Description:
Multi-signature wallet contract requiring multiple confirmations for transaction execution.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/ERC20Manager.sol": {
"content": "// SPDX-License-Identifier: GPL-3.0-or-later WITH Classpath-exception-2.0
pragma solidity ^0.8.30;
import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
import {AccessControlUpgradeable} from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
import {PausableUpgradeable} from "@openzeppelin/contracts-upgradeable/utils/PausableUpgradeable.sol";
import {UUPSUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/utils/UUPSUpgradeable.sol";
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {IERC20Permit} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol";
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {EnumerableSet} from "@openzeppelin/contracts/utils/structs/EnumerableSet.sol";
import {ERC20GearSupply} from "./erc20/managed/ERC20GearSupply.sol";
import {CustomEnumerableMap} from "./libraries/CustomEnumerableMap.sol";
import {LibString} from "./libraries/LibString.sol";
import {BridgingPayment} from "./BridgingPayment.sol";
import {IBridgingPayment} from "./interfaces/IBridgingPayment.sol";
import {IERC20Burnable} from "./interfaces/IERC20Burnable.sol";
import {IERC20Manager} from "./interfaces/IERC20Manager.sol";
import {IERC20Mintable} from "./interfaces/IERC20Mintable.sol";
import {IGovernance} from "./interfaces/IGovernance.sol";
import {IMessageHandler} from "./interfaces/IMessageHandler.sol";
import {IPausable} from "./interfaces/IPausable.sol";
contract ERC20Manager is
Initializable,
AccessControlUpgradeable,
PausableUpgradeable,
UUPSUpgradeable,
IPausable,
IMessageHandler,
IERC20Manager
{
using SafeERC20 for IERC20;
using EnumerableSet for EnumerableSet.Bytes32Set;
using EnumerableSet for EnumerableSet.AddressSet;
using CustomEnumerableMap for CustomEnumerableMap.AddressToTokenTypeMap;
/**
* @dev `bytes32 sender` size.
*/
uint256 internal constant SENDER_SIZE = 32;
/**
* @dev `address receiver` size.
*/
uint256 internal constant RECEIVER_SIZE = 20;
/**
* @dev `address token` size.
*/
uint256 internal constant TOKEN_SIZE = 20;
/**
* @dev `uint256 amount` size.
*/
uint256 internal constant AMOUNT_SIZE = 32;
/**
* @dev Size of transfer message.
*/
uint256 internal constant TRANSFER_MESSAGE_SIZE = SENDER_SIZE + RECEIVER_SIZE + TOKEN_SIZE + AMOUNT_SIZE;
/**
* @dev `address receiver` bit shift.
*/
uint256 internal constant RECEIVER_BIT_SHIFT = 96;
/**
* @dev `address token` bit shift.
*/
uint256 internal constant TOKEN_BIT_SHIFT = 96;
/**
* @dev `SENDER_SIZE` offset.
*/
uint256 internal constant OFFSET1 = 32;
/**
* @dev `SENDER_SIZE + RECEIVER_SIZE` offset.
*/
uint256 internal constant OFFSET2 = 52;
/**
* @dev `SENDER_SIZE + RECEIVER_SIZE + TOKEN_SIZE` offset.
*/
uint256 internal constant OFFSET3 = 72;
//////////////////////////////////////////////////////////////////////////////
/**
* @dev `uint8 discriminant` size.
*/
uint256 internal constant DISCRIMINANT_SIZE = 1;
/**
* @dev `uint8 discriminant` bit shift.
*/
uint256 internal constant DISCRIMINANT_BIT_SHIFT = 248;
/**
* @dev `DISCRIMINANT_SIZE` offset.
*/
uint256 internal constant OFFSET4 = 1;
//////////////////////////////////////////////////////////////////////////////
/**
* @dev Add VFT manager message discriminant.
*/
uint256 internal constant ADD_VFT_MANAGER = 0x00;
/**
* @dev `bytes32 vftManager` size.
*/
uint256 internal constant VFT_MANAGER_SIZE = 32;
/**
* @dev Size of add VFT manager message.
*/
uint256 internal constant ADD_VFT_MANAGER_MESSAGE_SIZE = DISCRIMINANT_SIZE + VFT_MANAGER_SIZE;
//////////////////////////////////////////////////////////////////////////////
/**
* @dev `bytes32 tokenName` size.
*/
uint256 internal constant TOKEN_NAME_SIZE = 32;
/**
* @dev `bytes32 tokenSymbol` size.
*/
uint256 internal constant TOKEN_SYMBOL_SIZE = 32;
/**
* @dev `uint8 tokenDecimals` size.
*/
uint256 internal constant TOKEN_DECIMALS_SIZE = 1;
/**
* @dev `uint8 tokenDecimals` bit shift.
*/
uint256 internal constant TOKEN_DECIMALS_BIT_SHIFT = 248;
/**
* @dev `DISCRIMINANT_SIZE + TOKEN_NAME_SIZE` offset.
*/
uint256 internal constant OFFSET5 = 33;
/**
* @dev `DISCRIMINANT_SIZE + TOKEN_NAME_SIZE + TOKEN_SYMBOL_SIZE` offset.
*/
uint256 internal constant OFFSET6 = 65;
/**
* @dev Size of register token message (for `TokenType.Gear`).
*/
uint256 internal constant REGISTER_GEAR_TOKEN_MESSAGE_SIZE =
DISCRIMINANT_SIZE + TOKEN_NAME_SIZE + TOKEN_SYMBOL_SIZE + TOKEN_DECIMALS_SIZE;
//////////////////////////////////////////////////////////////////////////////
/**
* @dev `address token` size.
*/
uint256 internal constant ETHEREUM_TOKEN_SIZE = 20;
/**
* @dev Size of register token message (for `TokenType.Ethereum`).
*/
uint256 internal constant REGISTER_ETHEREUM_TOKEN_MESSAGE_SIZE = DISCRIMINANT_SIZE + ETHEREUM_TOKEN_SIZE;
/**
* @dev `address token` bit shift.
*/
uint256 internal constant ETHEREUM_TOKEN_BIT_SHIFT = 96;
bytes32 public constant PAUSER_ROLE = bytes32(uint256(0x01));
IGovernance private _governanceAdmin;
IGovernance private _governancePauser;
address private _messageQueue;
EnumerableSet.Bytes32Set private _vftManagers;
CustomEnumerableMap.AddressToTokenTypeMap private _tokens;
EnumerableSet.AddressSet private _bridgingPayments;
/**
* @custom:oz-upgrades-unsafe-allow constructor
*/
constructor() {
_disableInitializers();
}
/**
* @dev Initializes the ERC20Manager contract with the message queue and VFT manager addresses.
* GovernanceAdmin contract is used to upgrade, pause/unpause the ERC20Manager contract.
* GovernancePauser contract is used to pause/unpause the ERC20Manager contract.
* @param governanceAdmin_ The address of the GovernanceAdmin contract that will process messages.
* @param governancePauser_ The address of the GovernanceAdmin contract that will process pauser messages.
* @param messageQueue_ The address of the message queue contract.
* @param vftManager The address of the VFT manager contract (on Vara Network).
* @param tokens_ The tokens that will be registered.
*/
function initialize(
IGovernance governanceAdmin_,
IGovernance governancePauser_,
address messageQueue_,
bytes32 vftManager,
TokenInfo[] memory tokens_
) public initializer {
__AccessControl_init();
__Pausable_init();
__UUPSUpgradeable_init();
_grantRole(DEFAULT_ADMIN_ROLE, address(governanceAdmin_));
_grantRole(PAUSER_ROLE, address(governanceAdmin_));
_grantRole(PAUSER_ROLE, address(governancePauser_));
_governanceAdmin = governanceAdmin_;
_governancePauser = governancePauser_;
_messageQueue = messageQueue_;
_vftManagers.add(vftManager);
for (uint256 i = 0; i < tokens_.length; i++) {
TokenInfo memory tokenInfo = tokens_[i];
if (tokenInfo.tokenType == TokenType.Unknown) {
revert InvalidTokenType();
} else {
_tokens.set(tokenInfo.token, tokenInfo.tokenType);
}
}
}
/**
* @custom:oz-upgrades-validate-as-initializer
*/
// function reinitialize() public onlyRole(DEFAULT_ADMIN_ROLE) reinitializer(2) {}
/**
* @dev Returns governance admin address.
* @return governanceAdmin Governance admin address.
*/
function governanceAdmin() external view returns (address) {
return address(_governanceAdmin);
}
/**
* @dev Returns governance pauser address.
* @return governancePauser Governance pauser address.
*/
function governancePauser() external view returns (address) {
return address(_governancePauser);
}
/**
* @dev Returns message queue address.
* @return messageQueue Message queue address.
*/
function messageQueue() external view returns (address) {
return address(_messageQueue);
}
/**
* @dev Returns total number of VFT managers.
* @return totalVftManagers Total number of VFT managers.
*/
function totalVftManagers() external view returns (uint256) {
return _vftManagers.length();
}
/**
* @dev Returns list of VFT managers.
* @return vftManagers List of VFT managers.
*/
function vftManagers() external view returns (bytes32[] memory) {
return _vftManagers.values();
}
/**
* @dev Returns list of VFT managers.
* @param offset Offset of the first VFT manager to return.
* @param limit Maximum number of VFT managers to return.
* @return vftManagers List of VFT managers.
*/
function vftManagers(uint256 offset, uint256 limit) external view returns (bytes32[] memory) {
return paginate(_vftManagers, offset, limit);
}
/**
* @dev Returns whether the VFT manager is registered.
* @param vftManager VFT manager address.
* @return isVftManager `true` if the VFT manager is registered, `false` otherwise.
*/
function isVftManager(bytes32 vftManager) external view returns (bool) {
return _vftManagers.contains(vftManager);
}
/**
* @dev Returns total number of tokens.
* @return totalTokens Total number of tokens.
*/
function totalTokens() external view returns (uint256) {
return _tokens.length();
}
/**
* @dev Returns list of tokens.
* @return tokens List of tokens.
*/
function tokens() external view returns (address[] memory) {
return _tokens.keys();
}
/**
* @dev Returns list of tokens.
* @param offset Offset of the first token to return.
* @param limit Maximum number of tokens to return.
* @return tokens List of tokens.
*/
function tokens(uint256 offset, uint256 limit) external view returns (address[] memory) {
bytes32[] memory store = paginate(_tokens._inner._keys, offset, limit);
address[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
/**
* @dev Returns token type.
* @param token Token address.
* @return tokenType Token type. Returns `TokenType.Unknown` if token is not registered.
*/
function getTokenType(address token) external view returns (TokenType) {
(, TokenType tokenType) = _tokens.tryGet(token);
return tokenType;
}
/**
* @dev Returns total number of bridging payments.
* @return totalBridgingPayments Total number of bridging payments.
*/
function totalBridgingPayments() external view returns (uint256) {
return _bridgingPayments.length();
}
/**
* @dev Returns list of bridging payments.
* @return bridgingPayments List of bridging payments.
*/
function bridgingPayments() external view returns (address[] memory) {
return _bridgingPayments.values();
}
/**
* @dev Returns list of bridging payments.
* @param offset Offset of the first bridging payment to return.
* @param limit Maximum number of bridging payments to return.
* @return bridgingPayments List of bridging payments.
*/
function bridgingPayments(uint256 offset, uint256 limit) external view returns (address[] memory) {
EnumerableSet.Bytes32Set storage bytes32Set;
assembly ("memory-safe") {
bytes32Set.slot := _bridgingPayments.slot
}
bytes32[] memory store = paginate(bytes32Set, offset, limit);
address[] memory result;
assembly ("memory-safe") {
result := store
}
return result;
}
/**
* @dev Returns whether the bridging payment is registered.
* @param bridgingPayment Bridging payment address.
* @return isBridgingPayment `true` if the bridging payment is registered, `false` otherwise.
*/
function isBridgingPayment(address bridgingPayment) external view returns (bool) {
return _bridgingPayments.contains(bridgingPayment);
}
/**
* @dev Returns list of items from the set.
* @param bytes32Set Set of items.
* @param offset Offset of the first item to return.
* @param limit Maximum number of items to return.
* @return items List of items.
*/
function paginate(EnumerableSet.Bytes32Set storage bytes32Set, uint256 offset, uint256 limit)
private
view
returns (bytes32[] memory)
{
uint256 length = bytes32Set.length();
if (offset >= length) {
return new bytes32[](0);
}
uint256 end = offset + limit;
if (end > length) {
end = length;
}
uint256 size = end - offset;
bytes32[] memory result = new bytes32[](size);
for (uint256 i = 0; i < size; i++) {
result[i] = bytes32Set.at(offset + i);
}
return result;
}
/**
* @dev Pauses the contract.
*/
function pause() public onlyRole(PAUSER_ROLE) {
_pause();
}
/**
* @dev Unpauses the contract.
*/
function unpause() public onlyRole(PAUSER_ROLE) {
_unpause();
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract.
* Called by {upgradeToAndCall}.
*/
function _authorizeUpgrade(address newImplementation) internal override onlyRole(DEFAULT_ADMIN_ROLE) {}
/**
* @dev Requests bridging of tokens.
* Emits `BridgingRequested` event.
* @param token Token address.
* @param amount Amount of tokens to bridge.
* @param to Destination address.
* @dev Reverts if token is not registered with `InvalidTokenType` error.
*/
function requestBridging(address token, uint256 amount, bytes32 to) public whenNotPaused {
if (amount == 0) {
revert InvalidAmount();
}
(, TokenType tokenType) = _tokens.tryGet(token);
if (tokenType == TokenType.Unknown) {
revert InvalidTokenType();
} else if (tokenType == TokenType.Ethereum) {
IERC20(token).safeTransferFrom(msg.sender, address(this), amount);
} else if (tokenType == TokenType.Gear) {
IERC20Burnable(token).burnFrom(msg.sender, amount);
}
emit BridgingRequested(msg.sender, to, token, amount);
}
/**
* @dev Requests bridging of tokens and pays fee to one of the `bridgingPayment` contracts.
* @param token Token address.
* @param amount Amount of tokens to bridge.
* @param to Destination address.
* @param bridgingPayment Bridging payment address.
*/
function requestBridgingPayingFee(address token, uint256 amount, bytes32 to, address bridgingPayment)
public
payable
whenNotPaused
{
if (!_bridgingPayments.contains(bridgingPayment)) {
revert InvalidBridgingPayment();
}
IBridgingPayment(bridgingPayment).payFee{value: msg.value}();
requestBridging(token, amount, to);
}
/**
* @dev Requests bridging of tokens.
* This function uses `permit` to approve spending of tokens to optimize gas costs.
* (If token supports `permit` function).
* @param token Token address.
* @param amount Amount of tokens to bridge.
* @param to Destination address.
* @param deadline Deadline for the transaction to be executed.
* @param v ECDSA signature parameter.
* @param r ECDSA signature parameter.
* @param s ECDSA signature parameter.
*/
function requestBridgingWithPermit(
address token,
uint256 amount,
bytes32 to,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) public whenNotPaused {
try IERC20Permit(token).permit(msg.sender, address(this), amount, deadline, v, r, s) {} catch {}
requestBridging(token, amount, to);
}
/**
* @dev Requests bridging of tokens and pays fee to one of the `bridgingPayment` contracts.
* This function uses `permit` to approve spending of tokens to optimize gas costs.
* (If token supports `permit` function).
* @param token Token address.
* @param amount Amount of tokens to bridge.
* @param to Destination address.
* @param deadline Deadline for the transaction to be executed.
* @param v ECDSA signature parameter.
* @param r ECDSA signature parameter.
* @param s ECDSA signature parameter.
* @param bridgingPayment Bridging payment address.
*/
function requestBridgingPayingFeeWithPermit(
address token,
uint256 amount,
bytes32 to,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s,
address bridgingPayment
) public payable whenNotPaused {
if (!_bridgingPayments.contains(bridgingPayment)) {
revert InvalidBridgingPayment();
}
IBridgingPayment(bridgingPayment).payFee{value: msg.value}();
requestBridgingWithPermit(token, amount, to, deadline, v, r, s);
}
/**
* @dev Creates a new `BridgingPayment` contract (ERC20Manager is factory).
* Emits `BridgingPaymentCreated` event.
* @param fee Fee amount in wei.
* @return bridgingPaymentAddress Address of the created `bridgingPayment` contract.
*/
function createBridgingPayment(uint256 fee) external whenNotPaused returns (address) {
BridgingPayment bridgingPayment = new BridgingPayment(address(this), fee, msg.sender);
address bridgingPaymentAddress = address(bridgingPayment);
_bridgingPayments.add(bridgingPaymentAddress);
emit BridgingPaymentCreated(bridgingPaymentAddress);
return bridgingPaymentAddress;
}
/**
* @dev Handles message originated from Vara Network.
* @param source Source of the message (`ActorId` from Vara Network).
* @param payload Payload of the message (message from Vara Network).
*/
function handleMessage(bytes32 source, bytes calldata payload) external {
if (msg.sender != _messageQueue) {
revert InvalidSender();
}
if (_vftManagers.contains(source)) {
if (!_tryParseAndApplyTransferMessage(payload)) {
revert InvalidPayload();
}
} else if (source == _governanceAdmin.governance()) {
if (!_tryParseAndApplyGovernanceMessage(payload)) {
revert InvalidPayload();
}
} else {
revert InvalidSource();
}
}
/**
* @dev Tries to parse and apply transfer message originated from Vara Network.
*
* Payload format:
* ```solidity
* address sender;
* address receiver;
* address token;
* uint256 amount;
* ```
*
* @param payload Payload of the message (message from Vara Network).
* @return success `true` if the message is parsed and applied, `false` otherwise.
*/
function _tryParseAndApplyTransferMessage(bytes calldata payload) private returns (bool) {
if (!(payload.length == TRANSFER_MESSAGE_SIZE)) {
return false;
}
bytes32 sender;
address receiver;
address token;
uint256 amount;
// we use offset `OFFSET1 = SENDER_SIZE` to skip `bytes32 sender`
assembly ("memory-safe") {
sender := calldataload(payload.offset)
// `RECEIVER_BIT_SHIFT` right bit shift is required to remove extra bits since `calldataload` returns `uint256`
receiver := shr(RECEIVER_BIT_SHIFT, calldataload(add(payload.offset, OFFSET1)))
// `TOKEN_BIT_SHIFT` right bit shift is required to remove extra bits since `calldataload` returns `uint256`
token := shr(TOKEN_BIT_SHIFT, calldataload(add(payload.offset, OFFSET2)))
amount := calldataload(add(payload.offset, OFFSET3))
}
(, TokenType tokenType) = _tokens.tryGet(token);
if (tokenType == TokenType.Unknown) {
revert InvalidTokenType();
} else if (tokenType == TokenType.Ethereum) {
IERC20(token).safeTransfer(receiver, amount);
} else if (tokenType == TokenType.Gear) {
IERC20Mintable(token).mint(receiver, amount);
}
emit Bridged(sender, receiver, token, amount);
return true;
}
/**
* @dev Tries to parse and apply governance message originated from Vara Network.
*
* Payload format:
* ```solidity
* uint8 discriminant;
* ```
*
* `discriminant` can be:
* - `ADD_VFT_MANAGER = 0x00` - add new VFT manager to list of registered VFT managers
* ```solidity
* bytes32 vftManager; // 32 bytes
* ```
*
* - `TokenType.Ethereum = 0x01` - register Ethereum token
* ```solidity
* address token; // 20 bytes
* ```
*
* - `TokenType.Gear = 0x02` - register Gear token
* ```solidity
* bytes32 tokenName; // 1 byte length + 31 bytes datas
* bytes32 tokenSymbol; // 1 byte length + 31 bytes data
* uint8 tokenDecimals; // 1 byte
* ```
*
* @param payload Payload of the message (message from Vara Network).
* @return success `true` if the message is parsed and applied, `false` otherwise.
*/
function _tryParseAndApplyGovernanceMessage(bytes calldata payload) private returns (bool) {
if (!(payload.length > 0)) {
return false;
}
uint256 discriminant;
assembly ("memory-safe") {
// `DISCRIMINANT_BIT_SHIFT` right bit shift is required to remove extra bits since `calldataload` returns `uint256`
discriminant := shr(DISCRIMINANT_BIT_SHIFT, calldataload(payload.offset))
}
if (!(discriminant >= ADD_VFT_MANAGER && discriminant <= uint256(TokenType.Gear))) {
return false;
}
if (discriminant == ADD_VFT_MANAGER) {
if (!(payload.length == ADD_VFT_MANAGER_MESSAGE_SIZE)) {
return false;
}
// we use offset `OFFSET4 = DISCRIMINANT_SIZE` to skip `uint8 discriminant`
bytes32 vftManager;
assembly ("memory-safe") {
vftManager := calldataload(add(payload.offset, OFFSET4))
}
_vftManagers.add(vftManager);
emit VftManagerAdded(vftManager);
return true;
}
if (discriminant == uint256(TokenType.Ethereum)) {
if (!(payload.length == REGISTER_ETHEREUM_TOKEN_MESSAGE_SIZE)) {
return false;
}
// we use offset `OFFSET4 = DISCRIMINANT_SIZE` to skip `uint8 discriminant`
address token;
assembly ("memory-safe") {
// `ETHEREUM_TOKEN_BIT_SHIFT` right bit shift is required to remove extra bits since `calldataload` returns `uint256`
token := shr(ETHEREUM_TOKEN_BIT_SHIFT, calldataload(add(payload.offset, OFFSET4)))
}
_tokens.set(token, TokenType.Ethereum);
emit EthereumTokenRegistered(token);
return true;
}
// `discriminant == uint256(TokenType.Gear)` is guaranteed by previous checks
if (!(payload.length == REGISTER_GEAR_TOKEN_MESSAGE_SIZE)) {
return false;
}
bytes32 tokenName;
bytes32 tokenSymbol;
uint8 tokenDecimals;
// we use offset `OFFSET4 = DISCRIMINANT_SIZE` to skip `uint8 discriminant`
// we use offset `OFFSET5 = DISCRIMINANT_SIZE + TOKEN_NAME_SIZE` to skip `uint8 discriminant` and `bytes32 tokenName`
// we use offset `OFFSET6 = DISCRIMINANT_SIZE + TOKEN_NAME_SIZE + TOKEN_SYMBOL_SIZE` to skip `uint8 discriminant`, `bytes32 tokenName` and `bytes32 tokenSymbol`
assembly ("memory-safe") {
tokenName := calldataload(add(payload.offset, OFFSET4))
tokenSymbol := calldataload(add(payload.offset, OFFSET5))
tokenDecimals := calldataload(add(payload.offset, OFFSET6))
// `TOKEN_DECIMALS_BIT_SHIFT` right bit shift is required to remove extra bits since `calldataload` returns `uint256`
tokenDecimals := shr(TOKEN_DECIMALS_BIT_SHIFT, calldataload(add(payload.offset, OFFSET6)))
}
uint8 tokenNameLength = uint8(tokenName[0]);
if (!(tokenNameLength >= 1 && tokenNameLength <= 31)) {
return false;
}
uint8 tokenSymbolLength = uint8(tokenSymbol[0]);
if (!(tokenSymbolLength >= 1 && tokenSymbolLength <= 31)) {
return false;
}
string memory tokenNameStr = LibString.unpackOne(tokenName);
string memory tokenSymbolStr = LibString.unpackOne(tokenSymbol);
ERC20GearSupply gearSupply = new ERC20GearSupply(address(this), tokenNameStr, tokenSymbolStr, tokenDecimals);
address tokenAddress = address(gearSupply);
_tokens.set(tokenAddress, TokenType.Gear);
emit GearTokenRegistered(tokenAddress, tokenNameStr, tokenSymbolStr, tokenDecimals);
return true;
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/Initializable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.20;
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```solidity
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
*
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Storage of the initializable contract.
*
* It's implemented on a custom ERC-7201 namespace to reduce the risk of storage collisions
* when using with upgradeable contracts.
*
* @custom:storage-location erc7201:openzeppelin.storage.Initializable
*/
struct InitializableStorage {
/**
* @dev Indicates that the contract has been initialized.
*/
uint64 _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool _initializing;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Initializable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant INITIALIZABLE_STORAGE = 0xf0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00;
/**
* @dev The contract is already initialized.
*/
error InvalidInitialization();
/**
* @dev The contract is not initializing.
*/
error NotInitializing();
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint64 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that in the context of a constructor an `initializer` may be invoked any
* number of times. This behavior in the constructor can be useful during testing and is not expected to be used in
* production.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
// Cache values to avoid duplicated sloads
bool isTopLevelCall = !$._initializing;
uint64 initialized = $._initialized;
// Allowed calls:
// - initialSetup: the contract is not in the initializing state and no previous version was
// initialized
// - construction: the contract is initialized at version 1 (no reinitialization) and the
// current contract is just being deployed
bool initialSetup = initialized == 0 && isTopLevelCall;
bool construction = initialized == 1 && address(this).code.length == 0;
if (!initialSetup && !construction) {
revert InvalidInitialization();
}
$._initialized = 1;
if (isTopLevelCall) {
$._initializing = true;
}
_;
if (isTopLevelCall) {
$._initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: Setting the version to 2**64 - 1 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint64 version) {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing || $._initialized >= version) {
revert InvalidInitialization();
}
$._initialized = version;
$._initializing = true;
_;
$._initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
_checkInitializing();
_;
}
/**
* @dev Reverts if the contract is not in an initializing state. See {onlyInitializing}.
*/
function _checkInitializing() internal view virtual {
if (!_isInitializing()) {
revert NotInitializing();
}
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
// solhint-disable-next-line var-name-mixedcase
InitializableStorage storage $ = _getInitializableStorage();
if ($._initializing) {
revert InvalidInitialization();
}
if ($._initialized != type(uint64).max) {
$._initialized = type(uint64).max;
emit Initialized(type(uint64).max);
}
}
/**
* @dev Returns the highest version that has been initialized. See {reinitializer}.
*/
function _getInitializedVersion() internal view returns (uint64) {
return _getInitializableStorage()._initialized;
}
/**
* @dev Returns `true` if the contract is currently initializing. See {onlyInitializing}.
*/
function _isInitializing() internal view returns (bool) {
return _getInitializableStorage()._initializing;
}
/**
* @dev Pointer to storage slot. Allows integrators to override it with a custom storage location.
*
* NOTE: Consider following the ERC-7201 formula to derive storage locations.
*/
function _initializableStorageSlot() internal pure virtual returns (bytes32) {
return INITIALIZABLE_STORAGE;
}
/**
* @dev Returns a pointer to the storage namespace.
*/
// solhint-disable-next-line var-name-mixedcase
function _getInitializableStorage() private pure returns (InitializableStorage storage $) {
bytes32 slot = _initializableStorageSlot();
assembly {
$.slot := slot
}
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/access/AccessControlUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "@openzeppelin/contracts/access/IAccessControl.sol";
import {ContextUpgradeable} from "../utils/ContextUpgradeable.sol";
import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
import {ERC165Upgradeable} from "../utils/introspection/ERC165Upgradeable.sol";
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControlUpgradeable is Initializable, ContextUpgradeable, IAccessControl, ERC165Upgradeable {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/// @custom:storage-location erc7201:openzeppelin.storage.AccessControl
struct AccessControlStorage {
mapping(bytes32 role => RoleData) _roles;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.AccessControl")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant AccessControlStorageLocation = 0x02dd7bc7dec4dceedda775e58dd541e08a116c6c53815c0bd028192f7b626800;
function _getAccessControlStorage() private pure returns (AccessControlStorage storage $) {
assembly {
$.slot := AccessControlStorageLocation
}
}
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
function __AccessControl_init() internal onlyInitializing {
}
function __AccessControl_init_unchained() internal onlyInitializing {
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
AccessControlStorage storage $ = _getAccessControlStorage();
return $._roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
AccessControlStorage storage $ = _getAccessControlStorage();
bytes32 previousAdminRole = getRoleAdmin(role);
$._roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (!hasRole(role, account)) {
$._roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
AccessControlStorage storage $ = _getAccessControlStorage();
if (hasRole(role, account)) {
$._roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/utils/PausableUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (utils/Pausable.sol)
pragma solidity ^0.8.20;
import {ContextUpgradeable} from "../utils/ContextUpgradeable.sol";
import {Initializable} from "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which allows children to implement an emergency stop
* mechanism that can be triggered by an authorized account.
*
* This module is used through inheritance. It will make available the
* modifiers `whenNotPaused` and `whenPaused`, which can be applied to
* the functions of your contract. Note that they will not be pausable by
* simply including this module, only once the modifiers are put in place.
*/
abstract contract PausableUpgradeable is Initializable, ContextUpgradeable {
/// @custom:storage-location erc7201:openzeppelin.storage.Pausable
struct PausableStorage {
bool _paused;
}
// keccak256(abi.encode(uint256(keccak256("openzeppelin.storage.Pausable")) - 1)) & ~bytes32(uint256(0xff))
bytes32 private constant PausableStorageLocation = 0xcd5ed15c6e187e77e9aee88184c21f4f2182ab5827cb3b7e07fbedcd63f03300;
function _getPausableStorage() private pure returns (PausableStorage storage $) {
assembly {
$.slot := PausableStorageLocation
}
}
/**
* @dev Emitted when the pause is triggered by `account`.
*/
event Paused(address account);
/**
* @dev Emitted when the pause is lifted by `account`.
*/
event Unpaused(address account);
/**
* @dev The operation failed because the contract is paused.
*/
error EnforcedPause();
/**
* @dev The operation failed because the contract is not paused.
*/
error ExpectedPause();
/**
* @dev Modifier to make a function callable only when the contract is not paused.
*
* Requirements:
*
* - The contract must not be paused.
*/
modifier whenNotPaused() {
_requireNotPaused();
_;
}
/**
* @dev Modifier to make a function callable only when the contract is paused.
*
* Requirements:
*
* - The contract must be paused.
*/
modifier whenPaused() {
_requirePaused();
_;
}
function __Pausable_init() internal onlyInitializing {
}
function __Pausable_init_unchained() internal onlyInitializing {
}
/**
* @dev Returns true if the contract is paused, and false otherwise.
*/
function paused() public view virtual returns (bool) {
PausableStorage storage $ = _getPausableStorage();
return $._paused;
}
/**
* @dev Throws if the contract is paused.
*/
function _requireNotPaused() internal view virtual {
if (paused()) {
revert EnforcedPause();
}
}
/**
* @dev Throws if the contract is not paused.
*/
function _requirePaused() internal view virtual {
if (!paused()) {
revert ExpectedPause();
}
}
/**
* @dev Triggers stopped state.
*
* Requirements:
*
* - The contract must not be paused.
*/
function _pause() internal virtual whenNotPaused {
PausableStorage storage $ = _getPausableStorage();
$._paused = true;
emit Paused(_msgSender());
}
/**
* @dev Returns to normal state.
*
* Requirements:
*
* - The contract must be paused.
*/
function _unpause() internal virtual whenPaused {
PausableStorage storage $ = _getPausableStorage();
$._paused = false;
emit Unpaused(_msgSender());
}
}
"
},
"lib/openzeppelin-contracts-upgradeable/contracts/proxy/utils/UUPSUpgradeable.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (proxy/utils/UUPSUpgradeable.sol)
pragma solidity ^0.8.22;
import {IERC1822Proxiable} from "@openzeppelin/contracts/interfaces/draft-IERC1822.sol";
import {ERC1967Utils} from "@openzeppelin/contracts/proxy/ERC1967/ERC1967Utils.sol";
import {Initializable} from "./Initializable.sol";
/**
* @dev An upgradeability mechanism designed for UUPS proxies. The functions included here can perform an upgrade of an
* {ERC1967Proxy}, when this contract is set as the implementation behind such a proxy.
*
* A security mechanism ensures that an upgrade does not turn off upgradeability accidentally, although this risk is
* reinstated if the upgrade retains upgradeability but removes the security mechanism, e.g. by replacing
* `UUPSUpgradeable` with a custom implementation of upgrades.
*
* The {_authorizeUpgrade} function must be overridden to include access restriction to the upgrade mechanism.
*/
abstract contract UUPSUpgradeable is Initializable, IERC1822Proxiable {
/// @custom:oz-upgrades-unsafe-allow state-variable-immutable
address private immutable __self = address(this);
/**
* @dev The version of the upgrade interface of the contract. If this getter is missing, both `upgradeTo(address)`
* and `upgradeToAndCall(address,bytes)` are present, and `upgradeTo` must be used if no function should be called,
* while `upgradeToAndCall` will invoke the `receive` function if the second argument is the empty byte string.
* If the getter returns `"5.0.0"`, only `upgradeToAndCall(address,bytes)` is present, and the second argument must
* be the empty byte string if no function should be called, making it impossible to invoke the `receive` function
* during an upgrade.
*/
string public constant UPGRADE_INTERFACE_VERSION = "5.0.0";
/**
* @dev The call is from an unauthorized context.
*/
error UUPSUnauthorizedCallContext();
/**
* @dev The storage `slot` is unsupported as a UUID.
*/
error UUPSUnsupportedProxiableUUID(bytes32 slot);
/**
* @dev Check that the execution is being performed through a delegatecall call and that the execution context is
* a proxy contract with an implementation (as defined in ERC-1967) pointing to self. This should only be the case
* for UUPS and transparent proxies that are using the current contract as their implementation. Execution of a
* function through ERC-1167 minimal proxies (clones) would not normally pass this test, but is not guaranteed to
* fail.
*/
modifier onlyProxy() {
_checkProxy();
_;
}
/**
* @dev Check that the execution is not being performed through a delegate call. This allows a function to be
* callable on the implementing contract but not through proxies.
*/
modifier notDelegated() {
_checkNotDelegated();
_;
}
function __UUPSUpgradeable_init() internal onlyInitializing {
}
function __UUPSUpgradeable_init_unchained() internal onlyInitializing {
}
/**
* @dev Implementation of the ERC-1822 {proxiableUUID} function. This returns the storage slot used by the
* implementation. It is used to validate the implementation's compatibility when performing an upgrade.
*
* IMPORTANT: A proxy pointing at a proxiable contract should not be considered proxiable itself, because this risks
* bricking a proxy that upgrades to it, by delegating to itself until out of gas. Thus it is critical that this
* function revert if invoked through a proxy. This is guaranteed by the `notDelegated` modifier.
*/
function proxiableUUID() external view virtual notDelegated returns (bytes32) {
return ERC1967Utils.IMPLEMENTATION_SLOT;
}
/**
* @dev Upgrade the implementation of the proxy to `newImplementation`, and subsequently execute the function call
* encoded in `data`.
*
* Calls {_authorizeUpgrade}.
*
* Emits an {Upgraded} event.
*
* @custom:oz-upgrades-unsafe-allow-reachable delegatecall
*/
function upgradeToAndCall(address newImplementation, bytes memory data) public payable virtual onlyProxy {
_authorizeUpgrade(newImplementation);
_upgradeToAndCallUUPS(newImplementation, data);
}
/**
* @dev Reverts if the execution is not performed via delegatecall or the execution
* context is not of a proxy with an ERC-1967 compliant implementation pointing to self.
*/
function _checkProxy() internal view virtual {
if (
address(this) == __self || // Must be called through delegatecall
ERC1967Utils.getImplementation() != __self // Must be called through an active proxy
) {
revert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Reverts if the execution is performed via delegatecall.
* See {notDelegated}.
*/
function _checkNotDelegated() internal view virtual {
if (address(this) != __self) {
// Must not be called through delegatecall
revert UUPSUnauthorizedCallContext();
}
}
/**
* @dev Function that should revert when `msg.sender` is not authorized to upgrade the contract. Called by
* {upgradeToAndCall}.
*
* Normally, this function will use an xref:access.adoc[access control] modifier such as {Ownable-onlyOwner}.
*
* ```solidity
* function _authorizeUpgrade(address) internal onlyOwner {}
* ```
*/
function _authorizeUpgrade(address newImplementation) internal virtual;
/**
* @dev Performs an implementation upgrade with a security check for UUPS proxies, and additional setup call.
*
* As a security check, {proxiableUUID} is invoked in the new implementation, and the return value
* is expected to be the implementation slot in ERC-1967.
*
* Emits an {IERC1967-Upgraded} event.
*/
function _upgradeToAndCallUUPS(address newImplementation, bytes memory data) private {
try IERC1822Proxiable(newImplementation).proxiableUUID() returns (bytes32 slot) {
if (slot != ERC1967Utils.IMPLEMENTATION_SLOT) {
revert UUPSUnsupportedProxiableUUID(slot);
}
ERC1967Utils.upgradeToAndCall(newImplementation, data);
} catch {
// The implementation is not UUPS
revert ERC1967Utils.ERC1967InvalidImplementation(newImplementation);
}
}
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/IERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/IERC20.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 standard as defined in the ERC.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the value of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the value of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves a `value` amount of tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 value) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets a `value` amount of tokens as the allowance of `spender` over the
* caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 value) external returns (bool);
/**
* @dev Moves a `value` amount of tokens from `from` to `to` using the
* allowance mechanism. `value` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(address from, address to, uint256 value) external returns (bool);
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/extensions/IERC20Permit.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (token/ERC20/extensions/IERC20Permit.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[ERC-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC-20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* ==== Security Considerations
*
* There are two important considerations concerning the use of `permit`. The first is that a valid permit signature
* expresses an allowance, and it should not be assumed to convey additional meaning. In particular, it should not be
* considered as an intention to spend the allowance in any specific way. The second is that because permits have
* built-in replay protection and can be submitted by anyone, they can be frontrun. A protocol that uses permits should
* take this into consideration and allow a `permit` call to fail. Combining these two aspects, a pattern that may be
* generally recommended is:
*
* ```solidity
* function doThingWithPermit(..., uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s) public {
* try token.permit(msg.sender, address(this), value, deadline, v, r, s) {} catch {}
* doThing(..., value);
* }
*
* function doThing(..., uint256 value) public {
* token.safeTransferFrom(msg.sender, address(this), value);
* ...
* }
* ```
*
* Observe that: 1) `msg.sender` is used as the owner, leaving no ambiguity as to the signer intent, and 2) the use of
* `try/catch` allows the permit to fail and makes the code tolerant to frontrunning. (See also
* {SafeERC20-safeTransferFrom}).
*
* Additionally, note that smart contract wallets (such as Argent or Safe) are not able to produce permit signatures, so
* contracts should have entry points that don't rely on permit.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*
* CAUTION: See Security Considerations above.
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}
"
},
"lib/openzeppelin-contracts/contracts/token/ERC20/utils/SafeERC20.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.3.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.20;
import {IERC20} from "../IERC20.sol";
import {IERC1363} from "../../../interfaces/IERC1363.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC-20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
/**
* @dev An operation with an ERC-20 token failed.
*/
error SafeERC20FailedOperation(address token);
/**
* @dev Indicates a failed `decreaseAllowance` request.
*/
error SafeERC20FailedDecreaseAllowance(address spender, uint256 currentAllowance, uint256 requestedDecrease);
/**
* @dev Transfer `value` amount of `token` from the calling contract to `to`. If `token` returns no value,
* non-reverting calls are assumed to be successful.
*/
function safeTransfer(IERC20 token, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Transfer `value` amount of `token` from `from` to `to`, spending the approval given by `from` to the
* calling contract. If `token` returns no value, non-reverting calls are assumed to be successful.
*/
function safeTransferFrom(IERC20 token, address from, address to, uint256 value) internal {
_callOptionalReturn(token, abi.encodeCall(token.transferFrom, (from, to, value)));
}
/**
* @dev Variant of {safeTransfer} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransfer(IERC20 token, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.encodeCall(token.transfer, (to, value)));
}
/**
* @dev Variant of {safeTransferFrom} that returns a bool instead of reverting if the operation is not successful.
*/
function trySafeTransferFrom(IERC20 token, address from, address to, uint256 value) internal returns (bool) {
return _callOptionalReturnBool(token, abi.eSubmitted on: 2025-10-23 20:40:42
Comments
Log in to comment.
No comments yet.