stargate router addresses, check out
//https://layerzero.gitbook.io/docs/technical-reference/mainnet/supported-chain-ids
//https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
constructor(
address _owner, //address of the person deploying this
address _proxyUnshethAddress, //address of the proxy unshETH deployed
address _unshETHAddress, //address of unshETH token contract
address _sgethAddress, //sgeth address - 0x72E2F4830b9E45d52F80aC08CB2bEC0FeF72eD9c
address _stargateRouter, //0x8731d54E9D02c286767d56ac03e8037C07e01e98 as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
address _unshethZapAddress, //address of the unshETH Zap deployed,
uint16[] memory _sgethChainIds //array of chain ids that support SGETH - [106] //for Arbitrum
) Owned(_owner) {
proxyUnshethAddress = _proxyUnshethAddress;
stargateRouterAddress = _stargateRouter;
unshethZapAddress = _unshethZapAddress;
sgethAddress = _sgethAddress;
unshethAddress = _unshETHAddress;
unsheth_gas_cost = 0.01 ether;
//set the chain ids that support SGETH
for(uint256 i = 0; i < _sgethChainIds.length; i++){
sgethChainIds[_sgethChainIds[i]] = true;
}
//allow the unsheth proxy to spend my unsheth
TransferHelper.safeApprove(unshethAddress, proxyUnshethAddress, type(uint256).max);
}
//owner function to update sgethChainIds with a chainId and a boolean
function update_sgethChainIds(uint16 _chainId, bool _value) public onlyOwner {
sgethChainIds[_chainId] = _value;
}
function updateAdapterParams(uint256 _version, uint256 _gasLimit, uint256 _airdrop) public onlyOwner {
adapter_version = _version;
adapter_gasLimit = _gasLimit;
adapter_airdrop = _airdrop;
}
//owner function to set the zroAddress
function updateZroAddress(address _zroAddress) public onlyOwner{
zroAddress = _zroAddress;
}
//owner function to set the amount of eth to spend per unsheth transfer
function set_unsheth_gas_cost(uint256 amount) public onlyOwner{
unsheth_gas_cost = amount;
}
//sgReceive will receive sgETH and then mint unshETH and send the unshETH back to the original sender
function sgReceive(uint16 _chainId, bytes memory /*_srcAddress*/, uint /*_nonce*/, address _token, uint amountLD, bytes memory _payload) override external {
require(msg.sender == address(stargateRouterAddress), "only stargate router can call sgReceive!");
require(unsheth_gas_cost <= address(this).balance, 'unsheth_gas_cost must be less than the eth balance in this contract');
require(_token == sgethAddress, "only sgeth is supported");
//Extract the mint information
(address userAddress, uint256 min_amount_unshethZap, uint256 unsheth_path) = abi.decode(_payload, (address, uint256, uint256));
if(sgethChainIds[_chainId]){
require(amountLD <= IERC20(sgethAddress).balanceOf(address(this)), "Amount to retry with exceeds contract balance");
uint256 unshethMinted = _mint_unsheth_with_sgeth(amountLD, min_amount_unshethZap, unsheth_path);
_bridge_unsheth(_chainId, unshethMinted, unsheth_gas_cost, userAddress);
}
else{
revert("ChainId not supported");
}
}
function _mint_unsheth_with_sgeth(uint256 _sgethAmount, uint256 _minAmountOut, uint256 _pathId) internal returns (uint256 unshethMinted){
//get balance of unshETH before minting
uint256 unshethBalBefore = IERC20(unshethAddress).balanceOf(address(this));
//withdraw the sgeth into eth before
ISGETH(sgethAddress).withdraw(_sgethAmount);
//Mint unshETH to this contract address
IunshethZap(unshethZapAddress).mint_unsheth_with_eth{value:_sgethAmount}(_minAmountOut, _pathId);
//get the new balance of unshETH
uint256 unshethBal = IERC20(unshethAddress).balanceOf(address(this));
//return unshethMinted = the difference in balances
return (unshethBal - unshethBalBefore);
}
function _bridge_unsheth(uint16 srcChainId, uint256 _unshethAmount, uint256 _unsheth_gas_cost, address _userAddress) internal {
IOFTCore(proxyUnshethAddress).sendFrom{value:_unsheth_gas_cost}(
address(this), //current owner of the unsheth
srcChainId, //chain Id where the proxy of the unsheth exists
abi.encodePacked(_userAddress), //the address we want the unsheth to end up in
_unshethAmount, //the amount of unsheth to send
payable(address(this)), //the refund address if something goes wrong or excess
zroAddress, //the ZRO Payment Address
//Adapter params
abi.encodePacked(
adapter_version,
adapter_gasLimit,
adapter_airdrop,
_userAddress
)
);
}
//function for user to resuce the sgeth bridged over in case initial bridge txn fails
function rescue_eth(uint16 srcChainId, bytes memory srcAddress, uint256 nonce) external {
//Ensure this nonce hasn't already been handled
require(sgethChainIds[srcChainId] == true, "Only ETH sent from supported chains can be rescued");
require(nonceHandled[srcChainId][nonce] == false, "Nonce has already been handled");
(address _token, uint256 amountLD, address to, bytes memory _payload) = IStargateRouter(stargateRouterAddress).cachedSwapLookup(srcChainId, srcAddress, nonce);
(address userAddress, , ) = abi.decode(_payload, (address, uint256, uint256));
//Check parameters are reasonable
require(to == address(this), "to is not sgreceiver contract address");
require(_token == sgethAddress, "only SGETH can be sent to this contract!");
require(msg.sender == userAddress || msg.sender == owner, "only owner or user can rescue their eth");
require(amountLD > 0, "No tokens to rescue");
require(amountLD <= IERC20(sgethAddress).balanceOf(address(this)), "Amount to rescue exceeds contract balance");
ISGETH(sgethAddress).withdraw(amountLD);
TransferHelper.safeTransferETH(userAddress, amountLD);
nonceHandled[srcChainId][nonce] = true;
}
//owner function to clear the cache with same params as before in case initial bridge txn fails. Gas is paid by team
function retry_mint_clearCachedSwap(uint16 srcChainId, bytes memory srcAddress, uint256 nonce) external onlyOwner {
IStargateRouter(stargateRouterAddress).clearCachedSwap(srcChainId, srcAddress, nonce);
nonceHandled[srcChainId][nonce] = true;
}
//function for user to retry minting unsheth with sgETH with new params in case initial bridge txn fails
//front-end should suggest min_amount_unshethZap and unsheth_path based on optimal path to mint unsheth with eth
//front-end should also suggest msg.value which corresponds to gas cost of bridging unsheth to bnb
function retry_mint_newParams(uint16 srcChainId, bytes memory srcAddress, uint256 nonce, uint256 min_amount_unshethZap, uint256 unsheth_path) external payable {
require(nonceHandled[srcChainId][nonce] == false, "Nonce has already been handled");
//Extract the stargate cachedswap information with the given nonce
(address _token, uint256 amountLD, address to, bytes memory _payload) = IStargateRouter(stargateRouterAddress).cachedSwapLookup(srcChainId, srcAddress, nonce);
(address userAddress, , ) = abi.decode(_payload, (address, uint256, uint256));
//Check parameters are reasonable
require(to == address(this), "to is not sgreceiver contract address");
require(_token == sgethAddress, "only sgETH can be sent to this contract!");
require(msg.sender == userAddress, "only user can retry mint");
require(amountLD > 0, "No tokens to retry with");
//Handle SGETH case
if(sgethChainIds[srcChainId]) {
require(amountLD <= IERC20(sgethAddress).balanceOf(address(this)), "Amount to retry with exceeds contract balance");
uint256 unshethMinted = _mint_unsheth_with_sgeth(amountLD, min_amount_unshethZap, unsheth_path);
//Bridge the minted unsheth
_bridge_unsheth(srcChainId, unshethMinted, msg.value, userAddress);
nonceHandled[srcChainId][nonce] = true;
}
else {
revert("Only supported chains can be retried");
}
}
function updateUnshethZapAddress(address _unshethZapAddress) external onlyOwner {
require(_unshethZapAddress != address(0), "Invalid address");
//Set new unshETH Zap Address
unshethZapAddress = _unshethZapAddress;
}
//owner function that sends the remaining eth back to the owner
function rescue_eth() external onlyOwner{
uint256 ethBal = address(this).balance;
Address.sendValue(payable(owner), ethBal);
}
//Allow receiving eth to the contract
receive() external payable {}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/OFT.sol";
import "layerzerolabs/contracts/interfaces/IStargateRouter.sol";
import "communal/Owned.sol";
import "communal/TransferHelper.sol";
// PancakeSwap Router interface for token swaps
interface IUniswapV2Router02 {
function WETH() external pure returns (address);
function swapExactETHForTokens(uint amountOutMin, address[] calldata path, address to, uint256 deadline) external payable returns (uint256[] memory amounts);
function swapExactTokensForTokens(uint amountIn, uint amountOutMin, address[] calldata path, address to, uint256 deadline) external returns (uint256[] memory amounts);
}
contract BNBUnshethMinter is Owned {
address public immutable usdtAddress; // address of the binanced pegged usdt
address public immutable stargateRouterAddress; // address of the stargate router
address public immutable ethAddress; // address for the binance pegged eth token
address public immutable pancakeSwapRouterAddress; // address for the pancake swap router
uint16 public immutable dstChainId; // Stargate/LayerZero chainId
uint16 public immutable srcPoolId; // stargate poolId - *must* be the poolId for the qty asset
uint16 public immutable dstPoolId; // stargate destination poolId
address public sgReceiverAddress; // destination contract. it must implement sgReceive()
bool paused = false;
IUniswapV2Router02 public pancakeSwapRouter;
// Constructor sets up contract dependencies and initializes parent contract OFT
constructor(
address _owner, //address of the user deploying this contract
address _ethAddress, //address of ETH on BNB - 0x2170ed0880ac9a755fd29b2688956bd959f933f8
address _pancakeSwapRouterAddress, //0x10ED43C718714eb63d5aA57B78B54704E256024E as per https://docs.pancakeswap.finance/code/smart-contracts/pancakeswap-exchange/v2/router-v2
address _usdtAddress, //address of USDT on BNB - 0x55d398326f99059ff775485246999027b3197955
address _stargateRouterAddress, //address of the stargate router on BNB - 0x4a364f8c717cAAD9A442737Eb7b8A55cc6cf18D8 as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
uint16 _srcPoolId, // 2 as per https://stargateprotocol.gitbook.io/stargate/developers/pool-ids
uint16 _dstPoolId, // 2 as per https://stargateprotocol.gitbook.io/stargate/developers/pool-ids
address _sgReceiver, //address of the sgReceiver deployed on ETH
uint16 _dstChainId //101 - as per https://stargateprotocol.gitbook.io/stargate/developers/contract-addresses/mainnet
) Owned(_owner){
ethAddress = _ethAddress;
usdtAddress = _usdtAddress;
stargateRouterAddress = _stargateRouterAddress;
pancakeSwapRouterAddress = _pancakeSwapRouterAddress;
pancakeSwapRouter = IUniswapV2Router02(pancakeSwapRouterAddress);
srcPoolId = _srcPoolId;
dstPoolId = _dstPoolId;
sgReceiverAddress = _sgReceiver;
dstChainId = _dstChainId;
// Approve token allowances for router contracts
TransferHelper.safeApprove(usdtAddress, stargateRouterAddress, type(uint256).max);
TransferHelper.safeApprove(ethAddress, pancakeSwapRouterAddress, type(uint256).max);
}
modifier onlyWhenUnpaused {
require(paused == false, "Contract is paused");
_;
}
// owner function that sets the pause parameter
function setPaused(bool _paused) public onlyOwner {
paused = _paused;
}
function _getDeadline() internal view returns(uint256) {
return block.timestamp + 300; //5 minutes
}
function changeSgReceiver(address _sgReceiver) public onlyOwner {
require(_sgReceiver!= address(0), "sgReceiver cannot be zero address");
sgReceiverAddress = _sgReceiver;
}
// mint_unsheth function that sends USDT to unshETH proxy contract to mint unshETH tokens
function mint_unsheth_with_usdt(
uint256 amount, // the amount of USDT
uint256 min_amount_stargate, // the minimum amount of USDT to receive on stargate,
uint256 min_amount_unshethZap, // the minimum amount of ETH to receive from the unshethZap
uint256 dstGasForCall, // the amount of gas to send to the sgReceive contract
uint256 dstNativeAmount, // leftover eth that will get airdropped to the sgReceive contract
uint256 unsheth_path // the path that the unsheth Zap will take to mint unshETH
) external payable onlyWhenUnpaused {
// Transfer USDT from sender to the contract
TransferHelper.safeTransferFrom(usdtAddress, msg.sender, address(this), amount);
// Mint unsheth with USDT
_mint_unsheth_with_usdt(amount, min_amount_stargate, min_amount_unshethZap, dstGasForCall, dstNativeAmount, unsheth_path, msg.value);
}
// mint_unsheth function converts ETH to USDT and sends USDT to unshETH proxy contract to mint unshETH tokens
function mint_unsheth_with_bnb(
uint256 amount, // the amount of BNB to convert to USDT
uint256 min_amount_pancake, // the minimum amount of USDT to receive from pancake swap
uint256 min_amount_stargate, // the minimum amount of USDT to receive on stargate,
uint256 min_amount_unshethZap, // the minimum amount of ETH to receive from the unshethZap
uint256 dstGasForCall, // the amount of gas to send to the sgReceive contract
uint256 dstNativeAmount, // leftover eth that will get airdropped to the sgReceive contract
uint256 unsheth_path // the path that the unsheth Zap will take to mint unshETH
) external payable onlyWhenUnpaused {
require(msg.value > amount, "BNB amount must be greater than amount being used to buy usdt");
// Calculate the stargate fee
uint256 stargateFee = msg.value - amount;
// Create a path: BNB -> USDT
address[] memory path = new address[](2);
path[0] = pancakeSwapRouter.WETH();
path[1] = usdtAddress;
// Swap BNB for USDT
uint256[] memory amountsOut = pancakeSwapRouter.swapExactETHForTokens{value: amount}(
min_amount_pancake, path, address(this), _getDeadline()
);
uint256 usdtBalance = amountsOut[1];
// Mint unsheth with USDT
_mint_unsheth_with_usdt(usdtBalance, min_amount_stargate, min_amount_unshethZap, dstGasForCall, dstNativeAmount, unsheth_path, stargateFee);
}
// mint_unsheth function converts ETH to USDT and sends USDT to unshETH proxy contract to mint unshETH tokens
function mint_unsheth_with_eth(
uint256 amount, // the amount of ETH to convert to USDT
uint256 min_amount_pancake, // the minimum amount of USDT to receive from pancake swap
uint256 min_amount_stargate, // the minimum amount of USDT to receive on stargate,
uint256 min_amount_unshethZap, // the minimum amount of ETH to receive from the unshethZap
uint256 dstGasForCall, // the amount of gas to send to the sgReceive contract
uint256 dstNativeAmount, // leftover eth that will get airdropped to the sgReceive contract
uint256 unsheth_path // the path that the unsheth Zap will take to mint unshETH
) external payable onlyWhenUnpaused {
// require(unsheth_path <=5, 'there are only 6 unsheth paths');
// Transfer ETH from sender to the contract
TransferHelper.safeTransferFrom(ethAddress, msg.sender, address(this), amount);
// Create a path: ETH -> USDT
address[] memory path = new address[](2);
path[0] = ethAddress;
path[1] = usdtAddress;
//swap the eth for usdt
uint256[] memory amounts = pancakeSwapRouter.swapExactTokensForTokens(
amount, min_amount_pancake, path, address(this), _getDeadline()
);
uint256 usdtBalance = amounts[1];
// Mint unsheth with USDT
_mint_unsheth_with_usdt(usdtBalance, min_amount_stargate, min_amount_unshethZap, dstGasForCall, dstNativeAmount, unsheth_path, msg.value);
}
function _mint_unsheth_with_usdt(
uint256 amount,
uint256 min_amount_stargate,
uint256 min_amount_unshethZap,
uint256 dstGasForCall,
uint256 dstNativeAmount,
uint256 unsheth_path,
uint256 bnbAmount
) internal {
require(amount <= IERC20(usdtAddress).balanceOf(address(this)), "Not enough USDT in contract");
// Encode payload data to send to destination contract, which it will handle with sgReceive()
bytes memory data = abi.encode(msg.sender, min_amount_unshethZap, unsheth_path);
// Send the USDT via the stargate router
IStargateRouter(stargateRouterAddress).swap{value:bnbAmount}( //call estimateGasFees to get the msg.value
dstChainId, // the destination chain id - ETH
srcPoolId, // the source Stargate poolId
dstPoolId, // the destination Stargate poolId
payable(msg.sender), // refund address. if msg.sender pays too much gas, return extra BNB
amount, // total tokens to send to destination chain
min_amount_stargate, // min amount allowed out
IStargateRouter.lzTxObj(dstGasForCall, dstNativeAmount, abi.encodePacked(sgReceiverAddress)), // default lzTxObj
abi.encodePacked(sgReceiverAddress), // destination address, the sgReceive() implementer
data // bytes payload which sgReceive() will parse into an address that the unshETH will be sent too.
);
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/OFT.sol";
contract unshETHOFT is OFT {
constructor(address _lzEndpoint) OFT("unshETH Ether", "unshETH", _lzEndpoint) {}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/extension/ProxyOFT.sol";
contract unshETHProxyOft is ProxyOFT {
constructor(
address _lzEndpoint, //0x66A71Dcef29A0fFBDBE3c6a460a3B5BC225Cd675 as per https://layerzero.gitbook.io/docs/technical-reference/mainnet/supported-chain-ids
address _token // address of the unshETH token
) ProxyOFT(_lzEndpoint, _token) {
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import { ERC20PermitPermissionedMint } from "local/ERC20/ERC20PermitPermissionedMint.sol";
contract unshETH is ERC20PermitPermissionedMint {
address public LSDRegistryAddress;
/* ========== CONSTRUCTOR ========== */
constructor(
address _creator_address,
address _timelock_address
)
ERC20PermitPermissionedMint(_creator_address, _timelock_address, "unshETH Ether", "unshETH")
{}
}// SPDX-License-Identifier: Unlicensed
pragma solidity ^0.8.0;
interface IRateProvider {
function getRate() external view returns (uint256);
}
interface ILSDVault {
function stakedETHperunshETH() external view returns (uint256);
}
interface IunshETH {
function timelock_address() external view returns (address);
}
/**
* @title unshETH Rate Provider
* @notice Returns the value of unshETH in terms of ETH
*/
contract unshETHRateProvider is IRateProvider {
address public constant unshethAddress = 0x0Ae38f7E10A43B5b2fB064B42a2f4514cbA909ef;
constructor() { }
/**
* @return the value of unshETH in terms of stETH
*/
function getRate() external view override returns (uint256) {
address vaultAddress = IunshETH(unshethAddress).timelock_address();
ILSDVault vault = ILSDVault(vaultAddress);
return vault.stakedETHperunshETH();
}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/OFT.sol";
contract USHOFT is OFT {
constructor(
address _lzEndpoint //0x3c2269811836af69497E5F486A85D7316753cf62 as per https://layerzero.gitbook.io/docs/technical-reference/mainnet/supported-chain-ids
) OFT("unshETHing_Token", "USH", _lzEndpoint){}
}// SPDX-License-Identifier: No License
pragma solidity ^0.8.0;
import "layerzerolabs/contracts/token/oft/extension/ProxyOFT.sol";
contract USHProxyOFT is ProxyOFT {
constructor(
address _lzEndpoint, //0x66A71Dcef29A0fFBDBE3c6a460a3B5BC225Cd675 as per https://layerzero.gitbook.io/docs/technical-reference/mainnet/supported-chain-ids
address _token // address of the USH token - 0xe60779cc1b2c1d0580611c526a8df0e3f870ec48
) ProxyOFT(_lzEndpoint, _token){}
}// SPDX-License-Identifier: GPL-2.0-or-later
pragma solidity >=0.6.11;
// ====================================================================
// | ______ _______ |
// | / _____________ __ __ / ____(_____ ____ _____ ________ |
// | / /_ / ___/ __ `| |/_/ / /_ / / __ \/ __ `/ __ \/ ___/ _ \ |
// | / __/ / / / /_/ _> < / __/ / / / / / /_/ / / / / /__/ __/ |
// | /_/ /_/ \__,_/_/|_| /_/ /_/_/ /_/\__,_/_/ /_/\___/\___/ |
// | |
// ====================================================================
// ========================= FRAXShares (FXS) =========================
// ====================================================================
// Frax Finance: https://github.com/FraxFinance
// Primary Author(s)
// Travis Moore: https://github.com/FortisFortuna
// Jason Huan: https://github.com/jasonhuan
// Sam Kazemian: https://github.com/samkazemian
// Reviewer(s) / Contributor(s)
// Sam Sun: https://github.com/samczsun
import "../lib/Common/Context.sol";
import "../lib/ERC20/ERC20Custom.sol";
import "../lib/ERC20/IERC20.sol";
// import "../Frax/Frax.sol";
import "../lib/Staking/Owned.sol";
import "../lib/Math/SafeMath.sol";
import "../lib/Governance/AccessControl.sol";
contract USH is ERC20Custom, AccessControl, Owned {
using SafeMath for uint256;
/* ========== STATE VARIABLES ========== */
string public symbol;
string public name;
uint8 public constant decimals = 18;
//address public FRAXStablecoinAdd;
uint256 public constant genesis_supply = 143500000e18; // 143.5M is printed upon genesis
address public timelock_address; // Governance timelock address
//FRAXStablecoin private FRAX;
bool public trackingVotes = true; // Tracking votes (only change if need to disable votes)
// A checkpoint for marking number of votes from a given block
struct Checkpoint {
uint32 fromBlock;
uint96 votes;
}
// A record of votes checkpoints for each account, by index
mapping (address => mapping (uint32 => Checkpoint)) public checkpoints;
// The number of checkpoints for each account
mapping (address => uint32) public numCheckpoints;
/* ========== MODIFIERS ========== */
// modifier onlyPools() {
// require(FRAX.frax_pools(msg.sender) == true, "Only frax pools can mint new FRAX");
// _;
// }
modifier onlyByOwnGov() {
require(msg.sender == owner || msg.sender == timelock_address, "You are not an owner or the governance timelock");
_;
}
/* ========== CONSTRUCTOR ========== */
constructor (
string memory _name,
string memory _symbol,
address _creator_address,
address _timelock_address
) public Owned(_creator_address){
require((_timelock_address != address(0)), "Zero address detected");
name = _name;
symbol = _symbol;
timelock_address = _timelock_address;
_setupRole(DEFAULT_ADMIN_ROLE, _msgSender());
_mint(_creator_address, genesis_supply);
// Do a checkpoint for the owner
_writeCheckpoint(_creator_address, 0, 0, uint96(genesis_supply));
}
/* ========== RESTRICTED FUNCTIONS ========== */
function setTimelock(address new_timelock) external onlyByOwnGov {
require(new_timelock != address(0), "Timelock address cannot be 0");
timelock_address = new_timelock;
}
// function setFRAXAddress(address frax_contract_address) external onlyByOwnGov {
// require(frax_contract_address != address(0), "Zero address detected");
// FRAX = FRAXStablecoin(frax_contract_address);
// emit FRAXAddressSet(frax_contract_address);
// }
function mint(address to, uint256 amount) public onlyByOwnGov {
_mint(to, amount);
}
// This function is what other frax pools will call to mint new FXS (similar to the FRAX mint)
// function pool_mint(address m_address, uint256 m_amount) external onlyPools {
// if(trackingVotes){
// uint32 srcRepNum = numCheckpoints[address(this)];
// uint96 srcRepOld = srcRepNum > 0 ? checkpoints[address(this)][srcRepNum - 1].votes : 0;
// uint96 srcRepNew = add96(srcRepOld, uint96(m_amount), "pool_mint new votes overflows");
// _writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // mint new votes
// trackVotes(address(this), m_address, uint96(m_amount));
// }
// super._mint(m_address, m_amount);
// emit FXSMinted(address(this), m_address, m_amount);
// }
// // This function is what other frax pools will call to burn FXS
// function pool_burn_from(address b_address, uint256 b_amount) external onlyPools {
// if(trackingVotes){
// trackVotes(b_address, address(this), uint96(b_amount));
// uint32 srcRepNum = numCheckpoints[address(this)];
// uint96 srcRepOld = srcRepNum > 0 ? checkpoints[address(this)][srcRepNum - 1].votes : 0;
// uint96 srcRepNew = sub96(srcRepOld, uint96(b_amount), "pool_burn_from new votes underflows");
// _writeCheckpoint(address(this), srcRepNum, srcRepOld, srcRepNew); // burn votes
// }
// super._burnFrom(b_address, b_amount);
// emit FXSBurned(b_address, address(this), b_amount);
// }
function toggleVotes() external onlyByOwnGov {
trackingVotes = !trackingVotes;
}
/* ========== OVERRIDDEN PUBLIC FUNCTIONS ========== */
function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(_msgSender(), recipient, uint96(amount));
}
_transfer(_msgSender(), recipient, amount);
return true;
}
function transferFrom(address sender, address recipient, uint256 amount) public virtual override returns (bool) {
if(trackingVotes){
// Transfer votes
trackVotes(sender, recipient, uint96(amount));
}
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/* ========== PUBLIC FUNCTIONS ========== */
/**
* @notice Gets the current votes balance for `account`
* @param account The address to get votes balance
* @return The number of current votes for `account`
*/
function getCurrentVotes(address account) external view returns (uint96) {
uint32 nCheckpoints = numCheckpoints[account];
return nCheckpoints > 0 ? checkpoints[account][nCheckpoints - 1].votes : 0;
}
/**
* @notice Determine the prior number of votes for an account as of a block number
* @dev Block number must be a finalized block or else this function will revert to prevent misinformation.
* @param account The address of the account to check
* @param blockNumber The block number to get the vote balance at
* @return The number of votes the account had as of the given block
*/
function getPriorVotes(address account, uint blockNumber) public view returns (uint96) {
require(blockNumber < block.number, "USH::getPriorVotes: not yet determined");
uint32 nCheckpoints = numCheckpoints[account];
if (nCheckpoints == 0) {
return 0;
}
// First check most recent balance
if (checkpoints[account][nCheckpoints - 1].fromBlock <= blockNumber) {
return checkpoints[account][nCheckpoints - 1].votes;
}
// Next check implicit zero balance
if (checkpoints[account][0].fromBlock > blockNumber) {
return 0;
}
uint32 lower = 0;
uint32 upper = nCheckpoints - 1;
while (upper > lower) {
uint32 center = upper - (upper - lower) / 2; // ceil, avoiding overflow
Checkpoint memory cp = checkpoints[account][center];
if (cp.fromBlock == blockNumber) {
return cp.votes;
} else if (cp.fromBlock < blockNumber) {
lower = center;
} else {
upper = center - 1;
}
}
return checkpoints[account][lower].votes;
}
/* ========== INTERNAL FUNCTIONS ========== */
// From compound's _moveDelegates
// Keep track of votes. "Delegates" is a misnomer here
function trackVotes(address srcRep, address dstRep, uint96 amount) internal {
if (srcRep != dstRep && amount > 0) {
if (srcRep != address(0)) {
uint32 srcRepNum = numCheckpoints[srcRep];
uint96 srcRepOld = srcRepNum > 0 ? checkpoints[srcRep][srcRepNum - 1].votes : 0;
uint96 srcRepNew = sub96(srcRepOld, amount, "USH::_moveVotes: vote amount underflows");
_writeCheckpoint(srcRep, srcRepNum, srcRepOld, srcRepNew);
}
if (dstRep != address(0)) {
uint32 dstRepNum = numCheckpoints[dstRep];
uint96 dstRepOld = dstRepNum > 0 ? checkpoints[dstRep][dstRepNum - 1].votes : 0;
uint96 dstRepNew = add96(dstRepOld, amount, "USH::_moveVotes: vote amount overflows");
_writeCheckpoint(dstRep, dstRepNum, dstRepOld, dstRepNew);
}
}
}
function _writeCheckpoint(address voter, uint32 nCheckpoints, uint96 oldVotes, uint96 newVotes) internal {
uint32 blockNumber = safe32(block.number, "USH::_writeCheckpoint: block number exceeds 32 bits");
if (nCheckpoints > 0 && checkpoints[voter][nCheckpoints - 1].fromBlock == blockNumber) {
checkpoints[voter][nCheckpoints - 1].votes = newVotes;
} else {
checkpoints[voter][nCheckpoints] = Checkpoint(blockNumber, newVotes);
numCheckpoints[voter] = nCheckpoints + 1;
}
emit VoterVotesChanged(voter, oldVotes, newVotes);
}
function safe32(uint n, string memory errorMessage) internal pure returns (uint32) {
require(n < 2**32, errorMessage);
return uint32(n);
}
function safe96(uint n, string memory errorMessage) internal pure returns (uint96) {
require(n < 2**96, errorMessage);
return uint96(n);
}
function add96(uint96 a, uint96 b, string memory errorMessage) internal pure returns (uint96) {
uint96 c = a + b;
require(c >= a, errorMessage);
return c;
}
function sub96(uint96 a, uint96 b, string memory errorMessage) internal pure returns (uint96) {
require(b <= a, errorMessage);
return a - b;
}
/* ========== EVENTS ========== */
/// @notice An event thats emitted when a voters account's vote balance changes
event VoterVotesChanged(address indexed voter, uint previousBalance, uint newBalance);
// // Track FXS burned
// event FXSBurned(address indexed from, address indexed to, uint256 amount);
// // Track FXS minted
// event FXSMinted(address indexed from, address indexed to, uint256 amount);
// event FRAXAddressSet(address addr);
}// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.18;
import "communal/ReentrancyGuard.sol";
import "communal/Owned.sol";
import "communal/SafeERC20.sol";
import "communal/TransferHelper.sol";
//import "forge-std/console.sol";
/*
* VDAMM Contract:
*
*/
interface IWETH is IERC20 {
function deposit() external payable;
function withdraw(uint wad) external;
}
interface ILSDVault {
function darknetAddress() external view returns (address);
function redeemFee() external view returns (uint256);
function exit(uint256 amount) external;
function isEnabled(address lsd) external view returns (bool);
function remainingRoomToCap(address lsd, uint256 marginalDeposit) external view returns (uint256);
function getTargetAmount(address lsd, uint256 marginalDeposit) external view returns (uint256);
}
interface IDarknet {
function checkPrice(address lsd) external view returns (uint256);
}
interface IunshETH {
function timelock_address() external view returns (address);
}
/*
* Fee Collector Contract:
* This contract is responsible for managing fee curves and calculations
* vdAMM swap and unshETH redemption fees are collected here after fee switch is turned on
*/
contract VDAMM is Owned, ReentrancyGuard {
using SafeERC20 for IERC20;
/*
============================================================================
State Variables
============================================================================
*/
address public constant wethAddress = 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2;
address public constant unshethAddress = 0x0Ae38f7E10A43B5b2fB064B42a2f4514cbA909ef;
address public immutable vaultAddress;
address public darknetAddress;
address[] public lsds;
ILSDVault public vault;
bool public ammPaused;
struct AmmFee {
uint256 baseFee;
uint256 dynamicFee;
uint256 instantRedemptionFee;
}
struct AMMFeeConfig {
uint256 baseFeeBps;
uint256 instantRedemptionFeeBps;
uint256 unshethFeeShareBps;
uint256 dynamicFeeSlope_x;
uint256 dynamicFeeSlope_x2;
}
//Mutable parameters, can be changed by governance
AMMFeeConfig ammFeeConfig = AMMFeeConfig(1, 20, 10000, 50, 1000);
bool public depositFeeEnabled = true;
//Immutable parameters, cannot be changed after deployment
uint256 public constant maxBaseFeeBps = 10;
uint256 public constant maxDynamicFeeBps = 200;
uint256 public constant minUnshethFeeShareBps = 5000; //At least half swap fees go to unshETH
/*
============================================================================
Events
============================================================================
*/
//Fee curve parameters
event BaseFeeUpdated(uint256 _baseFeeBps);
event UnshethFeeShareUpdated(uint256 _unshethFeeShareBps);
event InstantRedemptionFeeUpdated(uint256 _instantRedemptionFeeBps);
event FeeSlopesUpdated(uint256 _dynamicFeeSlope_x, uint256 _dynamicFeeSlope_x2);
event DepositFeeToggled(bool depositFeeEnabled);
//Admin functions
event PauseToggled(bool ammPaused);
event TokensWithdrawn(address tokenAddress, uint256 amount);
event EthWithdrawn(uint256 amount);
event DarknetAddressUpdated(address darknetAddress);
event NewLsdApproved(address lsd);
//Swap
event SwapLsdToLsd(uint256 amountIn, address lsdIn, address lsdOut, uint256 lsdAmountOut, uint256 baseFee, uint256 dynamicFee, uint256 protocolFee);
/*
============================================================================
Constructor
============================================================================
*/
constructor(address _owner, address[] memory _lsds) Owned(_owner) {
vaultAddress = IunshETH(unshethAddress).timelock_address();
vault = ILSDVault(vaultAddress);
darknetAddress = vault.darknetAddress();
lsds = _lsds;
ammPaused = true;
//set approvals
for (uint256 i = 0; i < _lsds.length; i = unchkIncr(i)) {
TransferHelper.safeApprove(_lsds[i], vaultAddress, type(uint256).max);
}
TransferHelper.safeApprove(unshethAddress, vaultAddress, type(uint256).max);
}
/*
============================================================================
Function Modifiers
============================================================================
*/
modifier onlyWhenUnpaused() {
require(ammPaused == false, "AMM is paused");
_;
}
modifier onlyWhenPaused() {
require(ammPaused == true, "AMM must be paused");
_;
}
/*
============================================================================
vdAMM configuration functions (multisig only)
============================================================================
*/
function setBaseFee(uint256 _baseFeeBps) external onlyOwner {
require(_baseFeeBps <= maxBaseFeeBps, "Base fee cannot be greater than max fee");
ammFeeConfig.baseFeeBps = _baseFeeBps;
emit BaseFeeUpdated(_baseFeeBps);
}
function setDynamicFeeSlopes(uint256 _dynamicFeeSlope_x, uint256 _dynamicFeeSlope_x2) external onlyOwner {
ammFeeConfig.dynamicFeeSlope_x = _dynamicFeeSlope_x;
ammFeeConfig.dynamicFeeSlope_x2 = _dynamicFeeSlope_x2;
emit FeeSlopesUpdated(_dynamicFeeSlope_x, _dynamicFeeSlope_x2);
}
function setUnshethFeeShare(uint256 _unshethFeeShareBps) external onlyOwner {
require(_unshethFeeShareBps <= 10000, "unshETH fee share cannot be greater than 100%");
require(_unshethFeeShareBps >= minUnshethFeeShareBps, "unshETH fee share must be greater than min");
ammFeeConfig.unshethFeeShareBps = _unshethFeeShareBps;
emit UnshethFeeShareUpdated(_unshethFeeShareBps);
}
function setInstantRedemptionFee(uint256 _instantRedemptionFeeBps) external onlyOwner {
require(
_instantRedemptionFeeBps <= maxDynamicFeeBps,
"Instant redemption fee cannot be greater than max fee"
);
ammFeeConfig.instantRedemptionFeeBps = _instantRedemptionFeeBps;
emit InstantRedemptionFeeUpdated(_instantRedemptionFeeBps);
}
function toggleDepositFee() external onlyOwner {
depositFeeEnabled = !depositFeeEnabled;
emit DepositFeeToggled(depositFeeEnabled);
}
/*
============================================================================
Admin functions (multisig only)
============================================================================
*/
function togglePaused() external onlyOwner {
ammPaused = !ammPaused;
emit PauseToggled(ammPaused);
}
function withdrawTokens(address tokenAddress) external onlyOwner {
uint256 balance = IERC20(tokenAddress).balanceOf(address(this));
require(balance > 0, "No tokens to withdraw");
TransferHelper.safeTransfer(tokenAddress, msg.sender, balance);
emit TokensWithdrawn(tokenAddress, balance);
}
function withdrawStuckEth() external onlyOwner {
uint256 ethBal = address(this).balance;
Address.sendValue(payable(owner), ethBal);
emit EthWithdrawn(ethBal);
}
function updateDarknetAddress() external onlyOwner {
darknetAddress = ILSDVault(vaultAddress).darknetAddress();
emit DarknetAddressUpdated(darknetAddress);
}
//Technically, full timelock proposal is needed to add a new LSD. This function just ensures new vdAMM doesn't need to be re-deployed
function approveNewLsd(address lsdAddress) external onlyOwner {
lsds.push(lsdAddress);
TransferHelper.safeApprove(lsdAddress, vaultAddress, type(uint256).max);
emit NewLsdApproved(lsdAddress);
}
/*
============================================================================
Fee curve logic
============================================================================
*/
function unshethFeeShareBps() public view returns (uint256) {
return ammFeeConfig.unshethFeeShareBps;
}
function getEthConversionRate(address lsd) public view returns (uint256) {
return IDarknet(darknetAddress).checkPrice(lsd);
}
//View function to get lsdAmountOut and fees for a swap. Does not deal with require checks if the swap is valid
function swapLsdToLsdCalcs(
uint256 amountIn,
address lsdIn,
address lsdOut
) public view returns (uint256, uint256, uint256, uint256) {
//Sanity checks
require(lsdIn != lsdOut, "Cannot swap same lsd");
require(vault.isEnabled(lsdIn), "lsdIn not enabled");
require(vault.isEnabled(lsdOut), "lsdOut is not enabled");
require(amountIn > 0, "Cannot swap 0 lsd");
//In a swap, total amount of ETH in the vault is constant we're swapping on a 1:1 ETH basis
//To simplify and do a conservative first order approximation, we assume marginal deposit amount is 0
uint256 distanceToCap = vault.remainingRoomToCap(lsdIn, 0);
require(amountIn <= distanceToCap, "Trade would exceed cap");
uint256 ethAmountIn = (amountIn * getEthConversionRate(lsdIn)) / 1e18;
uint256 ethAmountOutBeforeFees = ethAmountIn;
//Calculate fees
(uint256 baseFee, uint256 dynamicFee, ) = getAmmFee(ethAmountIn, lsdIn, lsdOut); //in lsdOut terms
//Fees are paid in lsdOut terms
uint256 totalFee = baseFee + dynamicFee;
uint256 protocolFee = (totalFee * (10000 - ammFeeConfig.unshethFeeShareBps)) / 10000;
uint256 lsdAmountOutBeforeFees = (ethAmountOutBeforeFees * 1e18) / getEthConversionRate(lsdOut);
uint256 lsdAmountOut = lsdAmountOutBeforeFees - totalFee;
return (lsdAmountOut, baseFee, dynamicFee, protocolFee);
}
//returns amm fees in lsdOut terms
function getAmmFee(
uint256 ethAmountIn,
address lsdIn,
address lsdOut
) public view returns (uint256, uint256, uint256) {
uint256 baseFeeInEthTerms = (ethAmountIn * ammFeeConfig.baseFeeBps) / 10000;
uint256 lsdInDynamicFeeBps = getLsdDynamicFeeBps(ethAmountIn, lsdIn, true);
uint256 lsdOutDynamicFeeBps = getLsdDynamicFeeBps(ethAmountIn, lsdOut, false);
if (lsdOut == wethAddress) {
lsdOutDynamicFeeBps = _min(maxDynamicFeeBps, lsdOutDynamicFeeBps + ammFeeConfig.instantRedemptionFeeBps);
}
//Take the higher of two and cap at maxDynamicFeeBps
uint256 dynamicFeeBps = _max(lsdInDynamicFeeBps, lsdOutDynamicFeeBps);
uint256 dynamicFeeInEthTerms = (ethAmountIn * dynamicFeeBps) / 10000;
uint256 baseFee = (baseFeeInEthTerms * 1e18) / getEthConversionRate(lsdOut);
uint256 dynamicFee = (dynamicFeeInEthTerms * 1e18) / getEthConversionRate(lsdOut);
return (baseFee, dynamicFee, dynamicFeeBps);
}
// Dynamic fee (inspired by GLP, with unshETH twist)
// Fees are 0 when swaps help rebalance the vault (i.e. when difference to target is reduced post-swap)
// When swaps worsen the distance to target, fees are applied
// Fees are proportional to the square of the % distance to target (taking the average before and after the swap)
// Small deviations are generally low fee
// Large deviations are quadratically higher penalty (since co-variance of unshETH is quadratically increasing)
// All deviations to target and normalized by the target weight (otherwise small LSDs won't be penalized at all)
// Fees are capped at maxDynamicFeeBps
function getLsdDynamicFeeBps(
uint256 ethDelta,
address lsd,
bool increment
) public view returns (uint256) {
uint256 lsdBalance = IERC20(lsd).balanceOf(vaultAddress);
uint256 initialAmount = (lsdBalance * getEthConversionRate(lsd)) / 1e18; //lsd balance in ETH terms
uint256 nextAmount;
if (increment) {
nextAmount = initialAmount + ethDelta;
} else {
nextAmount = initialAmount - _min(initialAmount, ethDelta);
}
uint256 targetAmount = (vault.getTargetAmount(lsd, 0) * getEthConversionRate(lsd)) / 1e18;
uint256 initialDiff = _absDiff(initialAmount, targetAmount);
uint256 nextDiff = _absDiff(nextAmount, targetAmount);
//If action improves the distance to target, zero fee
if (nextDiff < initialDiff) {
return 0; //no fee
}
//If target is zero and we are moving away from it, charge max fee
if (targetAmount == 0) {
return maxDynamicFeeBps;
}
//Otherwise Fee = a*x + b*x^2, where x = averageDiff / targetAmount
uint256 averageDiff = (initialDiff + nextDiff) / 2;
uint256 x = (averageDiff * 1e18) / targetAmount;
uint256 x2 = (x * x) / 1e18;
uint256 dynamicFeeBps_x = (ammFeeConfig.dynamicFeeSlope_x * x) / 1e18;
uint256 dynamicFeeBps_x2 = (ammFeeConfig.dynamicFeeSlope_x2 * x2) / 1e18;
return _min(maxDynamicFeeBps, dynamicFeeBps_x + dynamicFeeBps_x2);
}
function getDepositFee(uint256 lsdAmountIn, address lsd) public view returns (uint256, uint256) {
if (!depositFeeEnabled) {
return (0, 0);
}
uint256 ethAmountIn = (lsdAmountIn * getEthConversionRate(lsd)) / 1e18;
uint256 dynamicFeeBps = getLsdDynamicFeeBps(ethAmountIn, lsd, true);
uint256 redeemFeeBps = vault.redeemFee();
//If dynamic fee < redeem fee, then deposit fee = 0, otherwise deposit fee = dynamic fee - redeem fee
uint256 depositFeeBps = dynamicFeeBps - _min(dynamicFeeBps, redeemFeeBps);
uint256 depositFee = (lsdAmountIn * depositFeeBps) / 10000;
uint256 protocolFee = (depositFee * (10000 - ammFeeConfig.unshethFeeShareBps)) / 10000;
return (depositFee, protocolFee);
}
/*
============================================================================
Swapping
============================================================================
*/
function swapLsdToEth(
uint256 amountIn,
address lsdIn,
uint256 minAmountOut
) external nonReentrant onlyWhenUnpaused returns (uint256, uint256, uint256) {
//Transfer lsdIn from user to vault
TransferHelper.safeTransferFrom(lsdIn, msg.sender, address(this), amountIn);
(uint256 wethAmountOut, uint256 baseFee, uint256 dynamicFee) = _swapLsdToLsd(
amountIn,
lsdIn,
wethAddress,
minAmountOut
);
//Convert weth to ETH and send to user
IWETH(wethAddress).withdraw(wethAmountOut);
Address.sendValue(payable(msg.sender), wethAmountOut);
return (wethAmountOut, baseFee, dynamicFee);
}
function swapEthToLsd(
address lsdOut,
uint256 minAmountOut
) external payable nonReentrant onlyWhenUnpaused returns (uint256, uint256, uint256) {
//Convert ETH to weth and swap
IWETH(wethAddress).deposit{ value: msg.value }();
(uint256 lsdAmountOut, uint256 baseFee, uint256 dynamicFee) = _swapLsdToLsd(
msg.value,
wethAddress,
lsdOut,
minAmountOut
);
//Send lsdOut to user
TransferHelper.safeTransfer(lsdOut, msg.sender, lsdAmountOut);
return (lsdAmountOut, baseFee, dynamicFee);
}
function swapLsdToLsd(
uint256 amountIn,
address lsdIn,
address lsdOut,
uint256 minAmountOut
) external nonReentrant onlyWhenUnpaused returns (uint256, uint256, uint256) {
//Transfer lsdIn from user to vdamm and swap
TransferHelper.safeTransferFrom(lsdIn, msg.sender, address(this), amountIn);
(uint256 lsdAmountOut, uint256 baseFee, uint256 dynamicFee) = _swapLsdToLsd(
amountIn,
lsdIn,
lsdOut,
minAmountOut
);
//Send lsdOut to user
TransferHelper.safeTransfer(lsdOut, msg.sender, lsdAmountOut);
return (lsdAmountOut, baseFee, dynamicFee);
}
// Converts lsd to another lsd.
// Collects protocol fees in vdAMM contract, and keeps unshETH share of fees for unshETH holders.
// Assumes lsdIn is already in vdamm contract, lsdAmountOut + protocol fees is kept in vdAMM contract
// Returns lsdAmountOut.
function _swapLsdToLsd(
uint256 amountIn,
address lsdIn,
address lsdOut,
uint256 minAmountOut
) internal returns (uint256, uint256, uint256) {
(uint256 lsdAmountOut, uint256 baseFee, uint256 dynamicFee, uint256 protocolFee) = swapLsdToLsdCalcs(
amountIn,
lsdIn,
lsdOut
);
require(lsdAmountOut >= minAmountOut, "Slippage limit reached");
//Amount to take out from vault = amountOut + protocolFee from vault. unshETH share of fees are kept in the vault
uint256 lsdAmountOutFromVault = lsdAmountOut + protocolFee;
require(
lsdAmountOutFromVault <= IERC20(lsdOut).balanceOf(vaultAddress),
"Not enough lsdOut in vault"
);
//Transfer amountIn from vdAMM to the vault
TransferHelper.safeTransfer(lsdIn, vaultAddress, amountIn);
//Transfer lsdOut from vault to vdAMM
TransferHelper.safeTransferFrom(lsdOut, vaultAddress, address(this), lsdAmountOutFromVault);
emit SwapLsdToLsd(amountIn, lsdIn, lsdOut, lsdAmountOut, baseFee, dynamicFee, protocolFee);
//Return the lsdAmountOut (which subtracts protocolFee). ProtocolFee is kept in vdAMM contract
return (lsdAmountOut, baseFee, dynamicFee);
}
/*
============================================================================
Other functions
============================================================================
*/
function unchkIncr(uint256 i) private pure returns (uint256) {
unchecked {
return i + 1;
}
}
function _min(uint256 _a, uint256 _b) private pure returns (uint256) {
if (_a < _b) {
return _a;
} else {
return _b;
}
}
function _max(uint256 _a, uint256 _b) private pure returns (uint256) {
if (_a > _b) {
return _a;
} else {
return _b;
}
}
function _absDiff(uint256 _a, uint256 _b) private pure returns (uint256) {
if (_a > _b) {
return _a - _b;
} else {
return _b - _a;
}
}
//Allow receiving eth to the contract
receive() external payable {}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
//Modified Multiple Token VotingEscrow Contract
//The following changes have been made:
//1. Users can lock either 80-20 USH-unshETH BPT, Uniswapv2 style pool2 token, or single-sided USH
//2. Make sure deposit() and withdraw() funcs are correctly updated for the multi token model
//3. Give owner ability to update boost weight of BPT and Pool2 tokens
//4. Price everything in USH terms - this means pricing the BPT and Pool2 tokens in USH terms
//5. Make 1 USH = 1vdUSH max locked for single-sided.
//6. Pool2 included for easy migration of existing liquidity + enable locking in chains where BPT is not supported
/// basically, where tokenAmount is used, we need to use scaledtokenAmount1+weight*tokenAmount2
/**
@title Multi-Token Weighted Voting Escrow
@author @EIP_Alta1r, Original: Curve Finance, Solidity Rewrite: Stargate Finance
@license MIT
@notice Votes have a weight depending on time, so that users are
committed to the future of (whatever they are voting for)
@dev Vote weight decays linearly over time. Lock time cannot be
more than `MAXTIME` (1 years).
# Voting escrow to have time-weighted votes
# Votes have a weight depending on time, so that users are committed
# to the future of (whatever they are voting for).
# The weight in this implementation is linear, and lock cannot be more than maxtime:
# w ^
# 1 + /
# | /
# | /
# | /
# |/
# 0 +--------+------> time
# maxtime (1 years?)
*/
import "openzeppelin-contracts/contracts/access/Ownable.sol";
import "openzeppelin-contracts/contracts/security/ReentrancyGuard.sol";
import "openzeppelin-contracts/contracts/interfaces/IERC20.sol";
import "openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol";
import "forge-std/console.sol";
struct Point {
int128 bias;
int128 slope; // # -dweight / dt
uint ts;
uint blk; // block
}
/* We cannot really do block numbers per se b/c slope is per time, not per block
* and per block could be fairly bad b/c Ethereum changes blocktimes.
* What we can do is to extrapolate ***At functions */
struct LockedBalance {
int128 amount; //weightedAmount
uint256 amountA;
uint256 amountB;
uint256 amountC;
uint end;
}
interface IPool2 {
function getReserves() external view returns (uint112 _reserveA, uint112 _reserveB, uint32 _blockTimestampLast);
function getPoolId() external view returns (bytes32);
}
interface IBPT {
function getVault() external view returns (address);
function getPoolId() external view returns (bytes32);
}
interface IBPTVault {
function getPoolTokenInfo(
bytes32 poolId,
address token
) external view returns (uint256, uint256, uint256, address);
}
contract VotingEscrow is Ownable, ReentrancyGuard {
using SafeERC20 for IERC20;
enum DepositType {
DEPOSIT_FOR_TYPE,
CREATE_LOCK_TYPE,
INCREASE_LOCK_AMOUNT,
INCREASE_UNLOCK_TIME
}
event Deposit(
address indexed provider,
uint valueA,
uint valueB,
uint valueC,
uint indexed locktime,
DepositType deposit_type,
uint ts
);
event Withdraw(address indexed provider, uint valueA, uint valueB, uint valueC, uint ts);
event Supply(uint prevSupply, uint supply);
uint internal constant WEEK = 1 weeks;
uint public constant MAXTIME = 53 weeks; //max lock 1 year
int128 internal constant iMAXTIME = 53 weeks;
uint public constant MINTIME = 4 weeks;
uint internal constant MULTIPLIER = 1 ether;
//a dynamic boost weight that is configurable
uint256 public bpt_boost_weight;
uint256 public pool2_boost_weight;
address public immutable tokenA; //BPT
address public immutable tokenB; //Pool2 LP Token
address public immutable tokenC; //Single-sided USH Token
uint public supply;
bool public unlocked;
mapping(address => LockedBalance) public locked; //weighted locked balance
uint public epoch;
mapping(uint => Point) public point_history; // epoch -> unsigned point
mapping(address => Point[1000000000]) public user_point_history; // user -> Point[user_epoch]
mapping(address => uint) public user_point_epoch;
mapping(uint => int128) public slope_changes; // time -> signed slope change
// Aragon's view methods for compatibility
address public controller;
bool public transfersEnabled;
string public constant name = "vdUSH";
string public constant symbol = "vdUSH";
string public constant version = "1.0.0";
uint8 public constant decimals = 18;
// Whitelisted (smart contract) wallets which are allowed to deposit
// The goal is to prevent tokenizing the escrow
mapping(address => bool) public contracts_whitelist;
/// @notice Contract constructor
/// @param tokenA_addr BPT
/// @param tokenB_addr Pool2 LP token
/// @param tokenC_addr USH token
constructor(address tokenA_addr, address tokenB_addr, address tokenC_addr) {
tokenA = tokenA_addr;
tokenB = tokenB_addr;
tokenC = tokenC_addr;
bpt_boost_weight = 2.5 ether;
pool2_boost_weight = 3.5 ether;
point_history[0].blk = block.number;
point_history[0].ts = block.timestamp;
controller = msg.sender;
transfersEnabled = true;
}
modifier onlyUserOrWhitelist() {
if (msg.sender != tx.origin) {
require(contracts_whitelist[msg.sender], "Smart contract not allowed");
}
_;
}
modifier notUnlocked() {
require(!unlocked, "unlocked globally");
_;
}
//helper unit conversion funcs
function bpt_amount_to_ush_units(uint256 amount) internal view returns (uint256) {
//get the contract address of the BPT pool token
address bpt_address = tokenA;
//get vault and pool info
address balancer_vault = IBPT(bpt_address).getVault();
bytes32 pool_id = IBPT(bpt_address).getPoolId();
//get the balance of token A in the BPT pool
(uint256 ush_balance, , , ) = IBPTVault(balancer_vault).getPoolTokenInfo(pool_id, tokenC);
//get the total supply of the BPT pool
uint256 total_supply = IERC20(bpt_address).totalSupply();
//calculate the amount of token C units
return (amount * ush_balance) / total_supply;
}
function pool2_amount_to_ush_units(uint256 amount) internal view returns (uint256) {
//get the contract address of the BPT pool token
address pool2_address = tokenB;
//get vault and pool info
(uint256 ush_balance, , ) = IPool2(pool2_address).getReserves();
console.log(ush_balance);
//get the total supply of the pool2
uint256 total_supply = IERC20(pool2_address).totalSupply();
console.log(total_supply);
//calculate the amount of token C units
return (amount * ush_balance) / total_supply;
}
function update_bpt_boost_weight(uint256 weight) external onlyOwner {
require(weight > 0, "Cannot set zero boost weight!");
bpt_boost_weight = weight;
}
function update_pool2_boost_weight(uint256 weight) external onlyOwner {
require(weight > 0, "Cannot set zero boost weight!");
pool2_boost_weight = weight;
}
function weighted_amount(uint256 bptAmount, uint256 pool2Amount, uint256 tokenAmount) public view returns (uint256) {
uint256 scaled_bpt_amount = tokenA == address(0) ? 0 : bpt_amount_to_ush_units(bptAmount);
uint256 scaled_pool2_amount = pool2_amount_to_ush_units(pool2Amount);
return (scaled_bpt_amount * bpt_boost_weight) / 1e18 + (scaled_pool2_amount * pool2_boost_weight) / 1e18 + tokenAmount;
}
function int_weighted_amount(uint256 _valueA, uint256 _valueB, uint256 _valueC) internal view returns (int128) {
return int128(int(weighted_amount(_valueA, _valueB, _valueC)));
}
/// @notice Add address to whitelist smart contract depositors `addr`
/// @param addr Address to be whitelisted
function add_to_whitelist(address addr) external onlyOwner {
require(!contracts_whitelist[addr], "Address already whitelisted");
contracts_whitelist[addr] = true;
}
/// @notice Remove a smart contract address from whitelist
/// @param addr Address to be removed from whitelist
function remove_from_whitelist(address addr) external onlyOwner {
require(contracts_whitelist[addr], "Address not whitelisted");
contracts_whitelist[addr] = false;
}
/// @notice Unlock all locked balances
function unlock() external onlyOwner {
unlocked = true;
}
/// @notice Get the most recently recorded rate of voting power decrease for `_addr`
/// @param addr Address of the user wallet
/// @return Value of the slope
function get_last_user_slope(address addr) external view returns (int128) {
uint uepoch = user_point_epoch[addr];
return user_point_history[addr][uepoch].slope;
}
/// @notice Get the timestamp for checkpoint `_idx` for `_addr`
/// @param _addr User wallet address
/// @param _idx User epoch number
/// @return Epoch time of the checkpoint
function user_point_history__ts(address _addr, uint _idx) external view returns (uint) {
return user_point_history[_addr][_idx].ts;
}
/// @notice Get timestamp when `_addr`'s lock finishes
/// @param _addr User wallet address
/// @return Epoch time of the lock end
function locked__end(address _addr) external view returns (uint) {
return locked[_addr].end;
}
function locked__amountA(address user) external view returns (uint) {
return locked[user].amountA;
}
function locked__amountB(address user) external view returns (uint) {
return locked[user].amountB;
}
function locked__amountC(address user) external view returns (uint) {
return locked[user].amountC;
}
/// @notice Record global and per-user data to checkpoint
/// @param _addr User's wallet address. No user checkpoint if 0x0
/// @param old_locked Pevious locked amount / end lock time for the user
/// @param new_locked New locked amount / end lock time for the user
function _checkpoint(
address _addr,
LockedBalance memory old_locked,
LockedBalance memory new_locked
) internal {
Point memory u_old;
Point memory u_new;
int128 old_dslope = 0;
int128 new_dslope = 0;
uint _epoch = epoch;
//make sure we are using the most current BPT boost weights
//and then make sure the new_locked that was passed in has had the most current boost weights applied (do that elsewhere)
old_locked.amount = int_weighted_amount(old_locked.amountA, old_locked.amountB, old_locked.amountC);
if (_addr != address(0x0)) {
// Calculate slopes and biases
// Kept at zero when they have to
if (old_locked.end > block.timestamp && old_locked.amount > 0) {
u_old.slope = old_locked.amount / iMAXTIME;
u_old.bias = u_old.slope * int128(int(old_locked.end - block.timestamp));
}
if (new_locked.end > block.timestamp && new_locked.amount > 0) {
u_new.slope = new_locked.amount / iMAXTIME;
u_new.bias = u_new.slope * int128(int(new_locked.end - block.timestamp));
}
// Read values of scheduled changes in the slope
// old_locked.end can be in the past and in the future
// new_locked.end can ONLY by in the FUTURE unless everything expired: than zeros
old_dslope = slope_changes[old_locked.end];
if (new_locked.end != 0) {
if (new_locked.end == old_locked.end) {
new_dslope = old_dslope;
} else {
new_dslope = slope_changes[new_locked.end];
}
}
}
Point memory last_point = Point({ bias: 0, slope: 0, ts: block.timestamp, blk: block.number });
if (_epoch > 0) {
last_point = point_history[_epoch];
}
uint last_checkpoint = last_point.ts;
// initial_last_point is used for extrapolation to calculate block number
// (approximately, for *At methods) and save them
// as we cannot figure that out exactly from inside the contract
uint initial_last_point_ts = last_point.ts;
uint initial_last_point_blk = last_point.blk;
uint block_slope = 0; // dblock/dt
if (block.timestamp > last_point.ts) {
block_slope = (MULTIPLIER * (block.number - last_point.blk)) / (block.timestamp - last_point.ts);
}
// If last point is already recorded in this block, slope=0
// But that's ok b/c we know the block in such case
// Go over weeks to fill history and calculate what the current point is
uint t_i = (last_checkpoint / WEEK) * WEEK;
for (uint i = 0; i < 255; ++i) {
// Hopefully it won't happen that this won't get used in 5 years!
// If it does, users will be able to withdraw but vote weight will be broken
t_i += WEEK;
int128 d_slope = 0;
if (t_i > block.timestamp) {
t_i = block.timestamp;
} else {
d_slope = slope_changes[t_i];
}
last_point.bias -= last_point.slope * int128(int(t_i - last_checkpoint));
last_point.slope += d_slope;
if (last_point.bias < 0) {
// This can happen
last_point.bias = 0;
}
if (last_point.slope < 0) {
// This cannot happen - just in case
last_point.slope = 0;
}
last_checkpoint = t_i;
last_point.ts = t_i;
last_point.blk =
initial_last_point_blk +
(block_slope * (t_i - initial_last_point_ts)) /
MULTIPLIER;
_epoch += 1;
if (t_i == block.timestamp) {
last_point.blk = block.number;
break;
} else {
point_history[_epoch] = last_point;
}
}
epoch = _epoch;
// Now point_history is filled until t=now
if (_addr != address(0x0)) {
// If last point was in this block, the slope change has been applied already
// But in such case we have 0 slope(s)
last_point.slope += (u_new.slope - u_old.slope);
last_point.bias += (u_new.bias - u_old.bias);
if (last_point.slope < 0) {
last_point.slope = 0;
}
if (last_point.bias < 0) {
last_point.bias = 0;
}
}
// Record the changed point into history
point_history[_epoch] = last_point;
if (_addr != address(0x0)) {
// Schedule the slope changes (slope is going down)
// We subtract new_user_slope from [new_locked.end]
// and add old_user_slope to [old_locked.end]
if (old_locked.end > block.timestamp) {
// old_dslope was <something> - u_old.slope, so we cancel that
old_dslope += u_old.slope;
if (new_locked.end == old_locked.end) {
old_dslope -= u_new.slope; // It was a new deposit, not extension
}
slope_changes[old_locked.end] = old_dslope;
}
if (new_locked.end > block.timestamp) {
if (new_locked.end > old_locked.end) {
new_dslope -= u_new.slope; // old slope disappeared at this point
slope_changes[new_locked.end] = new_dslope;
}
// else: we recorded it already in old_dslope
}
// Now handle user history
address addr = _addr;
uint user_epoch = user_point_epoch[addr] + 1;
user_point_epoch[addr] = user_epoch;
u_new.ts = block.timestamp;
u_new.blk = block.number;
user_point_history[addr][user_epoch] = u_new;
}
}
/// @notice Record global data to checkpoint
function checkpoint() external notUnlocked {
_checkpoint(
address(0x0),
LockedBalance(int_weighted_amount(0, 0, 0), 0, 0, 0, 0),
LockedBalance(int_weighted_amount(0, 0, 0), 0, 0, 0, 0)
);
}
function deposit_for(address _addr, uint _valueA, uint _valueB, uint _valueC) external nonReentrant {
LockedBalance memory _locked = locked[_addr];
require(_valueA > 0 || _valueB > 0 || _valueC > 0); // dev: need non-zero value
require(_locked.amount > 0, "No existing lock found");
require(_locked.end > block.timestamp, "Cannot add to expired lock. Withdraw");
_deposit_for(_addr, _valueA, _valueB, _valueC, 0, _locked, DepositType.DEPOSIT_FOR_TYPE);
}
function _deposit_for(
address _addr,
uint _valueA,
uint _valueB,
uint _valueC,
uint unlock_time,
LockedBalance memory locked_balance,
DepositType deposit_type
) internal {
LockedBalance memory _locked = locked_balance;
uint supply_before = supply;
supply = supply_before + weighted_amount(_valueA, _valueB, _valueC);
LockedBalance memory old_locked;
//NOTE: need to be checked
_locked.amount = int128(int(weighted_amount(_locked.amountA, _locked.amountB, _locked.amountC)));
// old_locked.amount = int128(int(weighted_amount(old_locked.amountA, old_locked.amountB)));
(old_locked.amount, old_locked.end) = (_locked.amount, _locked.end);
// Adding to existing lock, or if a lock is expired - creating a new one
_locked.amount += int128(int(weighted_amount(_valueA, _valueB, _valueC)));
_locked.amountA += _valueA;
_locked.amountB += _valueB;
_locked.amountC += _valueC;
if (unlock_time != 0) {
_locked.end = unlock_time;
}
locked[_addr] = _locked;
// Possibilities:
// Both old_locked.end could be current or expired (>/< block.timestamp)
// value == 0 (extend lock) or value > 0 (add to lock or extend lock)
// _locked.end > block.timestamp (always)
_checkpoint(_addr, old_locked, _locked);
if (_valueA != 0) {
IERC20(tokenA).safeTransferFrom(msg.sender, address(this), _valueA);
}
if (_valueB != 0) {
IERC20(tokenB).safeTransferFrom(msg.sender, address(this), _valueB);
}
if (_valueC != 0) {
IERC20(tokenC).safeTransferFrom(msg.sender, address(this), _valueC);
}
emit Deposit(_addr, _valueA, _valueB, _valueC, _locked.end, deposit_type, block.timestamp);
emit Supply(supply_before, supply_before + weighted_amount(_valueA, _valueB, _valueC));
}
/// @notice Deposit `_value` tokens for `msg.sender` and lock until `_unlock_time`
/// @param _valueA Amount to deposit of BPT
/// @param _valueB amount to deposit of pool2
/// @param _valueC amount to deposit of token
/// @param _unlock_time Epoch time when tokens unlock, rounded down to whole weeks
function _create_lock(uint _valueA, uint _valueB, uint _valueC, uint _unlock_time) internal {
require(_valueA > 0 || _valueB > 0 || _valueC > 0); // dev: need non-zero value
LockedBalance memory _locked = locked[msg.sender];
require(_locked.amount == 0, "Withdraw old tokens first");
require(_unlock_time >= block.timestamp + MINTIME, "Voting lock must be at least MINTIME");
//NOTE:MAXTIME is set to 1 year, may be changed to 3 years
require(_unlock_time <= block.timestamp + MAXTIME, "Voting lock can be 1 year max");
//NOTE: calc only if valid time to save on gas
uint unlock_time = (_unlock_time / WEEK) * WEEK; // Locktime is rounded down to weeks
_deposit_for(msg.sender, _valueA, _valueB, _valueC, unlock_time, _locked, DepositType.CREATE_LOCK_TYPE);
}
/// @notice External function for _create_lock
/// @param _valueA Amount to deposit of BPT
/// @param _valueB amount to deposit of pool2
/// @param _valueC amount to deposit of token
/// @param _unlock_time Epoch time when tokens unlock, rounded down to whole weeks
function create_lock(
uint _valueA,
uint _valueB,
uint _valueC,
uint _unlock_time
) external nonReentrant onlyUserOrWhitelist notUnlocked {
_create_lock(_valueA, _valueB, _valueC, _unlock_time);
}
/// @notice Deposit `_value` additional tokens for `msg.sender` without modifying the unlock time
/// @param _valueA Amount to deposit of BPT
/// @param _valueB amount to deposit of pool2
/// @param _valueC amount to deposit of token
function increase_amount(
uint _valueA,
uint _valueB,
uint _valueC
) external nonReentrant onlyUserOrWhitelist notUnlocked {
_increase_amount(_valueA, _valueB, _valueC);
}
function _increase_amount(uint _valueA, uint _valueB, uint _valueC) internal {
LockedBalance memory _locked = locked[msg.sender];
require(_valueA > 0 || _valueB > 0 || _valueC > 0); // dev: need non-zero value
require(_locked.amount > 0, "No existing lock found");
require(_locked.end > block.timestamp, "Cannot add to expired lock. Withdraw");
_deposit_for(msg.sender, _valueA, _valueB, _valueC, 0, _locked, DepositType.INCREASE_LOCK_AMOUNT);
}
/// @notice Extend the unlock time for `msg.sender` to `_unlock_time`
/// @param _unlock_time New epoch time for unlocking
function increase_unlock_time(uint _unlock_time) external nonReentrant onlyUserOrWhitelist notUnlocked {
_increase_unlock_time(_unlock_time);
}
function _increase_unlock_time(uint _unlock_time) internal {
LockedBalance memory _locked = locked[msg.sender];
uint unlock_time = (_unlock_time / WEEK) * WEEK; // Locktime is rounded down to weeks
require(_locked.end > block.timestamp, "Lock expired");
require(_locked.amount > 0, "Nothing is locked");
require(unlock_time > _locked.end, "Can only increase lock duration");
require(unlock_time <= block.timestamp + MAXTIME, "Voting lock can be 3 years max");
_deposit_for(msg.sender, 0, 0, 0, unlock_time, _locked, DepositType.INCREASE_UNLOCK_TIME);
}
/// @notice Extend the unlock time and/or for `msg.sender` to `_unlock_time`
/// @param _unlock_time New epoch time for unlocking
function increase_amount_and_time(
uint _valueA,
uint _valueB,
uint _valueC,
uint _unlock_time
) external nonReentrant onlyUserOrWhitelist notUnlocked {
require((_valueA > 0 || _valueB > 0 || _valueC > 0) || _unlock_time > 0, "Value and Unlock cannot both be 0");
if ((_valueA > 0 || _valueB > 0 || _valueC > 0) && _unlock_time > 0) {
_increase_amount(_valueA, _valueB, _valueC);
_increase_unlock_time(_unlock_time);
} else if ((_valueA > 0 || _valueB > 0 || _valueC > 0) && _unlock_time == 0) {
_increase_amount(_valueA, _valueB, _valueC);
} else {
_increase_unlock_time(_unlock_time);
}
}
/// @notice Withdraw all tokens for `msg.sender`
/// @dev Only possible if the lock has expired
function _withdraw() internal {
LockedBalance memory _locked = locked[msg.sender];
uint256 token_a_balance = _locked.amountA;
uint256 token_b_balance = _locked.amountB;
uint256 token_c_balance = _locked.amountC;
uint value = uint(int(_locked.amount));
if (!unlocked) {
require(block.timestamp >= _locked.end, "The lock didn't expire");
}
locked[msg.sender] = LockedBalance(0, 0, 0, 0, 0);
uint supply_before = supply;
supply = supply_before - value;
// old_locked can have either expired <= timestamp or zero end
// _locked has only 0 end
// Both can have >= 0 amount
_checkpoint(msg.sender, _locked, LockedBalance(0, 0, 0, 0, 0));
if(token_a_balance > 0) {
IERC20(tokenA).safeTransfer(msg.sender, token_a_balance);
}
if(token_b_balance > 0) {
IERC20(tokenB).safeTransfer(msg.sender, token_b_balance);
}
if(token_c_balance > 0) {
IERC20(tokenC).safeTransfer(msg.sender, token_c_balance);
}
emit Withdraw(msg.sender, token_a_balance, token_b_balance, token_c_balance, block.timestamp);
emit Supply(supply_before, supply_before - value);
}
function withdraw() external nonReentrant {
_withdraw();
}
/// @notice Deposit `_value` tokens for `msg.sender` and lock until `_unlock_time`
/// @param _valueA Amount to deposit of BPT
/// @param _valueB amount to deposit of pool2
/// @param _valueC amount to deposit of token
/// @param _unlock_time Epoch time when tokens unlock, rounded down to whole weeks
function withdraw_and_create_lock(
uint _valueA,
uint _valueB,
uint _valueC,
uint _unlock_time
) external nonReentrant onlyUserOrWhitelist notUnlocked {
_withdraw();
_create_lock(_valueA, _valueB, _valueC, _unlock_time);
}
// The following ERC20/minime-compatible methods are not real balanceOf and supply!
// They measure the weights for the purpose of voting, so they don't represent
// real coins.
/// @notice Binary search to estimate timestamp for block number
/// @param _block Block to find
/// @param max_epoch Don't go beyond this epoch
/// @return Approximate timestamp for block
function _find_block_epoch(uint _block, uint max_epoch) internal view returns (uint) {
// Binary search
uint _min = 0;
uint _max = max_epoch;
for (uint i = 0; i < 128; ++i) {
// Will be always enough for 128-bit numbers
if (_min >= _max) {
break;
}
uint _mid = (_min + _max + 1) / 2;
if (point_history[_mid].blk <= _block) {
_min = _mid;
} else {
_max = _mid - 1;
}
}
return _min;
}
/// @notice Get the current voting power for `msg.sender`
/// @dev Adheres to the ERC20 `balanceOf` interface for Aragon compatibility
/// @param addr User wallet address
/// @param _t Epoch time to return voting power at
/// @return User voting power
function _balanceOf(address addr, uint _t) internal view returns (uint) {
uint _epoch = user_point_epoch[addr];
if (_epoch == 0) {
return 0;
} else {
Point memory last_point = user_point_history[addr][_epoch];
last_point.bias -= last_point.slope * int128(int(_t) - int(last_point.ts));
if (last_point.bias < 0) {
last_point.bias = 0;
}
return uint(int(last_point.bias));
}
}
function balanceOfAtT(address addr, uint _t) external view returns (uint) {
return _balanceOf(addr, _t);
}
function balanceOf(address addr) external view returns (uint) {
return _balanceOf(addr, block.timestamp);
}
/// @notice Measure voting power of `addr` at block height `_block`
/// @dev Adheres to MiniMe `balanceOfAt` interface: https://github.com/Giveth/minime
/// @param addr User's wallet address
/// @param _block Block to calculate the voting power at
/// @return Voting power
function balanceOfAt(address addr, uint _block) external view returns (uint) {
// Copying and pasting totalSupply code because Vyper cannot pass by
// reference yet
require(_block <= block.number);
// Binary search
uint _min = 0;
uint _max = user_point_epoch[addr];
for (uint i = 0; i < 128; ++i) {
// Will be always enough for 128-bit numbers
if (_min >= _max) {
break;
}
uint _mid = (_min + _max + 1) / 2;
if (user_point_history[addr][_mid].blk <= _block) {
_min = _mid;
} else {
_max = _mid - 1;
}
}
Point memory upoint = user_point_history[addr][_min];
uint max_epoch = epoch;
uint _epoch = _find_block_epoch(_block, max_epoch);
Point memory point_0 = point_history[_epoch];
uint d_block = 0;
uint d_t = 0;
if (_epoch < max_epoch) {
Point memory point_1 = point_history[_epoch + 1];
d_block = point_1.blk - point_0.blk;
d_t = point_1.ts - point_0.ts;
} else {
d_block = block.number - point_0.blk;
d_t = block.timestamp - point_0.ts;
}
uint block_time = point_0.ts;
if (d_block != 0) {
block_time += (d_t * (_block - point_0.blk)) / d_block;
}
upoint.bias -= upoint.slope * int128(int(block_time - upoint.ts));
if (upoint.bias >= 0) {
return uint(uint128(upoint.bias));
} else {
return 0;
}
}
/// @notice Calculate total voting power at some point in the past
/// @param point The point (bias/slope) to start search from
/// @param t Time to calculate the total voting power at
/// @return Total voting power at that time
function _supply_at(Point memory point, uint t) internal view returns (uint) {
Point memory last_point = point;
uint t_i = (last_point.ts / WEEK) * WEEK;
for (uint i = 0; i < 255; ++i) {
t_i += WEEK;
int128 d_slope = 0;
if (t_i > t) {
t_i = t;
} else {
d_slope = slope_changes[t_i];
}
last_point.bias -= last_point.slope * int128(int(t_i - last_point.ts));
if (t_i == t) {
break;
}
last_point.slope += d_slope;
last_point.ts = t_i;
}
if (last_point.bias < 0) {
last_point.bias = 0;
}
return uint(uint128(last_point.bias));
}
/// @notice Calculate total voting power
/// @dev Adheres to the ERC20 `totalSupply` interface for Aragon compatibility
/// @return Total voting power
function _totalSupply(uint t) internal view returns (uint) {
uint _epoch = epoch;
Point memory last_point = point_history[_epoch];
return _supply_at(last_point, t);
}
function totalSupplyAtT(uint t) external view returns (uint) {
return _totalSupply(t);
}
function totalSupply() external view returns (uint) {
return _totalSupply(block.timestamp);
}
/// @notice Calculate total voting power at some point in the past
/// @param _block Block to calculate the total voting power at
/// @return Total voting power at `_block`
function totalSupplyAt(uint _block) external view returns (uint) {
require(_block <= block.number);
uint _epoch = epoch;
uint target_epoch = _find_block_epoch(_block, _epoch);
Point memory point = point_history[target_epoch];
uint dt = 0;
if (target_epoch < _epoch) {
Point memory point_next = point_history[target_epoch + 1];
if (point.blk != point_next.blk) {
dt = ((_block - point.blk) * (point_next.ts - point.ts)) / (point_next.blk - point.blk);
}
} else {
if (point.blk != block.number) {
dt = ((_block - point.blk) * (block.timestamp - point.ts)) / (block.number - point.blk);
}
}
// Now dt contains info on how far are we beyond point
return _supply_at(point, point.ts + dt);
}
// Dummy methods for compatibility with Aragon
function changeController(address _newController) external {
require(msg.sender == controller);
controller = _newController;
}
}{
"viaIR": true,
"optimizer": {
"enabled": true,
"runs": 9999
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"remappings": [
"@prb/math/=lib/prb-math/src/",
"@prb/test/=lib/prb-test/src/",
"Common/=lib/Common/",
"ERC20/=lib/ERC20/",
"Governance/=lib/Governance/",
"Math/=lib/Math/",
"Staking/=lib/Staking/",
"Utils/=lib/Utils/",
"communal/=lib/communal/",
"ds-test/=lib/forge-std/lib/ds-test/src/",
"forge-std/=lib/forge-std/src/",
"layerzerolabs/=lib/solidity-examples/",
"local/=src/",
"openzeppelin-contracts/=lib/openzeppelin-contracts/",
"openzeppelin/=lib/openzeppelin/",
"prb-math/=lib/prb-math/src/",
"prb-test/=lib/prb-math/lib/prb-test/src/",
"solidity-examples/=lib/solidity-examples/contracts/",
"solmate/=lib/solmate/src/",
"src/=lib/prb-math/src/"
],
"libraries": {}
}Contract Security Audit
- No Contract Security Audit Submitted- Submit Audit Here
Contract ABI
API[{"inputs":[{"internalType":"address","name":"_unshETHAddressV2","type":"address"}],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"sender","type":"address"},{"indexed":false,"internalType":"uint256","name":"ethAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"pathId","type":"uint256"}],"name":"DepositEth","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"sender","type":"address"},{"indexed":false,"internalType":"address","name":"lsdAddress","type":"address"},{"indexed":false,"internalType":"uint256","name":"depositAmount","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"depositFee","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"protocolFee","type":"uint256"},{"indexed":false,"internalType":"uint256","name":"unshETHMinted","type":"uint256"}],"name":"DepositLsd","type":"event"},{"inputs":[],"name":"MAX_PATH_ID","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"POOLFEE","outputs":[{"internalType":"uint24","name":"","type":"uint24"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"ankrDepositsAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"ankrETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"cbETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"lsdAddress","type":"address"},{"internalType":"uint256","name":"amount","type":"uint256"}],"name":"deposit_lsd","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"uint256","name":"stETHAmount","type":"uint256"}],"name":"deposit_stEth","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"frxETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"frxETHMinterAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"lsdVaultAddressV2","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"amountOutMin","type":"uint256"},{"internalType":"uint256","name":"pathId","type":"uint256"}],"name":"mint_unsheth_with_eth","outputs":[],"stateMutability":"payable","type":"function"},{"inputs":[],"name":"rETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rETH_deposits_enabled","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rocketDepositPoolAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"rocketSettingsAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"sfrxETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"stEthAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"swETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"uint256","name":"","type":"uint256"}],"name":"swapPathIdToAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"uniswapRouterV3","outputs":[{"internalType":"contract ISwapRouter","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"unshETHAddressV2","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"updateVdAmmAddress","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[],"name":"usdtAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"vdAmmAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"wethAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"wstETHAddress","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"stateMutability":"payable","type":"receive"}]Contract Creation Code
60c08060405234620008af5760206200003460049262003b92803803809162000029828562000b35565b833981019062000b59565b6001600081905580546001600160a01b03191673e592427a0aece92de3edee1f18e0157c0586156417905560a081905260405163dc6663c760e01b815292839182906001600160a01b03165afa90811562000aeb57600091602091839162000af7575b5060808190526040516335c1d70160e01b815292839160049183916001600160a01b03165af190811562000aeb5760009162000ab5575b50600280546001600160a01b0319166001600160a01b0392831617905560805160405163095ea7b360e01b602082019081529190921660248301526000196044808401919091528252600091829190620001288162000b19565b519082737f39c581f595b53c5cb19bd0b3f8da6c935e2ca05af13d1562000aad573d6001600160401b038111620008b4576040519062000173601f8201601f19166020018362000b35565b81523d6000602083013e5b8162000a70575b50156200082d5760008060018060a01b0360805116604051602081019163095ea7b360e01b835260248201528219604482015260448152620001c78162000b19565b51908273ac3e018457b222d93114458476f3e3416abbe38f5af13d1562000a68573d6001600160401b038111620008b4576040519062000212601f8201601f19166020018362000b35565b81523d6000602083013e5b8162000a2b575b50156200082d5760008060018060a01b0360805116604051602081019163095ea7b360e01b835260248201528219604482015260448152620002668162000b19565b51908273ae78736cd615f374d3085123a210448e74fc63935af13d1562000a23573d6001600160401b038111620008b45760405190620002b1601f8201601f19166020018362000b35565b81523d6000602083013e5b81620009e6575b50156200082d5760008060018060a01b0360805116604051602081019163095ea7b360e01b835260248201528219604482015260448152620003058162000b19565b51908273be9895146f7af43049ca1c1ae358b0541ea497045af13d15620009de573d6001600160401b038111620008b4576040519062000350601f8201601f19166020018362000b35565b81523d6000602083013e5b81620009a1575b50156200082d5760805162000380906001600160a01b031662000b7a565b60008060018060a01b0360805116604051602081019163095ea7b360e01b835260248201528219604482015260448152620003bb8162000b19565b51908273e95a203b1a91a908f9b9ce46459d101078c2c3cb5af13d1562000999573d6001600160401b038111620008b4576040519062000406601f8201601f19166020018362000b35565b81523d6000602083013e5b816200095c575b50156200082d5760008060018060a01b03608051166040519063095ea7b360e01b602083015260248201528119604482015260448152620004598162000b19565b6020815191018273f951e335afb289353dc249e82926178eac7ded785af13d1562000954573d6001600160401b038111620008b45760405190620004a8601f8201601f19166020018362000b35565b81523d6000602083013e5b8162000917575b50156200082d57600154620004d8906001600160a01b031662000b7a565b600080604051602081019063095ea7b360e01b825273ac3e018457b222d93114458476f3e3416abbe38f602482015282196044820152604481526200051d8162000b19565b519082735e8422345238f34275888049021821e8e08caa1f5af13d156200090f573d6001600160401b038111620008b4576040519062000568601f8201601f19166020018362000b35565b81523d6000602083013e5b81620008d2575b50156200082d57600080604051602081019063095ea7b360e01b825273ae7ab96520de3a18e5e111b5eaab095312d7fe8460248201528219604482015260448152620005c68162000b19565b519082737f39c581f595b53c5cb19bd0b3f8da6c935e2ca05af13d15620008ca573d6001600160401b038111620008b4576040519062000611601f8201601f19166020018362000b35565b81523d6000602083013e5b8162000872575b50156200082d5760036020527fc3a24b0501bd2c13a7e57f2db4369ec4c223447539fc0724a9d55ac4a06ebd4d80546001600160a01b031990811673be9895146f7af43049ca1c1ae358b0541ea49704179091557fcbc4e5fb02c3d1de23a9f1e014b4d2ee5aeaea9505df5e855c9210bf472495af8054821673ae78736cd615f374d3085123a210448e74fc63931790557f83ec6a1f0257b830b5e016457c9cf1435391bf56cc98f369a58a54fe9377246580548216737f39c581f595b53c5cb19bd0b3f8da6c935e2ca01790557f405aad32e1adbac89bb7f176e338b8fc6e994ca210c9bb7bdca249b46594225080548216735e8422345238f34275888049021821e8e08caa1f179055600a6000527f9dcb9783ba5cd0b54745f65f4f918525e461e91888c334e5342cb380ac558d53805490911673f951e335afb289353dc249e82926178eac7ded78179055604051612ec2908162000cd08239608051818181610234015281816102dd0152818161093301528181610ab901528181610cfa01528181610e8f015281816110850152818161116b01528181611387015281816114f7015281816122e50152818161246a015281816125a401528181612689015281816127c40152612944015260a0518181816109a601528181610d70015281816110f7015281816113fa01528181611e1c015281816123720152818161263001526128540152f35b60405162461bcd60e51b815260206004820152601e60248201527f5472616e7366657248656c7065723a20415050524f56455f4641494c454400006044820152606490fd5b805180159250821562000889575b50503862000623565b8192509060209181010312620008af57602001518015158103620008af57388062000880565b600080fd5b634e487b7160e01b600052604160045260246000fd5b60606200061c565b8051801592508215620008e9575b5050386200057a565b8192509060209181010312620008af57602001518015158103620008af573880620008e0565b606062000573565b80518015925082156200092e575b505038620004ba565b8192509060209181010312620008af57602001518015158103620008af57388062000925565b6060620004b3565b805180159250821562000973575b50503862000418565b8192509060209181010312620008af57602001518015158103620008af5738806200096a565b606062000411565b8051801592508215620009b8575b50503862000362565b8192509060209181010312620008af57602001518015158103620008af573880620009af565b60606200035b565b8051801592508215620009fd575b505038620002c3565b8192509060209181010312620008af57602001518015158103620008af573880620009f4565b6060620002bc565b805180159250821562000a42575b50503862000224565b8192509060209181010312620008af57602001518015158103620008af57388062000a39565b60606200021d565b805180159250821562000a87575b50503862000185565b8192509060209181010312620008af57602001518015158103620008af57388062000a7e565b60606200017e565b62000adc915060203d60201162000ae3575b62000ad3818362000b35565b81019062000b59565b38620000ce565b503d62000ac7565b6040513d6000823e3d90fd5b62000b129150823d841162000ae35762000ad3818362000b35565b3862000097565b608081019081106001600160401b03821117620008b457604052565b601f909101601f19168101906001600160401b03821190821017620008b457604052565b90816020910312620008af57516001600160a01b0381168103620008af5790565b60405163095ea7b360e01b60208083019182526001600160a01b03909316602483015260001960448084019190915282529062000bb78162000b19565b60008092819251908273c02aaa39b223fe8d0a0e5c4f27ead9083c756cc25af1903d1562000cc7573d6001600160401b03811162000cb3576040519062000c08601f8201601f191686018362000b35565b81523d828583013e5b8262000c67575b50501562000c235750565b6064906040519062461bcd60e51b82526004820152601e60248201527f5472616e7366657248656c7065723a20415050524f56455f4641494c454400006044820152fd5b805192508215919084831562000c85575b5050509050388062000c18565b91938180945001031262000caf5782015190811515820362000cac57508038808462000c78565b80fd5b5080fd5b634e487b7160e01b82526041600452602482fd5b606062000c1156fe60806040818152600436101561001f575b5050361561001d57600080fd5b005b600091823560e01c9081630d77334614611eec5750806310f91b0b14611eb857806311b463f714611e9c5780631c685c4d14611e6e57806333c7b97f14611e405780634cee01b614611df05780634f0e0ef314611dc25780635481d5eb14611ca357806357f09ed514611c75578063591eb6a5146105145780635c0e43f2146104e657806365866875146104b2578063856e2f571461049757806386bf14c7146104695780638f90b0f01461043b57806398d1e9671461040d5780639ab4a445146103df5780639be65d96146103b15780639c47c63a14610383578063aca86cb914610286578063b3c42f9e14610258578063b5b0e85914610208578063c2b6bd01146101ca578063ca7acdcd1461019c578063d15616c51461016e5763e933b35403610010573461016a578160031936011261016a5760209061016161213c565b90519015158152f35b5080fd5b503461016a578160031936011261016a576020905173ac3e018457b222d93114458476f3e3416abbe38f8152f35b503461016a578160031936011261016a576020905173ae78736cd615f374d3085123a210448e74fc63938152f35b503461016a57602060031936011261016a5773ffffffffffffffffffffffffffffffffffffffff816020936004358152600385522054169051908152f35b503461016a578160031936011261016a576020905173ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000000000000000000000000000000000000000000168152f35b503461016a578160031936011261016a576020905173bafa44efe7901e04e39dad13167d089c559c11388152f35b503461016a578160031936011261016a578051907f35c1d70100000000000000000000000000000000000000000000000000000000825273ffffffffffffffffffffffffffffffffffffffff9160208160048187877f0000000000000000000000000000000000000000000000000000000000000000165af191821561037a5750839161033c575b50167fffffffffffffffffffffffff0000000000000000000000000000000000000000600254161760025580f35b90506020813d8211610372575b81610356602093836120e3565b8101031261036e5751818116810361036e573861030e565b8280fd5b3d9150610349565b513d85823e3d90fd5b503461016a578160031936011261016a576020905173dd3f50f8a6cafbe9b31a427582963f465e745af88152f35b503461016a578160031936011261016a5760209051737f39c581f595b53c5cb19bd0b3f8da6c935e2ca08152f35b503461016a578160031936011261016a576020905173dac17f958d2ee523a2206206994597c13d831ec78152f35b503461016a578160031936011261016a576020905173781693a15e1fa7c743a299f4f0242cdf5489a0d98152f35b503461016a578160031936011261016a576020905173e95a203b1a91a908f9b9ce46459d101078c2c3cb8152f35b503461016a578160031936011261016a576020905173f951e335afb289353dc249e82926178eac7ded788152f35b503461016a578160031936011261016a5760209051600a8152f35b503461016a578160031936011261016a5760209073ffffffffffffffffffffffffffffffffffffffff600254169051908152f35b503461016a578160031936011261016a576020905173ae7ab96520de3a18e5e111b5eaab095312d7fe848152f35b508060031936011261016a57600435906024359160029061053882865414156121c8565b818555600a8411611c185760018411801590611c01575b1561160a5750826106935750737f39c581f595b53c5cb19bd0b3f8da6c935e2ca08380808034855af161058061222d565b5015610636579060206024928251938480926370a0823160e01b82523060048301525afa91821561062c5784926105f2575b506105dd7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612298565b80519234845260208401523392a26001815580f35b91506020823d8211610624575b8161060c602093836120e3565b8101031261061f579051906105dd6105b2565b600080fd5b3d91506105ff565b81513d86823e3d90fd5b606482517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601560248201527f777374455448206d696e74696e67206661696c656400000000000000000000006044820152fd5b6001830361082757508273bafa44efe7901e04e39dad13167d089c559c1138803b1561016a57816024918451928380927f4dcd454700000000000000000000000000000000000000000000000000000000825230600483015234905af1801561081d57610809575b505080516370a0823160e01b815230600482015260208160248173ac3e018457b222d93114458476f3e3416abbe38f5afa9081156107ff5784916107ce575b508015610771579061076c7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612557565b6105dd565b606482517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601660248201527f73667278455448206d696e74696e67206661696c6564000000000000000000006044820152fd5b90506020813d82116107f7575b816107e8602093836120e3565b8101031261061f57513861073a565b3d91506107db565b82513d86823e3d90fd5b61081290612083565b61036e5782386106fb565b83513d84823e3d90fd5b9060068303610c445761083861213c565b15610be7578373dd3f50f8a6cafbe9b31a427582963f465e745af8803b1561016a57816004918451928380927fd0e30db000000000000000000000000000000000000000000000000000000000825234905af1801561081d57610bcf575b505080516370a0823160e01b8082523060048301529273ae78736cd615f374d3085123a210448e74fc63939160208082602481875afa918215610bc5578892610b96575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff9085898386541680610af6575b505050846109129161228b565b9261091d868661228b565b90868381610ae3575b50505084610ab3575b50807f000000000000000000000000000000000000000000000000000000000000000016803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa857610a94575b50817f00000000000000000000000000000000000000000000000000000000000000009960248a518094819382523060048301528d165afa958615610a895795610a56575b50610a15857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b865195865285015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a26105dd565b9794508088813d8311610a82575b610a6e81836120e3565b8101031261061f5796519396610a156109e7565b503d610a64565b8851903d90823e3d90fd5b610a9f919650612083565b600094386109a2565b89513d6000823e3d90fd5b610add907f0000000000000000000000000000000000000000000000000000000000000000612c8c565b3861092f565b610aee925416612c8c565b388683610926565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c57868092610b51575b509095949050858938610905565b915095508886813d8311610b85575b610b6a81836120e3565b81010312610b82575084519482015161091238610b43565b80fd5b503d610b60565b89513d88823e3d90fd5b9080925081813d8311610bbe575b610bae81836120e3565b8101031261061f575190386108da565b503d610ba4565b85513d8a823e3d90fd5b610bd890612083565b610be3578338610896565b8380fd5b606490517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601b60248201527f72455448206465706f736974206973206e6f7420656e61626c656400000000006044820152fd5b60078303610f885773c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2803b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134875af18015610f7e57610f66575b505060008060009073ffffffffffffffffffffffffffffffffffffffff9582868883541680610ecc575b505050610cd9823461228b565b90610ce4848461228b565b90848981610eb9575b50505082610e89575b50867f000000000000000000000000000000000000000000000000000000000000000016803b1561061f576000809160448951809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528b60048401528760248401525af18015610e7e57610e6a575b50602460207f0000000000000000000000000000000000000000000000000000000000000000988851928380926370a0823160e01b82523060048301528c165afa948515610e5f5794610e28575b50610de5847f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a983390612e1b565b8551948552602085015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a26105dd565b9693506020873d8211610e57575b81610e43602093836120e3565b8101031261061f5795519295610de5610db7565b3d9150610e36565b8751903d90823e3d90fd5b610e75919450612083565b60009238610d69565b87513d6000823e3d90fd5b610eb3907f0000000000000000000000000000000000000000000000000000000000000000612c07565b38610cf6565b610ec4925416612c07565b388489610ced565b909192935060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083523460048401528a60248401525af1908115610f5c57838092610f25575b50509190828638610ccc565b915092508583813d8311610f55575b610f3e81836120e3565b81010312610b825750602082519201513880610f19565b503d610f34565b86513d85823e3d90fd5b610f6f90612083565b610f7a578438610ca2565b8480fd5b84513d84823e3d90fd5b6008830361127857837384db6ee82b7cf3b47e8f19270abde5718b936670803b1561016a57816004918451928380927f9fa65c5600000000000000000000000000000000000000000000000000000000825234905af1801561081d57611264575b505080516370a0823160e01b8082523060048301529273e95a203b1a91a908f9b9ce46459d101078c2c3cb9160208082602481875afa918215610bc5578892611235575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff90858983865416806111a2575b505050846110659161228b565b92611070868661228b565b9086838161118f575b505050846111655750807f000000000000000000000000000000000000000000000000000000000000000016803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa857610a945750817f00000000000000000000000000000000000000000000000000000000000000009960248a518094819382523060048301528d165afa958615610a895795610a565750610a15857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b610add907f0000000000000000000000000000000000000000000000000000000000000000612b82565b61119a925416612b82565b388683611079565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c578680926111fd575b509095949050858938611058565b915095508886813d831161122e575b61121681836120e3565b81010312610b825750845194820151611065386111ef565b503d61120c565b9080925081813d831161125d575b61124d81836120e3565b8101031261061f5751903861102d565b503d611243565b61126d90612083565b610be3578338610fe9565b600983146112a9575b7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a91506105dd565b73f951e335afb289353dc249e82926178eac7ded78803b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134875af18015610f7e576115f6575b50508151926370a0823160e01b9384815230600482015260208082602481875afa918215610bc55788926115c7575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff9085898386541680611534575b505050846113669161228b565b92611371868661228b565b90868381611521575b505050846114f1575b50807f000000000000000000000000000000000000000000000000000000000000000016803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa8576114dd575b50817f00000000000000000000000000000000000000000000000000000000000000009960248a518094819382523060048301528d165afa958615610a8957956114aa575b50611469857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b865195865285015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2611281565b9794508088813d83116114d6575b6114c281836120e3565b8101031261061f579651939661146961143b565b503d6114b8565b6114e8919650612083565b600094386113f6565b61151b907f0000000000000000000000000000000000000000000000000000000000000000612a3a565b38611383565b61152c925416612a3a565b38868361137a565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c5786809261158f575b509095949050858938611359565b915095508886813d83116115c0575b6115a881836120e3565b81010312610b82575084519482015161136638611581565b503d61159e565b9080925081813d83116115ef575b6115df81836120e3565b8101031261061f5751903861132e565b503d6115d5565b6115ff90612083565b610f7a5784386112ff565b73c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2929150823b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134895af18015610f7e57611bed575b505081516370a0823160e01b8152306004820152602081602481875afa908115611be3578691611bb1575b50848652600360205273ffffffffffffffffffffffffffffffffffffffff838720541615611b54578115611ad1576005850361194557610e1042018042116119165773ffffffffffffffffffffffffffffffffffffffff9460209360e093610104938751936116fc856120c6565b8452735e8422345238f34275888049021821e8e08caa1f878501526101f488850152306060850152608084015260a083015260c082015260008382015260008660015416865197889586947f414bf389000000000000000000000000000000000000000000000000000000008652828151166004870152828982015116602487015262ffffff8a8201511660448701528260608201511660648701526080810151608487015260a081015160a487015260c081015160c487015201511660e48401525af191821561190b576000926118d7575b508373ac3e018457b222d93114458476f3e3416abbe38f92833b1561016a5782517f6e553f650000000000000000000000000000000000000000000000000000000081526004810191909152306024820152818160448183885af1801561081d576118c3575b505060206024928251938480926370a0823160e01b82523060048301525afa91821561062c57849261188d575b5061076c7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612557565b91506020823d6020116118bb575b816118a8602093836120e3565b8101031261061f5790519061076c611862565b3d915061189b565b6118cc90612083565b610be3578338611835565b90916020823d602011611903575b816118f2602093836120e3565b81010312610b8257505190386117cf565b3d91506118e5565b50513d6000823e3d90fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b90848694939452600360205273ffffffffffffffffffffffffffffffffffffffff848720541691610e1042018042116119165773ffffffffffffffffffffffffffffffffffffffff9460209360e093610104938951936119a4856120c6565b845287878501526101f48a850152306060850152608084015260a083015260c082015260008382015260008660015416885197889586947f414bf389000000000000000000000000000000000000000000000000000000008652828151166004870152828982015116602487015262ffffff8c8201511660448701528260608201511660648701526080810151608487015260a081015160a487015260c081015160c487015201511660e48401525af1918215611ac657600092611a90575b507f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a929161076c91612776565b90916020823d602011611abe575b81611aab602093836120e3565b81010312610b825750519061076c611a63565b3d9150611a9e565b83513d6000823e3d90fd5b608483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152602360248201527f616d6f756e744f75744d696e206d75737420626520677265617465722074686160448201527f6e203000000000000000000000000000000000000000000000000000000000006064820152fd5b606483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601760248201527f737761702070617468206e6f7420737570706f727465640000000000000000006044820152fd5b90506020813d602011611bdb575b81611bcc602093836120e3565b8101031261061f57513861168e565b3d9150611bbf565b83513d88823e3d90fd5b611bf690612083565b610f7a578438611663565b506006841015801561054f5750600984111561054f565b606483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152600c60248201527f496e76616c6964207061746800000000000000000000000000000000000000006044820152fd5b503461016a578160031936011261016a576020905173be9895146f7af43049ca1c1ae358b0541ea497048152f35b509034610b82576020600319360112610b8257611cc46002825414156121c8565b60028155737f39c581f595b53c5cb19bd0b3f8da6c935e2ca091823b1561016a5780517fea598cb00000000000000000000000000000000000000000000000000000000081526004356004820152828160248183885af18015611db657611da1575b506020602492938251938480926370a0823160e01b82523060048301525afa908115611d9857508290611d65575b611d5e9150612298565b6001815580f35b506020813d8211611d90575b81611d7e602093836120e3565b8101031261061f57611d5e9051611d54565b3d9150611d71565b513d84823e3d90fd5b602492611daf602092612083565b9250611d26565b505051903d90823e3d90fd5b503461016a578160031936011261016a576020905173c02aaa39b223fe8d0a0e5c4f27ead9083c756cc28152f35b503461016a578160031936011261016a576020905173ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000000000000000000000000000000000000000000168152f35b503461016a578160031936011261016a57602090517384db6ee82b7cf3b47e8f19270abde5718b9366708152f35b503461016a578160031936011261016a5760209051735e8422345238f34275888049021821e8e08caa1f8152f35b503461016a578160031936011261016a57602090516101f48152f35b503461016a578160031936011261016a5760209073ffffffffffffffffffffffffffffffffffffffff600154169051908152f35b8391503461016a578260031936011261016a5760043573ffffffffffffffffffffffffffffffffffffffff8116810361036e576024359160208101907f23b872dd0000000000000000000000000000000000000000000000000000000082523360248201523060448201528360648201526064815260a0810181811067ffffffffffffffff82111761205657865251849182919082855af1611f8c61222d565b81612027575b5015611fa55790611fa291612776565b80f35b608484517f08c379a0000000000000000000000000000000000000000000000000000000008152602060048201526024808201527f5472616e7366657248656c7065723a205452414e534645525f46524f4d5f464160448201527f494c4544000000000000000000000000000000000000000000000000000000006064820152fd5b805180159250821561203c575b505085611f92565b61204f9250602080918301019101612124565b8580612034565b6024867f4e487b710000000000000000000000000000000000000000000000000000000081526041600452fd5b67ffffffffffffffff811161209757604052565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b610100810190811067ffffffffffffffff82111761209757604052565b90601f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0910116810190811067ffffffffffffffff82111761209757604052565b9081602091031261061f5751801515810361061f5790565b6040517f6ada784700000000000000000000000000000000000000000000000000000000815260208160048173781693a15e1fa7c743a299f4f0242cdf5489a0d95afa9081156121bc57600091612191575090565b6121b2915060203d81116121b5575b6121aa81836120e3565b810190612124565b90565b503d6121a0565b6040513d6000823e3d90fd5b156121cf57565b60646040517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c006044820152fd5b3d15612286573d9067ffffffffffffffff8211612097576040519161227a60207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f84011601846120e3565b82523d6000602084013e565b606090565b9190820391821161191657565b60008060009073ffffffffffffffffffffffffffffffffffffffff938460025416806124a7575b50816122ca9161228b565b936122d5838361228b565b83612494575b82612464575b50807f00000000000000000000000000000000000000000000000000000000000000001694853b1561061f5760409182517f47e7ef2400000000000000000000000000000000000000000000000000000000815260008160448183737f39c581f595b53c5cb19bd0b3f8da6c935e2ca09c8d60048401528860248401525af1801561245957612445575b50602460207f0000000000000000000000000000000000000000000000000000000000000000928551928380926370a0823160e01b825230600483015286165afa96871561243a5796612405575b50856123c6913390612e1b565b81519586526020860152840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2565b9095506020813d8211612432575b81612420602093836120e3565b8101031261061f5751946123c66123b9565b3d9150612413565b8451903d90823e3d90fd5b612450919650612083565b6000943861236b565b84513d6000823e3d90fd5b61248e907f0000000000000000000000000000000000000000000000000000000000000000612d11565b386122e1565b6124a2848360025416612d11565b6122db565b92809192506040809460448251809481937ffa37a9ba000000000000000000000000000000000000000000000000000000008352886004840152737f39c581f595b53c5cb19bd0b3f8da6c935e2ca060248401525af191821561243a578094819361251c575b5050506122ca909291906122bf565b919450915083813d8111612550575b61253581836120e3565b81010312610b8257506122ca6020835193015190388061250d565b503d61252b565b60008060009073ffffffffffffffffffffffffffffffffffffffff938460025416806126c6575b50816125899161228b565b93612594838361228b565b836126b3575b82612683575b50807f00000000000000000000000000000000000000000000000000000000000000001694853b1561061f5760409182517f47e7ef240000000000000000000000000000000000000000000000000000000081526000816044818373ac3e018457b222d93114458476f3e3416abbe38f9c8d60048401528860248401525af18015612459576124455750602460207f0000000000000000000000000000000000000000000000000000000000000000928551928380926370a0823160e01b825230600483015286165afa96871561243a57966124055750856123c6913390612e1b565b6126ad907f0000000000000000000000000000000000000000000000000000000000000000612d96565b386125a0565b6126c1848360025416612d96565b61259a565b92809192506040809460448251809481937ffa37a9ba00000000000000000000000000000000000000000000000000000000835288600484015273ac3e018457b222d93114458476f3e3416abbe38f60248401525af191821561243a578094819361273b575b5050506125899092919061257e565b919450915083813d811161276f575b61275481836120e3565b81010312610b8257506125896020835193015190388061272c565b503d61274a565b906000908160009173ffffffffffffffffffffffffffffffffffffffff90816002541680612983575b50826127aa9161228b565b6127b4848461228b565b8461296f575b8361293e575b50817f00000000000000000000000000000000000000000000000000000000000000001691823b1561061f57604080517f47e7ef2400000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff891660048201526024810184905290936000908290604490829084905af180156124595761292a575b507f000000000000000000000000000000000000000000000000000000000000000083516370a0823160e01b81523060048201526020816024818686165afa97881561291f57976128ea575b50866128aa913390612e1b565b8251961686526020860152840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2565b9096506020813d8211612917575b81612905602093836120e3565b8101031261061f5751956128aa61289d565b3d91506128f8565b8551903d90823e3d90fd5b612935919650612083565b60009438612851565b612969907f000000000000000000000000000000000000000000000000000000000000000088612e1b565b386127c0565b61297e85846002541689612e1b565b6127ba565b604080517ffa37a9ba0000000000000000000000000000000000000000000000000000000081526004810184905273ffffffffffffffffffffffffffffffffffffffff8916602482015290959294509085908290604490829086905af191821561291f57809581936129ff575b5050506127aa9093929061279f565b919550915084813d8111612a33575b612a1881836120e3565b81010312610b8257506127aa602084519401519038806129f0565b503d612a0e565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612ac581606481015b037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe081018352826120e3565b51908273f951e335afb289353dc249e82926178eac7ded785af1612ae761222d565b81612b53575b5015612af557565b60646040517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601f60248201527f5472616e7366657248656c7065723a205452414e534645525f4641494c4544006044820152fd5b8051801592508215612b68575b505038612aed565b612b7b9250602080918301019101612124565b3880612b60565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612be58160648101612a99565b51908273e95a203b1a91a908f9b9ce46459d101078c2c3cb5af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612c6a8160648101612a99565b51908273c02aaa39b223fe8d0a0e5c4f27ead9083c756cc25af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612cef8160648101612a99565b51908273ae78736cd615f374d3085123a210448e74fc63935af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612d748160648101612a99565b519082737f39c581f595b53c5cb19bd0b3f8da6c935e2ca05af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612df98160648101612a99565b51908273ac3e018457b222d93114458476f3e3416abbe38f5af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff909316602482015260448101939093526000928392908390612e808160648101612a99565b51925af1612ae761222d56fea26469706673582212209f444f96c2260be229173e86b5013b40c8afdea688e6960435c62d431c54dd6e64736f6c634300081200330000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef
Deployed Bytecode
0x60806040818152600436101561001f575b5050361561001d57600080fd5b005b600091823560e01c9081630d77334614611eec5750806310f91b0b14611eb857806311b463f714611e9c5780631c685c4d14611e6e57806333c7b97f14611e405780634cee01b614611df05780634f0e0ef314611dc25780635481d5eb14611ca357806357f09ed514611c75578063591eb6a5146105145780635c0e43f2146104e657806365866875146104b2578063856e2f571461049757806386bf14c7146104695780638f90b0f01461043b57806398d1e9671461040d5780639ab4a445146103df5780639be65d96146103b15780639c47c63a14610383578063aca86cb914610286578063b3c42f9e14610258578063b5b0e85914610208578063c2b6bd01146101ca578063ca7acdcd1461019c578063d15616c51461016e5763e933b35403610010573461016a578160031936011261016a5760209061016161213c565b90519015158152f35b5080fd5b503461016a578160031936011261016a576020905173ac3e018457b222d93114458476f3e3416abbe38f8152f35b503461016a578160031936011261016a576020905173ae78736cd615f374d3085123a210448e74fc63938152f35b503461016a57602060031936011261016a5773ffffffffffffffffffffffffffffffffffffffff816020936004358152600385522054169051908152f35b503461016a578160031936011261016a576020905173ffffffffffffffffffffffffffffffffffffffff7f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74168152f35b503461016a578160031936011261016a576020905173bafa44efe7901e04e39dad13167d089c559c11388152f35b503461016a578160031936011261016a578051907f35c1d70100000000000000000000000000000000000000000000000000000000825273ffffffffffffffffffffffffffffffffffffffff9160208160048187877f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74165af191821561037a5750839161033c575b50167fffffffffffffffffffffffff0000000000000000000000000000000000000000600254161760025580f35b90506020813d8211610372575b81610356602093836120e3565b8101031261036e5751818116810361036e573861030e565b8280fd5b3d9150610349565b513d85823e3d90fd5b503461016a578160031936011261016a576020905173dd3f50f8a6cafbe9b31a427582963f465e745af88152f35b503461016a578160031936011261016a5760209051737f39c581f595b53c5cb19bd0b3f8da6c935e2ca08152f35b503461016a578160031936011261016a576020905173dac17f958d2ee523a2206206994597c13d831ec78152f35b503461016a578160031936011261016a576020905173781693a15e1fa7c743a299f4f0242cdf5489a0d98152f35b503461016a578160031936011261016a576020905173e95a203b1a91a908f9b9ce46459d101078c2c3cb8152f35b503461016a578160031936011261016a576020905173f951e335afb289353dc249e82926178eac7ded788152f35b503461016a578160031936011261016a5760209051600a8152f35b503461016a578160031936011261016a5760209073ffffffffffffffffffffffffffffffffffffffff600254169051908152f35b503461016a578160031936011261016a576020905173ae7ab96520de3a18e5e111b5eaab095312d7fe848152f35b508060031936011261016a57600435906024359160029061053882865414156121c8565b818555600a8411611c185760018411801590611c01575b1561160a5750826106935750737f39c581f595b53c5cb19bd0b3f8da6c935e2ca08380808034855af161058061222d565b5015610636579060206024928251938480926370a0823160e01b82523060048301525afa91821561062c5784926105f2575b506105dd7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612298565b80519234845260208401523392a26001815580f35b91506020823d8211610624575b8161060c602093836120e3565b8101031261061f579051906105dd6105b2565b600080fd5b3d91506105ff565b81513d86823e3d90fd5b606482517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601560248201527f777374455448206d696e74696e67206661696c656400000000000000000000006044820152fd5b6001830361082757508273bafa44efe7901e04e39dad13167d089c559c1138803b1561016a57816024918451928380927f4dcd454700000000000000000000000000000000000000000000000000000000825230600483015234905af1801561081d57610809575b505080516370a0823160e01b815230600482015260208160248173ac3e018457b222d93114458476f3e3416abbe38f5afa9081156107ff5784916107ce575b508015610771579061076c7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612557565b6105dd565b606482517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601660248201527f73667278455448206d696e74696e67206661696c6564000000000000000000006044820152fd5b90506020813d82116107f7575b816107e8602093836120e3565b8101031261061f57513861073a565b3d91506107db565b82513d86823e3d90fd5b61081290612083565b61036e5782386106fb565b83513d84823e3d90fd5b9060068303610c445761083861213c565b15610be7578373dd3f50f8a6cafbe9b31a427582963f465e745af8803b1561016a57816004918451928380927fd0e30db000000000000000000000000000000000000000000000000000000000825234905af1801561081d57610bcf575b505080516370a0823160e01b8082523060048301529273ae78736cd615f374d3085123a210448e74fc63939160208082602481875afa918215610bc5578892610b96575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff9085898386541680610af6575b505050846109129161228b565b9261091d868661228b565b90868381610ae3575b50505084610ab3575b50807f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c7416803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa857610a94575b50817f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef9960248a518094819382523060048301528d165afa958615610a895795610a56575b50610a15857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b865195865285015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a26105dd565b9794508088813d8311610a82575b610a6e81836120e3565b8101031261061f5796519396610a156109e7565b503d610a64565b8851903d90823e3d90fd5b610a9f919650612083565b600094386109a2565b89513d6000823e3d90fd5b610add907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612c8c565b3861092f565b610aee925416612c8c565b388683610926565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c57868092610b51575b509095949050858938610905565b915095508886813d8311610b85575b610b6a81836120e3565b81010312610b82575084519482015161091238610b43565b80fd5b503d610b60565b89513d88823e3d90fd5b9080925081813d8311610bbe575b610bae81836120e3565b8101031261061f575190386108da565b503d610ba4565b85513d8a823e3d90fd5b610bd890612083565b610be3578338610896565b8380fd5b606490517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601b60248201527f72455448206465706f736974206973206e6f7420656e61626c656400000000006044820152fd5b60078303610f885773c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2803b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134875af18015610f7e57610f66575b505060008060009073ffffffffffffffffffffffffffffffffffffffff9582868883541680610ecc575b505050610cd9823461228b565b90610ce4848461228b565b90848981610eb9575b50505082610e89575b50867f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c7416803b1561061f576000809160448951809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528b60048401528760248401525af18015610e7e57610e6a575b50602460207f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef988851928380926370a0823160e01b82523060048301528c165afa948515610e5f5794610e28575b50610de5847f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a983390612e1b565b8551948552602085015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a26105dd565b9693506020873d8211610e57575b81610e43602093836120e3565b8101031261061f5795519295610de5610db7565b3d9150610e36565b8751903d90823e3d90fd5b610e75919450612083565b60009238610d69565b87513d6000823e3d90fd5b610eb3907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612c07565b38610cf6565b610ec4925416612c07565b388489610ced565b909192935060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083523460048401528a60248401525af1908115610f5c57838092610f25575b50509190828638610ccc565b915092508583813d8311610f55575b610f3e81836120e3565b81010312610b825750602082519201513880610f19565b503d610f34565b86513d85823e3d90fd5b610f6f90612083565b610f7a578438610ca2565b8480fd5b84513d84823e3d90fd5b6008830361127857837384db6ee82b7cf3b47e8f19270abde5718b936670803b1561016a57816004918451928380927f9fa65c5600000000000000000000000000000000000000000000000000000000825234905af1801561081d57611264575b505080516370a0823160e01b8082523060048301529273e95a203b1a91a908f9b9ce46459d101078c2c3cb9160208082602481875afa918215610bc5578892611235575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff90858983865416806111a2575b505050846110659161228b565b92611070868661228b565b9086838161118f575b505050846111655750807f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c7416803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa857610a945750817f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef9960248a518094819382523060048301528d165afa958615610a895795610a565750610a15857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b610add907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612b82565b61119a925416612b82565b388683611079565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c578680926111fd575b509095949050858938611058565b915095508886813d831161122e575b61121681836120e3565b81010312610b825750845194820151611065386111ef565b503d61120c565b9080925081813d831161125d575b61124d81836120e3565b8101031261061f5751903861102d565b503d611243565b61126d90612083565b610be3578338610fe9565b600983146112a9575b7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a91506105dd565b73f951e335afb289353dc249e82926178eac7ded78803b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134875af18015610f7e576115f6575b50508151926370a0823160e01b9384815230600482015260208082602481875afa918215610bc55788926115c7575b50600092839160009373ffffffffffffffffffffffffffffffffffffffff9085898386541680611534575b505050846113669161228b565b92611371868661228b565b90868381611521575b505050846114f1575b50807f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c7416803b1561061f576000809160448b51809481937f47e7ef240000000000000000000000000000000000000000000000000000000083528d60048401528960248401525af18015610aa8576114dd575b50817f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef9960248a518094819382523060048301528d165afa958615610a8957956114aa575b50611469857f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a993390612e1b565b865195865285015284840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2611281565b9794508088813d83116114d6575b6114c281836120e3565b8101031261061f579651939661146961143b565b503d6114b8565b6114e8919650612083565b600094386113f6565b61151b907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612a3a565b38611383565b61152c925416612a3a565b38868361137a565b909192965060448251809481937ffa37a9ba0000000000000000000000000000000000000000000000000000000083528a60048401528d60248401525af1908115610b8c5786809261158f575b509095949050858938611359565b915095508886813d83116115c0575b6115a881836120e3565b81010312610b82575084519482015161136638611581565b503d61159e565b9080925081813d83116115ef575b6115df81836120e3565b8101031261061f5751903861132e565b503d6115d5565b6115ff90612083565b610f7a5784386112ff565b73c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2929150823b15610f7a578482517fd0e30db0000000000000000000000000000000000000000000000000000000008152818160048134895af18015610f7e57611bed575b505081516370a0823160e01b8152306004820152602081602481875afa908115611be3578691611bb1575b50848652600360205273ffffffffffffffffffffffffffffffffffffffff838720541615611b54578115611ad1576005850361194557610e1042018042116119165773ffffffffffffffffffffffffffffffffffffffff9460209360e093610104938751936116fc856120c6565b8452735e8422345238f34275888049021821e8e08caa1f878501526101f488850152306060850152608084015260a083015260c082015260008382015260008660015416865197889586947f414bf389000000000000000000000000000000000000000000000000000000008652828151166004870152828982015116602487015262ffffff8a8201511660448701528260608201511660648701526080810151608487015260a081015160a487015260c081015160c487015201511660e48401525af191821561190b576000926118d7575b508373ac3e018457b222d93114458476f3e3416abbe38f92833b1561016a5782517f6e553f650000000000000000000000000000000000000000000000000000000081526004810191909152306024820152818160448183885af1801561081d576118c3575b505060206024928251938480926370a0823160e01b82523060048301525afa91821561062c57849261188d575b5061076c7f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a92612557565b91506020823d6020116118bb575b816118a8602093836120e3565b8101031261061f5790519061076c611862565b3d915061189b565b6118cc90612083565b610be3578338611835565b90916020823d602011611903575b816118f2602093836120e3565b81010312610b8257505190386117cf565b3d91506118e5565b50513d6000823e3d90fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b90848694939452600360205273ffffffffffffffffffffffffffffffffffffffff848720541691610e1042018042116119165773ffffffffffffffffffffffffffffffffffffffff9460209360e093610104938951936119a4856120c6565b845287878501526101f48a850152306060850152608084015260a083015260c082015260008382015260008660015416885197889586947f414bf389000000000000000000000000000000000000000000000000000000008652828151166004870152828982015116602487015262ffffff8c8201511660448701528260608201511660648701526080810151608487015260a081015160a487015260c081015160c487015201511660e48401525af1918215611ac657600092611a90575b507f3d6c7010fd9052242236f257ef6a66bcaa07145fc53f17b6d5cd1f51bc344e1a929161076c91612776565b90916020823d602011611abe575b81611aab602093836120e3565b81010312610b825750519061076c611a63565b3d9150611a9e565b83513d6000823e3d90fd5b608483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152602360248201527f616d6f756e744f75744d696e206d75737420626520677265617465722074686160448201527f6e203000000000000000000000000000000000000000000000000000000000006064820152fd5b606483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601760248201527f737761702070617468206e6f7420737570706f727465640000000000000000006044820152fd5b90506020813d602011611bdb575b81611bcc602093836120e3565b8101031261061f57513861168e565b3d9150611bbf565b83513d88823e3d90fd5b611bf690612083565b610f7a578438611663565b506006841015801561054f5750600984111561054f565b606483517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152600c60248201527f496e76616c6964207061746800000000000000000000000000000000000000006044820152fd5b503461016a578160031936011261016a576020905173be9895146f7af43049ca1c1ae358b0541ea497048152f35b509034610b82576020600319360112610b8257611cc46002825414156121c8565b60028155737f39c581f595b53c5cb19bd0b3f8da6c935e2ca091823b1561016a5780517fea598cb00000000000000000000000000000000000000000000000000000000081526004356004820152828160248183885af18015611db657611da1575b506020602492938251938480926370a0823160e01b82523060048301525afa908115611d9857508290611d65575b611d5e9150612298565b6001815580f35b506020813d8211611d90575b81611d7e602093836120e3565b8101031261061f57611d5e9051611d54565b3d9150611d71565b513d84823e3d90fd5b602492611daf602092612083565b9250611d26565b505051903d90823e3d90fd5b503461016a578160031936011261016a576020905173c02aaa39b223fe8d0a0e5c4f27ead9083c756cc28152f35b503461016a578160031936011261016a576020905173ffffffffffffffffffffffffffffffffffffffff7f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef168152f35b503461016a578160031936011261016a57602090517384db6ee82b7cf3b47e8f19270abde5718b9366708152f35b503461016a578160031936011261016a5760209051735e8422345238f34275888049021821e8e08caa1f8152f35b503461016a578160031936011261016a57602090516101f48152f35b503461016a578160031936011261016a5760209073ffffffffffffffffffffffffffffffffffffffff600154169051908152f35b8391503461016a578260031936011261016a5760043573ffffffffffffffffffffffffffffffffffffffff8116810361036e576024359160208101907f23b872dd0000000000000000000000000000000000000000000000000000000082523360248201523060448201528360648201526064815260a0810181811067ffffffffffffffff82111761205657865251849182919082855af1611f8c61222d565b81612027575b5015611fa55790611fa291612776565b80f35b608484517f08c379a0000000000000000000000000000000000000000000000000000000008152602060048201526024808201527f5472616e7366657248656c7065723a205452414e534645525f46524f4d5f464160448201527f494c4544000000000000000000000000000000000000000000000000000000006064820152fd5b805180159250821561203c575b505085611f92565b61204f9250602080918301019101612124565b8580612034565b6024867f4e487b710000000000000000000000000000000000000000000000000000000081526041600452fd5b67ffffffffffffffff811161209757604052565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b610100810190811067ffffffffffffffff82111761209757604052565b90601f7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0910116810190811067ffffffffffffffff82111761209757604052565b9081602091031261061f5751801515810361061f5790565b6040517f6ada784700000000000000000000000000000000000000000000000000000000815260208160048173781693a15e1fa7c743a299f4f0242cdf5489a0d95afa9081156121bc57600091612191575090565b6121b2915060203d81116121b5575b6121aa81836120e3565b810190612124565b90565b503d6121a0565b6040513d6000823e3d90fd5b156121cf57565b60646040517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601f60248201527f5265656e7472616e637947756172643a207265656e7472616e742063616c6c006044820152fd5b3d15612286573d9067ffffffffffffffff8211612097576040519161227a60207fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0601f84011601846120e3565b82523d6000602084013e565b606090565b9190820391821161191657565b60008060009073ffffffffffffffffffffffffffffffffffffffff938460025416806124a7575b50816122ca9161228b565b936122d5838361228b565b83612494575b82612464575b50807f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c741694853b1561061f5760409182517f47e7ef2400000000000000000000000000000000000000000000000000000000815260008160448183737f39c581f595b53c5cb19bd0b3f8da6c935e2ca09c8d60048401528860248401525af1801561245957612445575b50602460207f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef928551928380926370a0823160e01b825230600483015286165afa96871561243a5796612405575b50856123c6913390612e1b565b81519586526020860152840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2565b9095506020813d8211612432575b81612420602093836120e3565b8101031261061f5751946123c66123b9565b3d9150612413565b8451903d90823e3d90fd5b612450919650612083565b6000943861236b565b84513d6000823e3d90fd5b61248e907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612d11565b386122e1565b6124a2848360025416612d11565b6122db565b92809192506040809460448251809481937ffa37a9ba000000000000000000000000000000000000000000000000000000008352886004840152737f39c581f595b53c5cb19bd0b3f8da6c935e2ca060248401525af191821561243a578094819361251c575b5050506122ca909291906122bf565b919450915083813d8111612550575b61253581836120e3565b81010312610b8257506122ca6020835193015190388061250d565b503d61252b565b60008060009073ffffffffffffffffffffffffffffffffffffffff938460025416806126c6575b50816125899161228b565b93612594838361228b565b836126b3575b82612683575b50807f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c741694853b1561061f5760409182517f47e7ef240000000000000000000000000000000000000000000000000000000081526000816044818373ac3e018457b222d93114458476f3e3416abbe38f9c8d60048401528860248401525af18015612459576124455750602460207f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef928551928380926370a0823160e01b825230600483015286165afa96871561243a57966124055750856123c6913390612e1b565b6126ad907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c74612d96565b386125a0565b6126c1848360025416612d96565b61259a565b92809192506040809460448251809481937ffa37a9ba00000000000000000000000000000000000000000000000000000000835288600484015273ac3e018457b222d93114458476f3e3416abbe38f60248401525af191821561243a578094819361273b575b5050506125899092919061257e565b919450915083813d811161276f575b61275481836120e3565b81010312610b8257506125896020835193015190388061272c565b503d61274a565b906000908160009173ffffffffffffffffffffffffffffffffffffffff90816002541680612983575b50826127aa9161228b565b6127b4848461228b565b8461296f575b8361293e575b50817f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c741691823b1561061f57604080517f47e7ef2400000000000000000000000000000000000000000000000000000000815273ffffffffffffffffffffffffffffffffffffffff891660048201526024810184905290936000908290604490829084905af180156124595761292a575b507f0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef83516370a0823160e01b81523060048201526020816024818686165afa97881561291f57976128ea575b50866128aa913390612e1b565b8251961686526020860152840152606083015260808201527f93a8bb21714c9fd236361ff60f1481ab185db519de8f303b6d93d6cd029e726560a03392a2565b9096506020813d8211612917575b81612905602093836120e3565b8101031261061f5751956128aa61289d565b3d91506128f8565b8551903d90823e3d90fd5b612935919650612083565b60009438612851565b612969907f00000000000000000000000051a80238b5738725128d3a3e06ab41c1d4c05c7488612e1b565b386127c0565b61297e85846002541689612e1b565b6127ba565b604080517ffa37a9ba0000000000000000000000000000000000000000000000000000000081526004810184905273ffffffffffffffffffffffffffffffffffffffff8916602482015290959294509085908290604490829086905af191821561291f57809581936129ff575b5050506127aa9093929061279f565b919550915084813d8111612a33575b612a1881836120e3565b81010312610b8257506127aa602084519401519038806129f0565b503d612a0e565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612ac581606481015b037fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe081018352826120e3565b51908273f951e335afb289353dc249e82926178eac7ded785af1612ae761222d565b81612b53575b5015612af557565b60646040517f08c379a000000000000000000000000000000000000000000000000000000000815260206004820152601f60248201527f5472616e7366657248656c7065723a205452414e534645525f4641494c4544006044820152fd5b8051801592508215612b68575b505038612aed565b612b7b9250602080918301019101612124565b3880612b60565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612be58160648101612a99565b51908273e95a203b1a91a908f9b9ce46459d101078c2c3cb5af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612c6a8160648101612a99565b51908273c02aaa39b223fe8d0a0e5c4f27ead9083c756cc25af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612cef8160648101612a99565b51908273ae78736cd615f374d3085123a210448e74fc63935af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612d748160648101612a99565b519082737f39c581f595b53c5cb19bd0b3f8da6c935e2ca05af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff90921660248201526044810192909252600091829190612df98160648101612a99565b51908273ac3e018457b222d93114458476f3e3416abbe38f5af1612ae761222d565b6040517fa9059cbb000000000000000000000000000000000000000000000000000000006020820190815273ffffffffffffffffffffffffffffffffffffffff909316602482015260448101939093526000928392908390612e808160648101612a99565b51925af1612ae761222d56fea26469706673582212209f444f96c2260be229173e86b5013b40c8afdea688e6960435c62d431c54dd6e64736f6c63430008120033
Constructor Arguments (ABI-Encoded and is the last bytes of the Contract Creation Code above)
0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef
-----Decoded View---------------
Arg [0] : _unshETHAddressV2 (address): 0x0Ae38f7E10A43B5b2fB064B42a2f4514cbA909ef
-----Encoded View---------------
1 Constructor Arguments found :
Arg [0] : 0000000000000000000000000ae38f7e10a43b5b2fb064b42a2f4514cba909ef
Loading...
Loading
Loading...
Loading
0xc258fF338322b6852C281936D4EdEff8AdfF23eE
Net Worth in USD
$0.00
Net Worth in ETH
0
Multichain Portfolio | 34 Chains
| Chain | Token | Portfolio % | Price | Amount | Value |
|---|
Loading...
Loading
Loading...
Loading
Loading...
Loading
[ Download: CSV Export ]
[ Download: CSV Export ]
A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.