Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/core/ControllerV3.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.23;
import "../interfaces/IController.sol";
import "../interfaces/IStrategyAdapter.sol";
import "../interfaces/IRegistry.sol";
import "../interfaces/IAPYOracle.sol";
// import "../security/TimelockController.sol"; // No longer needed after security fix
import {IERC20 as IERC20OZ} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20} from "lib/forge-std/src/interfaces/IERC20.sol";
import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
/**
* @title ControllerV3
* @notice Enhanced Controller with keeper role for automated operations
* @dev Adds keeper management for off-chain agents while maintaining security
*/
contract ControllerV3 is IController, IRegistry, ReentrancyGuard {
using SafeERC20 for IERC20OZ;
// ============ State Variables ============
address public owner;
address public pendingOwner;
address public vault;
address public apyOracle;
address public emergencyReceiver;
bool public paused;
uint256 public rebalanceThreshold;
// Keeper management (NEW)
mapping(address => bool) public keepers;
uint256 public keeperCount;
// Guardian for emergency actions (SECURITY FIX: explicit storage)
address public guardian;
// Strategy management
mapping(string => address) private strategies;
string[] private strategyNames;
mapping(string => bool) private strategyExists;
IERC20OZ public immutable token;
// ============ Events ============
event OwnershipTransferInitiated(address indexed currentOwner, address indexed pendingOwner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
event APYOracleUpdated(address indexed oracle);
event KeeperAdded(address indexed keeper);
event KeeperRemoved(address indexed keeper);
event EmergencyKeeperRemoval(address indexed keeper, address indexed remover);
event RebalanceExecuted(address indexed executor, string fromStrategy, string toStrategy, uint256 amount);
event GuardianUpdated(address indexed oldGuardian, address indexed newGuardian);
// ============ Modifiers ============
modifier onlyOwner() {
require(msg.sender == owner, "Controller: not owner");
_;
}
modifier onlyOwnerOrVault() {
require(msg.sender == owner || msg.sender == vault, "Controller: not authorized");
_;
}
modifier onlyOwnerOrKeeper() {
require(msg.sender == owner || keepers[msg.sender], "Controller: not owner or keeper");
_;
}
modifier whenNotPaused() {
require(!paused, "Controller: paused");
_;
}
// ============ Constructor ============
constructor(address _token) {
owner = msg.sender;
token = IERC20OZ(_token);
rebalanceThreshold = 100; // Default 1% threshold
}
// ============ Keeper Management Functions (NEW) ============
/**
* @notice Add a keeper address that can call rebalance
* @param keeper The address to add as keeper
*/
function addKeeper(address keeper) external onlyOwner {
require(keeper != address(0), "Controller: invalid keeper address");
require(!keepers[keeper], "Controller: keeper already added");
keepers[keeper] = true;
keeperCount++;
emit KeeperAdded(keeper);
}
/**
* @notice Remove a keeper address
* @param keeper The address to remove as keeper
*/
function removeKeeper(address keeper) external onlyOwner {
require(keepers[keeper], "Controller: not a keeper");
keepers[keeper] = false;
keeperCount--;
emit KeeperRemoved(keeper);
}
/**
* @notice Emergency remove a keeper (can be called by owner or guardian)
* @param keeper The address to emergency remove as keeper
* @dev Guardian can only remove, not add keepers for security
* @dev SECURITY FIX: Now uses explicit guardian storage instead of dynamic lookup
*/
function emergencyRemoveKeeper(address keeper) external {
// SECURITY FIX: Use explicit guardian from state variable
// This prevents any contract with guardian() function from gaining access
require(
msg.sender == owner || msg.sender == guardian,
"Controller: not owner or guardian"
);
require(keepers[keeper], "Controller: not a keeper");
keepers[keeper] = false;
keeperCount--;
emit KeeperRemoved(keeper);
emit EmergencyKeeperRemoval(keeper, msg.sender);
}
/**
* @notice Check if an address is a keeper
* @param account The address to check
* @return Whether the address is a keeper
*/
function isKeeper(address account) external view returns (bool) {
return keepers[account];
}
/**
* @notice Set the guardian address for emergency actions
* @param _guardian The address to set as guardian (can be address(0) to remove)
* @dev Only owner can set guardian. Guardian can only remove keepers, not add them.
*/
function setGuardian(address _guardian) external onlyOwner {
address oldGuardian = guardian;
guardian = _guardian;
emit GuardianUpdated(oldGuardian, _guardian);
}
// ============ Ownership Functions ============
/**
* @notice Initiate ownership transfer (2-step process for safety)
* @param newOwner The address of the new owner
*/
function transferOwnership(address newOwner) external onlyOwner {
require(newOwner != address(0), "Controller: new owner is zero address");
require(newOwner != owner, "Controller: new owner is current owner");
pendingOwner = newOwner;
emit OwnershipTransferInitiated(owner, newOwner);
}
/**
* @notice Accept ownership transfer (must be called by pending owner)
*/
function acceptOwnership() external {
require(msg.sender == pendingOwner, "Controller: not pending owner");
address oldOwner = owner;
owner = pendingOwner;
pendingOwner = address(0);
emit OwnershipTransferred(oldOwner, owner);
}
/**
* @notice Cancel pending ownership transfer
*/
function cancelOwnershipTransfer() external onlyOwner {
require(pendingOwner != address(0), "Controller: no pending owner");
pendingOwner = address(0);
emit OwnershipTransferInitiated(owner, address(0));
}
// ============ Core Functions (Modified for Keeper) ============
/**
* @notice Rebalance funds between strategies (can be called by owner or keeper)
* @dev Moves funds from lowest APY to highest APY strategy if threshold is met
*/
function rebalance() external override onlyOwnerOrKeeper whenNotPaused nonReentrant {
require(strategyNames.length >= 2, "Controller: need at least 2 strategies");
// Update metrics for all strategies before rebalancing
for (uint256 i = 0; i < strategyNames.length; i++) {
address strategy = strategies[strategyNames[i]];
// Try to update metrics, but don't fail if too soon or if it reverts
try IStrategyAdapter(strategy).updateMetrics() {} catch {}
}
uint256 highestAPY = 0;
uint256 lowestAPY = type(uint256).max;
string memory highestStrategy;
string memory lowestStrategy;
// Find highest and lowest APY strategies
for (uint256 i = 0; i < strategyNames.length; i++) {
string memory name = strategyNames[i];
address strategyAddress = strategies[name];
uint256 apy;
// Use APY Oracle if available, otherwise fall back to adapter's getCurrentAPY
if (apyOracle != address(0)) {
apy = IAPYOracle(apyOracle).getAPY(strategyAddress);
} else {
apy = IStrategyAdapter(strategyAddress).getCurrentAPY();
}
if (apy > highestAPY) {
highestAPY = apy;
highestStrategy = name;
}
if (apy < lowestAPY) {
lowestAPY = apy;
lowestStrategy = name;
}
}
// Rebalance if threshold is met
if (highestAPY > lowestAPY + rebalanceThreshold) {
IStrategyAdapter lowStrategy = IStrategyAdapter(strategies[lowestStrategy]);
IStrategyAdapter highStrategy = IStrategyAdapter(strategies[highestStrategy]);
uint256 balance = lowStrategy.balanceOf(address(this));
if (balance > 0) {
// Withdraw from low APY strategy
lowStrategy.withdraw(balance);
// Deposit to high APY strategy
SafeERC20.forceApprove(token, address(highStrategy), balance);
highStrategy.deposit(balance);
SafeERC20.forceApprove(token, address(highStrategy), 0); // Clear residual allowance
emit RebalanceExecuted(msg.sender, lowestStrategy, highestStrategy, balance);
}
}
}
// ============ Strategy Management Functions ============
function addStrategy(string memory name, address adapter) external override onlyOwner {
registerStrategy(name, adapter);
}
function removeStrategy(string memory name) external override onlyOwner {
unregisterStrategy(name);
}
function getStrategy(string memory name) external view override returns (address) {
return getStrategyAddress(name);
}
function registerStrategy(string memory name, address adapter) public override onlyOwner {
require(adapter != address(0), "Controller: invalid adapter");
require(!strategyExists[name], "Controller: strategy already exists");
strategies[name] = adapter;
strategyNames.push(name);
strategyExists[name] = true;
emit StrategyAdded(name, adapter);
}
function unregisterStrategy(string memory name) public override onlyOwner {
require(strategyExists[name], "Controller: strategy not found");
address adapter = strategies[name];
delete strategies[name];
strategyExists[name] = false;
// Remove from array
for (uint256 i = 0; i < strategyNames.length; i++) {
if (keccak256(bytes(strategyNames[i])) == keccak256(bytes(name))) {
strategyNames[i] = strategyNames[strategyNames.length - 1];
strategyNames.pop();
break;
}
}
emit StrategyRemoved(name, adapter);
}
function getStrategyAddress(string memory name) public view override returns (address) {
return strategies[name];
}
function isRegisteredStrategy(string memory name) external view override returns (bool) {
return strategyExists[name];
}
function getAllStrategies() external view override(IController, IRegistry) returns (string[] memory names, address[] memory adapters) {
names = new string[](strategyNames.length);
adapters = new address[](strategyNames.length);
for (uint256 i = 0; i < strategyNames.length; i++) {
names[i] = strategyNames[i];
adapters[i] = strategies[strategyNames[i]];
}
}
function strategyCount() external view override returns (uint256) {
return strategyNames.length;
}
// ============ Configuration Functions ============
function pause() external override onlyOwner {
paused = true;
}
function unpause() external override onlyOwner {
paused = false;
}
function setRebalanceThreshold(uint256 _threshold) external onlyOwner {
require(_threshold <= 10000, "Controller: threshold too high");
rebalanceThreshold = _threshold;
}
function setVault(address _vault) external onlyOwner {
require(_vault != address(0), "Controller: invalid vault");
vault = _vault;
}
function setAPYOracle(address _oracle) external onlyOwner {
apyOracle = _oracle;
emit APYOracleUpdated(_oracle);
}
function setEmergencyReceiver(address _receiver) external onlyOwner {
require(_receiver != address(0), "Controller: invalid receiver");
emergencyReceiver = _receiver;
}
// ============ Emergency & Operational Functions ============
function emergencyWithdraw(string memory strategyName) external override onlyOwner nonReentrant {
require(strategyExists[strategyName], "Controller: strategy not found");
require(emergencyReceiver != address(0), "Controller: emergency receiver not set");
IStrategyAdapter strategy = IStrategyAdapter(strategies[strategyName]);
uint256 balance = strategy.balanceOf(address(this));
if (balance > 0) {
strategy.withdraw(balance);
// Emergency withdrawal sends everything to the designated Safe address
uint256 withdrawnAmount = token.balanceOf(address(this));
if (withdrawnAmount > 0) {
token.safeTransfer(emergencyReceiver, withdrawnAmount);
}
}
}
function withdrawFromStrategy(string memory strategyName, uint256 amount) external nonReentrant {
require(msg.sender == vault, "Controller: only vault");
// Special case: empty string means withdraw idle funds from controller
if (bytes(strategyName).length == 0) {
uint256 balance = token.balanceOf(address(this));
uint256 toTransfer = balance >= amount ? amount : balance;
if (toTransfer > 0) {
token.safeTransfer(vault, toTransfer);
}
return;
}
require(strategyExists[strategyName], "Controller: strategy not found");
IStrategyAdapter strategy = IStrategyAdapter(strategies[strategyName]);
uint256 strategyBalance = strategy.balanceOf(address(this));
// Allow for 1 wei rounding error
require(strategyBalance + 1 >= amount, "Controller: insufficient balance");
// If we're off by just 1 wei due to rounding, withdraw what's available
uint256 toWithdraw = strategyBalance < amount ? strategyBalance : amount;
uint256 withdrawn = strategy.withdraw(toWithdraw);
token.safeTransfer(vault, withdrawn);
}
/**
* @notice Deploy funds to a specific strategy (owner or keeper)
* @param strategyName The name of the strategy to deploy to
* @param amount The amount of tokens to deploy
*/
function deployToStrategy(string memory strategyName, uint256 amount) external onlyOwnerOrKeeper {
require(strategyExists[strategyName], "Controller: strategy not found");
require(token.balanceOf(address(this)) >= amount, "Controller: insufficient balance");
address strategy = strategies[strategyName];
SafeERC20.forceApprove(token, strategy, amount);
IStrategyAdapter(strategy).deposit(amount);
SafeERC20.forceApprove(token, strategy, 0); // Clear residual allowance
}
// ============ View Functions ============
/**
* @notice Get the total number of keepers
* @return The number of keeper addresses
*/
function getKeeperCount() external view returns (uint256) {
return keeperCount;
}
/**
* @notice Check if the controller is paused
* @return Whether the controller is paused
*/
function isPaused() external view returns (bool) {
return paused;
}
/**
* @notice Get the current rebalance threshold
* @return The threshold in basis points
*/
function getRebalanceThreshold() external view returns (uint256) {
return rebalanceThreshold;
}
}"
},
"src/interfaces/IController.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.23;
interface IController {
function rebalance() external;
function addStrategy(string memory name, address adapter) external;
function removeStrategy(string memory name) external;
function getStrategy(string memory name) external view returns (address);
function getAllStrategies() external view returns (string[] memory names, address[] memory adapters);
function pause() external;
function unpause() external;
function emergencyWithdraw(string memory strategyName) external;
function withdrawFromStrategy(string memory strategyName, uint256 amount) external;
function deployToStrategy(string memory strategyName, uint256 amount) external;
}"
},
"src/interfaces/IStrategyAdapter.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.23;
interface IStrategyAdapter {
function deposit(uint256 amount) external returns (uint256 shares);
function withdraw(uint256 amount) external returns (uint256 withdrawn);
function balanceOf(address account) external view returns (uint256);
function getCurrentAPY() external view returns (uint256);
// APY tracking functions
function updateMetrics() external;
function getLastUpdateTime() external view returns (uint256);
function isAPYStale() external view returns (bool);
}"
},
"src/interfaces/IRegistry.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.23;
interface IRegistry {
event StrategyAdded(string indexed name, address indexed adapter);
event StrategyRemoved(string indexed name, address indexed adapter);
function registerStrategy(string memory name, address adapter) external;
function unregisterStrategy(string memory name) external;
function getStrategyAddress(string memory name) external view returns (address);
function isRegisteredStrategy(string memory name) external view returns (bool);
function getAllStrategies() external view returns (string[] memory names, address[] memory adapters);
function strategyCount() external view returns (uint256);
}"
},
"src/interfaces/IAPYOracle.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.19;
/**
* @title IAPYOracle
* @notice Interface for the APY Oracle contract that provides APY data for all adapters
* @dev Supports both direct protocol queries and historical price-based calculations
*/
interface IAPYOracle {
// Events
event APYOracleInitialized(address indexed oracle);
event PriceUpdated(address indexed protocol, uint256 price, uint256 timestamp);
event ManualAPYSet(address indexed adapter, uint256 apy);
event ManualAPYToggled(address indexed adapter, bool useManual);
event HistoricalDataLoaded(address indexed protocol, uint256[7] prices);
event ProtocolInitialized(address indexed protocol);
// Errors
error InvalidAddress();
error NotInitialized();
error AlreadyInitialized();
error UpdateTooSoon();
error InvalidPrice();
error InvalidAPY();
error InvalidProtocol();
/**
* @notice Get the current APY for a given adapter
* @param adapter The adapter address to get APY for
* @return apy The current APY in basis points (100 = 1%)
*/
function getAPY(address adapter) external view returns (uint256 apy);
/**
* @notice Get Aave protocol APY directly from the pool
* @return apy The current Aave supply APY in basis points
*/
function getAaveAPY() external view returns (uint256 apy);
/**
* @notice Get Compound protocol APY directly from the comet
* @return apy The current Compound supply APY in basis points
*/
function getCompoundAPY() external view returns (uint256 apy);
/**
* @notice Calculate APY from historical price data
* @param protocol The protocol address to calculate APY for
* @return apy The calculated APY based on 7-day price history
*/
function getHistoricalAPY(address protocol) external view returns (uint256 apy);
/**
* @notice Update price for a protocol (keeper function)
* @param protocol The protocol address to update price for
*/
function updateProtocolPrice(address protocol) external;
/**
* @notice Manually update price for testing
* @param protocol The protocol address
* @param price The new price to set
*/
function updatePriceManual(address protocol, uint256 price) external;
/**
* @notice Load historical prices for initialization
* @param protocol The protocol address
* @param prices Array of 7 historical prices (oldest to newest)
*/
function loadHistoricalPrices(address protocol, uint256[7] memory prices) external;
/**
* @notice Set manual APY override for testing
* @param adapter The adapter address
* @param apy The manual APY to set
*/
function setManualAPY(address adapter, uint256 apy) external;
/**
* @notice Toggle manual APY override
* @param adapter The adapter address
* @param useManual Whether to use manual APY
*/
function setUseManualAPY(address adapter, bool useManual) external;
/**
* @notice Check if a protocol is initialized with price history
* @param protocol The protocol address to check
* @return initialized Whether the protocol has been initialized
*/
function isInitialized(address protocol) external view returns (bool initialized);
/**
* @notice Get the last update timestamp for a protocol
* @param protocol The protocol address
* @return timestamp The last update timestamp
*/
function getLastUpdateTime(address protocol) external view returns (uint256 timestamp);
/**
* @notice Get the current price history for a protocol
* @param protocol The protocol address
* @return prices The 7-day price history array
*/
function getPriceHistory(address protocol) external view returns (uint256[7] memory prices);
/**
* @notice Update prices for all protocols (keeper batch function)
*/
function updateDailyPrices() external;
}"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
"
},
"lib/forge-std/src/interfaces/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity >=0.6.2;
/// @dev Interface of the ERC20 standard as defined in the EIP.
/// @dev This includes the optional name, symbol, and decimals metadata.
interface IERC20 {
/// @dev Emitted when `value` tokens are moved from one account (`from`) to another (`to`).
event Transfer(address indexed from, address indexed to, uint256 value);
/// @dev Emitted when the allowance of a `spender` for an `owner` is set, where `value`
/// is the new allowance.
event Approval(address indexed owner, address indexed spender, uint256 value);
/// @notice Returns the amount of tokens in existence.
function totalSupply() external view returns (uint256);
/// @notice Returns the amount of tokens owned by `account`.
function balanceOf(address account) external view returns (uint256);
/// @notice Moves `amount` tokens from the caller's account to `to`.
function transfer(address to, uint256 amount) external returns (bool);
/// @notice Returns the remaining number of tokens that `spender` is allowed
/// to spend on behalf of `owner`
function allowance(address owner, address spender) external view returns (uint256);
/// @notice Sets `amount` as the allowance of `spender` over the caller's tokens.
/// @dev Be aware of front-running risks: https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
function approve(address spender, uint256 amount) external returns (bool);
/// @notice Moves `amount` tokens from `from` to `to` using the allowance mechanism.
/// `amount` is then deducted from the caller's allowance.
function transferFrom(address from, address to, uint256 amount) external returns (bool);
/// @notice Returns the name of the token.
function name() external view returns (string memory);
/// @notice Returns the symbol of the token.
function symbol() external view returns (string memory);
/// @notice Returns the decimals places of the token.
function decimals() external view returns (uint8);
}
"
},
"lib/openzeppelin-contracts/contracts/utils/ReentrancyGuard.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.1.0) (utils/ReentrancyGuard.sol)
pragma solidity ^0.8.20;
/**
* @dev Contract module that helps prevent reentrant calls to a function.
*
* Inheriting from `ReentrancyGuard` will make the {nonReentrant} modifier
* available, which can be applied to functions to make sure there are no nested
* (reentrant) calls to them.
*
* Note that because there is a single `nonReentrant` guard, functions marked as
* `nonReentrant` may not call one another. This can be worked around by making
* those functions `private`, and then adding `external` `nonReentrant` entry
* points to them.
*
* TIP: If EIP-1153 (transient storage) is available on the chain you're deploying at,
* consider using {ReentrancyGuardTransient} instead.
*
* TIP: If you would like to learn more about reentrancy and alternative ways
* to protect against it, check out our blog post
* https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
*/
abstract contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant NOT_ENTERED = 1;
uint256 private constant ENTERED = 2;
uint256 private _status;
/**
* @dev Unauthorized reentrant call.
*/
error ReentrancyGuardReentrantCall();
constructor() {
_status = NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
_nonReentrantBefore();
_;
_nonReentrantAfter();
}
function _nonReentrantBefore() private {
// On the first call to nonReentrant, _status will be NOT_ENTERED
if (_status == ENTERED) {
revert ReentrancyGuardReentrantCall();
}
// Any calls to nonReentrant after this point will fail
_status = ENTERED;
}
function _nonReentrantAfter() private {
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = NOT_ENTERED;
}
/**
* @dev Returns true if the reentrancy guard is currently set to "entered", which indicates there is a
* `nonReentrant` function in the call stack.
*/
function _reentrancyGuardEntered() internal view returns (bool) {
return _status == ENTERED;
}
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender);
forceApprove(token, spender, oldAllowance + value);
}
/**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked {
uint256 currentAllowance = token.allowance(address(this), spender);
if (currentAllowance < requestedDecrease) {
revert SafeERC20FailedDecreaseAllowance(spender, currentAllowance, requestedDecrease);
}
forceApprove(token, spender, currentAllowance - requestedDecrease);
}
}
/**
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/
function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));
if (!_callOptionalReturnBool(token, approvalCall)) {
_callOptionalReturn(token, abi.encodeCall(token.approve, (spender, 0)));
_callOptionalReturn(token, approvalCall);
}
}
/**
* @dev Performs an {ERC1363} transferAndCall, with a fallback to the simple {ERC20} transfer if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
safeTransfer(token, to, value);
} else if (!token.transferAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} transferFromAndCall, with a fallback to the simple {ERC20} transferFrom if the target
* has no code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* Reverts if the returned value is other than `true`.
*/
function transferFromAndCallRelaxed(
IERC1363 token,
address from,
address to,
uint256 value,
bytes memory data
) internal {
if (to.code.length == 0) {
safeTransferFrom(token, from, to, value);
} else if (!token.transferFromAndCall(from, to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Performs an {ERC1363} approveAndCall, with a fallback to the simple {ERC20} approve if the target has no
* code. This can be used to implement an {ERC721}-like safe transfer that rely on {ERC1363} checks when
* targeting contracts.
*
* NOTE: When the recipient address (`to`) has no code (i.e. is an EOA), this function behaves as {forceApprove}.
* Opposedly, when the recipient address (`to`) has code, this function only attempts to call {ERC1363-approveAndCall}
* once without retrying, and relies on the returned value to be true.
*
* Reverts if the returned value is other than `true`.
*/
function approveAndCallRelaxed(IERC1363 token, address to, uint256 value, bytes memory data) internal {
if (to.code.length == 0) {
forceApprove(token, to, value);
} else if (!token.approveAndCall(to, value, data)) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturnBool} that reverts if call fails to meet the requirements.
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
let success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
// bubble errors
if iszero(success) {
let ptr := mload(0x40)
returndatacopy(ptr, 0, returndatasize())
revert(ptr, returndatasize())
}
returnSize := returndatasize()
returnValue := mload(0)
}
if (returnSize == 0 ? address(token).code.length == 0 : returnValue != 1) {
revert SafeERC20FailedOperation(address(token));
}
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*
* This is a variant of {_callOptionalReturn} that silently catches all reverts and returns a bool instead.
*/
function _callOptionalReturnBool(IERC20 token, bytes memory data) private returns (bool) {
bool success;
uint256 returnSize;
uint256 returnValue;
assembly ("memory-safe") {
success := call(gas(), token, 0, add(data, 0x20), mload(data), 0, 0x20)
returnSize := returndatasize()
returnValue := mload(0)
}
return success && (returnSize == 0 ? address(token).code.length > 0 : returnValue == 1);
}
}
"
},
"lib/openzeppelin-contracts/contracts/interfaces/IERC1363.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC1363.sol)
pragma solidity >=0.6.2;
import {IERC20} from "./IERC20.sol";
import {IERC165} from "./IERC165.sol";
/**
* @title IERC1363
* @dev Interface of the ERC-1363 standard as defined in the https://eips.ethereum.org/EIPS/eip-1363[ERC-1363].
*
* Defines an extension interface for ERC-20 tokens that supports executing code on a recipient contract
* after `transfer` or `transferFrom`, or code on a spender contract after `approve`, in a single transaction.
*/
interface IERC1363 is IERC20, IERC165 {
/*
* Note: the ERC-165 identifier for this interface is 0xb0202a11.
* 0xb0202a11 ===
* bytes4(keccak256('transferAndCall(address,uint256)')) ^
* bytes4(keccak256('transferAndCall(address,uint256,bytes)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256)')) ^
* bytes4(keccak256('transferFromAndCall(address,address,uint256,bytes)')) ^
* bytes4(keccak256('approveAndCall(address,uint256)')) ^
* bytes4(keccak256('approveAndCall(address,uint256,bytes)'))
*/
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferAndCall(address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the allowance mechanism
* and then calls {IERC1363Receiver-onTransferReceived} on `to`.
* @param from The address which you want to send tokens from.
* @param to The address which you want to transfer to.
* @param value The amount of tokens to be transferred.
* @param data Additional data with no specified format, sent in call to `to`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function transferFromAndCall(address from, address to, uint256 value, bytes calldata data) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value) external returns (bool);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens and then calls {IERC1363Spender-onApprovalReceived} on `spender`.
* @param spender The address which will spend the funds.
* @param value The amount of tokens to be spent.
* @param data Additional data with no specified format, sent in call to `spender`.
* @return A boolean value indicating whether the operation succeeded unless throwing.
*/
function approveAndCall(address spender, uint256 value, bytes calldata data) external returns (bool);
}
"
},
"lib/openzeppelin-contracts/contracts/interfaces/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC20.sol)
pragma solidity >=0.4.16;
import {IERC20} from "../token/ERC20/IERC20.sol";
"
},
"lib/openzeppelin-contracts/contracts/interfaces/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (interfaces/IERC165.sol)
pragma solidity >=0.4.16;
import {IERC165} from "../utils/introspection/IERC165.sol";
"
},
"lib/openzeppelin-contracts/contracts/utils/introspection/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
"
}
},
"settings": {
"remappings": [
"forge-std/=lib/forge-std/src/",
"@openzeppelin/=lib/openzeppelin-contracts/",
"@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/",
"erc4626-tests/=lib/openzeppelin-contracts/lib/erc4626-tests/",
"halmos-cheatcodes/=lib/openzeppelin-contracts/lib/halmos-cheatcodes/src/",
"openzeppelin-contracts/=lib/openzeppelin-contracts/"
],
"optimizer": {
"enabled": true,
"runs": 200
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "ipfs",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "cancun",
"viaIR": true
}
}}Submitted on: 2025-10-18 16:31:24
Comments
Log in to comment.
No comments yet.