Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/hooks/KycRulesHook.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import {BaseHook} from "./BaseHook.sol";
import {RoleManaged} from "../auth/RoleManaged.sol";
import {IHook} from "./IHook.sol";
/**
* @title KycRulesHook
* @notice Hook that restricts transfers based on sender/receiver KYC status
* @dev Uses allow/deny lists to determine if transfers are permitted
*/
contract KycRulesHook is BaseHook, RoleManaged {
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
error ZeroAddress();
error AddressAlreadyDenied();
error InvalidArrayLength();
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
event AddressAllowed(address indexed account, address indexed operator);
event AddressDenied(address indexed account, address indexed operator);
event AddressRestrictionRemoved(address indexed account, address indexed operator);
event BatchAddressAllowed(uint256 count, address indexed operator);
event BatchAddressDenied(uint256 count, address indexed operator);
event BatchAddressRestrictionRemoved(uint256 count, address indexed operator);
/*//////////////////////////////////////////////////////////////
STATE
//////////////////////////////////////////////////////////////*/
// Allow and deny lists
mapping(address => bool) public isAddressAllowed;
mapping(address => bool) public isAddressDenied;
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor
* @param _roleManager Address of the role manager contract
*/
constructor(address _roleManager) BaseHook("KycRulesHook-1.0") RoleManaged(_roleManager) {}
/*//////////////////////////////////////////////////////////////
WHITELIST MANAGEMENT
//////////////////////////////////////////////////////////////*/
/**
* @notice Allow an address to transfer/receive tokens
* @param account Address to allow
*/
function allow(address account) external onlyRoles(roleManager.KYC_OPERATOR()) {
_allow(account);
}
/**
* @notice Deny an address from transferring/receiving tokens
* @param account Address to deny
*/
function deny(address account) external onlyRoles(roleManager.KYC_OPERATOR()) {
_deny(account);
}
/**
* @notice Reset an address by removing it from both allow and deny lists
* @param account Address to reset
*/
function reset(address account) external onlyRoles(roleManager.KYC_OPERATOR()) {
_reset(account);
}
/**
* @notice Batch allow addresses to transfer/receive tokens
* @param accounts Array of addresses to allow
*/
function batchAllow(address[] calldata accounts) external onlyRoles(roleManager.KYC_OPERATOR()) {
uint256 length = accounts.length;
if (length == 0) revert InvalidArrayLength();
for (uint256 i = 0; i < length;) {
_allow(accounts[i]);
unchecked {
++i;
}
}
emit BatchAddressAllowed(length, msg.sender);
}
/**
* @notice Batch deny addresses from transferring/receiving tokens
* @param accounts Array of addresses to deny
*/
function batchDeny(address[] calldata accounts) external onlyRoles(roleManager.KYC_OPERATOR()) {
uint256 length = accounts.length;
if (length == 0) revert InvalidArrayLength();
for (uint256 i = 0; i < length;) {
_deny(accounts[i]);
unchecked {
++i;
}
}
emit BatchAddressDenied(length, msg.sender);
}
/**
* @notice Batch reset addresses by removing them from both allow and deny lists
* @param accounts Array of addresses to reset
*/
function batchReset(address[] calldata accounts) external onlyRoles(roleManager.KYC_OPERATOR()) {
uint256 length = accounts.length;
if (length == 0) revert InvalidArrayLength();
for (uint256 i = 0; i < length;) {
_reset(accounts[i]);
unchecked {
++i;
}
}
emit BatchAddressRestrictionRemoved(length, msg.sender);
}
/*//////////////////////////////////////////////////////////////
VIEW FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Check if an address is allowed to transfer/receive tokens
* @param account Address to check
* @return Whether the address is allowed
*/
function isAllowed(address account) public view returns (bool) {
return !isAddressDenied[account] && isAddressAllowed[account];
}
/*//////////////////////////////////////////////////////////////
INTERNAL FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Internal function to allow an address
* @param account Address to allow
*/
function _allow(address account) internal {
if (account == address(0)) revert ZeroAddress();
if (isAddressDenied[account]) revert AddressAlreadyDenied();
isAddressAllowed[account] = true;
emit AddressAllowed(account, msg.sender);
}
/**
* @notice Internal function to deny an address
* @param account Address to deny
*/
function _deny(address account) internal {
if (account == address(0)) revert ZeroAddress();
isAddressAllowed[account] = false;
isAddressDenied[account] = true;
emit AddressDenied(account, msg.sender);
}
/**
* @notice Internal function to reset an address
* @param account Address to reset
*/
function _reset(address account) internal {
if (account == address(0)) revert ZeroAddress();
isAddressAllowed[account] = false;
isAddressDenied[account] = false;
emit AddressRestrictionRemoved(account, msg.sender);
}
/*//////////////////////////////////////////////////////////////
HOOK LOGIC
//////////////////////////////////////////////////////////////*/
/**
* @notice Hook executed before a transfer operation
* @param from Address sending tokens
* @param to Address receiving tokens
* @return bytes4 Selector indicating success or specific failure reason
*/
function onBeforeTransfer(
address, // token
address from,
address to,
uint256 // amount
) public view override returns (IHook.HookOutput memory) {
return _checkSenderAndReceiver(from, to);
}
/**
* @notice Hook executed before a deposit operation
* @param user Address initiating the deposit
* @param receiver Address receiving the shares
* @return bytes4 Selector indicating success or specific failure reason
*/
function onBeforeDeposit(
address, // token
address user,
uint256, // amount
address receiver
) public view override returns (IHook.HookOutput memory) {
return _checkSenderAndReceiver(user, receiver);
}
/**
* @notice Hook executed before a withdraw operation
* @param user Address initiating the withdrawal
* @param receiver Address receiving the assets
* @param owner Address owning the shares
* @return bytes4 Selector indicating success or specific failure reason
*/
function onBeforeWithdraw(
address, // token
address user,
uint256, // amount
address receiver,
address owner
) public view override returns (IHook.HookOutput memory) {
// Check if the owner is allowed
if (!isAllowed(owner)) {
return IHook.HookOutput({approved: false, reason: "KycRules: owner"});
}
return _checkSenderAndReceiver(user, receiver);
}
/**
* @notice Internal function to check if both sender and receiver are allowed
* @param from Address sending tokens
* @param to Address receiving tokens
* @return IHook.HookOutput Result of the check
*/
function _checkSenderAndReceiver(address from, address to) internal view returns (IHook.HookOutput memory) {
if (from != address(0) && !isAllowed(from)) {
return IHook.HookOutput({approved: false, reason: "KycRules: sender"});
}
if (to != address(0) && !isAllowed(to)) {
return IHook.HookOutput({approved: false, reason: "KycRules: receiver"});
}
return IHook.HookOutput({approved: true, reason: ""});
}
}
"
},
"src/hooks/BaseHook.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import {IHook} from "./IHook.sol";
/**
* NOTE: For future stateful hooks, consider access control on the hook functions.
*/
/**
* @title BaseHook
* @notice Base contract for all hooks
* @dev This contract is used to implement the IHook interface
* and provides a base implementation for all hooks.
* It is not meant to be used as a standalone contract.
*/
abstract contract BaseHook is IHook {
/*//////////////////////////////////////////////////////////////
STATE
//////////////////////////////////////////////////////////////*/
/// @notice Human readable name of the hook
string public override name;
/*//////////////////////////////////////////////////////////////
INITIALIZATION
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor
* @param _name Human readable name of the hook
*/
constructor(string memory _name) {
name = _name;
}
/*//////////////////////////////////////////////////////////////
VIEW FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Returns the unique identifier for this hook
* @return Hook identifier
*/
function hookId() external view override returns (bytes32) {
return keccak256(abi.encodePacked(name, address(this)));
}
/*//////////////////////////////////////////////////////////////
HOOK LOGIC
//////////////////////////////////////////////////////////////*/
/**
* @notice Called before a deposit operation
* @return HookOutput Result of the hook evaluation
*/
function onBeforeDeposit(address, /*token*/ address, /*user*/ uint256, /*assets*/ address /*receiver*/ )
public
virtual
override
returns (IHook.HookOutput memory)
{
return IHook.HookOutput({approved: true, reason: ""});
}
/**
* @notice Called before a withdraw operation
* @return HookOutput Result of the hook evaluation
*/
function onBeforeWithdraw(address, /*token*/ address, /*by*/ uint256, /*assets*/ address, /*to*/ address /*owner*/ )
public
virtual
override
returns (IHook.HookOutput memory)
{
return IHook.HookOutput({approved: true, reason: ""});
}
/**
* @notice Called before a transfer operation
* @return HookOutput Result of the hook evaluation
*/
function onBeforeTransfer(address, /*token*/ address, /*from*/ address, /*to*/ uint256 /*amount*/ )
public
virtual
override
returns (IHook.HookOutput memory)
{
return IHook.HookOutput({approved: true, reason: ""});
}
}
"
},
"src/auth/RoleManaged.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import {RoleManager} from "./RoleManager.sol";
import {LibRoleManaged} from "./LibRoleManaged.sol";
/**
* @title RoleManaged
* @notice Base contract for role-managed contracts in the Fountfi protocol
* @dev Provides role checking functionality for contracts
*/
abstract contract RoleManaged is LibRoleManaged {
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
error InvalidRoleManager();
/*//////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor
* @param _roleManager Address of the role manager contract
*/
constructor(address _roleManager) {
if (_roleManager == address(0)) revert InvalidRoleManager();
roleManager = RoleManager(_roleManager);
}
}
"
},
"src/hooks/IHook.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
/**
* @title IHook
* @notice Interface for operation hooks in the tRWA system
* @dev Operation hooks are called before key operations (deposit, withdraw, transfer)
* and can approve or reject the operation with a reason
*/
interface IHook {
/*//////////////////////////////////////////////////////////////
DATA STRUCTS
//////////////////////////////////////////////////////////////*/
/**
* @title HookOutput
* @notice Structure representing the result of a hook evaluation
* @param approved Whether the operation is approved by this hook
* @param reason Reason for approval/rejection (for logging or error messages)
*/
struct HookOutput {
bool approved;
string reason;
}
/*//////////////////////////////////////////////////////////////
VIEW FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Returns the unique identifier for this hook
* @return Hook identifier
*/
function hookId() external view returns (bytes32);
/**
* @notice Returns the human readable name of this hook
* @return Hook name
*/
function name() external view returns (string memory);
/*//////////////////////////////////////////////////////////////
HOOK LOGIC
//////////////////////////////////////////////////////////////*/
/**
* @notice Called before a deposit operation
* @param token Address of the token
* @param user Address of the user
* @param assets Amount of assets to deposit
* @param receiver Address of the receiver
* @return HookOutput Result of the hook evaluation
*/
function onBeforeDeposit(address token, address user, uint256 assets, address receiver)
external
returns (HookOutput memory);
/**
* @notice Called before a withdraw operation
* @param token Address of the token
* @param by Address of the sender
* @param assets Amount of assets to withdraw
* @param to Address of the receiver
* @param owner Address of the owner
* @return HookOutput Result of the hook evaluation
*/
function onBeforeWithdraw(address token, address by, uint256 assets, address to, address owner)
external
returns (HookOutput memory);
/**
* @notice Called before a transfer operation
* @param token Address of the token
* @param from Address of the sender
* @param to Address of the receiver
* @param amount Amount of assets to transfer
* @return HookOutput Result of the hook evaluation
*/
function onBeforeTransfer(address token, address from, address to, uint256 amount)
external
returns (HookOutput memory);
}
"
},
"src/auth/RoleManager.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import {OwnableRoles} from "solady/auth/OwnableRoles.sol";
import {IRoleManager} from "./IRoleManager.sol";
/**
* @title RoleManager
* @notice Central role management contract for the Fountfi protocol
* @dev Uses hierarchical bitmasks for core roles. Owner/PROTOCOL_ADMIN have override.
*/
contract RoleManager is OwnableRoles, IRoleManager {
/*//////////////////////////////////////////////////////////////
ROLE DEFINITIONS
//////////////////////////////////////////////////////////////*/
uint256 public constant PROTOCOL_ADMIN = 1 << 1; // Bit 1 = Protocol Admin Authority
uint256 public constant STRATEGY_ADMIN = 1 << 2; // Bit 2 = Strategy Admin Authority
uint256 public constant RULES_ADMIN = 1 << 3; // Bit 3 = Rules Admin Authority
uint256 public constant STRATEGY_OPERATOR = 1 << 4; // Bit 4 = Strategy Operator Authority
uint256 public constant KYC_OPERATOR = 1 << 5; // Bit 5 = KYC Operator Authority
/*//////////////////////////////////////////////////////////////
STATE
//////////////////////////////////////////////////////////////*/
/// @notice Mapping from a target role to the specific (admin) role required to manage it.
/// @dev If a role maps to 0, only owner or PROTOCOL_ADMIN can manage it.
mapping(uint256 => uint256) public roleAdminRole;
/// @notice The address of the registry contract, used as global reference
address public registry;
/*//////////////////////////////////////////////////////////////
INITIALIZATION
//////////////////////////////////////////////////////////////*/
/**
* @notice Constructor that sets up the initial roles
* @dev Initializes the owner and grants all roles to the deployer
*/
constructor() {
_initializeOwner(msg.sender);
// Grant all roles to deployer
uint256 rolesAll = PROTOCOL_ADMIN | STRATEGY_ADMIN | RULES_ADMIN;
_grantRoles(msg.sender, rolesAll);
// Emit event for easier off-chain tracking
emit RoleGranted(msg.sender, rolesAll, address(0));
// Set initial management hierarchy
_setInitialAdminRole(STRATEGY_OPERATOR, STRATEGY_ADMIN);
_setInitialAdminRole(KYC_OPERATOR, RULES_ADMIN);
_setInitialAdminRole(STRATEGY_ADMIN, PROTOCOL_ADMIN);
_setInitialAdminRole(RULES_ADMIN, PROTOCOL_ADMIN);
}
/**
* @notice Initialize the role manager with the registry contract
* @param _registry The address of the registry
*/
function initializeRegistry(address _registry) external {
if (msg.sender != owner()) revert Unauthorized();
if (registry != address(0)) revert AlreadyInitialized();
if (_registry == address(0)) revert ZeroAddress();
registry = _registry;
}
/*//////////////////////////////////////////////////////////////
PUBLIC FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Grants a role to a user
* @param user The address of the user to grant the role to
* @param role The role to grant
*/
function grantRole(address user, uint256 role) public virtual override {
// Check authorization using the hierarchical logic
if (!_canManageRole(msg.sender, role)) {
revert Unauthorized();
}
if (role == 0) revert InvalidRole(); // Prevent granting role 0
// Grant the role
_grantRoles(user, role);
// Emit event
emit RoleGranted(user, role, msg.sender);
}
/**
* @notice Revokes a role from a user
* @param user The address of the user to revoke the role from
* @param role The role to revoke
*/
function revokeRole(address user, uint256 role) public virtual override {
// Check authorization using the hierarchical logic
if (!_canManageRole(msg.sender, role)) {
revert Unauthorized();
}
if (role == 0) revert InvalidRole(); // Prevent revoking role 0
// Revoke the role
_removeRoles(user, role);
// Emit event
emit RoleRevoked(user, role, msg.sender);
}
/**
* @notice Sets the specific role required to manage a target role
* @dev Requires the caller to have the PROTOCOL_ADMIN role or be the owner
* @param targetRole The role whose admin role is to be set
* @param adminRole The role that will be required to manage the targetRole
*/
function setRoleAdmin(uint256 targetRole, uint256 adminRole) external virtual {
// Authorization: Only Owner or PROTOCOL_ADMIN
// Use hasAllRoles for the strict check against the composite PROTOCOL_ADMIN role
if (msg.sender != owner() && !hasAllRoles(msg.sender, PROTOCOL_ADMIN)) {
revert Unauthorized();
}
// Prevent managing PROTOCOL_ADMIN itself via this mechanism or setting role 0
if (targetRole == 0 || targetRole == PROTOCOL_ADMIN) revert InvalidRole();
roleAdminRole[targetRole] = adminRole;
emit RoleAdminSet(targetRole, adminRole, msg.sender);
}
/*//////////////////////////////////////////////////////////////
INTERNAL FUNCTIONS
//////////////////////////////////////////////////////////////*/
/**
* @notice Internal function to check if an address can manage a specific role
* @dev Leverages hierarchical bitmasks. Manager must possess all target role bits plus additional bits.
* @param manager The address to check for management permission
* @param role The role being managed
* @return True if the manager can grant/revoke the role
*/
function _canManageRole(address manager, uint256 role) internal view virtual returns (bool) {
// Owner can always manage any role.
if (manager == owner()) {
return true;
}
// PROTOCOL_ADMIN can manage any role *except* PROTOCOL_ADMIN itself.
if (hasAllRoles(manager, PROTOCOL_ADMIN)) {
return role != PROTOCOL_ADMIN;
}
// --- Check Explicit Mapping ---
uint256 requiredAdminRole = roleAdminRole[role];
return requiredAdminRole != 0 && hasAllRoles(manager, requiredAdminRole);
}
/**
* @notice Internal helper to set initial admin roles during construction
* @dev Does not perform authorization checks.
* @param targetRole The role whose admin role is to be set
* @param adminRole The role that will be required to manage the targetRole
*/
function _setInitialAdminRole(uint256 targetRole, uint256 adminRole) internal {
roleAdminRole[targetRole] = adminRole;
// Emit event with contract address as sender for setup clarity
emit RoleAdminSet(targetRole, adminRole, address(this));
}
}
"
},
"src/auth/LibRoleManaged.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
import {RoleManager} from "./RoleManager.sol";
/**
* @title LibRoleManaged
* @notice Logical library for role-managed contracts. Can be inherited by
* both deployable and cloneable versions of RoleManaged.
*/
abstract contract LibRoleManaged {
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
error UnauthorizedRole(address caller, uint256 roleRequired);
/*//////////////////////////////////////////////////////////////
STATE
//////////////////////////////////////////////////////////////*/
/// @notice The role manager contract
RoleManager public roleManager;
/*//////////////////////////////////////////////////////////////
ROLE MANAGED LOGIC
//////////////////////////////////////////////////////////////*/
/**
* @notice Get the registry contract
* @return The address of the registry contract
*/
function registry() public view returns (address) {
return roleManager.registry();
}
/**
* @notice Modifier to restrict access to addresses with a specific role
* @param role The role required to access the function
*/
modifier onlyRoles(uint256 role) {
if (!roleManager.hasAnyRole(msg.sender, role)) {
revert UnauthorizedRole(msg.sender, role);
}
_;
}
}
"
},
"lib/solady/src/auth/OwnableRoles.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
import {Ownable} from "./Ownable.sol";
/// @notice Simple single owner and multiroles authorization mixin.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/auth/OwnableRoles.sol)
///
/// @dev Note:
/// This implementation does NOT auto-initialize the owner to `msg.sender`.
/// You MUST call the `_initializeOwner` in the constructor / initializer.
///
/// While the ownable portion follows
/// [EIP-173](https://eips.ethereum.org/EIPS/eip-173) for compatibility,
/// the nomenclature for the 2-step ownership handover may be unique to this codebase.
abstract contract OwnableRoles is Ownable {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EVENTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The `user`'s roles is updated to `roles`.
/// Each bit of `roles` represents whether the role is set.
event RolesUpdated(address indexed user, uint256 indexed roles);
/// @dev `keccak256(bytes("RolesUpdated(address,uint256)"))`.
uint256 private constant _ROLES_UPDATED_EVENT_SIGNATURE =
0x715ad5ce61fc9595c7b415289d59cf203f23a94fa06f04af7e489a0a76e1fe26;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* STORAGE */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The role slot of `user` is given by:
/// ```
/// mstore(0x00, or(shl(96, user), _ROLE_SLOT_SEED))
/// let roleSlot := keccak256(0x00, 0x20)
/// ```
/// This automatically ignores the upper bits of the `user` in case
/// they are not clean, as well as keep the `keccak256` under 32-bytes.
///
/// Note: This is equivalent to `uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))`.
uint256 private constant _ROLE_SLOT_SEED = 0x8b78c6d8;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Overwrite the roles directly without authorization guard.
function _setRoles(address user, uint256 roles) internal virtual {
/// @solidity memory-safe-assembly
assembly {
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
// Store the new value.
sstore(keccak256(0x0c, 0x20), roles)
// Emit the {RolesUpdated} event.
log3(0, 0, _ROLES_UPDATED_EVENT_SIGNATURE, shr(96, mload(0x0c)), roles)
}
}
/// @dev Updates the roles directly without authorization guard.
/// If `on` is true, each set bit of `roles` will be turned on,
/// otherwise, each set bit of `roles` will be turned off.
function _updateRoles(address user, uint256 roles, bool on) internal virtual {
/// @solidity memory-safe-assembly
assembly {
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
let roleSlot := keccak256(0x0c, 0x20)
// Load the current value.
let current := sload(roleSlot)
// Compute the updated roles if `on` is true.
let updated := or(current, roles)
// Compute the updated roles if `on` is false.
// Use `and` to compute the intersection of `current` and `roles`,
// `xor` it with `current` to flip the bits in the intersection.
if iszero(on) { updated := xor(current, and(current, roles)) }
// Then, store the new value.
sstore(roleSlot, updated)
// Emit the {RolesUpdated} event.
log3(0, 0, _ROLES_UPDATED_EVENT_SIGNATURE, shr(96, mload(0x0c)), updated)
}
}
/// @dev Grants the roles directly without authorization guard.
/// Each bit of `roles` represents the role to turn on.
function _grantRoles(address user, uint256 roles) internal virtual {
_updateRoles(user, roles, true);
}
/// @dev Removes the roles directly without authorization guard.
/// Each bit of `roles` represents the role to turn off.
function _removeRoles(address user, uint256 roles) internal virtual {
_updateRoles(user, roles, false);
}
/// @dev Throws if the sender does not have any of the `roles`.
function _checkRoles(uint256 roles) internal view virtual {
/// @solidity memory-safe-assembly
assembly {
// Compute the role slot.
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection
// of the value and `roles` is zero, revert.
if iszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Throws if the sender is not the owner,
/// and does not have any of the `roles`.
/// Checks for ownership first, then lazily checks for roles.
function _checkOwnerOrRoles(uint256 roles) internal view virtual {
/// @solidity memory-safe-assembly
assembly {
// If the caller is not the stored owner.
// Note: `_ROLE_SLOT_SEED` is equal to `_OWNER_SLOT_NOT`.
if iszero(eq(caller(), sload(not(_ROLE_SLOT_SEED)))) {
// Compute the role slot.
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection
// of the value and `roles` is zero, revert.
if iszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.
revert(0x1c, 0x04)
}
}
}
}
/// @dev Throws if the sender does not have any of the `roles`,
/// and is not the owner.
/// Checks for roles first, then lazily checks for ownership.
function _checkRolesOrOwner(uint256 roles) internal view virtual {
/// @solidity memory-safe-assembly
assembly {
// Compute the role slot.
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, caller())
// Load the stored value, and if the `and` intersection
// of the value and `roles` is zero, revert.
if iszero(and(sload(keccak256(0x0c, 0x20)), roles)) {
// If the caller is not the stored owner.
// Note: `_ROLE_SLOT_SEED` is equal to `_OWNER_SLOT_NOT`.
if iszero(eq(caller(), sload(not(_ROLE_SLOT_SEED)))) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.
revert(0x1c, 0x04)
}
}
}
}
/// @dev Convenience function to return a `roles` bitmap from an array of `ordinals`.
/// This is meant for frontends like Etherscan, and is therefore not fully optimized.
/// Not recommended to be called on-chain.
/// Made internal to conserve bytecode. Wrap it in a public function if needed.
function _rolesFromOrdinals(uint8[] memory ordinals) internal pure returns (uint256 roles) {
/// @solidity memory-safe-assembly
assembly {
for { let i := shl(5, mload(ordinals)) } i { i := sub(i, 0x20) } {
// We don't need to mask the values of `ordinals`, as Solidity
// cleans dirty upper bits when storing variables into memory.
roles := or(shl(mload(add(ordinals, i)), 1), roles)
}
}
}
/// @dev Convenience function to return an array of `ordinals` from the `roles` bitmap.
/// This is meant for frontends like Etherscan, and is therefore not fully optimized.
/// Not recommended to be called on-chain.
/// Made internal to conserve bytecode. Wrap it in a public function if needed.
function _ordinalsFromRoles(uint256 roles) internal pure returns (uint8[] memory ordinals) {
/// @solidity memory-safe-assembly
assembly {
// Grab the pointer to the free memory.
ordinals := mload(0x40)
let ptr := add(ordinals, 0x20)
let o := 0
// The absence of lookup tables, De Bruijn, etc., here is intentional for
// smaller bytecode, as this function is not meant to be called on-chain.
for { let t := roles } 1 {} {
mstore(ptr, o)
// `shr` 5 is equivalent to multiplying by 0x20.
// Push back into the ordinals array if the bit is set.
ptr := add(ptr, shl(5, and(t, 1)))
o := add(o, 1)
t := shr(o, roles)
if iszero(t) { break }
}
// Store the length of `ordinals`.
mstore(ordinals, shr(5, sub(ptr, add(ordinals, 0x20))))
// Allocate the memory.
mstore(0x40, ptr)
}
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* PUBLIC UPDATE FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Allows the owner to grant `user` `roles`.
/// If the `user` already has a role, then it will be an no-op for the role.
function grantRoles(address user, uint256 roles) public payable virtual onlyOwner {
_grantRoles(user, roles);
}
/// @dev Allows the owner to remove `user` `roles`.
/// If the `user` does not have a role, then it will be an no-op for the role.
function revokeRoles(address user, uint256 roles) public payable virtual onlyOwner {
_removeRoles(user, roles);
}
/// @dev Allow the caller to remove their own roles.
/// If the caller does not have a role, then it will be an no-op for the role.
function renounceRoles(uint256 roles) public payable virtual {
_removeRoles(msg.sender, roles);
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* PUBLIC READ FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Returns the roles of `user`.
function rolesOf(address user) public view virtual returns (uint256 roles) {
/// @solidity memory-safe-assembly
assembly {
// Compute the role slot.
mstore(0x0c, _ROLE_SLOT_SEED)
mstore(0x00, user)
// Load the stored value.
roles := sload(keccak256(0x0c, 0x20))
}
}
/// @dev Returns whether `user` has any of `roles`.
function hasAnyRole(address user, uint256 roles) public view virtual returns (bool) {
return rolesOf(user) & roles != 0;
}
/// @dev Returns whether `user` has all of `roles`.
function hasAllRoles(address user, uint256 roles) public view virtual returns (bool) {
return rolesOf(user) & roles == roles;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* MODIFIERS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Marks a function as only callable by an account with `roles`.
modifier onlyRoles(uint256 roles) virtual {
_checkRoles(roles);
_;
}
/// @dev Marks a function as only callable by the owner or by an account
/// with `roles`. Checks for ownership first, then lazily checks for roles.
modifier onlyOwnerOrRoles(uint256 roles) virtual {
_checkOwnerOrRoles(roles);
_;
}
/// @dev Marks a function as only callable by an account with `roles`
/// or the owner. Checks for roles first, then lazily checks for ownership.
modifier onlyRolesOrOwner(uint256 roles) virtual {
_checkRolesOrOwner(roles);
_;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* ROLE CONSTANTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
// IYKYK
uint256 internal constant _ROLE_0 = 1 << 0;
uint256 internal constant _ROLE_1 = 1 << 1;
uint256 internal constant _ROLE_2 = 1 << 2;
uint256 internal constant _ROLE_3 = 1 << 3;
uint256 internal constant _ROLE_4 = 1 << 4;
uint256 internal constant _ROLE_5 = 1 << 5;
uint256 internal constant _ROLE_6 = 1 << 6;
uint256 internal constant _ROLE_7 = 1 << 7;
uint256 internal constant _ROLE_8 = 1 << 8;
uint256 internal constant _ROLE_9 = 1 << 9;
uint256 internal constant _ROLE_10 = 1 << 10;
uint256 internal constant _ROLE_11 = 1 << 11;
uint256 internal constant _ROLE_12 = 1 << 12;
uint256 internal constant _ROLE_13 = 1 << 13;
uint256 internal constant _ROLE_14 = 1 << 14;
uint256 internal constant _ROLE_15 = 1 << 15;
uint256 internal constant _ROLE_16 = 1 << 16;
uint256 internal constant _ROLE_17 = 1 << 17;
uint256 internal constant _ROLE_18 = 1 << 18;
uint256 internal constant _ROLE_19 = 1 << 19;
uint256 internal constant _ROLE_20 = 1 << 20;
uint256 internal constant _ROLE_21 = 1 << 21;
uint256 internal constant _ROLE_22 = 1 << 22;
uint256 internal constant _ROLE_23 = 1 << 23;
uint256 internal constant _ROLE_24 = 1 << 24;
uint256 internal constant _ROLE_25 = 1 << 25;
uint256 internal constant _ROLE_26 = 1 << 26;
uint256 internal constant _ROLE_27 = 1 << 27;
uint256 internal constant _ROLE_28 = 1 << 28;
uint256 internal constant _ROLE_29 = 1 << 29;
uint256 internal constant _ROLE_30 = 1 << 30;
uint256 internal constant _ROLE_31 = 1 << 31;
uint256 internal constant _ROLE_32 = 1 << 32;
uint256 internal constant _ROLE_33 = 1 << 33;
uint256 internal constant _ROLE_34 = 1 << 34;
uint256 internal constant _ROLE_35 = 1 << 35;
uint256 internal constant _ROLE_36 = 1 << 36;
uint256 internal constant _ROLE_37 = 1 << 37;
uint256 internal constant _ROLE_38 = 1 << 38;
uint256 internal constant _ROLE_39 = 1 << 39;
uint256 internal constant _ROLE_40 = 1 << 40;
uint256 internal constant _ROLE_41 = 1 << 41;
uint256 internal constant _ROLE_42 = 1 << 42;
uint256 internal constant _ROLE_43 = 1 << 43;
uint256 internal constant _ROLE_44 = 1 << 44;
uint256 internal constant _ROLE_45 = 1 << 45;
uint256 internal constant _ROLE_46 = 1 << 46;
uint256 internal constant _ROLE_47 = 1 << 47;
uint256 internal constant _ROLE_48 = 1 << 48;
uint256 internal constant _ROLE_49 = 1 << 49;
uint256 internal constant _ROLE_50 = 1 << 50;
uint256 internal constant _ROLE_51 = 1 << 51;
uint256 internal constant _ROLE_52 = 1 << 52;
uint256 internal constant _ROLE_53 = 1 << 53;
uint256 internal constant _ROLE_54 = 1 << 54;
uint256 internal constant _ROLE_55 = 1 << 55;
uint256 internal constant _ROLE_56 = 1 << 56;
uint256 internal constant _ROLE_57 = 1 << 57;
uint256 internal constant _ROLE_58 = 1 << 58;
uint256 internal constant _ROLE_59 = 1 << 59;
uint256 internal constant _ROLE_60 = 1 << 60;
uint256 internal constant _ROLE_61 = 1 << 61;
uint256 internal constant _ROLE_62 = 1 << 62;
uint256 internal constant _ROLE_63 = 1 << 63;
uint256 internal constant _ROLE_64 = 1 << 64;
uint256 internal constant _ROLE_65 = 1 << 65;
uint256 internal constant _ROLE_66 = 1 << 66;
uint256 internal constant _ROLE_67 = 1 << 67;
uint256 internal constant _ROLE_68 = 1 << 68;
uint256 internal constant _ROLE_69 = 1 << 69;
uint256 internal constant _ROLE_70 = 1 << 70;
uint256 internal constant _ROLE_71 = 1 << 71;
uint256 internal constant _ROLE_72 = 1 << 72;
uint256 internal constant _ROLE_73 = 1 << 73;
uint256 internal constant _ROLE_74 = 1 << 74;
uint256 internal constant _ROLE_75 = 1 << 75;
uint256 internal constant _ROLE_76 = 1 << 76;
uint256 internal constant _ROLE_77 = 1 << 77;
uint256 internal constant _ROLE_78 = 1 << 78;
uint256 internal constant _ROLE_79 = 1 << 79;
uint256 internal constant _ROLE_80 = 1 << 80;
uint256 internal constant _ROLE_81 = 1 << 81;
uint256 internal constant _ROLE_82 = 1 << 82;
uint256 internal constant _ROLE_83 = 1 << 83;
uint256 internal constant _ROLE_84 = 1 << 84;
uint256 internal constant _ROLE_85 = 1 << 85;
uint256 internal constant _ROLE_86 = 1 << 86;
uint256 internal constant _ROLE_87 = 1 << 87;
uint256 internal constant _ROLE_88 = 1 << 88;
uint256 internal constant _ROLE_89 = 1 << 89;
uint256 internal constant _ROLE_90 = 1 << 90;
uint256 internal constant _ROLE_91 = 1 << 91;
uint256 internal constant _ROLE_92 = 1 << 92;
uint256 internal constant _ROLE_93 = 1 << 93;
uint256 internal constant _ROLE_94 = 1 << 94;
uint256 internal constant _ROLE_95 = 1 << 95;
uint256 internal constant _ROLE_96 = 1 << 96;
uint256 internal constant _ROLE_97 = 1 << 97;
uint256 internal constant _ROLE_98 = 1 << 98;
uint256 internal constant _ROLE_99 = 1 << 99;
uint256 internal constant _ROLE_100 = 1 << 100;
uint256 internal constant _ROLE_101 = 1 << 101;
uint256 internal constant _ROLE_102 = 1 << 102;
uint256 internal constant _ROLE_103 = 1 << 103;
uint256 internal constant _ROLE_104 = 1 << 104;
uint256 internal constant _ROLE_105 = 1 << 105;
uint256 internal constant _ROLE_106 = 1 << 106;
uint256 internal constant _ROLE_107 = 1 << 107;
uint256 internal constant _ROLE_108 = 1 << 108;
uint256 internal constant _ROLE_109 = 1 << 109;
uint256 internal constant _ROLE_110 = 1 << 110;
uint256 internal constant _ROLE_111 = 1 << 111;
uint256 internal constant _ROLE_112 = 1 << 112;
uint256 internal constant _ROLE_113 = 1 << 113;
uint256 internal constant _ROLE_114 = 1 << 114;
uint256 internal constant _ROLE_115 = 1 << 115;
uint256 internal constant _ROLE_116 = 1 << 116;
uint256 internal constant _ROLE_117 = 1 << 117;
uint256 internal constant _ROLE_118 = 1 << 118;
uint256 internal constant _ROLE_119 = 1 << 119;
uint256 internal constant _ROLE_120 = 1 << 120;
uint256 internal constant _ROLE_121 = 1 << 121;
uint256 internal constant _ROLE_122 = 1 << 122;
uint256 internal constant _ROLE_123 = 1 << 123;
uint256 internal constant _ROLE_124 = 1 << 124;
uint256 internal constant _ROLE_125 = 1 << 125;
uint256 internal constant _ROLE_126 = 1 << 126;
uint256 internal constant _ROLE_127 = 1 << 127;
uint256 internal constant _ROLE_128 = 1 << 128;
uint256 internal constant _ROLE_129 = 1 << 129;
uint256 internal constant _ROLE_130 = 1 << 130;
uint256 internal constant _ROLE_131 = 1 << 131;
uint256 internal constant _ROLE_132 = 1 << 132;
uint256 internal constant _ROLE_133 = 1 << 133;
uint256 internal constant _ROLE_134 = 1 << 134;
uint256 internal constant _ROLE_135 = 1 << 135;
uint256 internal constant _ROLE_136 = 1 << 136;
uint256 internal constant _ROLE_137 = 1 << 137;
uint256 internal constant _ROLE_138 = 1 << 138;
uint256 internal constant _ROLE_139 = 1 << 139;
uint256 internal constant _ROLE_140 = 1 << 140;
uint256 internal constant _ROLE_141 = 1 << 141;
uint256 internal constant _ROLE_142 = 1 << 142;
uint256 internal constant _ROLE_143 = 1 << 143;
uint256 internal constant _ROLE_144 = 1 << 144;
uint256 internal constant _ROLE_145 = 1 << 145;
uint256 internal constant _ROLE_146 = 1 << 146;
uint256 internal constant _ROLE_147 = 1 << 147;
uint256 internal constant _ROLE_148 = 1 << 148;
uint256 internal constant _ROLE_149 = 1 << 149;
uint256 internal constant _ROLE_150 = 1 << 150;
uint256 internal constant _ROLE_151 = 1 << 151;
uint256 internal constant _ROLE_152 = 1 << 152;
uint256 internal constant _ROLE_153 = 1 << 153;
uint256 internal constant _ROLE_154 = 1 << 154;
uint256 internal constant _ROLE_155 = 1 << 155;
uint256 internal constant _ROLE_156 = 1 << 156;
uint256 internal constant _ROLE_157 = 1 << 157;
uint256 internal constant _ROLE_158 = 1 << 158;
uint256 internal constant _ROLE_159 = 1 << 159;
uint256 internal constant _ROLE_160 = 1 << 160;
uint256 internal constant _ROLE_161 = 1 << 161;
uint256 internal constant _ROLE_162 = 1 << 162;
uint256 internal constant _ROLE_163 = 1 << 163;
uint256 internal constant _ROLE_164 = 1 << 164;
uint256 internal constant _ROLE_165 = 1 << 165;
uint256 internal constant _ROLE_166 = 1 << 166;
uint256 internal constant _ROLE_167 = 1 << 167;
uint256 internal constant _ROLE_168 = 1 << 168;
uint256 internal constant _ROLE_169 = 1 << 169;
uint256 internal constant _ROLE_170 = 1 << 170;
uint256 internal constant _ROLE_171 = 1 << 171;
uint256 internal constant _ROLE_172 = 1 << 172;
uint256 internal constant _ROLE_173 = 1 << 173;
uint256 internal constant _ROLE_174 = 1 << 174;
uint256 internal constant _ROLE_175 = 1 << 175;
uint256 internal constant _ROLE_176 = 1 << 176;
uint256 internal constant _ROLE_177 = 1 << 177;
uint256 internal constant _ROLE_178 = 1 << 178;
uint256 internal constant _ROLE_179 = 1 << 179;
uint256 internal constant _ROLE_180 = 1 << 180;
uint256 internal constant _ROLE_181 = 1 << 181;
uint256 internal constant _ROLE_182 = 1 << 182;
uint256 internal constant _ROLE_183 = 1 << 183;
uint256 internal constant _ROLE_184 = 1 << 184;
uint256 internal constant _ROLE_185 = 1 << 185;
uint256 internal constant _ROLE_186 = 1 << 186;
uint256 internal constant _ROLE_187 = 1 << 187;
uint256 internal constant _ROLE_188 = 1 << 188;
uint256 internal constant _ROLE_189 = 1 << 189;
uint256 internal constant _ROLE_190 = 1 << 190;
uint256 internal constant _ROLE_191 = 1 << 191;
uint256 internal constant _ROLE_192 = 1 << 192;
uint256 internal constant _ROLE_193 = 1 << 193;
uint256 internal constant _ROLE_194 = 1 << 194;
uint256 internal constant _ROLE_195 = 1 << 195;
uint256 internal constant _ROLE_196 = 1 << 196;
uint256 internal constant _ROLE_197 = 1 << 197;
uint256 internal constant _ROLE_198 = 1 << 198;
uint256 internal constant _ROLE_199 = 1 << 199;
uint256 internal constant _ROLE_200 = 1 << 200;
uint256 internal constant _ROLE_201 = 1 << 201;
uint256 internal constant _ROLE_202 = 1 << 202;
uint256 internal constant _ROLE_203 = 1 << 203;
uint256 internal constant _ROLE_204 = 1 << 204;
uint256 internal constant _ROLE_205 = 1 << 205;
uint256 internal constant _ROLE_206 = 1 << 206;
uint256 internal constant _ROLE_207 = 1 << 207;
uint256 internal constant _ROLE_208 = 1 << 208;
uint256 internal constant _ROLE_209 = 1 << 209;
uint256 internal constant _ROLE_210 = 1 << 210;
uint256 internal constant _ROLE_211 = 1 << 211;
uint256 internal constant _ROLE_212 = 1 << 212;
uint256 internal constant _ROLE_213 = 1 << 213;
uint256 internal constant _ROLE_214 = 1 << 214;
uint256 internal constant _ROLE_215 = 1 << 215;
uint256 internal constant _ROLE_216 = 1 << 216;
uint256 internal constant _ROLE_217 = 1 << 217;
uint256 internal constant _ROLE_218 = 1 << 218;
uint256 internal constant _ROLE_219 = 1 << 219;
uint256 internal constant _ROLE_220 = 1 << 220;
uint256 internal constant _ROLE_221 = 1 << 221;
uint256 internal constant _ROLE_222 = 1 << 222;
uint256 internal constant _ROLE_223 = 1 << 223;
uint256 internal constant _ROLE_224 = 1 << 224;
uint256 internal constant _ROLE_225 = 1 << 225;
uint256 internal constant _ROLE_226 = 1 << 226;
uint256 internal constant _ROLE_227 = 1 << 227;
uint256 internal constant _ROLE_228 = 1 << 228;
uint256 internal constant _ROLE_229 = 1 << 229;
uint256 internal constant _ROLE_230 = 1 << 230;
uint256 internal constant _ROLE_231 = 1 << 231;
uint256 internal constant _ROLE_232 = 1 << 232;
uint256 internal constant _ROLE_233 = 1 << 233;
uint256 internal constant _ROLE_234 = 1 << 234;
uint256 internal constant _ROLE_235 = 1 << 235;
uint256 internal constant _ROLE_236 = 1 << 236;
uint256 internal constant _ROLE_237 = 1 << 237;
uint256 internal constant _ROLE_238 = 1 << 238;
uint256 internal constant _ROLE_239 = 1 << 239;
uint256 internal constant _ROLE_240 = 1 << 240;
uint256 internal constant _ROLE_241 = 1 << 241;
uint256 internal constant _ROLE_242 = 1 << 242;
uint256 internal constant _ROLE_243 = 1 << 243;
uint256 internal constant _ROLE_244 = 1 << 244;
uint256 internal constant _ROLE_245 = 1 << 245;
uint256 internal constant _ROLE_246 = 1 << 246;
uint256 internal constant _ROLE_247 = 1 << 247;
uint256 internal constant _ROLE_248 = 1 << 248;
uint256 internal constant _ROLE_249 = 1 << 249;
uint256 internal constant _ROLE_250 = 1 << 250;
uint256 internal constant _ROLE_251 = 1 << 251;
uint256 internal constant _ROLE_252 = 1 << 252;
uint256 internal constant _ROLE_253 = 1 << 253;
uint256 internal constant _ROLE_254 = 1 << 254;
uint256 internal constant _ROLE_255 = 1 << 255;
}
"
},
"src/auth/IRoleManager.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity 0.8.25;
/**
* @title IRoleManager
* @notice Interface for the RoleManager contract
*/
interface IRoleManager {
/*//////////////////////////////////////////////////////////////
ERRORS
//////////////////////////////////////////////////////////////*/
/// @notice Emitted for 0 role in arguments
error InvalidRole();
/// @notice Emitted for 0 address in arguments
error ZeroAddress();
/*//////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////*/
/**
* @notice Emitted when a role is granted to a user
* @param user The address of the user
* @param role The role that was granted
* @param sender The address that granted the role
*/
event RoleGranted(address indexed user, uint256 indexed role, address indexed sender);
/**
* @notice Emitted when a role is revoked from a user
* @param user The address of the user
* @param role The role that was revoked
* @param sender The address that revoked the role
*/
event RoleRevoked(address indexed user, uint256 indexed role, address indexed sender);
/**
* @notice Emitted when the admin role for a target role is updated.
* @param targetRole The role whose admin is being changed.
* @param adminRole The new role required to manage the targetRole (0 means revert to owner/PROTOCOL_ADMIN).
* @param sender The address that performed the change.
*/
event RoleAdminSet(uint256 indexed targetRole, uint256 indexed adminRole, address indexed sender);
/*//////////////////////////////////////////////////////////////
FUNCTIONS
//////////////////////////////////////////////////////////////*/
/// @notice Grants a role to a user
/// @param user The address of the user to grant the role to
/// @param role The role to grant
function grantRole(address user, uint256 role) external;
/// @notice Revokes a role from a user
/// @param user The address of the user to revoke the role from
/// @param role The role to revoke
function revokeRole(address user, uint256 role) external;
/// @notice Sets the specific role required to manage a target role.
/// @dev Requires the caller to have the PROTOCOL_ADMIN role or be the owner.
/// @param targetRole The role whose admin role is to be set. Cannot be PROTOCOL_ADMIN.
/// @param adminRole The role that will be required to manage the targetRole. Set to 0 to require owner/PROTOCOL_ADMIN.
function setRoleAdmin(uint256 targetRole, uint256 adminRole) external;
}
"
},
"lib/solady/src/auth/Ownable.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.4;
/// @notice Simple single owner authorization mixin.
/// @author Solady (https://github.com/vectorized/solady/blob/main/src/auth/Ownable.sol)
///
/// @dev Note:
/// This implementation does NOT auto-initialize the owner to `msg.sender`.
/// You MUST call the `_initializeOwner` in the constructor / initializer.
///
/// While the ownable portion follows
/// [EIP-173](https://eips.ethereum.org/EIPS/eip-173) for compatibility,
/// the nomenclature for the 2-step ownership handover may be unique to this codebase.
abstract contract Ownable {
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* CUSTOM ERRORS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The caller is not authorized to call the function.
error Unauthorized();
/// @dev The `newOwner` cannot be the zero address.
error NewOwnerIsZeroAddress();
/// @dev The `pendingOwner` does not have a valid handover request.
error NoHandoverRequest();
/// @dev Cannot double-initialize.
error AlreadyInitialized();
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* EVENTS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The ownership is transferred from `oldOwner` to `newOwner`.
/// This event is intentionally kept the same as OpenZeppelin's Ownable to be
/// compatible with indexers and [EIP-173](https://eips.ethereum.org/EIPS/eip-173),
/// despite it not being as lightweight as a single argument event.
event OwnershipTransferred(address indexed oldOwner, address indexed newOwner);
/// @dev An ownership handover to `pendingOwner` has been requested.
event OwnershipHandoverRequested(address indexed pendingOwner);
/// @dev The ownership handover to `pendingOwner` has been canceled.
event OwnershipHandoverCanceled(address indexed pendingOwner);
/// @dev `keccak256(bytes("OwnershipTransferred(address,address)"))`.
uint256 private constant _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE =
0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0;
/// @dev `keccak256(bytes("OwnershipHandoverRequested(address)"))`.
uint256 private constant _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE =
0xdbf36a107da19e49527a7176a1babf963b4b0ff8cde35ee35d6cd8f1f9ac7e1d;
/// @dev `keccak256(bytes("OwnershipHandoverCanceled(address)"))`.
uint256 private constant _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE =
0xfa7b8eab7da67f412cc9575ed43464468f9bfbae89d1675917346ca6d8fe3c92;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* STORAGE */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev The owner slot is given by:
/// `bytes32(~uint256(uint32(bytes4(keccak256("_OWNER_SLOT_NOT")))))`.
/// It is intentionally chosen to be a high value
/// to avoid collision with lower slots.
/// The choice of manual storage layout is to enable compatibility
/// with both regular and upgradeable contracts.
bytes32 internal constant _OWNER_SLOT =
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffff74873927;
/// The ownership handover slot of `newOwner` is given by:
/// ```
/// mstore(0x00, or(shl(96, user), _HANDOVER_SLOT_SEED))
/// let handoverSlot := keccak256(0x00, 0x20)
/// ```
/// It stores the expiry timestamp of the two-step ownership handover.
uint256 private constant _HANDOVER_SLOT_SEED = 0x389a75e1;
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* INTERNAL FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Override to return true to make `_initializeOwner` prevent double-initialization.
function _guardInitializeOwner() internal pure virtual returns (bool guard) {}
/// @dev Initializes the owner directly without authorization guard.
/// This function must be called upon initialization,
/// regardless of whether the contract is upgradeable or not.
/// This is to enable generalization to both regular and upgradeable contracts,
/// and to save gas in case the initial owner is not the caller.
/// For performance reasons, this function will not check if there
/// is an existing owner.
function _initializeOwner(address newOwner) internal virtual {
if (_guardInitializeOwner()) {
/// @solidity memory-safe-assembly
assembly {
let ownerSlot := _OWNER_SLOT
if sload(ownerSlot) {
mstore(0x00, 0x0dc149f0) // `AlreadyInitialized()`.
revert(0x1c, 0x04)
}
// Clean the upper 96 bits.
newOwner := shr(96, shl(96, newOwner))
// Store the new value.
sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner))))
// Emit the {OwnershipTransferred} event.
log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner)
}
} else {
/// @solidity memory-safe-assembly
assembly {
// Clean the upper 96 bits.
newOwner := shr(96, shl(96, newOwner))
// Store the new value.
sstore(_OWNER_SLOT, newOwner)
// Emit the {OwnershipTransferred} event.
log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, 0, newOwner)
}
}
}
/// @dev Sets the owner directly without authorization guard.
function _setOwner(address newOwner) internal virtual {
if (_guardInitializeOwner()) {
/// @solidity memory-safe-assembly
assembly {
let ownerSlot := _OWNER_SLOT
// Clean the upper 96 bits.
newOwner := shr(96, shl(96, newOwner))
// Emit the {OwnershipTransferred} event.
log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner)
// Store the new value.
sstore(ownerSlot, or(newOwner, shl(255, iszero(newOwner))))
}
} else {
/// @solidity memory-safe-assembly
assembly {
let ownerSlot := _OWNER_SLOT
// Clean the upper 96 bits.
newOwner := shr(96, shl(96, newOwner))
// Emit the {OwnershipTransferred} event.
log3(0, 0, _OWNERSHIP_TRANSFERRED_EVENT_SIGNATURE, sload(ownerSlot), newOwner)
// Store the new value.
sstore(ownerSlot, newOwner)
}
}
}
/// @dev Throws if the sender is not the owner.
function _checkOwner() internal view virtual {
/// @solidity memory-safe-assembly
assembly {
// If the caller is not the stored owner, revert.
if iszero(eq(caller(), sload(_OWNER_SLOT))) {
mstore(0x00, 0x82b42900) // `Unauthorized()`.
revert(0x1c, 0x04)
}
}
}
/// @dev Returns how long a two-step ownership handover is valid for in seconds.
/// Override to return a different value if needed.
/// Made internal to conserve bytecode. Wrap it in a public function if needed.
function _ownershipHandoverValidFor() internal view virtual returns (uint64) {
return 48 * 3600;
}
/*´:°•.°+.*•´.*:˚.°*.˚•´.°:°•.°•.*•´.*:˚.°*.˚•´.°:°•.°+.*•´.*:*/
/* PUBLIC UPDATE FUNCTIONS */
/*.•°:°.´+˚.*°.˚:*.´•*.+°.•°:´*.´•*.•°.•°:°.´:•˚°.*°.˚:*.´+°.•*/
/// @dev Allows the owner to transfer the ownership to `newOwner`.
function transferOwnership(address newOwner) public payable virtual onlyOwner {
/// @solidity memory-safe-assembly
assembly {
if iszero(shl(96, newOwner)) {
mstore(0x00, 0x7448fbae) // `NewOwnerIsZeroAddress()`.
revert(0x1c, 0x04)
}
}
_setOwner(newOwner);
}
/// @dev Allows the owner to renounce their ownership.
function renounceOwnership() public payable virtual onlyOwner {
_setOwner(address(0));
}
/// @dev Request a two-step ownership handover to the caller.
/// The request will automatically expire in 48 hours (172800 seconds) by default.
function requestOwnershipHandover() public payable virtual {
unchecked {
uint256 expires = block.timestamp + _ownershipHandoverValidFor();
/// @solidity memory-safe-assembly
assembly {
// Compute and set the handover slot to `expires`.
mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, caller())
sstore(keccak256(0x0c, 0x20), expires)
// Emit the {OwnershipHandoverRequested} event.
log2(0, 0, _OWNERSHIP_HANDOVER_REQUESTED_EVENT_SIGNATURE, caller())
}
}
}
/// @dev Cancels the two-step ownership handover to the caller, if any.
function cancelOwnershipHandover() public payable virtual {
/// @solidity memory-safe-assembly
assembly {
// Compute and set the handover slot to 0.
mstore(0x0c, _HANDOVER_SLOT_SEED)
mstore(0x00, caller())
sstore(keccak256(0x0c, 0x20), 0)
// Emit the {OwnershipHandoverCanceled} event.
log2(0, 0, _OWNERSHIP_HANDOVER_CANCELED_EVENT_SIGNATURE, caller())
}
}
/// @dev Allows the owner to complete the two-step ownership handover to `pendingOwner`.
/// Reverts if there is no existing ownership handover requested by `pendingOwner`.
function completeOwnershipHandoSubmitted on: 2025-10-23 16:15:37
Comments
Log in to comment.
No comments yet.