Transaction Hash:
Block:
11977889 at Mar-05-2021 10:58:11 AM +UTC
Transaction Fee:
0.01958908033233102 ETH
$40.34
Gas Used:
227,780 Gas / 86.000001459 Gwei
Emitted Events:
| 284 |
eXRD.Transfer( from=0x6553F21aE00ff0731d9e7da300D2beFE8D38eA4F, to=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D, value=5825617283950617283950 )
|
| 285 |
RewardPool.TokensUnlocked( amount=5825617283950617283950, total=10270167824074074074074446 )
|
| 286 |
RewardPool.AccountingUpdated( )
|
| 287 |
UniswapV2Pair.Transfer( from=0x10Bc34f232980929Dcf91909E6746034B453b029, to=[Sender] 0x8136f7f36dbdade77dc5664b67f625d46a100374, value=35307799629273049 )
|
| 288 |
eXRD.Transfer( from=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D, to=[Sender] 0x8136f7f36dbdade77dc5664b67f625d46a100374, value=3009896078254706947 )
|
| 289 |
RewardPool.Unstaked( user=[Sender] 0x8136f7f36dbdade77dc5664b67f625d46a100374, amount=35307799629273049, total=0, data=0x )
|
| 290 |
RewardPool.TokensClaimed( user=[Sender] 0x8136f7f36dbdade77dc5664b67f625d46a100374, amount=3009896078254706947 )
|
Account State Difference:
| Address | Before | After | State Difference | ||
|---|---|---|---|---|---|
|
0x5A0b54D5...D3E029c4c
Miner
| (Spark Pool) | 92.431105685275741884 Eth | 92.450694765608072904 Eth | 0.01958908033233102 | |
| 0x6468e79A...74Af59414 | |||||
| 0x684B00a5...5a68E9a5f | |||||
| 0x8136f7f3...46A100374 |
0.463923666233503365 Eth
Nonce: 57
|
0.444334585901172345 Eth
Nonce: 58
| 0.01958908033233102 | ||
| 0xDF191bFb...0d537c421 |
Execution Trace
RewardPool.unstake( amount=35307799629273049, data=0x )
0x6553f21ae00ff0731d9e7da300d2befe8d38ea4f.STATICCALL( )-
eXRD.balanceOf( account=0x6553F21aE00ff0731d9e7da300D2beFE8D38eA4F ) => ( 10275993441358024691358396 )
-
0x6553f21ae00ff0731d9e7da300d2befe8d38ea4f.a9059cbb( )-
eXRD.transfer( recipient=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D, amount=5825617283950617283950 ) => ( True )
-
0x6553f21ae00ff0731d9e7da300d2befe8d38ea4f.STATICCALL( )-
eXRD.balanceOf( account=0x6553F21aE00ff0731d9e7da300D2beFE8D38eA4F ) => ( 10270167824074074074074446 )
-
0x9aa3699fa5cb3b69cb5d1a5382d8344d45d44f2d.STATICCALL( )-
eXRD.balanceOf( account=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D ) => ( 79103392107829388938894721 )
-
0x6553f21ae00ff0731d9e7da300d2befe8d38ea4f.STATICCALL( )-
eXRD.balanceOf( account=0x6553F21aE00ff0731d9e7da300D2beFE8D38eA4F ) => ( 10270167824074074074074446 )
-
0x9aa3699fa5cb3b69cb5d1a5382d8344d45d44f2d.STATICCALL( )-
eXRD.balanceOf( account=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D ) => ( 79103392107829388938894721 )
-
0x10bc34f232980929dcf91909e6746034b453b029.STATICCALL( )-
UniswapV2Pair.balanceOf( 0x10Bc34f232980929Dcf91909E6746034B453b029 ) => ( 28757893762927673037 )
-
0x10bc34f232980929dcf91909e6746034b453b029.STATICCALL( )-
UniswapV2Pair.balanceOf( 0x10Bc34f232980929Dcf91909E6746034B453b029 ) => ( 28757893762927673037 )
-
0x9aa3699fa5cb3b69cb5d1a5382d8344d45d44f2d.STATICCALL( )-
eXRD.balanceOf( account=0x9AA3699fA5CB3B69CB5d1A5382d8344d45d44f2D ) => ( 79103392107829388938894721 )
-
0x10bc34f232980929dcf91909e6746034b453b029.a9059cbb( )-
UniswapV2Pair.transfer( to=0x8136f7f36DBDAde77dC5664B67f625D46A100374, value=35307799629273049 ) => ( True )
-
0x9aa3699fa5cb3b69cb5d1a5382d8344d45d44f2d.a9059cbb( )-
eXRD.transfer( recipient=0x8136f7f36DBDAde77dC5664B67f625D46A100374, amount=3009896078254706947 ) => ( True )
-
0x10bc34f232980929dcf91909e6746034b453b029.STATICCALL( )-
UniswapV2Pair.balanceOf( 0x10Bc34f232980929Dcf91909E6746034B453b029 ) => ( 28722585963298399988 )
-
0x10bc34f232980929dcf91909e6746034b453b029.STATICCALL( )-
UniswapV2Pair.balanceOf( 0x10Bc34f232980929Dcf91909E6746034B453b029 ) => ( 28722585963298399988 )
-
unstake[RewardPool (ln:578)]
_unstake[RewardPool (ln:579)]updateAccounting[RewardPool (ln:829)]unlockTokens[RewardPool (ln:1022)]totalLocked[RewardPool (ln:1139)]balance[RewardPool (ln:1065)]
add[RewardPool (ln:1146)]unlockScheduleShares[RewardPool (ln:1146)]div[RewardPool (ln:1148)]mul[RewardPool (ln:1148)]sub[RewardPool (ln:1151)]transfer[RewardPool (ln:1156)]TokensUnlocked[RewardPool (ln:1159)]totalLocked[RewardPool (ln:1159)]balance[RewardPool (ln:1065)]
mul[RewardPool (ln:1025)]sub[RewardPool (ln:1025)]add[RewardPool (ln:1028)]mul[RewardPool (ln:1035)]sub[RewardPool (ln:1035)]add[RewardPool (ln:1038)]div[RewardPool (ln:1044)]mul[RewardPool (ln:1044)]totalUnlocked[RewardPool (ln:1044)]balance[RewardPool (ln:1072)]
AccountingUpdated[RewardPool (ln:1049)]totalLocked[RewardPool (ln:1052)]balance[RewardPool (ln:1065)]
totalUnlocked[RewardPool (ln:1053)]balance[RewardPool (ln:1072)]
totalStakedFor[RewardPool (ln:834)]div[RewardPool (ln:979)]mul[RewardPool (ln:979)]totalStaked[RewardPool (ln:979)]balance[RewardPool (ln:989)]
div[RewardPool (ln:838)]mul[RewardPool (ln:838)]totalStaked[RewardPool (ln:839)]balance[RewardPool (ln:989)]
sub[RewardPool (ln:856)]mul[RewardPool (ln:861)]computeNewReward[RewardPool (ln:865)]div[RewardPool (ln:951)]mul[RewardPool (ln:951)]totalUnlocked[RewardPool (ln:951)]balance[RewardPool (ln:1072)]
add[RewardPool (ln:956)]div[RewardPool (ln:961)]mul[RewardPool (ln:961)]mul[RewardPool (ln:963)]div[RewardPool (ln:963)]mul[RewardPool (ln:964)]div[RewardPool (ln:964)]mul[RewardPool (ln:964)]mul[RewardPool (ln:964)]sub[RewardPool (ln:964)]mul[RewardPool (ln:965)]div[RewardPool (ln:965)]mul[RewardPool (ln:965)]mul[RewardPool (ln:965)]sub[RewardPool (ln:965)]div[RewardPool (ln:967)]add[RewardPool (ln:967)]add[RewardPool (ln:967)]add[RewardPool (ln:969)]
add[RewardPool (ln:870)]sub[RewardPool (ln:873)]mul[RewardPool (ln:879)]computeNewReward[RewardPool (ln:882)]div[RewardPool (ln:951)]mul[RewardPool (ln:951)]totalUnlocked[RewardPool (ln:951)]balance[RewardPool (ln:1072)]
add[RewardPool (ln:956)]div[RewardPool (ln:961)]mul[RewardPool (ln:961)]mul[RewardPool (ln:963)]div[RewardPool (ln:963)]mul[RewardPool (ln:964)]div[RewardPool (ln:964)]mul[RewardPool (ln:964)]mul[RewardPool (ln:964)]sub[RewardPool (ln:964)]mul[RewardPool (ln:965)]div[RewardPool (ln:965)]mul[RewardPool (ln:965)]mul[RewardPool (ln:965)]sub[RewardPool (ln:965)]div[RewardPool (ln:967)]add[RewardPool (ln:967)]add[RewardPool (ln:967)]add[RewardPool (ln:969)]
add[RewardPool (ln:888)]sub[RewardPool (ln:891)]sub[RewardPool (ln:897)]sub[RewardPool (ln:900)]sub[RewardPool (ln:905)]sub[RewardPool (ln:908)]transfer[RewardPool (ln:914)]transfer[RewardPool (ln:918)]Unstaked[RewardPool (ln:922)]totalStakedFor[RewardPool (ln:922)]div[RewardPool (ln:979)]mul[RewardPool (ln:979)]totalStaked[RewardPool (ln:979)]balance[RewardPool (ln:989)]
TokensClaimed[RewardPool (ln:923)]totalStaked[RewardPool (ln:926)]balance[RewardPool (ln:989)]
File 1 of 3: RewardPool
File 2 of 3: eXRD
File 3 of 3: UniswapV2Pair
// File: openzeppelin-solidity/contracts/math/SafeMath.sol
pragma solidity ^0.5.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SafeMath: subtraction overflow");
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, "SafeMath: division by zero");
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
require(b != 0, "SafeMath: modulo by zero");
return a % b;
}
}
// File: openzeppelin-solidity/contracts/token/ERC20/IERC20.sol
pragma solidity ^0.5.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see `ERC20Detailed`.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through `transferFrom`. This is
* zero by default.
*
* This value changes when `approve` or `transferFrom` are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* > Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an `Approval` event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to `approve`. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// File: contracts/IStaking.sol
pragma solidity 0.5.1;
/**
* @title Staking interface, as defined by EIP-900.
* @dev https://github.com/ethereum/EIPs/blob/master/EIPS/eip-900.md
*/
contract IStaking {
event Staked(address indexed user, uint256 amount, uint256 total, bytes data);
event Unstaked(address indexed user, uint256 amount, uint256 total, bytes data);
function stake(uint256 amount, bytes calldata data) external;
function unstake(uint256 amount, bytes calldata data) external;
function totalStakedFor(address addr) public view returns (uint256);
function totalStaked() public view returns (uint256);
function token() external view returns (address);
/**
* @return False. This application does not support staking history.
*/
function supportsHistory() external pure returns (bool) {
return false;
}
}
// File: openzeppelin-solidity/contracts/ownership/Ownable.sol
pragma solidity ^0.5.0;
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be aplied to your functions to restrict their use to
* the owner.
*/
contract Ownable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor () internal {
_owner = msg.sender;
emit OwnershipTransferred(address(0), _owner);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
require(isOwner(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Returns true if the caller is the current owner.
*/
function isOwner() public view returns (bool) {
return msg.sender == _owner;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* > Note: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public onlyOwner {
emit OwnershipTransferred(_owner, address(0));
_owner = address(0);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public onlyOwner {
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
*/
function _transferOwnership(address newOwner) internal {
require(newOwner != address(0), "Ownable: new owner is the zero address");
emit OwnershipTransferred(_owner, newOwner);
_owner = newOwner;
}
}
// File: contracts/TokenPool.sol
pragma solidity 0.5.1;
/**
* @title A simple holder of tokens.
* This is a simple contract to hold tokens. It's useful in the case where a separate contract
* needs to hold multiple distinct pools of the same token.
*/
contract TokenPool is Ownable {
IERC20 public token;
constructor(IERC20 _token) public {
token = _token;
}
function balance() public view returns (uint256) {
return token.balanceOf(address(this));
}
function transfer(address to, uint256 value) external onlyOwner returns (bool) {
return token.transfer(to, value);
}
function rescueFunds(address tokenToRescue, address to, uint256 amount) external onlyOwner returns (bool) {
require(address(token) != tokenToRescue, 'TokenPool: Cannot claim token held by the contract');
return IERC20(tokenToRescue).transfer(to, amount);
}
}
// File: contracts/RewardPool.sol
pragma solidity 0.5.1;
/**
* @title Reward Pool
* @dev A smart-contract based mechanism to distribute tokens over time. Forked from Ampleforth's
* geyser contract, but utilizing a second degree polynomial curve to calculate the bonus rewards.
*
* Distribution tokens are added to a locked pool in the contract and become unlocked over time
* according to a once-configurable unlock schedule. Once unlocked, they are available to be
* claimed by users.
*
* A user may deposit tokens to accrue ownership share over the unlocked pool. This owner share
* is a function of the number of tokens deposited as well as the length of time deposited.
* Specifically, a user's share of the currently-unlocked pool equals their "deposit-seconds"
* divided by the global "deposit-seconds". This aligns the new token distribution with long
* term supporters of the project, addressing one of the major drawbacks of simple airdrops.
*
*/
contract RewardPool is IStaking {
struct Accounting {
uint256 globalTotalStakingShareSeconds;
uint256 globalLastAccountingTimestampSec;
uint256 globalLockedPoolBalance;
uint256 globalUnlockedPoolBalance;
}
struct RewardData {
uint256 stakingShareSecondsToBurn;
uint256 sharesLeftToBurn;
uint256 rewardAmount;
}
using SafeMath for uint256;
event Staked(
address indexed user,
uint256 amount,
uint256 total,
bytes data
);
event Unstaked(
address indexed user,
uint256 amount,
uint256 total,
bytes data
);
event TokensClaimed(address indexed user, uint256 amount);
event TokensLocked(uint256 amount, uint256 durationSec, uint256 total);
// amount: Unlocked tokens, total: Total locked tokens
event TokensUnlocked(uint256 amount, uint256 total);
event AccountingUpdated();
TokenPool private _stakingPool;
TokenPool private _unlockedPool;
TokenPool private _lockedPool;
//
// Time-bonus params
//
uint256 public constant BONUS_DECIMALS = 4;
uint256 public startBonus = 0;
uint256 public bonusPeriodSec = 0;
uint256 public growthParamX;
uint256 public growthParamY;
//
// Global accounting state
//
uint256 public totalLockedShares = 0;
uint256 public totalStakingShares = 0;
uint256 public _totalStakingShareSeconds = 0;
uint256 public _lastAccountingTimestampSec = now;
uint256 public _maxUnlockSchedules = 0;
uint256 public _initialSharesPerToken = 0;
//
// User accounting state
//
// Represents a single stake for a user. A user may have multiple.
struct Stake {
uint256 stakingShares;
uint256 timestampSec;
}
// Caches aggregated values from the User->Stake[] map to save computation.
// If lastAccountingTimestampSec is 0, there's no entry for that user.
struct UserTotals {
uint256 stakingShares;
uint256 stakingShareSeconds;
uint256 lastAccountingTimestampSec;
}
// Aggregated staking values per user
mapping(address => UserTotals) public _userTotals;
// The collection of stakes for each user. Ordered by timestamp, earliest to latest.
mapping(address => Stake[]) public _userStakes;
//
// Locked/Unlocked Accounting state
//
struct UnlockSchedule {
uint256 initialLockedShares;
uint256 unlockedShares;
uint256 lastUnlockTimestampSec;
uint256 endAtSec;
uint256 durationSec;
}
UnlockSchedule[] public unlockSchedules;
/**
* @param stakingToken The token users deposit as stake.
* @param distributionToken The token users receive as they unstake.
* @param maxUnlockSchedules Max number of unlock stages, to guard against hitting gas limit.
* @param startBonus_ Starting time bonus, BONUS_DECIMALS fixed point.
* e.g. 25 means user gets 25% of max distribution tokens.
* @param bonusPeriodSec_ Length of time for bonus to increase linearly to max.
* @param initialSharesPerToken Number of shares to mint per staking token on first stake.
*/
constructor(
IERC20 stakingToken,
IERC20 distributionToken,
uint256 maxUnlockSchedules,
uint256 startBonus_,
uint256 bonusPeriodSec_,
uint256 growthParamX_,
uint256 growthParamY_,
uint256 initialSharesPerToken
) public {
// The start bonus must be some fraction of the max. (i.e. <= 100%)
require(
startBonus_ <= 10**BONUS_DECIMALS,
"TokenGeyser: start bonus too high"
);
// If no period is desired, instead set startBonus = 100%
// and bonusPeriod to a small value like 1sec.
require(bonusPeriodSec_ != 0, "TokenGeyser: bonus period is zero");
require(
initialSharesPerToken > 0,
"TokenGeyser: initialSharesPerToken is zero"
);
_stakingPool = new TokenPool(stakingToken);
_unlockedPool = new TokenPool(distributionToken);
_lockedPool = new TokenPool(distributionToken);
startBonus = startBonus_;
bonusPeriodSec = bonusPeriodSec_;
growthParamX = growthParamX_;
growthParamY = growthParamY_;
_maxUnlockSchedules = maxUnlockSchedules;
_initialSharesPerToken = initialSharesPerToken;
}
function stakeCount(address account) public view returns (uint256) {
return _userStakes[account].length;
}
/**
* @return The token users deposit as stake.
*/
function getStakingToken() public view returns (IERC20) {
return _stakingPool.token();
}
/**
* @return The token users receive as they unstake.
*/
function getDistributionToken() public view returns (IERC20) {
assert(_unlockedPool.token() == _lockedPool.token());
return _unlockedPool.token();
}
/**
* @dev Transfers amount of deposit tokens from the user.
* @param amount Number of deposit tokens to stake.
* @param data Not used.
*/
function stake(uint256 amount, bytes calldata data) external {
_stakeFor(msg.sender, msg.sender, amount);
}
/**
* @dev Private implementation of staking methods.
* @param staker User address who deposits tokens to stake.
* @param beneficiary User address who gains credit for this stake operation.
* @param amount Number of deposit tokens to stake.
*/
function _stakeFor(
address staker,
address beneficiary,
uint256 amount
) private {
require(amount > 0, "TokenGeyser: stake amount is zero");
require(
beneficiary != address(0),
"TokenGeyser: beneficiary is zero address"
);
require(
totalStakingShares == 0 || totalStaked() > 0,
"TokenGeyser: Invalid state. Staking shares exist, but no staking tokens do"
);
uint256 mintedStakingShares = (totalStakingShares > 0)
? totalStakingShares.mul(amount).div(totalStaked())
: amount.mul(_initialSharesPerToken);
require(
mintedStakingShares > 0,
"TokenGeyser: Stake amount is too small"
);
updateAccounting();
// 1. User Accounting
UserTotals storage totals = _userTotals[beneficiary];
totals.stakingShares = totals.stakingShares.add(mintedStakingShares);
totals.lastAccountingTimestampSec = now;
Stake memory newStake = Stake(mintedStakingShares, now);
_userStakes[beneficiary].push(newStake);
// 2. Global Accounting
totalStakingShares = totalStakingShares.add(mintedStakingShares);
// Already set in updateAccounting()
// _lastAccountingTimestampSec = now;
// interactions
require(
_stakingPool.token().transferFrom(
staker,
address(_stakingPool),
amount
),
"TokenGeyser: transfer into staking pool failed"
);
emit Staked(beneficiary, amount, totalStakedFor(beneficiary), "");
}
/**
* @dev Unstakes a certain amount of previously deposited tokens. User also receives their
* alotted number of distribution tokens.
* @param amount Number of deposit tokens to unstake / withdraw.
* @param data Not used.
*/
function unstake(uint256 amount, bytes calldata data) external {
_unstake(amount);
}
function unlockScheduleSharesPure(uint256 s, uint256 timestamp) private view returns (uint256) {
UnlockSchedule memory schedule = unlockSchedules[s];
if (schedule.unlockedShares >= schedule.initialLockedShares) {
return 0;
}
uint256 sharesToUnlock = 0;
// Special case to handle any leftover dust from integer division
if (timestamp >= schedule.endAtSec) {
sharesToUnlock = (
schedule.initialLockedShares.sub(schedule.unlockedShares)
);
} else {
sharesToUnlock = timestamp
.sub(schedule.lastUnlockTimestampSec)
.mul(schedule.initialLockedShares)
.div(schedule.durationSec);
}
return sharesToUnlock;
}
function computeNewRewardPure(
uint256 newStakingShareSecondsToBurn,
uint256 stakeTimeSec,
uint256 rewardAmount,
uint256 totalUnlocked,
uint256 totalStakingShareSeconds,
bool withBonus
) internal view returns (uint256) {
uint256 newRewardTokens = totalUnlocked
.mul(newStakingShareSecondsToBurn)
.div(totalStakingShareSeconds);
if ((stakeTimeSec >= bonusPeriodSec) || !withBonus) {
return rewardAmount.add(newRewardTokens);
}
uint256 oneHundredPct = 10**BONUS_DECIMALS;
uint256 growthFactor = stakeTimeSec.mul(oneHundredPct).div(bonusPeriodSec);
uint256 term1 = (startBonus*oneHundredPct**3).div(oneHundredPct).mul(newRewardTokens);
uint256 term2 = (oneHundredPct.sub(startBonus).mul(growthParamX).mul(growthFactor**2)*oneHundredPct**3).div(oneHundredPct**3).mul(newRewardTokens);
uint256 term3 = (oneHundredPct.sub(startBonus).mul(growthParamY).mul(growthFactor)*oneHundredPct**3).div(oneHundredPct**2).mul(newRewardTokens);
uint256 bonusedReward = term1.add(term2).add(term3).div(oneHundredPct**3);
return rewardAmount.add(bonusedReward);
}
function unlockTokensPure(uint256 timestamp) public view returns (
uint256 lockedPoolBalance,
uint256 unlockedPoolBalance
) {
uint256 globalTotalLockedShares = totalLockedShares;
unlockedPoolBalance = _unlockedPool.balance();
lockedPoolBalance = _lockedPool.balance();
uint256 unlockedTokens = 0;
uint256 lockedTokens = totalLocked();
if (globalTotalLockedShares == 0) {
unlockedTokens = lockedTokens;
} else {
uint256 unlockedShares = 0;
for (uint256 s = 0; s < unlockSchedules.length; s++) {
unlockedShares = unlockedShares.add(unlockScheduleSharesPure(s, timestamp));
}
unlockedTokens = unlockedShares.mul(lockedTokens).div(
globalTotalLockedShares
);
globalTotalLockedShares = globalTotalLockedShares.sub(unlockedShares);
}
if (unlockedTokens > 0) {
/*
require(
_lockedPool.transfer(address(_unlockedPool), unlockedTokens),
"TokenGeyser: transfer out of locked pool failed"
);
*/
lockedPoolBalance -= unlockedTokens;
unlockedPoolBalance += unlockedTokens;
}
return (
lockedPoolBalance,
unlockedPoolBalance
);
}
function updateAccountingPure(uint256 timestamp) public view returns (
uint256 globalTotalStakingShareSeconds,
uint256 globalLastAccountingTimestampSec,
uint256 globalLockedPoolBalance,
uint256 globalUnlockedPoolBalance
){
globalTotalStakingShareSeconds = _totalStakingShareSeconds;
globalLastAccountingTimestampSec = _lastAccountingTimestampSec;
(
uint256 lockedPoolBalance,
uint256 unlockedPoolBalance
) = unlockTokensPure(timestamp);
// Global accounting
uint256 newStakingShareSeconds = timestamp
.sub(globalLastAccountingTimestampSec)
.mul(totalStakingShares);
globalTotalStakingShareSeconds = globalTotalStakingShareSeconds.add(
newStakingShareSeconds
);
globalLastAccountingTimestampSec = timestamp;
return (
globalTotalStakingShareSeconds,
globalLastAccountingTimestampSec,
lockedPoolBalance,
unlockedPoolBalance
);
}
/**
* @return The total number of distribution tokens that would be rewarded.
*/
function unstakeQuery(uint256 amount, bool withBonus, uint256 bonusTimestamp, uint256 unlockTimestamp) public view returns (uint256) {
bonusTimestamp += 30;
unlockTimestamp += 30;
if(bonusTimestamp == 0) {
bonusTimestamp = now;
}
if(unlockTimestamp == 0) {
unlockTimestamp = now;
}
Accounting memory accounting;
(
accounting.globalTotalStakingShareSeconds,
accounting.globalLastAccountingTimestampSec,
accounting.globalLockedPoolBalance,
accounting.globalUnlockedPoolBalance
) = updateAccountingPure(unlockTimestamp);
// checks
if(amount < 1) {
return 0;
}
require(
totalStakedFor(msg.sender) >= amount,
"TokenGeyser: unstake amount is greater than total user stakes"
);
// 1. User Accounting
Stake[] memory accountStakes = _userStakes[msg.sender];
RewardData memory data;
// Redeem from most recent stake and go backwards in time.
data.stakingShareSecondsToBurn = 0;
data.sharesLeftToBurn = totalStakingShares.mul(amount).div(
totalStaked()
);
data.rewardAmount = 0;
uint256 i = accountStakes.length - 1;
while (data.sharesLeftToBurn > 0) {
uint256 newStakingShareSecondsToBurn = 0;
if (
accountStakes[i].stakingShares <=
data.sharesLeftToBurn
) {
// fully redeem a past stake
newStakingShareSecondsToBurn = accountStakes[accountStakes
.length - 1]
.stakingShares
.mul(
unlockTimestamp.sub(
accountStakes[i].timestampSec
)
);
data.rewardAmount = computeNewRewardPure(
newStakingShareSecondsToBurn,
bonusTimestamp.sub(
accountStakes[i].timestampSec
),
data.rewardAmount,
accounting.globalUnlockedPoolBalance,
accounting.globalTotalStakingShareSeconds,
withBonus
);
data.stakingShareSecondsToBurn = data.stakingShareSecondsToBurn.add(
newStakingShareSecondsToBurn
);
data.sharesLeftToBurn = data.sharesLeftToBurn.sub(
accountStakes[i].stakingShares
);
i--;
} else {
// partially redeem a past stake
newStakingShareSecondsToBurn = data.sharesLeftToBurn.mul(
unlockTimestamp.sub(
accountStakes[i].timestampSec
)
);
data.rewardAmount = computeNewRewardPure(
newStakingShareSecondsToBurn,
unlockTimestamp.sub(
accountStakes[i].timestampSec
),
data.rewardAmount,
accounting.globalUnlockedPoolBalance,
accounting.globalTotalStakingShareSeconds,
withBonus
);
data.stakingShareSecondsToBurn = data.stakingShareSecondsToBurn.add(
newStakingShareSecondsToBurn
);
accountStakes[i]
.stakingShares = accountStakes[i]
.stakingShares
.sub(data.sharesLeftToBurn);
data.sharesLeftToBurn = 0;
}
}
return data.rewardAmount;
}
/**
* @dev Unstakes a certain amount of previously deposited tokens. User also receives their
* alotted number of distribution tokens.
* @param amount Number of deposit tokens to unstake / withdraw.
* @return The total number of distribution tokens rewarded.
*/
function _unstake(uint256 amount) private returns (uint256) {
updateAccounting();
// checks
require(amount > 0, "TokenGeyser: unstake amount is zero");
require(
totalStakedFor(msg.sender) >= amount,
"TokenGeyser: unstake amount is greater than total user stakes"
);
uint256 stakingSharesToBurn = totalStakingShares.mul(amount).div(
totalStaked()
);
require(
stakingSharesToBurn > 0,
"TokenGeyser: Unable to unstake amount this small"
);
// 1. User Accounting
UserTotals storage totals = _userTotals[msg.sender];
Stake[] storage accountStakes = _userStakes[msg.sender];
// Redeem from most recent stake and go backwards in time.
uint256 stakingShareSecondsToBurn = 0;
uint256 sharesLeftToBurn = stakingSharesToBurn;
uint256 rewardAmount = 0;
while (sharesLeftToBurn > 0) {
Stake storage lastStake = accountStakes[accountStakes.length - 1];
uint256 stakeTimeSec = now.sub(lastStake.timestampSec);
uint256 newStakingShareSecondsToBurn = 0;
if (lastStake.stakingShares <= sharesLeftToBurn) {
// fully redeem a past stake
newStakingShareSecondsToBurn = lastStake.stakingShares.mul(
stakeTimeSec
);
rewardAmount = computeNewReward(
rewardAmount,
newStakingShareSecondsToBurn,
stakeTimeSec
);
stakingShareSecondsToBurn = stakingShareSecondsToBurn.add(
newStakingShareSecondsToBurn
);
sharesLeftToBurn = sharesLeftToBurn.sub(
lastStake.stakingShares
);
accountStakes.length--;
} else {
// partially redeem a past stake
newStakingShareSecondsToBurn = sharesLeftToBurn.mul(
stakeTimeSec
);
rewardAmount = computeNewReward(
rewardAmount,
newStakingShareSecondsToBurn,
stakeTimeSec
);
stakingShareSecondsToBurn = stakingShareSecondsToBurn.add(
newStakingShareSecondsToBurn
);
lastStake.stakingShares = lastStake.stakingShares.sub(
sharesLeftToBurn
);
sharesLeftToBurn = 0;
}
}
totals.stakingShareSeconds = totals.stakingShareSeconds.sub(
stakingShareSecondsToBurn
);
totals.stakingShares = totals.stakingShares.sub(stakingSharesToBurn);
// Already set in updateAccounting
// totals.lastAccountingTimestampSec = now;
// 2. Global Accounting
_totalStakingShareSeconds = _totalStakingShareSeconds.sub(
stakingShareSecondsToBurn
);
totalStakingShares = totalStakingShares.sub(stakingSharesToBurn);
// Already set in updateAccounting
// _lastAccountingTimestampSec = now;
// interactions
require(
_stakingPool.transfer(msg.sender, amount),
"TokenGeyser: transfer out of staking pool failed"
);
require(
_unlockedPool.transfer(msg.sender, rewardAmount),
"TokenGeyser: transfer out of unlocked pool failed"
);
emit Unstaked(msg.sender, amount, totalStakedFor(msg.sender), "");
emit TokensClaimed(msg.sender, rewardAmount);
require(
totalStakingShares == 0 || totalStaked() > 0,
"TokenGeyser: Error unstaking. Staking shares exist, but no staking tokens do"
);
return rewardAmount;
}
/**
* @dev Applies an additional time-bonus to a distribution amount. This is necessary to
* encourage long-term deposits instead of constant unstake/restakes.
* The bonus-multiplier is the result of a linear function that starts at startBonus and
* ends at 100% over bonusPeriodSec, then stays at 100% thereafter.
* @param currentRewardTokens The current number of distribution tokens already alotted for this
* unstake op. Any bonuses are already applied.
* @param stakingShareSeconds The stakingShare-seconds that are being burned for new
* distribution tokens.
* @param stakeTimeSec Length of time for which the tokens were staked. Needed to calculate
* the time-bonus.
* @return Updated amount of distribution tokens to award, with any bonus included on the
* newly added tokens.
*/
function computeNewReward(
uint256 currentRewardTokens,
uint256 stakingShareSeconds,
uint256 stakeTimeSec
) private view returns (uint256) {
uint256 newRewardTokens = totalUnlocked().mul(stakingShareSeconds).div(
_totalStakingShareSeconds
);
if (stakeTimeSec >= bonusPeriodSec) {
return currentRewardTokens.add(newRewardTokens);
}
uint256 oneHundredPct = 10**BONUS_DECIMALS;
uint256 growthFactor = stakeTimeSec.mul(oneHundredPct).div(bonusPeriodSec);
uint256 term1 = (startBonus*oneHundredPct**3).div(oneHundredPct).mul(newRewardTokens);
uint256 term2 = (oneHundredPct.sub(startBonus).mul(growthParamX).mul(growthFactor**2)*oneHundredPct**3).div(oneHundredPct**3).mul(newRewardTokens);
uint256 term3 = (oneHundredPct.sub(startBonus).mul(growthParamY).mul(growthFactor)*oneHundredPct**3).div(oneHundredPct**2).mul(newRewardTokens);
uint256 bonusedReward = term1.add(term2).add(term3).div(oneHundredPct**3);
return currentRewardTokens.add(bonusedReward);
}
/**
* @param addr The user to look up staking information for.
* @return The number of staking tokens deposited for addr.
*/
function totalStakedFor(address addr) public view returns (uint256) {
return
totalStakingShares > 0
? totalStaked().mul(_userTotals[addr].stakingShares).div(
totalStakingShares
)
: 0;
}
/**
* @return The total number of deposit tokens staked globally, by all users.
*/
function totalStaked() public view returns (uint256) {
return _stakingPool.balance();
}
/**
* @dev Note that this application has a staking token as well as a distribution token, which
* may be different. This function is required by EIP-900.
* @return The deposit token used for staking.
*/
function token() external view returns (address) {
return address(getStakingToken());
}
/**
* @dev A globally callable function to update the accounting state of the system.
* Global state and state for the caller are updated.
* @return [0] balance of the locked pool
* @return [1] balance of the unlocked pool
* @return [2] caller's staking share seconds
* @return [3] global staking share seconds
* @return [4] Rewards caller has accumulated, optimistically assumes max time-bonus.
* @return [5] block timestamp
*/
function updateAccounting()
public
returns (
uint256,
uint256,
uint256,
uint256,
uint256,
uint256
)
{
unlockTokens();
// Global accounting
uint256 newStakingShareSeconds = now
.sub(_lastAccountingTimestampSec)
.mul(totalStakingShares);
_totalStakingShareSeconds = _totalStakingShareSeconds.add(
newStakingShareSeconds
);
_lastAccountingTimestampSec = now;
// User Accounting
UserTotals storage totals = _userTotals[msg.sender];
uint256 newUserStakingShareSeconds = now
.sub(totals.lastAccountingTimestampSec)
.mul(totals.stakingShares);
totals.stakingShareSeconds = totals.stakingShareSeconds.add(
newUserStakingShareSeconds
);
totals.lastAccountingTimestampSec = now;
uint256 totalUserRewards = (_totalStakingShareSeconds > 0)
? totalUnlocked().mul(totals.stakingShareSeconds).div(
_totalStakingShareSeconds
)
: 0;
emit AccountingUpdated();
return (
totalLocked(),
totalUnlocked(),
totals.stakingShareSeconds,
_totalStakingShareSeconds,
totalUserRewards,
now
);
}
/**
* @return Total number of locked distribution tokens.
*/
function totalLocked() public view returns (uint256) {
return _lockedPool.balance();
}
/**
* @return Total number of unlocked distribution tokens.
*/
function totalUnlocked() public view returns (uint256) {
return _unlockedPool.balance();
}
/**
* @return Number of unlock schedules.
*/
function unlockScheduleCount() public view returns (uint256) {
return unlockSchedules.length;
}
/**
* @dev This function allows anyone to add more locked distribution tokens, along
* with the associated "unlock schedule". These locked tokens immediately begin unlocking
* linearly over the duration of durationSec timeframe.
* @param amount Number of distribution tokens to lock. These are transferred from the caller.
* @param durationSec Length of time to linear unlock the tokens.
*/
function lockTokens(uint256 amount, uint256 durationSec)
external
{
require(
unlockSchedules.length < _maxUnlockSchedules,
"Reached maximum unlock schedules"
);
uint256 minTokenAmount = 1000000;
require(
amount >= minTokenAmount.mul((10**uint256(18))),
"Amount too low for unlock schedule"
);
// Update lockedTokens amount before using it in computations after.
updateAccounting();
uint256 lockedTokens = totalLocked();
uint256 mintedLockedShares = (lockedTokens > 0)
? totalLockedShares.mul(amount).div(lockedTokens)
: amount.mul(_initialSharesPerToken);
UnlockSchedule memory schedule;
schedule.initialLockedShares = mintedLockedShares;
schedule.lastUnlockTimestampSec = now;
schedule.endAtSec = now.add(durationSec);
schedule.durationSec = durationSec;
unlockSchedules.push(schedule);
totalLockedShares = totalLockedShares.add(mintedLockedShares);
require(
_lockedPool.token().transferFrom(
msg.sender,
address(_lockedPool),
amount
),
"TokenGeyser: transfer into locked pool failed"
);
emit TokensLocked(amount, durationSec, totalLocked());
}
/**
* @dev Moves distribution tokens from the locked pool to the unlocked pool, according to the
* previously defined unlock schedules. Publicly callable.
* @return Number of newly unlocked distribution tokens.
*/
function unlockTokens() public returns (uint256) {
uint256 unlockedTokens = 0;
uint256 lockedTokens = totalLocked();
if (totalLockedShares == 0) {
unlockedTokens = lockedTokens;
} else {
uint256 unlockedShares = 0;
for (uint256 s = 0; s < unlockSchedules.length; s++) {
unlockedShares = unlockedShares.add(unlockScheduleShares(s));
}
unlockedTokens = unlockedShares.mul(lockedTokens).div(
totalLockedShares
);
totalLockedShares = totalLockedShares.sub(unlockedShares);
}
if (unlockedTokens > 0) {
require(
_lockedPool.transfer(address(_unlockedPool), unlockedTokens),
"TokenGeyser: transfer out of locked pool failed"
);
emit TokensUnlocked(unlockedTokens, totalLocked());
}
return unlockedTokens;
}
/**
* @dev Returns the number of unlockable shares from a given schedule. The returned value
* depends on the time since the last unlock. This function updates schedule accounting,
* but does not actually transfer any tokens.
* @param s Index of the unlock schedule.
* @return The number of unlocked shares.
*/
function unlockScheduleShares(uint256 s) private returns (uint256) {
UnlockSchedule storage schedule = unlockSchedules[s];
if (schedule.unlockedShares >= schedule.initialLockedShares) {
return 0;
}
uint256 sharesToUnlock = 0;
// Special case to handle any leftover dust from integer division
if (now >= schedule.endAtSec) {
sharesToUnlock = (
schedule.initialLockedShares.sub(schedule.unlockedShares)
);
schedule.lastUnlockTimestampSec = schedule.endAtSec;
} else {
sharesToUnlock = now
.sub(schedule.lastUnlockTimestampSec)
.mul(schedule.initialLockedShares)
.div(schedule.durationSec);
schedule.lastUnlockTimestampSec = now;
}
schedule.unlockedShares = schedule.unlockedShares.add(sharesToUnlock);
return sharesToUnlock;
}
}File 2 of 3: eXRD
// File: @openzeppelin/contracts/GSN/Context.sol
pragma solidity ^0.6.0;
/*
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with GSN meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address payable) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes memory) {
this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691
return msg.data;
}
}
// File: @openzeppelin/contracts/token/ERC20/IERC20.sol
pragma solidity ^0.6.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// File: @openzeppelin/contracts/math/SafeMath.sol
pragma solidity ^0.6.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
*
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
*
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
*
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
*
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b, string memory errorMessage) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
// File: @openzeppelin/contracts/utils/Address.sol
pragma solidity ^0.6.2;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*/
function isContract(address account) internal view returns (bool) {
// According to EIP-1052, 0x0 is the value returned for not-yet created accounts
// and 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 is returned
// for accounts without code, i.e. `keccak256('')`
bytes32 codehash;
bytes32 accountHash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470;
// solhint-disable-next-line no-inline-assembly
assembly { codehash := extcodehash(account) }
return (codehash != accountHash && codehash != 0x0);
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
// solhint-disable-next-line avoid-low-level-calls, avoid-call-value
(bool success, ) = recipient.call{ value: amount }("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain`call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCall(target, data, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) {
return _functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
return _functionCallWithValue(target, data, value, errorMessage);
}
function _functionCallWithValue(address target, bytes memory data, uint256 weiValue, string memory errorMessage) private returns (bytes memory) {
require(isContract(target), "Address: call to non-contract");
// solhint-disable-next-line avoid-low-level-calls
(bool success, bytes memory returndata) = target.call{ value: weiValue }(data);
if (success) {
return returndata;
} else {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
// solhint-disable-next-line no-inline-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}
}
// File: @openzeppelin/contracts/token/ERC20/ERC20.sol
pragma solidity ^0.6.0;
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20 is Context, IERC20 {
using SafeMath for uint256;
using Address for address;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Sets the values for {name} and {symbol}, initializes {decimals} with
* a default value of 18.
*
* To select a different value for {decimals}, use {_setupDecimals}.
*
* All three of these values are immutable: they can only be set once during
* construction.
*/
constructor (string memory name, string memory symbol) public {
_name = name;
_symbol = symbol;
_decimals = 18;
}
/**
* @dev Returns the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5,05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless {_setupDecimals} is
* called.
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(_msgSender(), recipient, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
_approve(_msgSender(), spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20};
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
* - the caller must have allowance for ``sender``'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public virtual override returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, _msgSender(), _allowances[sender][_msgSender()].sub(amount, "ERC20: transfer amount exceeds allowance"));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
_approve(_msgSender(), spender, _allowances[_msgSender()][spender].sub(subtractedValue, "ERC20: decreased allowance below zero"));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal virtual {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(sender, recipient, amount);
_balances[sender] = _balances[sender].sub(amount, "ERC20: transfer amount exceeds balance");
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
_balances[account] = _balances[account].sub(amount, "ERC20: burn amount exceeds balance");
_totalSupply = _totalSupply.sub(amount);
emit Transfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 amount) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Sets {decimals} to a value other than the default one of 18.
*
* WARNING: This function should only be called from the constructor. Most
* applications that interact with token contracts will not expect
* {decimals} to ever change, and may work incorrectly if it does.
*/
function _setupDecimals(uint8 decimals_) internal {
_decimals = decimals_;
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be to transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual { }
}
// File: @openzeppelin/contracts/token/ERC20/ERC20Burnable.sol
pragma solidity ^0.6.0;
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20Burnable is Context, ERC20 {
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public virtual {
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `amount`.
*/
function burnFrom(address account, uint256 amount) public virtual {
uint256 decreasedAllowance = allowance(account, _msgSender()).sub(amount, "ERC20: burn amount exceeds allowance");
_approve(account, _msgSender(), decreasedAllowance);
_burn(account, amount);
}
}
// File: contract-dependencies/Roles.sol
pragma solidity ^0.6.0;
/**
* @title Roles
* @dev Library for managing addresses assigned to a Role.
*/
library Roles {
struct Role {
mapping (address => bool) bearer;
}
/**
* @dev Give an account access to this role.
*/
function add(Role storage role, address account) internal {
require(!has(role, account), "Roles: account already has role");
role.bearer[account] = true;
}
/**
* @dev Remove an account's access to this role.
*/
function remove(Role storage role, address account) internal {
require(has(role, account), "Roles: account does not have role");
role.bearer[account] = false;
}
/**
* @dev Check if an account has this role.
* @return bool
*/
function has(Role storage role, address account) internal view returns (bool) {
require(account != address(0), "Roles: account is the zero address");
return role.bearer[account];
}
}
// File: contract-dependencies/MinterRole.sol
pragma solidity ^0.6.8;
abstract contract MinterRole {
using Roles for Roles.Role;
event MinterAdded(address indexed account);
event MinterRemoved(address indexed account);
uint256 public mintersCount;
address[] public mintersArray;
Roles.Role private _minters;
modifier onlyMinter() {
require(isMinter(msg.sender), "MinterRole: caller does not have the Minter role");
_;
}
function isMinter(address account) public view returns (bool) {
return _minters.has(account);
}
function renounceMinter() public {
_removeMinter(msg.sender);
}
function _addMinter(address account) internal {
mintersCount++;
mintersArray.push(account);
_minters.add(account);
emit MinterAdded(account);
}
function _removeMinter(address account) internal {
uint256 index;
for(uint256 i = 0; i < mintersArray.length; i++) {
if(mintersArray[i] == account) {
index = i;
}
}
mintersArray[index] = mintersArray[mintersArray.length - 1];
mintersArray.pop();
mintersCount--;
_minters.remove(account);
emit MinterRemoved(account);
}
}
// File: contract-dependencies/OwnerRole.sol
pragma solidity ^0.6.8;
abstract contract OwnerRole {
using Roles for Roles.Role;
event OwnerAdded(address indexed account);
event OwnerRemoved(address indexed account);
uint256 public ownersCount;
address[] public ownersArray;
Roles.Role private _owners;
modifier onlyOwner() {
require(isOwner(msg.sender), "OwnerRole: caller does not have the Owner role");
_;
}
function isOwner(address account) public view returns (bool) {
return _owners.has(account);
}
function addOwner(address account) public onlyOwner {
_addOwner(account);
}
function renounceOwner() public {
_removeOwner(msg.sender);
}
function _addOwner(address account) internal {
ownersCount++;
ownersArray.push(account);
_owners.add(account);
emit OwnerAdded(account);
}
function _removeOwner(address account) internal {
ownersCount--;
uint256 index;
for(uint256 i = 0; i < ownersArray.length; i++) {
if(ownersArray[i] == account) {
index = i;
}
}
ownersArray[index] = ownersArray[ownersArray.length - 1];
ownersArray.pop();
_owners.remove(account);
emit OwnerRemoved(account);
}
}
// File: contract-dependencies/ERC20Mintable.sol
pragma solidity 0.6.8;
/**
* @dev Extension of {ERC20} that adds a set of accounts with the {MinterRole},
* which have permission to mint (create) new tokens as they see fit.
*
* At construction, the deployer of the contract is the only minter.
*/
abstract contract ERC20Mintable is ERC20, MinterRole, OwnerRole {
/**
* @dev See {ERC20-_mint}.
*
* Requirements:
*
* - the caller must have the {MinterRole}.
*/
modifier onlyMinterOrOwner() {
require(
isMinter(msg.sender) || isOwner(msg.sender),
"Caller is not a minter nor an owner."
);
_;
}
function removeMinter(address account) external onlyOwner {
_removeMinter(account);
}
function addMinter(address account) external onlyOwner {
_addMinter(account);
}
function mint(address account, uint256 amount)
external
onlyMinterOrOwner
returns (bool)
{
_mint(account, amount);
return true;
}
}
// File: contracts/eXRD.sol
/*
The ERC20 E-RADIX tokens have been generated by Radix Tokens (Jersey) Limited.
The purchase possession, exchange and use and ownership of these tokens are subject
to the terms and conditions, risk warnings and disclaimers issued by Radix Token’s Jersey Limited
which can be found at www.radixtokens.com/terms/ERC20token and which shall be binding on all
persons who acquires or seeks to acquire possess or control the use custody exchange or ownership
of these tokens and all successors in title including anyone who may claim or be entitled to
an equitable right title or interest in these tokens or any of them.
*/
pragma solidity 0.6.8;
contract eXRD is ERC20Burnable, ERC20Mintable {
constructor(address depositAddress, uint256 amount)
public
ERC20("E-RADIX", "eXRD")
{
require(depositAddress != address(0));
_addOwner(msg.sender);
_mint(depositAddress, amount.mul((10**uint256(decimals()))));
}
}File 3 of 3: UniswapV2Pair
// File: contracts/interfaces/IUniswapV2Pair.sol
pragma solidity >=0.5.0;
interface IUniswapV2Pair {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
function MINIMUM_LIQUIDITY() external pure returns (uint);
function factory() external view returns (address);
function token0() external view returns (address);
function token1() external view returns (address);
function getReserves() external view returns (uint112 reserve0, uint112 reserve1, uint32 blockTimestampLast);
function price0CumulativeLast() external view returns (uint);
function price1CumulativeLast() external view returns (uint);
function kLast() external view returns (uint);
function mint(address to) external returns (uint liquidity);
function burn(address to) external returns (uint amount0, uint amount1);
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external;
function skim(address to) external;
function sync() external;
function initialize(address, address) external;
}
// File: contracts/interfaces/IUniswapV2ERC20.sol
pragma solidity >=0.5.0;
interface IUniswapV2ERC20 {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external pure returns (string memory);
function symbol() external pure returns (string memory);
function decimals() external pure returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
function DOMAIN_SEPARATOR() external view returns (bytes32);
function PERMIT_TYPEHASH() external pure returns (bytes32);
function nonces(address owner) external view returns (uint);
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external;
}
// File: contracts/libraries/SafeMath.sol
pragma solidity =0.5.16;
// a library for performing overflow-safe math, courtesy of DappHub (https://github.com/dapphub/ds-math)
library SafeMath {
function add(uint x, uint y) internal pure returns (uint z) {
require((z = x + y) >= x, 'ds-math-add-overflow');
}
function sub(uint x, uint y) internal pure returns (uint z) {
require((z = x - y) <= x, 'ds-math-sub-underflow');
}
function mul(uint x, uint y) internal pure returns (uint z) {
require(y == 0 || (z = x * y) / y == x, 'ds-math-mul-overflow');
}
}
// File: contracts/UniswapV2ERC20.sol
pragma solidity =0.5.16;
contract UniswapV2ERC20 is IUniswapV2ERC20 {
using SafeMath for uint;
string public constant name = 'Uniswap V2';
string public constant symbol = 'UNI-V2';
uint8 public constant decimals = 18;
uint public totalSupply;
mapping(address => uint) public balanceOf;
mapping(address => mapping(address => uint)) public allowance;
bytes32 public DOMAIN_SEPARATOR;
// keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 public constant PERMIT_TYPEHASH = 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9;
mapping(address => uint) public nonces;
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
constructor() public {
uint chainId;
assembly {
chainId := chainid
}
DOMAIN_SEPARATOR = keccak256(
abi.encode(
keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)'),
keccak256(bytes(name)),
keccak256(bytes('1')),
chainId,
address(this)
)
);
}
function _mint(address to, uint value) internal {
totalSupply = totalSupply.add(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(address(0), to, value);
}
function _burn(address from, uint value) internal {
balanceOf[from] = balanceOf[from].sub(value);
totalSupply = totalSupply.sub(value);
emit Transfer(from, address(0), value);
}
function _approve(address owner, address spender, uint value) private {
allowance[owner][spender] = value;
emit Approval(owner, spender, value);
}
function _transfer(address from, address to, uint value) private {
balanceOf[from] = balanceOf[from].sub(value);
balanceOf[to] = balanceOf[to].add(value);
emit Transfer(from, to, value);
}
function approve(address spender, uint value) external returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
function transfer(address to, uint value) external returns (bool) {
_transfer(msg.sender, to, value);
return true;
}
function transferFrom(address from, address to, uint value) external returns (bool) {
if (allowance[from][msg.sender] != uint(-1)) {
allowance[from][msg.sender] = allowance[from][msg.sender].sub(value);
}
_transfer(from, to, value);
return true;
}
function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external {
require(deadline >= block.timestamp, 'UniswapV2: EXPIRED');
bytes32 digest = keccak256(
abi.encodePacked(
'\x19\x01',
DOMAIN_SEPARATOR,
keccak256(abi.encode(PERMIT_TYPEHASH, owner, spender, value, nonces[owner]++, deadline))
)
);
address recoveredAddress = ecrecover(digest, v, r, s);
require(recoveredAddress != address(0) && recoveredAddress == owner, 'UniswapV2: INVALID_SIGNATURE');
_approve(owner, spender, value);
}
}
// File: contracts/libraries/Math.sol
pragma solidity =0.5.16;
// a library for performing various math operations
library Math {
function min(uint x, uint y) internal pure returns (uint z) {
z = x < y ? x : y;
}
// babylonian method (https://en.wikipedia.org/wiki/Methods_of_computing_square_roots#Babylonian_method)
function sqrt(uint y) internal pure returns (uint z) {
if (y > 3) {
z = y;
uint x = y / 2 + 1;
while (x < z) {
z = x;
x = (y / x + x) / 2;
}
} else if (y != 0) {
z = 1;
}
}
}
// File: contracts/libraries/UQ112x112.sol
pragma solidity =0.5.16;
// a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format))
// range: [0, 2**112 - 1]
// resolution: 1 / 2**112
library UQ112x112 {
uint224 constant Q112 = 2**112;
// encode a uint112 as a UQ112x112
function encode(uint112 y) internal pure returns (uint224 z) {
z = uint224(y) * Q112; // never overflows
}
// divide a UQ112x112 by a uint112, returning a UQ112x112
function uqdiv(uint224 x, uint112 y) internal pure returns (uint224 z) {
z = x / uint224(y);
}
}
// File: contracts/interfaces/IERC20.sol
pragma solidity >=0.5.0;
interface IERC20 {
event Approval(address indexed owner, address indexed spender, uint value);
event Transfer(address indexed from, address indexed to, uint value);
function name() external view returns (string memory);
function symbol() external view returns (string memory);
function decimals() external view returns (uint8);
function totalSupply() external view returns (uint);
function balanceOf(address owner) external view returns (uint);
function allowance(address owner, address spender) external view returns (uint);
function approve(address spender, uint value) external returns (bool);
function transfer(address to, uint value) external returns (bool);
function transferFrom(address from, address to, uint value) external returns (bool);
}
// File: contracts/interfaces/IUniswapV2Factory.sol
pragma solidity >=0.5.0;
interface IUniswapV2Factory {
event PairCreated(address indexed token0, address indexed token1, address pair, uint);
function feeTo() external view returns (address);
function feeToSetter() external view returns (address);
function getPair(address tokenA, address tokenB) external view returns (address pair);
function allPairs(uint) external view returns (address pair);
function allPairsLength() external view returns (uint);
function createPair(address tokenA, address tokenB) external returns (address pair);
function setFeeTo(address) external;
function setFeeToSetter(address) external;
}
// File: contracts/interfaces/IUniswapV2Callee.sol
pragma solidity >=0.5.0;
interface IUniswapV2Callee {
function uniswapV2Call(address sender, uint amount0, uint amount1, bytes calldata data) external;
}
// File: contracts/UniswapV2Pair.sol
pragma solidity =0.5.16;
contract UniswapV2Pair is IUniswapV2Pair, UniswapV2ERC20 {
using SafeMath for uint;
using UQ112x112 for uint224;
uint public constant MINIMUM_LIQUIDITY = 10**3;
bytes4 private constant SELECTOR = bytes4(keccak256(bytes('transfer(address,uint256)')));
address public factory;
address public token0;
address public token1;
uint112 private reserve0; // uses single storage slot, accessible via getReserves
uint112 private reserve1; // uses single storage slot, accessible via getReserves
uint32 private blockTimestampLast; // uses single storage slot, accessible via getReserves
uint public price0CumulativeLast;
uint public price1CumulativeLast;
uint public kLast; // reserve0 * reserve1, as of immediately after the most recent liquidity event
uint private unlocked = 1;
modifier lock() {
require(unlocked == 1, 'UniswapV2: LOCKED');
unlocked = 0;
_;
unlocked = 1;
}
function getReserves() public view returns (uint112 _reserve0, uint112 _reserve1, uint32 _blockTimestampLast) {
_reserve0 = reserve0;
_reserve1 = reserve1;
_blockTimestampLast = blockTimestampLast;
}
function _safeTransfer(address token, address to, uint value) private {
(bool success, bytes memory data) = token.call(abi.encodeWithSelector(SELECTOR, to, value));
require(success && (data.length == 0 || abi.decode(data, (bool))), 'UniswapV2: TRANSFER_FAILED');
}
event Mint(address indexed sender, uint amount0, uint amount1);
event Burn(address indexed sender, uint amount0, uint amount1, address indexed to);
event Swap(
address indexed sender,
uint amount0In,
uint amount1In,
uint amount0Out,
uint amount1Out,
address indexed to
);
event Sync(uint112 reserve0, uint112 reserve1);
constructor() public {
factory = msg.sender;
}
// called once by the factory at time of deployment
function initialize(address _token0, address _token1) external {
require(msg.sender == factory, 'UniswapV2: FORBIDDEN'); // sufficient check
token0 = _token0;
token1 = _token1;
}
// update reserves and, on the first call per block, price accumulators
function _update(uint balance0, uint balance1, uint112 _reserve0, uint112 _reserve1) private {
require(balance0 <= uint112(-1) && balance1 <= uint112(-1), 'UniswapV2: OVERFLOW');
uint32 blockTimestamp = uint32(block.timestamp % 2**32);
uint32 timeElapsed = blockTimestamp - blockTimestampLast; // overflow is desired
if (timeElapsed > 0 && _reserve0 != 0 && _reserve1 != 0) {
// * never overflows, and + overflow is desired
price0CumulativeLast += uint(UQ112x112.encode(_reserve1).uqdiv(_reserve0)) * timeElapsed;
price1CumulativeLast += uint(UQ112x112.encode(_reserve0).uqdiv(_reserve1)) * timeElapsed;
}
reserve0 = uint112(balance0);
reserve1 = uint112(balance1);
blockTimestampLast = blockTimestamp;
emit Sync(reserve0, reserve1);
}
// if fee is on, mint liquidity equivalent to 1/6th of the growth in sqrt(k)
function _mintFee(uint112 _reserve0, uint112 _reserve1) private returns (bool feeOn) {
address feeTo = IUniswapV2Factory(factory).feeTo();
feeOn = feeTo != address(0);
uint _kLast = kLast; // gas savings
if (feeOn) {
if (_kLast != 0) {
uint rootK = Math.sqrt(uint(_reserve0).mul(_reserve1));
uint rootKLast = Math.sqrt(_kLast);
if (rootK > rootKLast) {
uint numerator = totalSupply.mul(rootK.sub(rootKLast));
uint denominator = rootK.mul(5).add(rootKLast);
uint liquidity = numerator / denominator;
if (liquidity > 0) _mint(feeTo, liquidity);
}
}
} else if (_kLast != 0) {
kLast = 0;
}
}
// this low-level function should be called from a contract which performs important safety checks
function mint(address to) external lock returns (uint liquidity) {
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
uint balance0 = IERC20(token0).balanceOf(address(this));
uint balance1 = IERC20(token1).balanceOf(address(this));
uint amount0 = balance0.sub(_reserve0);
uint amount1 = balance1.sub(_reserve1);
bool feeOn = _mintFee(_reserve0, _reserve1);
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
if (_totalSupply == 0) {
liquidity = Math.sqrt(amount0.mul(amount1)).sub(MINIMUM_LIQUIDITY);
_mint(address(0), MINIMUM_LIQUIDITY); // permanently lock the first MINIMUM_LIQUIDITY tokens
} else {
liquidity = Math.min(amount0.mul(_totalSupply) / _reserve0, amount1.mul(_totalSupply) / _reserve1);
}
require(liquidity > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_MINTED');
_mint(to, liquidity);
_update(balance0, balance1, _reserve0, _reserve1);
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
emit Mint(msg.sender, amount0, amount1);
}
// this low-level function should be called from a contract which performs important safety checks
function burn(address to) external lock returns (uint amount0, uint amount1) {
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
uint balance0 = IERC20(_token0).balanceOf(address(this));
uint balance1 = IERC20(_token1).balanceOf(address(this));
uint liquidity = balanceOf[address(this)];
bool feeOn = _mintFee(_reserve0, _reserve1);
uint _totalSupply = totalSupply; // gas savings, must be defined here since totalSupply can update in _mintFee
amount0 = liquidity.mul(balance0) / _totalSupply; // using balances ensures pro-rata distribution
amount1 = liquidity.mul(balance1) / _totalSupply; // using balances ensures pro-rata distribution
require(amount0 > 0 && amount1 > 0, 'UniswapV2: INSUFFICIENT_LIQUIDITY_BURNED');
_burn(address(this), liquidity);
_safeTransfer(_token0, to, amount0);
_safeTransfer(_token1, to, amount1);
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
_update(balance0, balance1, _reserve0, _reserve1);
if (feeOn) kLast = uint(reserve0).mul(reserve1); // reserve0 and reserve1 are up-to-date
emit Burn(msg.sender, amount0, amount1, to);
}
// this low-level function should be called from a contract which performs important safety checks
function swap(uint amount0Out, uint amount1Out, address to, bytes calldata data) external lock {
require(amount0Out > 0 || amount1Out > 0, 'UniswapV2: INSUFFICIENT_OUTPUT_AMOUNT');
(uint112 _reserve0, uint112 _reserve1,) = getReserves(); // gas savings
require(amount0Out < _reserve0 && amount1Out < _reserve1, 'UniswapV2: INSUFFICIENT_LIQUIDITY');
uint balance0;
uint balance1;
{ // scope for _token{0,1}, avoids stack too deep errors
address _token0 = token0;
address _token1 = token1;
require(to != _token0 && to != _token1, 'UniswapV2: INVALID_TO');
if (amount0Out > 0) _safeTransfer(_token0, to, amount0Out); // optimistically transfer tokens
if (amount1Out > 0) _safeTransfer(_token1, to, amount1Out); // optimistically transfer tokens
if (data.length > 0) IUniswapV2Callee(to).uniswapV2Call(msg.sender, amount0Out, amount1Out, data);
balance0 = IERC20(_token0).balanceOf(address(this));
balance1 = IERC20(_token1).balanceOf(address(this));
}
uint amount0In = balance0 > _reserve0 - amount0Out ? balance0 - (_reserve0 - amount0Out) : 0;
uint amount1In = balance1 > _reserve1 - amount1Out ? balance1 - (_reserve1 - amount1Out) : 0;
require(amount0In > 0 || amount1In > 0, 'UniswapV2: INSUFFICIENT_INPUT_AMOUNT');
{ // scope for reserve{0,1}Adjusted, avoids stack too deep errors
uint balance0Adjusted = balance0.mul(1000).sub(amount0In.mul(3));
uint balance1Adjusted = balance1.mul(1000).sub(amount1In.mul(3));
require(balance0Adjusted.mul(balance1Adjusted) >= uint(_reserve0).mul(_reserve1).mul(1000**2), 'UniswapV2: K');
}
_update(balance0, balance1, _reserve0, _reserve1);
emit Swap(msg.sender, amount0In, amount1In, amount0Out, amount1Out, to);
}
// force balances to match reserves
function skim(address to) external lock {
address _token0 = token0; // gas savings
address _token1 = token1; // gas savings
_safeTransfer(_token0, to, IERC20(_token0).balanceOf(address(this)).sub(reserve0));
_safeTransfer(_token1, to, IERC20(_token1).balanceOf(address(this)).sub(reserve1));
}
// force reserves to match balances
function sync() external lock {
_update(IERC20(token0).balanceOf(address(this)), IERC20(token1).balanceOf(address(this)), reserve0, reserve1);
}
}