Description:
ERC20 token contract with Mintable, Factory capabilities. Standard implementation for fungible tokens on Ethereum.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"@openzeppelin/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.20;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
"
},
"@openzeppelin/contracts/utils/math/Math.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.0) (utils/math/Math.sol)
pragma solidity ^0.8.20;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
/**
* @dev Muldiv operation overflow.
*/
error MathOverflowedMulDiv();
enum Rounding {
Floor, // Toward negative infinity
Ceil, // Toward positive infinity
Trunc, // Toward zero
Expand // Away from zero
}
/**
* @dev Returns the addition of two unsigned integers, with an overflow flag.
*/
function tryAdd(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
uint256 c = a + b;
if (c < a) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the subtraction of two unsigned integers, with an overflow flag.
*/
function trySub(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b > a) return (false, 0);
return (true, a - b);
}
}
/**
* @dev Returns the multiplication of two unsigned integers, with an overflow flag.
*/
function tryMul(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) return (true, 0);
uint256 c = a * b;
if (c / a != b) return (false, 0);
return (true, c);
}
}
/**
* @dev Returns the division of two unsigned integers, with a division by zero flag.
*/
function tryDiv(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a / b);
}
}
/**
* @dev Returns the remainder of dividing two unsigned integers, with a division by zero flag.
*/
function tryMod(uint256 a, uint256 b) internal pure returns (bool, uint256) {
unchecked {
if (b == 0) return (false, 0);
return (true, a % b);
}
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds towards infinity instead
* of rounding towards zero.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (b == 0) {
// Guarantee the same behavior as in a regular Solidity division.
return a / b;
}
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or
* denominator == 0.
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv) with further edits by
* Uniswap Labs also under MIT license.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0 = x * y; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
// Solidity will revert if denominator == 0, unlike the div opcode on its own.
// The surrounding unchecked block does not change this fact.
// See https://docs.soliditylang.org/en/latest/control-structures.html#checked-or-unchecked-arithmetic.
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
if (denominator <= prod1) {
revert MathOverflowedMulDiv();
}
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator.
// Always >= 1. See https://cs.stackexchange.com/q/138556/92363.
uint256 twos = denominator & (0 - denominator);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
// works in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(uint256 x, uint256 y, uint256 denominator, Rounding rounding) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (unsignedRoundsUp(rounding) && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded
* towards zero.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (unsignedRoundsUp(rounding) && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (unsignedRoundsUp(rounding) && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10 of a positive value rounded towards zero.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10 ** 64) {
value /= 10 ** 64;
result += 64;
}
if (value >= 10 ** 32) {
value /= 10 ** 32;
result += 32;
}
if (value >= 10 ** 16) {
value /= 10 ** 16;
result += 16;
}
if (value >= 10 ** 8) {
value /= 10 ** 8;
result += 8;
}
if (value >= 10 ** 4) {
value /= 10 ** 4;
result += 4;
}
if (value >= 10 ** 2) {
value /= 10 ** 2;
result += 2;
}
if (value >= 10 ** 1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (unsignedRoundsUp(rounding) && 10 ** result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256 of a positive value rounded towards zero.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 256, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (unsignedRoundsUp(rounding) && 1 << (result << 3) < value ? 1 : 0);
}
}
/**
* @dev Returns whether a provided rounding mode is considered rounding up for unsigned integers.
*/
function unsignedRoundsUp(Rounding rounding) internal pure returns (bool) {
return uint8(rounding) % 2 == 1;
}
}
"
},
"contracts/interfaces/IMCV2_Bond.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.20;
interface IMCV2_Bond {
function exists(address token) external view returns (bool);
function tokenBond(
address token
)
external
view
returns (
address creator,
uint16 mintRoyalty,
uint16 burnRoyalty,
uint40 createdAt,
address reserveToken,
uint256 reserveBalance
);
struct BondStep {
uint128 rangeTo;
uint128 price;
}
function getSteps(address token) external view returns (BondStep[] memory);
function mint(
address token,
uint256 tokensToMint,
uint256 maxReserveAmount,
address receiver
) external returns (uint256);
function creationFee() external view returns (uint256);
function getReserveForToken(
address token,
uint256 tokensToMint
) external view returns (uint256 reserveAmount, uint256 royalty);
struct MultiTokenParams {
string name;
string symbol;
string uri;
}
struct BondParams {
uint16 mintRoyalty;
uint16 burnRoyalty;
address reserveToken;
uint128 maxSupply;
uint128[] stepRanges;
uint128[] stepPrices;
}
function createMultiToken(
MultiTokenParams calldata tp,
BondParams calldata bp
) external payable returns (address);
function updateBondCreator(address token, address creator) external;
}
"
},
"contracts/interfaces/MCV2_ICommonToken.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.20;
interface MCV2_ICommonToken {
function totalSupply() external view returns (uint256);
function mintByBond(address to, uint256 amount) external;
function burnByBond(address account, uint256 amount) external;
function decimals() external pure returns (uint8);
function name() external view returns (string memory);
function symbol() external view returns (string memory);
}
"
},
"contracts/MCV2_BondPeriphery.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity =0.8.20;
import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
import {IMCV2_Bond} from "./interfaces/IMCV2_Bond.sol";
import {MCV2_ICommonToken} from "./interfaces/MCV2_ICommonToken.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
/**
* @title Mint Club V2 Bond Periphery
*/
contract MCV2_BondPeriphery {
error MCV2_BondPeriphery__InvalidParams(string name);
error MCV2_BondPeriphery__ExceedMaxSupply();
error MCV2_BondPeriphery__InvalidCurrentSupply();
error MCV2_BondPeriphery__InvalidTokenAmount();
error MCV2_BondPeriphery__SlippageLimitExceeded();
IMCV2_Bond public immutable BOND;
constructor(address bond_) {
BOND = IMCV2_Bond(bond_);
}
function mintWithReserveAmount(
address token,
uint256 reserveAmount,
uint256 minTokensToMint,
address receiver
) external returns (uint256 tokensMinted) {
(uint256 tokensToMint, address reserveAddress) = getTokensForReserve(
token,
reserveAmount,
true // Use ceiling division to minimize leftover reserves
);
if (tokensToMint < minTokensToMint)
revert MCV2_BondPeriphery__SlippageLimitExceeded();
IERC20 reserveToken = IERC20(reserveAddress);
reserveToken.transferFrom(msg.sender, address(this), reserveAmount);
reserveToken.approve(address(BOND), reserveAmount);
// Try minting with ceiling division result first
try BOND.mint(token, tokensToMint, reserveAmount, receiver) {
// Success - send any leftover reserve tokens to receiver
uint256 reserveBalance = reserveToken.balanceOf(address(this));
if (reserveBalance > 0) {
reserveToken.transfer(receiver, reserveBalance);
}
return tokensToMint;
} catch {
// If minting fails, try reducing by 1 token
tokensToMint -= 1;
if (tokensToMint < minTokensToMint) {
revert MCV2_BondPeriphery__SlippageLimitExceeded();
}
// Try minting with reduced amount
BOND.mint(token, tokensToMint, reserveAmount, receiver);
uint256 reserveBalance = reserveToken.balanceOf(address(this));
if (reserveBalance > 0) {
reserveToken.transfer(receiver, reserveBalance);
}
return tokensToMint;
}
}
/**
* @dev Calculates the number of tokens that can be minted with a given amount of reserve tokens.
* @notice This wasn't implemented in the original Bond contract, due to *rounding errors*
* and it is impossible to calculate the exact number of tokens that can be minted
* without using binary search (too expensive, often reverts due to gas limit).
* Use this function just for estimating the number of tokens that can be minted.
* @param tokenAddress The address of the token.
* @param reserveAmount The amount of reserve tokens to pay.
* @param useCeilDivision Whether to use ceiling division (true) or floor division (false).
* @return tokensToMint The number of tokens that can be minted.
* @return reserveAddress The address of the reserve token.
*/
function getTokensForReserve(
address tokenAddress,
uint256 reserveAmount,
bool useCeilDivision
) public view returns (uint256 tokensToMint, address reserveAddress) {
if (!BOND.exists(tokenAddress))
revert MCV2_BondPeriphery__InvalidParams("token");
if (reserveAmount == 0)
revert MCV2_BondPeriphery__InvalidParams("reserveAmount");
// Cache external calls to avoid repeated storage reads
(, uint16 mintRoyalty, , , address reserveTokenAddr, ) = BOND.tokenBond(
tokenAddress
);
reserveAddress = reserveTokenAddr;
IMCV2_Bond.BondStep[] memory steps = BOND.getSteps(tokenAddress);
MCV2_ICommonToken t = MCV2_ICommonToken(tokenAddress);
uint256 currentSupply = t.totalSupply();
uint256 stepsLength = steps.length;
uint256 maxTokenSupply = steps[stepsLength - 1].rangeTo;
if (currentSupply >= maxTokenSupply)
revert MCV2_BondPeriphery__ExceedMaxSupply();
uint256 multiFactor = 10 ** t.decimals(); // 1 (ERC1155) or 18 (ERC20)
// reserveAmount = reserveToBond + royalty
// reserveAmount = reserveToBond + (reserveToBond * mintRoyalty) / 10000
// reserveToBond = reserveAmount / (1 + (mintRoyalty) / 10000)
uint256 reserveLeft = (reserveAmount * 10000) / (10000 + mintRoyalty);
// Find starting step index
uint256 i = _getCurrentStep(steps, currentSupply);
// Unchecked arithmetic for loop increment to save gas
unchecked {
for (; i < stepsLength; ++i) {
// Early termination if no reserve left
if (reserveLeft == 0) break;
IMCV2_Bond.BondStep memory step = steps[i];
if (step.price == 0) continue; // Skip free minting ranges
uint256 supplyLeft = step.rangeTo - currentSupply;
if (supplyLeft == 0) continue;
// Calculate how many tokens can be minted with the available reserve at this step
uint256 tokensAtStep = useCeilDivision
? Math.ceilDiv(reserveLeft * multiFactor, step.price)
: (reserveLeft * multiFactor) / step.price;
if (tokensAtStep > supplyLeft) {
// Can mint all tokens in this step and have reserve left
tokensToMint += supplyLeft;
// Calculate how much reserve is used for this step (with ceiling division)
uint256 reserveRequired = Math.ceilDiv(
supplyLeft * step.price,
multiFactor
);
reserveLeft -= reserveRequired;
currentSupply += supplyLeft;
} else {
// Can mint only a portion of this step
tokensToMint += tokensAtStep;
// Don't need to calculate reserveRequired as we're using all available reserve
break;
}
if (currentSupply >= maxTokenSupply) break;
}
}
if (tokensToMint == 0) revert MCV2_BondPeriphery__InvalidTokenAmount();
return (tokensToMint, reserveAddress);
}
function _getCurrentStep(
IMCV2_Bond.BondStep[] memory steps,
uint256 currentSupply
) internal pure returns (uint256) {
uint256 left = 0;
uint256 right = steps.length;
unchecked {
while (left < right) {
uint256 mid = (left + right) / 2;
if (steps[mid].rangeTo < currentSupply) {
left = mid + 1;
} else {
right = mid;
}
}
}
if (left >= steps.length)
revert MCV2_BondPeriphery__InvalidCurrentSupply();
return left;
}
}
"
}
},
"settings": {
"evmVersion": "paris",
"optimizer": {
"enabled": true,
"runs": 50000
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
}
}
}}Submitted on: 2025-10-15 14:02:03
Comments
Log in to comment.
No comments yet.